diff --git a/pscheduler-context-linuxnns/linuxnns/Makefile b/pscheduler-context-linuxnns/linuxnns/Makefile index f721e70fc..5695764e2 100644 --- a/pscheduler-context-linuxnns/linuxnns/Makefile +++ b/pscheduler-context-linuxnns/linuxnns/Makefile @@ -9,7 +9,8 @@ NAME=null FILES=\ enumerate \ data-is-valid \ - change + change \ + change-secure install: $(FILES) diff --git a/pscheduler-context-linuxnns/linuxnns/change b/pscheduler-context-linuxnns/linuxnns/change index eac0f6531..ad79181c4 100755 --- a/pscheduler-context-linuxnns/linuxnns/change +++ b/pscheduler-context-linuxnns/linuxnns/change @@ -3,50 +3,5 @@ # Change the context and do the next thing. # -# Data-is-valid should cause non-Linux use of this plugin to be -# rejected, but an extra check doesn't hurt. -if [ "$(uname -s)" != "Linux" ] -then - echo "The linuxnns context is not supported on this platform." 1>&2 - exit 1 -fi - - -TMPBASE=${TMPDIR:-/tmp}/$WHOAMI.$$ -cleanup() -{ - if [ "$TMPBASE" ] - then - rm -rf $TMPBASE* - fi -} -trap cleanup EXIT - - -INPUT="${TMPBASE}.input" -cat > "${INPUT}" - - -OLD_USER=$(id -nu) - - -NAMESPACE=$(jq -r '.data.namespace' "${INPUT}") -if [ -z "${NAMESPACE}" ] -then - echo "Input is missing namespace." 1>&2 - exit 1 -fi - - -EXEC=$(jq -r '.exec' "${INPUT}") -if [ ! -x "${EXEC}" ] -then - echo "Cannot execute '${EXEC}'." 1>&2 - exit 1 -fi - - -# This becomes root to change the namespace and then becomes the prior -# user to exec whatever comes next. - -exec sudo /sbin/ip netns exec "${NAMESPACE}" sudo -u "${OLD_USER}" "${EXEC}" +WHEREAMI=$(cd $(dirname "$0") && pwd) +exec sudo "${WHEREAMI}/$(basename "$0")-secure" diff --git a/pscheduler-context-linuxnns/linuxnns/change-secure b/pscheduler-context-linuxnns/linuxnns/change-secure new file mode 100755 index 000000000..69a4991fd --- /dev/null +++ b/pscheduler-context-linuxnns/linuxnns/change-secure @@ -0,0 +1,57 @@ +#!/bin/sh -e +# +# Change the context and do the next thing - Secure Part +# +# This must be executed by sudo(8). +# + +# Data-is-valid should cause non-Linux use of this plugin to be +# rejected, but an extra check doesn't hurt. +if [ "$(uname -s)" != "Linux" ] +then + echo "The linuxnns context is not supported on this platform." 1>&2 + exit 1 +fi + +if ! [ -n "$SUDO_USER" ] +then + echo "No SUDO_USER provided." 1>&2 + exit 1 +fi + + +TMPBASE=${TMPDIR:-/tmp}/$WHOAMI.$$ +cleanup() +{ + if [ "$TMPBASE" ] + then + rm -rf $TMPBASE* + fi +} +trap cleanup EXIT + + +INPUT="${TMPBASE}.input" +cat > "${INPUT}" + + +NAMESPACE=$(jq -r '.data.namespace' "${INPUT}") +if [ -z "${NAMESPACE}" ] +then + echo "Input is missing namespace." 1>&2 + exit 1 +fi + + +EXEC=$(jq -r '.exec' "${INPUT}") +if [ ! -x "${EXEC}" ] +then + echo "Cannot execute '${EXEC}'." 1>&2 + exit 1 +fi + + +# Change the namespace and then becomes the prior user to exec +# whatever comes next. + +ip netns exec "${NAMESPACE}" sudo -u "${SUDO_USER}" "${EXEC}" diff --git a/pscheduler-context-linuxnns/linuxnns/unibuild-packaging/deb/sudoers b/pscheduler-context-linuxnns/linuxnns/unibuild-packaging/deb/sudoers index b7cd458c1..2862bb763 100644 --- a/pscheduler-context-linuxnns/linuxnns/unibuild-packaging/deb/sudoers +++ b/pscheduler-context-linuxnns/linuxnns/unibuild-packaging/deb/sudoers @@ -1,6 +1,6 @@ # # pscheduler-context-linuxnns # -Cmnd_Alias PSCHEDULER_CONTEXT_LINUXNNS=/sbin/ip netns exec * +Cmnd_Alias PSCHEDULER_CONTEXT_LINUXNNS=/usr/lib/pscheduler/libexec/classes/context/linuxnns/change-secure pscheduler ALL = (root) NOPASSWD: PSCHEDULER_CONTEXT_LINUXNNS Defaults!PSCHEDULER_CONTEXT_LINUXNNS !requiretty diff --git a/pscheduler-context-linuxnns/linuxnns/unibuild-packaging/rpm/pscheduler-context-linuxnns.spec b/pscheduler-context-linuxnns/linuxnns/unibuild-packaging/rpm/pscheduler-context-linuxnns.spec index 81fad29e0..16f2a64a1 100644 --- a/pscheduler-context-linuxnns/linuxnns/unibuild-packaging/rpm/pscheduler-context-linuxnns.spec +++ b/pscheduler-context-linuxnns/linuxnns/unibuild-packaging/rpm/pscheduler-context-linuxnns.spec @@ -57,7 +57,7 @@ cat > $RPM_BUILD_ROOT/%{_pscheduler_sudoersdir}/%{name} <<'EOF' # # %{name} # -Cmnd_Alias PSCHEDULER_CONTEXT_LINUXNNS=/sbin/ip netns exec * +Cmnd_Alias PSCHEDULER_CONTEXT_LINUXNNS=%{dest}/change-secure %{_pscheduler_user} ALL = (root) NOPASSWD: PSCHEDULER_CONTEXT_LINUXNNS Defaults!PSCHEDULER_CONTEXT_LINUXNNS !requiretty EOF diff --git a/pscheduler-context-linuxvrf/linuxvrf/Makefile b/pscheduler-context-linuxvrf/linuxvrf/Makefile index 4b4d68556..5ff981319 100644 --- a/pscheduler-context-linuxvrf/linuxvrf/Makefile +++ b/pscheduler-context-linuxvrf/linuxvrf/Makefile @@ -7,7 +7,8 @@ FILES=\ enumerate \ data-is-valid \ - change + change \ + change-secure install: $(FILES) diff --git a/pscheduler-context-linuxvrf/linuxvrf/change b/pscheduler-context-linuxvrf/linuxvrf/change index 646b8e1d6..ad79181c4 100755 --- a/pscheduler-context-linuxvrf/linuxvrf/change +++ b/pscheduler-context-linuxvrf/linuxvrf/change @@ -3,50 +3,5 @@ # Change the context and do the next thing. # -# Data-is-valid should cause non-Linux use of this plugin to be -# rejected, but an extra check doesn't hurt. -if [ "$(uname -s)" != "Linux" ] -then - echo "The linuxvrf context is not supported on this platform." 1>&2 - exit 1 -fi - - -TMPBASE=${TMPDIR:-/tmp}/$WHOAMI.$$ -cleanup() -{ - if [ "$TMPBASE" ] - then - rm -rf $TMPBASE* - fi -} -trap cleanup EXIT - - -INPUT="${TMPBASE}.input" -cat > "${INPUT}" - - -OLD_USER=$(id -nu) - - -VRF=$(jq -r '.data.vrf' "${INPUT}") -if [ -z "${VRF}" ] -then - echo "Input is missing VRF name." 1>&2 - exit 1 -fi - - -EXEC=$(jq -r '.exec' "${INPUT}") -if [ ! -x "${EXEC}" ] -then - echo "Cannot execute '${EXEC}'." 1>&2 - exit 1 -fi - - -# This becomes root to change the VRFand then becomes the prior -# user to exec whatever comes next. - -exec sudo /sbin/ip vrf exec "${VRF}" sudo -u "${OLD_USER}" "${EXEC}" +WHEREAMI=$(cd $(dirname "$0") && pwd) +exec sudo "${WHEREAMI}/$(basename "$0")-secure" diff --git a/pscheduler-context-linuxvrf/linuxvrf/change-secure b/pscheduler-context-linuxvrf/linuxvrf/change-secure new file mode 100644 index 000000000..13ade48bf --- /dev/null +++ b/pscheduler-context-linuxvrf/linuxvrf/change-secure @@ -0,0 +1,54 @@ +#!/bin/sh -e +# +# Change the context and do the next thing - Secure Part +# +# This must be executed by sudo(8). +# + +# Data-is-valid should cause non-Linux use of this plugin to be +# rejected, but an extra check doesn't hurt. +if [ "$(uname -s)" != "Linux" ] +then + echo "The linuxvrf context is not supported on this platform." 1>&2 + exit 1 +fi + + +TMPBASE=${TMPDIR:-/tmp}/$WHOAMI.$$ +cleanup() +{ + if [ "$TMPBASE" ] + then + rm -rf $TMPBASE* + fi +} +trap cleanup EXIT + + +INPUT="${TMPBASE}.input" +cat > "${INPUT}" + + +OLD_USER=$(id -nu) + + +VRF=$(jq -r '.data.vrf' "${INPUT}") +if [ -z "${VRF}" ] +then + echo "Input is missing VRF name." 1>&2 + exit 1 +fi + + +EXEC=$(jq -r '.exec' "${INPUT}") +if [ ! -x "${EXEC}" ] +then + echo "Cannot execute '${EXEC}'." 1>&2 + exit 1 +fi + + +# This becomes root to change the VRFand then becomes the prior +# user to exec whatever comes next. + +exec sudo /sbin/ip vrf exec "${VRF}" sudo -u "${OLD_USER}" "${EXEC}" diff --git a/pscheduler-context-linuxvrf/linuxvrf/unibuild-packaging/deb/sudoers b/pscheduler-context-linuxvrf/linuxvrf/unibuild-packaging/deb/sudoers index 4f259a5cd..1baa619a0 100644 --- a/pscheduler-context-linuxvrf/linuxvrf/unibuild-packaging/deb/sudoers +++ b/pscheduler-context-linuxvrf/linuxvrf/unibuild-packaging/deb/sudoers @@ -1,6 +1,6 @@ # # pscheduler-context-linuxvrf # -Cmnd_Alias PSCHEDULER_CONTEXT_LINUXVRF=/sbin/ip vrf exec * +Cmnd_Alias PSCHEDULER_CONTEXT_LINUXVRF=/usr/lib/pscheduler/libexec/classes/context/linuxvrf/change-secure pscheduler ALL = (root) NOPASSWD: PSCHEDULER_CONTEXT_LINUXVRF Defaults!PSCHEDULER_CONTEXT_LINUXVRF !requiretty diff --git a/pscheduler-context-linuxvrf/linuxvrf/unibuild-packaging/rpm/pscheduler-context-linuxvrf.spec b/pscheduler-context-linuxvrf/linuxvrf/unibuild-packaging/rpm/pscheduler-context-linuxvrf.spec index cd48db9ae..b98256efc 100644 --- a/pscheduler-context-linuxvrf/linuxvrf/unibuild-packaging/rpm/pscheduler-context-linuxvrf.spec +++ b/pscheduler-context-linuxvrf/linuxvrf/unibuild-packaging/rpm/pscheduler-context-linuxvrf.spec @@ -58,7 +58,7 @@ cat > $RPM_BUILD_ROOT/%{_pscheduler_sudoersdir}/%{name} <<'EOF' # # %{name} # -Cmnd_Alias PSCHEDULER_CONTEXT_LINUXVRF=/sbin/ip vrf exec * +Cmnd_Alias PSCHEDULER_CONTEXT_LINUXVRF=%{dest}/change-secure %{_pscheduler_user} ALL = (root) NOPASSWD: PSCHEDULER_CONTEXT_LINUXVRF Defaults!PSCHEDULER_CONTEXT_LINUXVRF !requiretty EOF