From 882ef00955efb1bd59e410ad5770f9b09abd9c2f Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Tue, 9 Jan 2024 20:31:37 -0500 Subject: [PATCH 01/17] keep toplevel dir perms --- try | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/try b/try index 8521b707..49525e74 100755 --- a/try +++ b/try @@ -73,7 +73,7 @@ try() { ## Only make the directory if the original is a directory too if [ -d "$mountpoint" ] then - mkdir -p "${SANDBOX_DIR}/upperdir/${mountpoint}" "${SANDBOX_DIR}/workdir/${mountpoint}" "${SANDBOX_DIR}/temproot/${mountpoint}" + mkdir -m "$(stat -c %a "$mountpoint")" -p "${SANDBOX_DIR}/upperdir/${mountpoint}" "${SANDBOX_DIR}/workdir/${mountpoint}" "${SANDBOX_DIR}/temproot/${mountpoint}" fi done <"$DIRS_AND_MOUNTS" From 5866b31eae8808277fc65168d5daa818a1bf49cf Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Tue, 9 Jan 2024 20:55:08 -0500 Subject: [PATCH 02/17] ack shellcheck warning --- try | 1 + 1 file changed, 1 insertion(+) diff --git a/try b/try index 49525e74..50e35d1e 100755 --- a/try +++ b/try @@ -73,6 +73,7 @@ try() { ## Only make the directory if the original is a directory too if [ -d "$mountpoint" ] then + # shellcheck disable=SC2174 # warning acknowledged, "When used with -p, -m only applies to the deepest directory." mkdir -m "$(stat -c %a "$mountpoint")" -p "${SANDBOX_DIR}/upperdir/${mountpoint}" "${SANDBOX_DIR}/workdir/${mountpoint}" "${SANDBOX_DIR}/temproot/${mountpoint}" fi done <"$DIRS_AND_MOUNTS" From 78ec8b422c639c0785bc1e607304860cce186e7b Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Sat, 17 Feb 2024 11:18:08 +0000 Subject: [PATCH 03/17] recreate symlink --- try | 20 +++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/try b/try index 50e35d1e..5f95ebc9 100755 --- a/try +++ b/try @@ -71,7 +71,7 @@ try() { while IFS="" read -r mountpoint do ## Only make the directory if the original is a directory too - if [ -d "$mountpoint" ] + if [ -d "$mountpoint" ] && [ ! -L "$mountpoint" ] then # shellcheck disable=SC2174 # warning acknowledged, "When used with -p, -m only applies to the deepest directory." mkdir -m "$(stat -c %a "$mountpoint")" -p "${SANDBOX_DIR}/upperdir/${mountpoint}" "${SANDBOX_DIR}/workdir/${mountpoint}" "${SANDBOX_DIR}/temproot/${mountpoint}" @@ -147,6 +147,12 @@ do continue fi + ## We will deal with symlinks later + if [ -L "$mountpoint" ] + then + continue + fi + ## Don't do anything for the root ## and skip if it is /dev or /proc, we will mount it later if [ "$mountpoint" = "/" ] || @@ -189,6 +195,18 @@ do fi done +## now we deal with symlinks +for mountpoint in $(cat "$DIRS_AND_MOUNTS") +do + ## We're only interested in symlinks + if ! [ -L "$mountpoint" ] + then + continue + fi + #ln -s "$sandbox_dir/temproot/$(readlink "$mountpoint")" "$sandbox_dir/temproot/$mountpoint" + ln -s $(readlink "$mountpoint") "$sandbox_dir/temproot/$mountpoint" +done + ## Mount a few select devices in /dev mount_devices "$SANDBOX_DIR" From 699cc318ddecb4be44d33be08d6ac9fb0bae8a1b Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Mon, 19 Feb 2024 23:59:48 +0000 Subject: [PATCH 04/17] fix reuse_problematic_sandbox test to use a non-symblink dir --- test/reuse_problematic_sandbox.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/reuse_problematic_sandbox.sh b/test/reuse_problematic_sandbox.sh index 2cac0204..93ee3f45 100755 --- a/test/reuse_problematic_sandbox.sh +++ b/test/reuse_problematic_sandbox.sh @@ -30,5 +30,5 @@ try_example_dir=$(mktemp -d) # at the moment, this modification will be caught as illegal by `try`, # but it doesn't seem to both overlayfs at all. # TODO: Extend this with more problematic overlayfs modifications. -touch "$try_example_dir/temproot/bin/foo" +touch "$try_example_dir/temproot/etc/foo" ! "$TRY" -D "$try_example_dir" "rm file_1.txt; echo test2 >>file_2.txt; touch file.txt.gz" 2>/dev/null From bde4b44645a096c18ced6e1786af7874cc3ca265 Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Tue, 20 Feb 2024 00:00:17 +0000 Subject: [PATCH 05/17] add test to verify consistency of root dir --- test/toplevel-perms.sh | 48 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 test/toplevel-perms.sh diff --git a/test/toplevel-perms.sh b/test/toplevel-perms.sh new file mode 100644 index 00000000..4dc4fa28 --- /dev/null +++ b/test/toplevel-perms.sh @@ -0,0 +1,48 @@ +#!/bin/sh + +TRY_TOP="${TRY_TOP:-$(git rev-parse --show-toplevel --show-superproject-working-tree)}" +TRY="$TRY_TOP/try" + +cleanup() { + cd / + + if [ -d "$try_workspace" ] + then + rm -rf "$try_workspace" >/dev/null 2>&1 + fi + + if [ -f "$expected" ] + then + rm "$expected" + fi + + if [ -f "$target" ] + then + rm "$target" + fi + + if [ -f "$cmd" ] + then + rm "$cmd" + fi +} + +trap 'cleanup' EXIT + +try_workspace="$(mktemp -d)" +cd "$try_workspace" || return 9 +touch test + +cmd="$(mktemp)" +echo "find / -maxdepth 1 -print0 | xargs -0 ls -ld | awk '{print \$1, \$3, \$4, \$9, \$10, \$11}' | grep -v 'proc' | grep -v 'swap'" > $cmd + +# Set up expected output +expected="$(mktemp)" +sh $cmd >"$expected" + +# Set up target output +target="$(mktemp)" + +"$TRY" "sh $cmd" > "$target" || return 1 +#diff -q "$expected" "$target" +diff "$expected" "$target" From f235a7513434422b4a40bda3a9f694f51794ceea Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Tue, 20 Feb 2024 00:00:42 +0000 Subject: [PATCH 06/17] set correct permission for root dir, and remove symlink after unshare --- try | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/try b/try index 6514f3fe..3dedf88e 100755 --- a/try +++ b/try @@ -48,6 +48,7 @@ try() { ## because we have already checked if it valid. export SANDBOX_DIR mkdir -p "$SANDBOX_DIR/upperdir" "$SANDBOX_DIR/workdir" "$SANDBOX_DIR/temproot" + chmod 755 "$SANDBOX_DIR/temproot" ## Find all the directories and mounts that need to be mounted DIRS_AND_MOUNTS="$(mktemp)" @@ -282,6 +283,15 @@ EOF unshare --mount --map-root-user --user --pid --fork $EXTRA_NS "$mount_and_execute" TRY_EXIT_STATUS=$? + # remove symlink + while IFS="" read -r mountpoint + do + if [ -L "$mountpoint" ] + then + rm "${SANDBOX_DIR}/temproot/${mountpoint}" + fi + done <"$DIRS_AND_MOUNTS" + ################################################################################ # commit? From e608b0b31394f006da8c756fd0d932c12f059588 Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Tue, 20 Feb 2024 00:02:54 +0000 Subject: [PATCH 07/17] shellfix test/toplevel-perms --- test/toplevel-perms.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/toplevel-perms.sh b/test/toplevel-perms.sh index 4dc4fa28..18b8655e 100644 --- a/test/toplevel-perms.sh +++ b/test/toplevel-perms.sh @@ -34,11 +34,11 @@ cd "$try_workspace" || return 9 touch test cmd="$(mktemp)" -echo "find / -maxdepth 1 -print0 | xargs -0 ls -ld | awk '{print \$1, \$3, \$4, \$9, \$10, \$11}' | grep -v 'proc' | grep -v 'swap'" > $cmd +echo "find / -maxdepth 1 -print0 | xargs -0 ls -ld | awk '{print \$1, \$3, \$4, \$9, \$10, \$11}' | grep -v 'proc' | grep -v 'swap'" > "$cmd" # Set up expected output expected="$(mktemp)" -sh $cmd >"$expected" +sh "$cmd" >"$expected" # Set up target output target="$(mktemp)" From 7d1edfea76508b4cc0c811de7e5ebfd35668c15f Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Thu, 22 Feb 2024 20:58:22 +0000 Subject: [PATCH 08/17] remove commented, old ln line --- try | 1 - 1 file changed, 1 deletion(-) diff --git a/try b/try index 3dedf88e..7053a528 100755 --- a/try +++ b/try @@ -230,7 +230,6 @@ do then continue fi - #ln -s "$sandbox_dir/temproot/$(readlink "$mountpoint")" "$sandbox_dir/temproot/$mountpoint" ln -s $(readlink "$mountpoint") "$sandbox_dir/temproot/$mountpoint" done From 1250bb53da907d20c0e49355344190c231c06d38 Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Thu, 22 Feb 2024 21:01:11 +0000 Subject: [PATCH 09/17] use read IFS instead of for loop in case of space in dir names --- try | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/try b/try index 7053a528..92f80d37 100755 --- a/try +++ b/try @@ -223,7 +223,7 @@ do done ## now we deal with symlinks -for mountpoint in $(cat "$DIRS_AND_MOUNTS") +while IFS="" read -r mountpoint do ## We're only interested in symlinks if ! [ -L "$mountpoint" ] @@ -231,7 +231,7 @@ do continue fi ln -s $(readlink "$mountpoint") "$sandbox_dir/temproot/$mountpoint" -done +done <"$DIRS_AND_MOUNTS" ## Mount a few select devices in /dev mount_devices "$SANDBOX_DIR" From 9bb60f33993c81509fff64ccd27c08e1f98c115d Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Wed, 6 Mar 2024 22:02:24 +0000 Subject: [PATCH 10/17] reorder negation in test --- try | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/try b/try index 81bb5457..ffb05fac 100755 --- a/try +++ b/try @@ -110,7 +110,7 @@ try() { while IFS="" read -r mountpoint do ## Only make the directory if the original is a directory too - if [ -d "$mountpoint" ] && [ ! -L "$mountpoint" ] + if [ -d "$mountpoint" ] && ! [ -L "$mountpoint" ] then # shellcheck disable=SC2174 # warning acknowledged, "When used with -p, -m only applies to the deepest directory." mkdir -m "$(stat -c %a "$mountpoint")" -p "${SANDBOX_DIR}/upperdir/${mountpoint}" "${SANDBOX_DIR}/workdir/${mountpoint}" "${SANDBOX_DIR}/temproot/${mountpoint}" From b9a6f6ffbaaa1ef46ccb00a64a4a9d221879f18a Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Wed, 6 Mar 2024 22:48:34 +0000 Subject: [PATCH 11/17] dangling symlinks are okay! --- test/toplevel-perms.sh | 0 try | 16 +++------------- 2 files changed, 3 insertions(+), 13 deletions(-) mode change 100644 => 100755 test/toplevel-perms.sh diff --git a/test/toplevel-perms.sh b/test/toplevel-perms.sh old mode 100644 new mode 100755 diff --git a/try b/try index ffb05fac..a1087888 100755 --- a/try +++ b/try @@ -188,10 +188,11 @@ do then continue fi - - ## We will deal with symlinks later + + ## Symlinks if [ -L "$mountpoint" ] then + ln -s $(readlink "$mountpoint") "$SANDBOX_DIR/temproot/$mountpoint" continue fi @@ -232,17 +233,6 @@ do fi done -## now we deal with symlinks -while IFS="" read -r mountpoint -do - ## We're only interested in symlinks - if ! [ -L "$mountpoint" ] - then - continue - fi - ln -s $(readlink "$mountpoint") "$sandbox_dir/temproot/$mountpoint" -done <"$DIRS_AND_MOUNTS" - ## Mount a few select devices in /dev mount_devices "$SANDBOX_DIR" From 4332079da52222922eda6b085aea38434d158430 Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Wed, 6 Mar 2024 23:49:21 +0000 Subject: [PATCH 12/17] test(toplevel-perms): ignore acl bit --- test/toplevel-perms.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/toplevel-perms.sh b/test/toplevel-perms.sh index 18b8655e..c96f9d8c 100755 --- a/test/toplevel-perms.sh +++ b/test/toplevel-perms.sh @@ -34,7 +34,7 @@ cd "$try_workspace" || return 9 touch test cmd="$(mktemp)" -echo "find / -maxdepth 1 -print0 | xargs -0 ls -ld | awk '{print \$1, \$3, \$4, \$9, \$10, \$11}' | grep -v 'proc' | grep -v 'swap'" > "$cmd" +echo "find / -maxdepth 1 -print0 | xargs -0 ls -ld | awk '{print substr(\$1, 1, 10), \$3, \$4, \$9, \$10, \$11}' | grep -v 'proc' | grep -v 'swap'" > "$cmd" # Set up expected output expected="$(mktemp)" From 3fa3dff3610cc856c9b4926ae0b880fd51d16d97 Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Wed, 6 Mar 2024 23:51:16 +0000 Subject: [PATCH 13/17] test(toplevel-perms): ignore user&group ownership --- test/toplevel-perms.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/test/toplevel-perms.sh b/test/toplevel-perms.sh index c96f9d8c..9f654a8a 100755 --- a/test/toplevel-perms.sh +++ b/test/toplevel-perms.sh @@ -34,7 +34,9 @@ cd "$try_workspace" || return 9 touch test cmd="$(mktemp)" -echo "find / -maxdepth 1 -print0 | xargs -0 ls -ld | awk '{print substr(\$1, 1, 10), \$3, \$4, \$9, \$10, \$11}' | grep -v 'proc' | grep -v 'swap'" > "$cmd" +echo "find / -maxdepth 1 -print0 | xargs -0 ls -ld | awk '{print substr(\$1, 1, 10), \$9, \$10, \$11}' | grep -v 'proc' | grep -v 'swap'" > "$cmd" +# Use this after gidmapper to show user and group ownership +#echo "find / -maxdepth 1 -print0 | xargs -0 ls -ld | awk '{print substr(\$1, 1, 10), \$3, \$4, \$9, \$10, \$11}' | grep -v 'proc' | grep -v 'swap'" > "$cmd" # Set up expected output expected="$(mktemp)" From a8f3d0523f1626318d55bc031e2922e4cb872356 Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Wed, 6 Mar 2024 23:52:14 +0000 Subject: [PATCH 14/17] remove trailing whitespace --- try | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/try b/try index a1087888..a25288f2 100755 --- a/try +++ b/try @@ -188,7 +188,7 @@ do then continue fi - + ## Symlinks if [ -L "$mountpoint" ] then From 6fe048fde16651b5efed118815c6c93ea0fb5c7c Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Thu, 7 Mar 2024 01:57:43 +0000 Subject: [PATCH 15/17] use host root perms for temproot --- try | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/try b/try index a25288f2..025963bc 100755 --- a/try +++ b/try @@ -57,8 +57,9 @@ try() { mount -t tmpfs tmpfs "$SANDBOX_DIR" fi - mkdir -p "$SANDBOX_DIR/upperdir" "$SANDBOX_DIR/workdir" "$SANDBOX_DIR/temproot" - chmod 755 "$SANDBOX_DIR/temproot" + mkdir -p "$SANDBOX_DIR/upperdir" "$SANDBOX_DIR/workdir" + mkdir -m "$(stat -c %a /)" "$SANDBOX_DIR/temproot" + ## Find all the directories and mounts that need to be mounted DIRS_AND_MOUNTS="$(mktemp)" From 25fdd3d3e009e16c0191b4493c594090c7c7b9d9 Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Thu, 7 Mar 2024 03:15:03 +0000 Subject: [PATCH 16/17] reorder setting of root permission --- try | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/try b/try index 025963bc..77c7ef86 100755 --- a/try +++ b/try @@ -57,9 +57,7 @@ try() { mount -t tmpfs tmpfs "$SANDBOX_DIR" fi - mkdir -p "$SANDBOX_DIR/upperdir" "$SANDBOX_DIR/workdir" - mkdir -m "$(stat -c %a /)" "$SANDBOX_DIR/temproot" - + mkdir -p "$SANDBOX_DIR/upperdir" "$SANDBOX_DIR/workdir" "$SANDBOX_DIR/temproot" ## Find all the directories and mounts that need to be mounted DIRS_AND_MOUNTS="$(mktemp)" @@ -118,6 +116,8 @@ try() { fi done <"$DIRS_AND_MOUNTS" + chmod "$(stat -c %a /)" "$SANDBOX_DIR/temproot" + mount_and_execute="$(mktemp)" chroot_executable="$(mktemp)" try_mount_log="$(mktemp)" From 6b75cee8cf7a80f453c61ceaf39adec546226979 Mon Sep 17 00:00:00 2001 From: Ezri Zhu Date: Fri, 8 Mar 2024 19:03:13 +0000 Subject: [PATCH 17/17] set temproot to be writible before removing symlinks --- try | 2 ++ 1 file changed, 2 insertions(+) diff --git a/try b/try index 77c7ef86..dc948f15 100755 --- a/try +++ b/try @@ -284,6 +284,8 @@ EOF TRY_EXIT_STATUS=$? # remove symlink + # first set temproot to be writible, rhel derivatives defaults / to r-xr-xr-x + chmod 755 "${SANDBOX_DIR}/temproot" while IFS="" read -r mountpoint do if [ -L "$mountpoint" ]