[PATCH weston v2 2/2] weston-launch: Allow the user to use her login shell

Pekka Paalanen ppaalanen at gmail.com
Mon Jun 13 07:45:40 UTC 2016


On Fri, 10 Jun 2016 16:01:22 +0200
Quentin Glidic <sardemff7+wayland at sardemff7.net> wrote:

> From: Quentin Glidic <sardemff7+git at sardemff7.net>
> 
> This avoids the need to maintain two parallel shell profile files for
> users with a compatible shell (at least bash, sh and zsh are).
> 
> There is no major security issue here, as the shell is the one returned
> from the password database, and thus is retricted by /etc/shells (or
> root override).
> 
> Signed-off-by: Quentin Glidic <sardemff7+git at sardemff7.net>
> ---
> 
> v2: Added some rationale to the commit message

Hi Quentin,

thanks for that, this patch is now:
Reviewed-by: Pekka Paalanen <pekka.paalanen at collabora.co.uk>

However, I would like to have someone say they would benefit from this
patch. Then it would be easy to land this. Otherwise I'm a bit torn.
Yes, it's a simple addition and it looks safe, but it's still adding a
new optional path to a setuid-root binary, so it's not with zero cost.


Thanks,
pq

>  src/weston-launch.c | 29 +++++++++++++++++++----------
>  1 file changed, 19 insertions(+), 10 deletions(-)
> 
> diff --git a/src/weston-launch.c b/src/weston-launch.c
> index 140fde1..c206094 100644
> --- a/src/weston-launch.c
> +++ b/src/weston-launch.c
> @@ -108,6 +108,7 @@ struct weston_launch {
>  	pid_t child;
>  	int verbose;
>  	char *new_user;
> +	int use_user_shell;
>  };
>  
>  union cmsg_data { unsigned char b[4]; int fd; };
> @@ -613,7 +614,10 @@ setup_session(struct weston_launch *wl, char **child_argv)
>  	 * We open a new session, so it makes sense
>  	 * to run a new login shell
>  	 */
> -	child_argv[0] = "/bin/sh";
> +	if (wl->use_user_shell)
> +		child_argv[0] = wl->pw->pw_shell;
> +	else
> +		child_argv[0] = "/bin/sh";
>  	child_argv[1] = "-l";
>  	child_argv[2] = "-c";
>  	child_argv[3] = BINDIR "/weston \"$@\"";
> @@ -675,10 +679,11 @@ static void
>  help(const char *name)
>  {
>  	fprintf(stderr, "Usage: %s [args...] [-- [weston args..]]\n", name);
> -	fprintf(stderr, "  -u, --user      Start session as specified username\n");
> -	fprintf(stderr, "  -t, --tty       Start session on alternative tty\n");
> -	fprintf(stderr, "  -v, --verbose   Be verbose\n");
> -	fprintf(stderr, "  -h, --help      Display this help message\n");
> +	fprintf(stderr, "  -u, --user              Start session as specified username\n");
> +	fprintf(stderr, "  -s, --use-user-shell    Use the user login shell (from PAM) instead of /bin/sh, only has effect with --user\n");
> +	fprintf(stderr, "  -t, --tty               Start session on alternative tty\n");
> +	fprintf(stderr, "  -v, --verbose           Be verbose\n");
> +	fprintf(stderr, "  -h, --help              Display this help message\n");
>  }
>  
>  int
> @@ -688,11 +693,12 @@ main(int argc, char *argv[])
>  	int i, c;
>  	char *tty = NULL;
>  	struct option opts[] = {
> -		{ "user",    required_argument, NULL, 'u' },
> -		{ "tty",     required_argument, NULL, 't' },
> -		{ "verbose", no_argument,       NULL, 'v' },
> -		{ "help",    no_argument,       NULL, 'h' },
> -		{ 0,         0,                 NULL,  0  }
> +		{ "user",           required_argument, NULL, 'u' },
> +		{ "use-user-shell", no_argument,       NULL, 's' },
> +		{ "tty",            required_argument, NULL, 't' },
> +		{ "verbose",        no_argument,       NULL, 'v' },
> +		{ "help",           no_argument,       NULL, 'h' },
> +		{ 0,                0,                 NULL,  0  }
>  	};
>  
>  	memset(&wl, 0, sizeof wl);
> @@ -704,6 +710,9 @@ main(int argc, char *argv[])
>  			if (getuid() != 0)
>  				error(1, 0, "Permission denied. -u allowed for root only");
>  			break;
> +		case 's':
> +			wl.use_user_shell = 1;
> +			break;
>  		case 't':
>  			tty = optarg;
>  			break;

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 811 bytes
Desc: OpenPGP digital signature
URL: <https://lists.freedesktop.org/archives/wayland-devel/attachments/20160613/b94086d0/attachment.sig>


More information about the wayland-devel mailing list