Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

dom0+vm/qrexec-services: pass remote domain via env variable not argument

Browse Source 
Most qrexec services doesn't use remote domain name, as policy is enforced
earlier. So pass it in way that will allow use of generic command as qrexec
service.
This commit is contained in:
Marek Marczykowski 2012-07-14 22:54:23 +02:00
parent 08888fcf7a
commit 2b5ce31eeb
2 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
qrexec/qubes_rpc_multiplexer
View File

@ -5,8 +5,9 @@ if ! [ $# = 2 ] ; then
exit 1 exit 1
fi fi
CFG_FILE=$QUBES_RPC/"$1" CFG_FILE=$QUBES_RPC/"$1"
export QREXEC_REMOTE_DOMAIN="$2"
if [ -s "$CFG_FILE" ] ; then if [ -s "$CFG_FILE" ] ; then
exec $(cat "$CFG_FILE") "$2" exec $(cat "$CFG_FILE")
echo "$0: failed to execute handler for" "$1" >&2 echo "$0: failed to execute handler for" "$1" >&2
exit 1 exit 1
fi fi

8
qubes_rpc/qfile-unpacker.c
View File

@ -51,13 +51,19 @@ int main(int argc, char ** argv)
char *incoming_dir; char *incoming_dir;
int pipefds[2]; int pipefds[2];
int uid; int uid;
char *remote_domain;
pipe(pipefds); pipe(pipefds);
uid = prepare_creds_return_uid("user"); uid = prepare_creds_return_uid("user");
remote_domain = getenv("QREXEC_REMOTE_DOMAIN");
if (!remote_domain) {
gui_fatal("Cannot get remote domain name");
exit(1);
}
mkdir(INCOMING_DIR_ROOT, 0700); mkdir(INCOMING_DIR_ROOT, 0700);
asprintf(&incoming_dir, "%s/from-%s", INCOMING_DIR_ROOT, argv[1]); asprintf(&incoming_dir, "%s/from-%s", INCOMING_DIR_ROOT, remote_domain);
mkdir(incoming_dir, 0700); mkdir(incoming_dir, 0700);
if (chdir(incoming_dir)) if (chdir(incoming_dir))
gui_fatal("Error chdir to %s", incoming_dir); gui_fatal("Error chdir to %s", incoming_dir);