From nobody@FreeBSD.org  Mon May  3 14:31:34 2010
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id B31AD1065672
	for <freebsd-gnats-submit@FreeBSD.org>; Mon,  3 May 2010 14:31:34 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [69.147.83.33])
	by mx1.freebsd.org (Postfix) with ESMTP id A355A8FC17
	for <freebsd-gnats-submit@FreeBSD.org>; Mon,  3 May 2010 14:31:34 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o43EVYlR026493
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 3 May 2010 14:31:34 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id o43EVYcu026490;
	Mon, 3 May 2010 14:31:34 GMT
	(envelope-from nobody)
Message-Id: <201005031431.o43EVYcu026490@www.freebsd.org>
Date: Mon, 3 May 2010 14:31:34 GMT
From: Greg Larkin <glarkin@FreeBSD.org>
To: freebsd-gnats-submit@FreeBSD.org
Subject: MFC src/usr.sbin/daemon/daemon.c drop privilege support to RELENG_6_4
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         146266
>Category:       bin
>Synopsis:       MFC src/usr.sbin/daemon/daemon.c drop privilege support to RELENG_6_4
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon May 03 14:40:09 UTC 2010
>Closed-Date:    Mon May 03 19:49:39 UTC 2010
>Last-Modified:  Mon May  3 19:50:01 UTC 2010
>Originator:     Greg Larkin
>Release:        6.4-RELEASE
>Organization:
The FreeBSD Project
>Environment:
FreeBSD 6.4-RELEASE-pX
>Description:
I recently updated the mail/nullmailer port to correctly start nullmailer-send as a daemon by using /usr/sbin/daemon.  The 6.4-RELEASE version of daemon doesn't support the "-u [uid]" flag, and I'd like the following patch to be MFC'd to 6.4-RELEASE:

http://www.freebsd.org/cgi/cvsweb.cgi/src/usr.sbin/daemon/daemon.c.diff?r1=1.3.8.1.8.1;r2=1.8;only_with_tag=RELENG_6_4

This MFC will allow me to close PR: http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/146252

Thank you,
Greg Larkin

>How-To-Repeat:
See above
>Fix:
See above

>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed 
State-Changed-By: delphij 
State-Changed-When: Mon May 3 19:48:38 UTC 2010 
State-Changed-Why:  
Committed against 6-STABLE (RELENG_6) with an 
almost full MFC. 

RELENG_6_4 is frozen so we can't make it. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=146266 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/146266: commit references a PR
Date: Mon,  3 May 2010 19:48:40 +0000 (UTC)

 Author: delphij
 Date: Mon May  3 19:48:21 2010
 New Revision: 207582
 URL: http://svn.freebsd.org/changeset/base/207582
 
 Log:
   MFC r147906-201389, this sync'ed daemon(8) with -HEAD except the
   WARNS change.
   
   The most important change is the newly added privilege dropping
   feature by trhodes and others.
   
   Requested by:	glarkin
   PR:		bin/146266
 
 Modified:
   stable/6/usr.sbin/daemon/daemon.8
   stable/6/usr.sbin/daemon/daemon.c
 Directory Properties:
   stable/6/usr.sbin/daemon/   (props changed)
 
 Modified: stable/6/usr.sbin/daemon/daemon.8
 ==============================================================================
 --- stable/6/usr.sbin/daemon/daemon.8	Mon May  3 19:38:59 2010	(r207581)
 +++ stable/6/usr.sbin/daemon/daemon.8	Mon May  3 19:48:21 2010	(r207582)
 @@ -26,7 +26,7 @@
  .\"
  .\" $FreeBSD$
  .\"
 -.Dd August 30, 2001
 +.Dd March 19, 2007
  .Dt DAEMON 8
  .Os
  .Sh NAME
 @@ -36,12 +36,14 @@
  .Nm
  .Op Fl cf
  .Op Fl p Ar pidfile
 +.Op Fl u Ar user
  .Ar command arguments ...
  .Sh DESCRIPTION
  The
  .Nm
  utility detaches itself from the controlling terminal and
  executes the program specified by its arguments.
 +Privileges may be lowered to the specified user.
  .Pp
  The options are as follows:
  .Bl -tag -width indent
 @@ -54,12 +56,14 @@ Redirect standard input, standard output
  .It Fl p Ar file
  Write the ID of the created process into the
  .Ar file
 -using
 +using the
  .Xr pidfile 3
  functionality.
  Note, that the file will be created shortly before the process is
  actually executed, and will remain after the process exits (although
  it will be removed if the execution fails).
 +.It Fl u Ar user
 +Run the program with the rights of user specified, requires privilege.
  .El
  .Sh EXIT STATUS
  The
 @@ -77,6 +81,8 @@ standard error unless the
  .Fl f
  flag is specified.
  .Sh SEE ALSO
 +.Xr setregid 2 ,
 +.Xr setreuid 2 ,
  .Xr daemon 3 ,
  .Xr exec 3 ,
  .Xr pidfile 3 ,
 
 Modified: stable/6/usr.sbin/daemon/daemon.c
 ==============================================================================
 --- stable/6/usr.sbin/daemon/daemon.c	Mon May  3 19:38:59 2010	(r207581)
 +++ stable/6/usr.sbin/daemon/daemon.c	Mon May  3 19:48:21 2010	(r207582)
 @@ -35,24 +35,27 @@ __FBSDID("$FreeBSD$");
  
  #include <err.h>
  #include <errno.h>
 +#include <pwd.h>
  #include <libutil.h>
 +#include <login_cap.h>
  #include <stdio.h>
  #include <stdlib.h>
  #include <unistd.h>
  
 +static void restrict_process(const char *);
  static void usage(void);
  
  int
  main(int argc, char *argv[])
  {
 -	struct pidfh *pfh;
 +	struct pidfh *pfh = NULL;
  	int ch, nochdir, noclose, errcode;
 -	const char *pidfile;
 +	const char *pidfile, *user;
  	pid_t otherpid;
  
  	nochdir = noclose = 1;
 -	pidfile = NULL;
 -	while ((ch = getopt(argc, argv, "-cfp:")) != -1) {
 +	pidfile = user = NULL;
 +	while ((ch = getopt(argc, argv, "-cfp:u:")) != -1) {
  		switch (ch) {
  		case 'c':
  			nochdir = 0;
 @@ -63,6 +66,9 @@ main(int argc, char *argv[])
  		case 'p':
  			pidfile = optarg;
  			break;
 +		case 'u':
 +			user = optarg;
 +			break;
  		default:
  			usage();
  		}
 @@ -72,6 +78,10 @@ main(int argc, char *argv[])
  
  	if (argc == 0)
  		usage();
 +
 +	if (user != NULL)
 +		restrict_process(user);
 +
  	/*
  	 * Try to open the pidfile before calling daemon(3),
  	 * to be able to report the error intelligently
 @@ -109,9 +119,23 @@ main(int argc, char *argv[])
  }
  
  static void
 +restrict_process(const char *user)
 +{
 +	struct passwd *pw = NULL;
 +
 +	pw = getpwnam(user);
 +	if (pw == NULL)
 +		errx(1, "unknown user: %s", user);
 +
 +	if (setusercontext(NULL, pw, pw->pw_uid, LOGIN_SETALL) != 0)
 +		errx(1, "failed to set user environment");
 +}
 +
 +static void
  usage(void)
  {
  	(void)fprintf(stderr,
 -	    "usage: daemon [-cf] [-p pidfile] command arguments ...\n");
 +	    "usage: daemon [-cf] [-p pidfile] [-u user] command "
 +		"arguments ...\n");
  	exit(1);
  }
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
>Unformatted:
