/[pdpsoft]/tags/glexec_mkgltempdir_R_0_0_2_1/mkgltempdir
ViewVC logotype

Contents of /tags/glexec_mkgltempdir_R_0_0_2_1/mkgltempdir

Parent Directory Parent Directory | Revision Log Revision Log


Revision 2068 - (show annotations) (download)
Thu Oct 28 09:10:58 2010 UTC (11 years, 2 months ago) by msalle
File size: 6807 byte(s)
Fixing a number of issues in the 0.0.1 version:

- removal didn't work, because gLExec 0.8 (and 0.7) no longer stays in cwd if
  chdir to homedir fails, but *returns* to cwd. If that fails (e.g. permission
  denied) gLExec does a cd to /. Hence securedir must in any case be 711 when
  trying to remove tmpdir. Furthermore the argument to rmdir and rm -rf must be
  absolute.
- adding -v option: version
- updating help to show all possible options, including -h, -f and the new -v
- fixing problem with options needing an argument, but not getting one: shift 2
  failed resulting in an endless loop.
- explicitly adding a path and having script figuring out the location of all
  the tools.
- adding variable for rmdir.
- changing one missing chmod into $chmod


1 #!/bin/sh
2
3 # Copyright (c) Members of the EGEE Collaboration. 2008.
4 # See http://www.eu-egee.org/partners/ for details on the copyright
5 # holders.
6 #
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
10 #
11 # http://www.apache.org/licenses/LICENSE-2.0
12 #
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
18 #
19 # Authors: David Groep
20 # NIKHEF Amsterdam, the Netherlands
21 # grid-mw-security@nikhef.nl
22 #
23 # @(#)$Id$
24 #
25
26 version=0.0.2
27
28 glexec=${GLEXEC_LOCATION:-${GLITE_LOCATION:-/opt/glite}}/sbin/glexec
29 export PATH=$PATH:/bin:/usr/bin
30 mktemp=`which mktemp`
31 chmod=`which chmod`
32 basename=`which basename`
33 id=`which id`
34 sed=`which sed`
35 awk=`which awk`
36 rm=`which rm`
37 rmdir=`which rmdir`
38
39 error() {
40 echo "$@" >&2
41 exit 1;
42 }
43
44 warn() {
45 echo "$@" >&2 ;
46 }
47
48 help() {
49 progname=`$basename $0`
50 cat <<EOF
51 Usage: $progname [-h] [-r [-f] gltmp_directory]
52 [-t targetdir-mode] [-m parentmode] [directory]
53
54 Create a directory owned by the glexec target user in a secure fashion.
55 The path of the directory created is printed to stdout.
56
57 -h print this help text
58 -t targetdir-mode permissions of the target directory created
59 (default: 0700, i.e. unreadable by the glexec invoker)
60 -m parentmode permissions for the current user on the parent tree
61 (default: 0755, and should traversable for target uid)
62 -r gltmp_dir remove the target directory previously created by
63 $progname. Directory must be empty, unless -f
64 is also specified.
65 -f force removal of target directory, see above under -r
66 -v print version number
67
68 directory base directory in which target directory is created
69 (default: current value of \$TMPDIR or, if unset, /tmp)
70
71 Return value is 0 if directory was successfully created, non-zero otherwise.
72
73 EOF
74 exit 0;
75 }
76
77 ######################################################################
78 # removal support
79 forceremove=0
80
81 remove() {
82 test -e "$1" || error "$0 (remove): $1: does not exist"
83 test -d "$1" || error "$0 (remove): $1: not a directory"
84
85 test `expr substr "$1" 1 1` != "/" && error \
86 "$0 (remove): $1: must be an absolute path"
87
88 test `expr match "$1" '.*/\.\./'` -ne 0 && error \
89 "$0 (remove): $1: contains disallowed parent directory designator"
90
91 # determine uid (name) in a portable way (-u and -n are gnu-isms)
92 uid=`$id | $sed -e 's/uid=[0-9][0-9]*(\([a-zA-Z0-9]*\)).*/\1/'`
93
94 # a gltmpdir directory is at least three levels deep and the two
95 # upper directories are owned by this user and have only one entry
96
97 gltmpdir="$1"
98 stickydir=`dirname "$gltmpdir"`
99 securedir=`dirname "$stickydir"`
100
101 test "$securedir" = "/" && error \
102 "Path depth error: $gltmpdir not deep enough, not a mkgltmpdir result"
103 test `ls -ld $gltmpdir | $awk '{print $3}'` = "$uid" && error \
104 "Directory $gltmpdir is already owned by $uid"
105 test `ls -1 "$stickydir" | wc -l` -ne 1 && error \
106 "Compliance error: $stickydir has multiple entries"
107 test `ls -ld $stickydir | $awk '{print $3}'` != "$uid" && error \
108 "Directory $stickydir not owner by $uid"
109 test `ls -1 "$securedir" | wc -l` -ne 1 && error \
110 "Compliance error: $securedir has multiple entries"
111 test `ls -ld $securedir | $awk '{print $3}'` != "$uid" && error \
112 "Directory $securedir not owner by $uid"
113
114 $chmod 0711 $securedir || error \
115 "Cannot chmod $securedir to 0711"
116 $chmod 01777 $stickydir || error \
117 "Cannot chmod $stickydir to 01777"
118
119 if test "$forceremove" -eq 1
120 then
121 $glexec $rm -fr $gltmpdir
122 else
123 $glexec $rmdir $gltmpdir
124 fi
125
126 test -d $gltmpdir && error \
127 "Failed to remove $gltmpdir, sorry. Exiting."
128
129 $rmdir $stickydir || error "Cannot remove $stickydir, exiting."
130 $rmdir $securedir || error "Cannot remove $securedir, exiting."
131
132 return 0;
133 }
134
135 ######################################################################
136 # parse arguments
137 #
138 while :; do
139 case "$1" in
140 -h ) help ; exit 0 ;;
141 -m ) if [ -n "$2" ];then
142 MODE=0"$2"; shift 2
143 else
144 error "Option -m needs an argument" ; break
145 fi ;;
146 -t ) if [ -n "$2" ];then
147 tmode=0"$2"; shift 2
148 else
149 error "Option -t needs an argument" ; break
150 fi ;;
151 -r ) if [ -n "$2" ];then
152 remove="$2" ; shift 2
153 else
154 error "Option -r needs an argument" ; break
155 fi ;;
156 -f ) forceremove=1 ; shift ;;
157 -v ) echo "`$basename $0` version: $version" ; exit 0 ;;
158 -- ) shift ; break ;;
159 -* ) error "Cannot parse option $1" ; break ;;
160 * ) break ;;
161 esac
162 done
163 # invoke removal of directory
164 test "$remove" && { remove "$remove" ; exit $?; }
165
166 case "$#" in
167 1 ) TMPDIR="$1" ;;
168 esac
169
170 ######################################################################
171 # creating a temporary directory owned by the target uid with
172 # mask $tmode
173 #
174
175 # set defaults
176 TMPDIR=${TMPDIR:-/tmp}
177 MODE=${MODE:-0755}
178 umask 0077
179
180 cd $TMPDIR || error "Cannot chdir to \"$TMPDIR\""
181
182 # create private temporary WD and return its name
183 securedir=`$mktemp -d "$TMPDIR/gltmpdir.$$.XXXX"` || \
184 error "Cannot create secured directory at $TMPDIR"
185 # this should be superfluous given the 0077 umask, but do it anyway
186 $chmod 0700 "$securedir"
187
188 # make world-writable sticky directory below this one for the target uid
189 stickydir=`$mktemp -d "$securedir/XXXX"` || {
190 $rmdir -f "$securedir"
191 error "Cannot create world-writable sticky directory in the secure area"
192 }
193 $chmod 1777 "$stickydir" || {
194 $rmdir "$stickydir" && $rmdir "$securedir"
195 error "Cannot chmod sticky directory"
196 }
197
198 # Setup tmpdir permissions
199 opwd=$(pwd)
200 while [ $(pwd) != / ];do
201 $chmod a+x . 2> /dev/null || break
202 cd ..
203 done
204 cd $opwd
205
206 # Temporarily open securedir such that mktemp can reach it
207 $chmod 0711 "$securedir"
208 targetdir=`$glexec $mktemp -d $stickydir/XXXX`
209 rc=$?
210 # Close it again
211 $chmod 0700 "$securedir"
212
213 test "$rc" -ne 0 && {
214 warn "Cannot create target uid temporary directory: $rc"
215 $rmdir "$stickydir"
216 $rmdir "$securedir"
217 error "Cleanup attempted, exiting."
218 }
219
220 test "$tmode" && {
221 cd "$stickydir"
222 $glexec $chmod $tmode "$targetdir"
223 rc=$?
224 cd ../..
225 test $rc -ne 0 && {
226 warn "Cannot set target mode $tmode for $targetdir: $rc"
227 $rmdir "$stickydir"
228 $rmdir "$securedir"
229 error "Cleanup attempted, exiting."
230 }
231 }
232
233 $chmod $MODE "$stickydir"
234 $chmod $MODE "$securedir"
235
236 echo "$targetdir"

Properties

Name Value
svn:executable *
svn:keywords LastChangedDate LastChangedRevision LastChangedBy HeadURL Id

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28