AFG/dump1090
3
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Fix edge cases when specifying the user to run as.

Browse source 
* check the username fits the format expected by adduser;
 * don't allow root;
 * if the user exists, don't try to create it; usually, this is
   harmless, but it fails if the user exists with a UID outside the
   normal range for system users.

Fixes #24.
This commit is contained in:
Oliver Jowett 2015-02-19 22:41:39 +00:00
parent f391bf4b22
commit ab8c4db85b
5 changed files with 34 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
debian/changelog vendored
View file

@ -1,3 +1,13 @@
dump1090-mutability (1.15) UNRELEASED; urgency=medium
* In development.
* Validate that the username given to debconf is syntactically OK and
isn't root. (github issue #24)
* Don't fail on postinst if the given user exists but is outside
the usual system user UID range. (github issue #24)
-- Oliver Jowett <oliver@mutability.co.uk> Thu, 19 Feb 2015 22:39:19 +0000
dump1090-mutability (1.14) unstable; urgency=medium dump1090-mutability (1.14) unstable; urgency=medium
* Position reporting: * Position reporting:

15
debian/dump1090-mutability.config vendored
View file

@ -69,7 +69,7 @@ db_input_verify() {
while : while :
do do
db_get $KEY db_get $KEY
if $VERIFY $RET; then return 0; fi if $VERIFY "$RET"; then return 0; fi
if [ $RESULT -ne 0 ]; then if [ $RESULT -ne 0 ]; then
# db_input failed, and the existing value does not validate # db_input failed, and the existing value does not validate
if [ $RESULT = 30 ] && [ $ASKED = 0 ] if [ $RESULT = 30 ] && [ $ASKED = 0 ]
@ -161,6 +161,17 @@ is_not_empty() {
if [ -z "$1" ]; then return 1; else return 0; fi if [ -z "$1" ]; then return 1; else return 0; fi
} }
# "adduser: To avoid problems, the username should consist only of
# letters, digits, underscores, full stops, at signs and dashes, and not start with
# a dash (as defined by IEEE Std 1003.1-2001). For compatibility with Samba
# machine accounts $ is also supported at the end of the username"
is_non_root_user() {
if [ -z "$1" ]; then return 1;
elif [ "$1" = "root" ]; then return 1;
elif echo "$1" | grep -Eq '^[a-zA-Z0-9_.@-]+\$?$'; then return 0;
else return 1; fi
}
is_port_number() { is_port_number() {
if is_unsigned_int "$1"; then if is_unsigned_int "$1"; then
if [ "$1" -eq 0 ]; then return 0; fi if [ "$1" -eq 0 ]; then return 0; fi
@ -177,7 +188,7 @@ db_input high $NAME/auto-start || true
db_go || true; db_get $NAME/auto-start; if [ "$RET" = "true" ]; then db_go || true; db_get $NAME/auto-start; if [ "$RET" = "true" ]; then
# all of these are only relevant if the init script is enabled # all of these are only relevant if the init script is enabled
db_input_verify low $NAME/run-as-user is_not_empty || true db_input_verify low $NAME/run-as-user is_non_root_user || true
db_input_verify low $NAME/log-file is_not_empty || true db_input_verify low $NAME/log-file is_not_empty || true
db_input medium $NAME/rtlsdr-device || true db_input medium $NAME/rtlsdr-device || true

6
debian/dump1090-mutability.init vendored
View file

@ -119,7 +119,7 @@ do_start()
return 2 return 2
fi fi
start-stop-daemon --start --quiet --pidfile $PIDFILE --user $DUMP1090_USER --exec $DAEMON --test > /dev/null \ start-stop-daemon --start --quiet --pidfile $PIDFILE --user "$DUMP1090_USER" --exec $DAEMON --test > /dev/null \
|| return 1 || return 1
# create JSON_DIR with the appropriate permissions # create JSON_DIR with the appropriate permissions
@ -130,7 +130,7 @@ do_start()
fi fi
fi fi
start-stop-daemon --start $NICELEVEL --quiet --pidfile $PIDFILE --user $DUMP1090_USER --chuid $DUMP1090_USER --make-pidfile --background --no-close --exec $DAEMON -- \ start-stop-daemon --start $NICELEVEL --quiet --pidfile $PIDFILE --user "$DUMP1090_USER" --chuid "$DUMP1090_USER" --make-pidfile --background --no-close --exec $DAEMON -- \
$ARGS >>$LOGFILE 2>&1 \ $ARGS >>$LOGFILE 2>&1 \
|| return 2 || return 2
sleep 1 sleep 1
@ -146,7 +146,7 @@ do_stop()
# 1 if daemon was already stopped # 1 if daemon was already stopped
# 2 if daemon could not be stopped # 2 if daemon could not be stopped
# other if a failure occurred # other if a failure occurred
start-stop-daemon --stop --retry=TERM/30/KILL/5 --pidfile $PIDFILE --user $DUMP1090_USER --exec $DAEMON start-stop-daemon --stop --retry=TERM/30/KILL/5 --pidfile $PIDFILE --user "$DUMP1090_USER" --exec $DAEMON
RETVAL="$?" RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2 [ "$RETVAL" = 2 ] && return 2
sleep 1 sleep 1

5
debian/dump1090-mutability.postinst vendored
View file

@ -97,7 +97,10 @@ case "$1" in
db_get $NAME/auto-start db_get $NAME/auto-start
if [ "$RET" = "true" ]; then if [ "$RET" = "true" ]; then
db_get $NAME/run-as-user db_get $NAME/run-as-user
adduser --system --home /usr/share/$NAME --no-create-home --quiet "$RET" if ! getent passwd "$RET" >/dev/null
then
adduser --system --home /usr/share/$NAME --no-create-home --quiet "$RET"
fi
fi fi
# -10 changed the lighttpd config file, but didn't arrange to restart it. # -10 changed the lighttpd config file, but didn't arrange to restart it.

4
debian/dump1090-mutability.templates vendored
View file

@ -332,3 +332,7 @@ Type: error
Template: dump1090-mutability/invalid-is_valid_gain Template: dump1090-mutability/invalid-is_valid_gain
Description: Value must be a numeric gain value, or "max", or "agc". Description: Value must be a numeric gain value, or "max", or "agc".
Type: error Type: error
Template: dump1090-mutability/invalid-is_non_root_user
Description: Value must be a username (without spaces) that isn't root.
Type: error