From nobody Thu Feb 01 21:25:59 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQsQb4nYfz58gsn; Thu, 1 Feb 2024 21:25:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQsQb4H1Mz4Vqy; Thu, 1 Feb 2024 21:25:59 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706822759; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=2Q6caTSvvWgGdc1j5331GD5MQ+YCDHdXmq8vt486Z9M=; b=yL9yJUEvf72ITJaXi431uoHQw9PXCG33oRoBgTOYibh2oWw/v78f/FDXpiaGPvkKe/g7BX LLJNeNtidYHWdWGnQY+yy+sw2UMFrg4ta0bgiXyqKIVVOICh5RwxStHoF7SmPybw/WBfQ1 0jw3dA3nLgLjt8pSwmQKXTSQ+gvTnPwbB9EbeWID/wgTP2r1K/FW+DTVV/WFTwldUWRj5C URVjms9Dncd+VPAY+Mp/2Nc2C8lUmQBjVBYHwlTqNYYM9nR1PCXyJONSEKPFi0UPsr6YD6 GWFolk9JG2ddDhnXCPhEE7aTz4s0uxjKnlIZ7D5h6iIai4iY97/PomLDysAMTA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706822759; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=2Q6caTSvvWgGdc1j5331GD5MQ+YCDHdXmq8vt486Z9M=; b=uE8hx6I+n+N6yktnfmh+KkrEgtza+1beR58rPrrylnZQ13VMfjgKaIT7iR9sKZVPTuKsID xNdPnmg8epgtDWvgthE0H8gNYCv6aIg4nsruaWZreRgfv1twTO0lRXEl2Ne9OTOW0Z4a/Z o1ExQF4f776I+OhEFY8EOKVtwRSwGWsgbwzRzsKydvaOLbyq9PxAd6fEsh+BHcjzES3d2v AKwHeEHa7crD4fQFoB308BzP7BO1vc4osH0LBX++lTvIMVPZNTtw0EkuBCMAbz40BGLVvj z+UJMTSfb+OJgdWS/WhO5PhL2oroAqadceYmwSHzNp+aSkzwng4G3bPLCjQfNg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1706822759; a=rsa-sha256; cv=none; b=MgyCwqbb09yjowcM0SkD1i/4sfo7Rz/AlR4Ge0MpTGuXDjyiBhXjS6uvlY1ZHoq3kquXFd bh0EaHlOFsvBx7JLNkZ7qMDZ1H0wC9Zk1CVlc7KWqosSJm2MaEeiL6SUrivZnJAp4tX/Y0 fs2X07gd9ntVEydzDRCcziTW665V0kHRQakWTtRPi7vP3W9GCOns1nCegvmw5NxgaDE59r bZ/F28SI0vrEap5O19/kaYYi3j3epBCKtaghpEdmJgVw+JSuEaHjnQmcUu6ZGvNk8e094r fObVSNMuJZDab1knl5VbFi5DCBVBc6/t5jXQSc5/6/RJsMEhlqcNIGZ9H2B4iw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TQsQb3LKBz1HbM; Thu, 1 Feb 2024 21:25:59 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 411LPxxs070088; Thu, 1 Feb 2024 21:25:59 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 411LPxXA070085; Thu, 1 Feb 2024 21:25:59 GMT (envelope-from git) Date: Thu, 1 Feb 2024 21:25:59 GMT Message-Id: <202402012125.411LPxXA070085@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org From: Olivier Certner Subject: git: 2006be8bc46f - stable/13 - setusercontext(): umask: Set it only once (in the common case) List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/stable/13 X-Git-Reftype: branch X-Git-Commit: 2006be8bc46fef3c37404827dbaf49749122553c Auto-Submitted: auto-generated The branch stable/13 has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=2006be8bc46fef3c37404827dbaf49749122553c commit 2006be8bc46fef3c37404827dbaf49749122553c Author: Olivier Certner AuthorDate: 2023-05-25 12:18:45 +0000 Commit: Olivier Certner CommitDate: 2024-02-01 21:22:26 +0000 setusercontext(): umask: Set it only once (in the common case) Simplify the code and make it more coherent (umask was the only context setting not modified by setlogincontext() directly). Preserve the current behavior of not changing the umask if none is specified in the login class capabilities database, but without the superfluous umask() dance. (The only exception to this is that a special value no user is likely to input in the database now stands for no specification.) If some user has a 'umask' override in its '~/.login_conf', the umask will still be set twice as before (as is the case for all other context settings overriden in '~/.login_conf'). Log a warning in case of an invalid umask specification. This change makes it apparent that the value of LOGIN_DEFUMASK doesn't matter. It will be removed in a subsequent commit. PR: 271747 Reviewed by: emaste, kib (earlier version) Approved by: emaste MFC after: 3 days Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40344 (cherry picked from commit e99c28e93bd4d04ff877459734e9ce06ad2335a7) Approved by: markj (mentor) --- lib/libutil/login_class.c | 45 +++++++++++++++++++++++++++++++-------------- 1 file changed, 31 insertions(+), 14 deletions(-) diff --git a/lib/libutil/login_class.c b/lib/libutil/login_class.c index 1036e9f9208c..2b85425d8d8e 100644 --- a/lib/libutil/login_class.c +++ b/lib/libutil/login_class.c @@ -38,6 +38,7 @@ #include #include #include +#include #include #include #include @@ -385,17 +386,40 @@ setclasscontext(const char *classname, unsigned int flags) * Private function which takes care of processing */ -static mode_t -setlogincontext(login_cap_t *lc, const struct passwd *pwd, - mode_t mymask, unsigned long flags) +static void +setlogincontext(login_cap_t *lc, const struct passwd *pwd, unsigned long flags) { if (lc) { /* Set resources */ if (flags & LOGIN_SETRESOURCES) setclassresources(lc); /* See if there's a umask override */ - if (flags & LOGIN_SETUMASK) - mymask = (mode_t)login_getcapnum(lc, "umask", mymask, mymask); + if (flags & LOGIN_SETUMASK) { + /* + * Make it unlikely that someone would input our default sentinel + * indicating no specification. + */ + const rlim_t def_val = INT64_MIN + 1, err_val = INT64_MIN; + const rlim_t val = login_getcapnum(lc, "umask", def_val, err_val); + + if (val != def_val) { + if (val < 0 || val > UINT16_MAX) { + /* We get here also on 'err_val'. */ + syslog(LOG_WARNING, + "%s%s%sLogin class '%s': " + "Invalid umask specification: '%s'", + pwd ? "Login '" : "", + pwd ? pwd->pw_name : "", + pwd ? "': " : "", + lc->lc_class, + login_getcapstr(lc, "umask", "", "")); + } else { + const mode_t mode = val; + + umask(mode); + } + } + } /* Set paths */ if (flags & LOGIN_SETPATH) setclassenvironment(lc, pwd, 1); @@ -406,7 +430,6 @@ setlogincontext(login_cap_t *lc, const struct passwd *pwd, if (flags & LOGIN_SETCPUMASK) setclasscpumask(lc); } - return (mymask); } @@ -429,7 +452,6 @@ int setusercontext(login_cap_t *lc, const struct passwd *pwd, uid_t uid, unsigned int flags) { rlim_t p; - mode_t mymask; login_cap_t *llc = NULL; struct rtprio rtp; int error; @@ -533,8 +555,7 @@ setusercontext(login_cap_t *lc, const struct passwd *pwd, uid_t uid, unsigned in } } - mymask = (flags & LOGIN_SETUMASK) ? umask(LOGIN_DEFUMASK) : 0; - mymask = setlogincontext(lc, pwd, mymask, flags); + setlogincontext(lc, pwd, flags); login_close(llc); /* This needs to be done after anything that needs root privs */ @@ -547,13 +568,9 @@ setusercontext(login_cap_t *lc, const struct passwd *pwd, uid_t uid, unsigned in * Now, we repeat some of the above for the user's private entries */ if (geteuid() == uid && (lc = login_getuserclass(pwd)) != NULL) { - mymask = setlogincontext(lc, pwd, mymask, flags); + setlogincontext(lc, pwd, flags); login_close(lc); } - /* Finally, set any umask we've found */ - if (flags & LOGIN_SETUMASK) - umask(mymask); - return (0); }