/[pdpsoft]/tags/glexec_mkgltempdir_R_0_0_1_1/mkgltempdir
ViewVC logotype

Contents of /tags/glexec_mkgltempdir_R_0_0_1_1/mkgltempdir

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1932 - (show annotations) (download)
Tue Sep 21 15:06:11 2010 UTC (11 years, 3 months ago) by msalle
File size: 6279 byte(s)
- First official tag, to be incorporated in glite-GLEXEC_wn, see savannah bug
  #67098


1 #!/bin/sh
2
3 # Copyright (c) Members of the EGEE Collaboration. 2008.
4 # See http://www.eu-egee.org/partners/ for details on the copyright
5 # holders.
6 #
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
10 #
11 # http://www.apache.org/licenses/LICENSE-2.0
12 #
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
18 #
19 # Authors: David Groep
20 # NIKHEF Amsterdam, the Netherlands
21 # grid-mw-security@nikhef.nl
22 #
23 # @(#)$Id$
24 #
25 glexec=${GLEXEC_LOCATION:-${GLITE_LOCATION:-/opt/glite}}/sbin/glexec
26 mktemp=/bin/mktemp
27 chmod=/bin/chmod
28 basename=/usr/bin/basename
29 id=/usr/bin/id
30 sed=/usr/bin/sed
31 awk=/usr/bin/awk
32 rm=/bin/rm
33
34 error() {
35 echo "$@" >&2
36 exit 1;
37 }
38
39 warn() {
40 echo "$@" >&2 ;
41 }
42
43 help() {
44 progname=`$basename $0`
45 cat <<EOF
46 Usage: $progname [-h] [-r [-f] gltmp_directory]
47 [-t targetdir-mode] [-m parentmode] [directory]
48
49 Create a directory owned by the glexec target user in a secure fashion.
50 The path of the directory created is printed to stdout.
51
52 -t targetdir-mode permissions of the target directory created
53 (default: 0700, i.e. unreadable by the glexec invoker)
54 -m parentmode permissions for the current user on the parent tree
55 (default: 0755, and should traversable for target uid)
56 -r gltmp_dir remove the target directory previously created by
57 $progname. Directory must be empty, unless -f
58 is also specified.
59
60 directory base directory in which target directory is created
61 (default: current value of \$TMPDIR or, if unset, /tmp)
62
63 Return value is 0 if directory was successfully created, non-zero otherwise.
64
65 EOF
66 exit 0;
67 }
68
69 ######################################################################
70 # removal support
71 forceremove=0
72
73 remove() {
74 test -e "$1" || error "$0 (remove): $1: does not exist"
75 test -d "$1" || error "$0 (remove): $1: not a directory"
76
77 test `expr substr "$1" 1 1` != "/" && error \
78 "$0 (remove): $1: must be an absolute path"
79
80 test `expr match "$1" '.*/\.\./'` -ne 0 && error \
81 "$0 (remove): $1: contains disallowed parent directory designator"
82
83 # determine uid (name) in a portable way (-u and -n are gnu-isms)
84 uid=`$id | $sed -e 's/uid=[0-9][0-9]*(\([a-zA-Z0-9]*\)).*/\1/'`
85
86 # a gltmpdir directory is at least three levels deep and the two
87 # upper directories are owned by this user and have only one entry
88
89 gltmpdir="$1"
90 stickydir=`dirname "$gltmpdir"`
91 securedir=`dirname "$stickydir"`
92
93 test "$securedir" = "/" && error \
94 "Path depth error: $gltmpdir not deep enough, not a mkgltmpdir result"
95 test `ls -ld $gltmpdir | $awk '{print $3}'` = "$uid" && error \
96 "Directory $gltmpdir is already owned by $uid"
97 test `ls -1 "$stickydir" | wc -l` -ne 1 && error \
98 "Compliance error: $stickydir has multiple entries"
99 test `ls -ld $stickydir | $awk '{print $3}'` != "$uid" && error \
100 "Directory $stickydir not owner by $uid"
101 test `ls -1 "$securedir" | wc -l` -ne 1 && error \
102 "Compliance error: $securedir has multiple entries"
103 test `ls -ld $securedir | $awk '{print $3}'` != "$uid" && error \
104 "Directory $securedir not owner by $uid"
105
106 $chmod 0700 $securedir || error \
107 "Cannot chmod $securedir to 0700"
108 $chmod 01777 $stickydir || error \
109 "Cannot chmod $stickydir to 01777"
110
111 if test "$forceremove" -eq 1
112 then
113 ( cd $stickydir && $glexec $rm -fr `basename $gltmpdir` )
114 else
115 ( cd $stickydir && $glexec rmdir `basename $gltmpdir` )
116 fi
117
118 test -d $gltmpdir && error \
119 "Failed to remove $gltmpdir, sorry. Exiting."
120
121 rmdir $stickydir || error "Cannot remove $stickydir, exiting."
122 rmdir $securedir || error "Cannot remove $securedir, exiting."
123
124 return 0;
125 }
126
127 ######################################################################
128 # parse arguments
129 #
130 while :; do
131 case "$1" in
132 -h ) help ; exit 0 ;;
133 -m ) MODE=0"$2"; shift 2 ;;
134 -t ) tmode=0"$2"; shift 2 ;;
135 -r ) remove="$2" ; shift 2 ;;
136 -f ) forceremove=1 ; shift ;;
137 -- ) shift ; break ;;
138 -* ) error "Cannot parse option $1" ; break ;;
139 * ) break ;;
140 esac
141 done
142
143 # invoke removal of directory
144 test "$remove" && { remove "$remove" ; exit $?; }
145
146 case "$#" in
147 1 ) TMPDIR="$1" ;;
148 esac
149
150 ######################################################################
151 # creating a temporary directory owned by the target uid with
152 # mask $tmode
153 #
154
155 # set defaults
156 TMPDIR=${TMPDIR:-/tmp}
157 MODE=${MODE:-0755}
158 umask 0077
159
160 cd $TMPDIR || error "Cannot chdir to \"$TMPDIR\""
161
162 # create private temporary WD and return its name
163 securedir=`$mktemp -d "$TMPDIR/gltmpdir.$$.XXXX"` || \
164 error "Cannot create secured directory at $TMPDIR"
165 # this should be superfluous given the 0077 umask, but do it anyway
166 $chmod 0700 "$securedir"
167
168 # make world-writable sticky directory below this one for the target uid
169 stickydir=`$mktemp -d "$securedir/XXXX"` || {
170 rmdir -f "$securedir"
171 error "Cannot create world-writable sticky directory in the secure area"
172 }
173 $chmod 1777 "$stickydir" || {
174 rmdir "$stickydir" && rmdir "$securedir"
175 error "Cannot chmod sticky directory"
176 }
177
178 # Setup tmpdir permissions
179 opwd=$(pwd)
180 while [ $(pwd) != / ];do
181 chmod a+x . 2> /dev/null || break
182 cd ..
183 done
184 cd $opwd
185
186 # Temporarily open securedir such that mktemp can reach it
187 $chmod 0711 "$securedir"
188 targetdir=`$glexec $mktemp -d $stickydir/XXXX`
189 rc=$?
190 # Close it again
191 $chmod 0700 "$securedir"
192
193 test "$rc" -ne 0 && {
194 warn "Cannot create target uid temporary directory: $rc"
195 rmdir "$stickydir"
196 rmdir "$securedir"
197 error "Cleanup attempted, exiting."
198 }
199
200 test "$tmode" && {
201 cd "$stickydir"
202 $glexec $chmod $tmode "$targetdir"
203 rc=$?
204 cd ../..
205 test $rc -ne 0 && {
206 warn "Cannot set target mode $tmode for $targetdir: $rc"
207 rmdir "$stickydir"
208 rmdir "$securedir"
209 error "Cleanup attempted, exiting."
210 }
211 }
212
213 $chmod $MODE "$stickydir"
214 $chmod $MODE "$securedir"
215
216 echo "$targetdir"

Properties

Name Value
svn:executable *
svn:keywords LastChangedDate LastChangedRevision LastChangedBy HeadURL Id

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28