Qubes/core-admin
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

qrexec_daemon creates VMname-based link to its socket

Browse Source
This commit is contained in:
Rafal Wojtczuk 2011-03-11 14:14:04 +01:00
parent b9e0e93a90
commit 470ddce435
3 changed files with 14 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
qrexec/glue.h
View File

@ -32,7 +32,7 @@ int write_all_vchan_ext(void *buf, int size);
int buffer_space_vchan_ext(); int buffer_space_vchan_ext();
void fix_fds(int fdin, int fdout, int fderr); void fix_fds(int fdin, int fdout, int fderr);
int get_server_socket(int domid); int get_server_socket(int domid, char * domname);
int do_accept(int s); int do_accept(int s);
enum { enum {

13
qrexec/qrexec_daemon.c
View File

@ -55,7 +55,7 @@ void handle_usr1(int x)
exit(0); exit(0);
} }
char domain_id[64]; char *remote_domain_name;
void init(int xid) void init(int xid)
{ {
@ -66,7 +66,6 @@ void init(int xid)
fprintf(stderr, "domain id=0?\n"); fprintf(stderr, "domain id=0?\n");
exit(1); exit(1);
} }
snprintf(domain_id, sizeof(domain_id), "%d", xid);
signal(SIGUSR1, handle_usr1); signal(SIGUSR1, handle_usr1);
switch (fork()) { switch (fork()) {
case -1: case -1:
@ -83,6 +82,8 @@ void init(int xid)
"/var/log/qubes/qrexec.%d.log", xid); "/var/log/qubes/qrexec.%d.log", xid);
umask(0007); umask(0007);
logfd = open(dbg_log, O_WRONLY | O_CREAT | O_TRUNC, 0640); logfd = open(dbg_log, O_WRONLY | O_CREAT | O_TRUNC, 0640);
umask(0077);
dup2(logfd, 1); dup2(logfd, 1);
dup2(logfd, 2); dup2(logfd, 2);
@ -92,11 +93,9 @@ void init(int xid)
exit(1); exit(1);
} }
umask(0); remote_domain_name = peer_client_init(xid, REXEC_PORT);
server_fd = get_server_socket(xid);
umask(0077);
peer_client_init(xid, REXEC_PORT);
setuid(getuid()); setuid(getuid());
server_fd = get_server_socket(xid, remote_domain_name);
signal(SIGPIPE, SIG_IGN); signal(SIGPIPE, SIG_IGN);
signal(SIGCHLD, SIG_IGN); signal(SIGCHLD, SIG_IGN);
signal(SIGUSR1, SIG_DFL); signal(SIGUSR1, SIG_DFL);
@ -284,7 +283,7 @@ void handle_trigger_exec(int req)
signal(SIGCHLD, SIG_DFL); signal(SIGCHLD, SIG_DFL);
signal(SIGPIPE, SIG_DFL); signal(SIGPIPE, SIG_DFL);
execl("/usr/lib/qubes/qrexec_client", "qrexec_client", "-d", execl("/usr/lib/qubes/qrexec_client", "qrexec_client", "-d",
domain_id, "-l", lcmd, rcmd, NULL); remote_domain_name, "-l", lcmd, rcmd, NULL);
perror("execl"); perror("execl");
exit(1); exit(1);
} }

8
qrexec/unix_server.c
View File

@ -27,15 +27,21 @@
#include <stdlib.h> #include <stdlib.h>
#include "qrexec.h" #include "qrexec.h"
int get_server_socket(int domid) int get_server_socket(int domid, char *domname)
{ {
struct sockaddr_un sockname; struct sockaddr_un sockname;
int s; int s;
char socket_address[40]; char socket_address[40];
char link_to_socket_name[strlen(domname) + sizeof(socket_address)];
snprintf(socket_address, sizeof(socket_address), snprintf(socket_address, sizeof(socket_address),
QREXEC_DAEMON_SOCKET_DIR "/qrexec.%d", domid); QREXEC_DAEMON_SOCKET_DIR "/qrexec.%d", domid);
snprintf(link_to_socket_name, sizeof link_to_socket_name,
QREXEC_DAEMON_SOCKET_DIR "/qrexec.%s", domname);
unlink(socket_address); unlink(socket_address);
unlink(link_to_socket_name);
symlink(socket_address, link_to_socket_name);
s = socket(AF_UNIX, SOCK_STREAM, 0); s = socket(AF_UNIX, SOCK_STREAM, 0);
memset(&sockname, 0, sizeof(sockname)); memset(&sockname, 0, sizeof(sockname));
sockname.sun_family = AF_UNIX; sockname.sun_family = AF_UNIX;