/mandos/trunk : revision 839

To get this branch, use:

bzr branch
http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to mandos

Committer: Teddy Hogeborn
Date: 2016-03-19 04:21:00 UTC
Revision ID: teddy@recompile.se-20160319042100-i581cfv65r934dnl

Client: Make plugin helper override directory mode u=rwx,go=

Even though it currently is not used, a local administrator might use
setuid (or setcap) executables as plugin helpers.  Thus, the plugin
helper override directory (/etc/mandos/plugin-helpers) must be
secured, just as the plugin override directory (/etc/mandos/plugins.d)
is.

* Makefile (install-client-nokey): Install plugin-helper directory as
                                   mode u=rwx.
* debian/mandos-client.lintian-overrides: Do not warn about
                               permissions on plugin helper directory.
* debian/mandos-client.postinst (configure): Fix permissions on plugin
  helper local override directory (/etc/mandos/plugin-helpers), but
  only if not listed by "dpkg-statoverride".

files modified:
Makefile

NEWS

README

TODO

common.ent

debian/changelog

debian/control

debian/copyright

debian/mandos-client.README.Debian

debian/mandos.dirs

initramfs-tools-hook

intro.xml

mandos

mandos-ctl

mandos-keygen

mandos-monitor

mandos.lsm

Show diffs side-by-side

added added

removed removed

mandos

import xml.dom.minidom

import inspect

# Try to find the value of SO_BINDTODEVICE:

try:

# This is where SO_BINDTODEVICE is in Python 3.3 (or 3.4?) and

# newer, and it is also the most natural place for it:

SO_BINDTODEVICE = socket.SO_BINDTODEVICE

except AttributeError:

try:

# This is where SO_BINDTODEVICE was up to and including Python

# 2.6, and also 3.2:

from IN import SO_BINDTODEVICE

except ImportError:

100

# In Python 2.7 it seems to have been removed entirely.

101

# Try running the C preprocessor:

102

try:

103

cc = subprocess.Popen(["cc", "--language=c", "-E",

104

"/dev/stdin"],

105

stdin=subprocess.PIPE,

106

stdout=subprocess.PIPE)

107

stdout = cc.communicate(

108

"#include <sys/socket.h>\nSO_BINDTODEVICE\n")[0]

109

SO_BINDTODEVICE = int(stdout.splitlines()[-1])

110

except (OSError, ValueError, IndexError):

111

# No value found

112

SO_BINDTODEVICE = None

113

114

if sys.version_info.major == 2:

115

str = unicode

116

117

version = "1.7.8"

100

version = "1.7.6"

118

101

stored_state_file = "clients.pickle"

119

102

120

103

logger = logging.getLogger()

197

180

self.gnupgargs = ['--batch',

198

181

'--homedir', self.tempdir,

199

182

'--force-mdc',

200

'--quiet']

201

# Only GPG version 1 has the --no-use-agent option.

202

if self.gpg == "gpg" or self.gpg.endswith("/gpg"):

203

self.gnupgargs.append("--no-use-agent")

183

'--quiet',

184

'--no-use-agent']

204

185

205

186

def __enter__(self):

206

187

return self

2191

2172

priority = self.server.gnutls_priority

2192

2173

if priority is None:

2193

2174

priority = "NORMAL"

2194

gnutls.priority_set_direct(session._c_object,

2195

priority.encode("utf-8"),

2175

gnutls.priority_set_direct(session._c_object, priority,

2196

2176

None)

2197

2177

2198

2178

# Start communication using the Mandos protocol

2455

2435

bind to an address or port if they were not specified."""

2456

2436

if self.interface is not None:

2457

2437

if SO_BINDTODEVICE is None:

2458

# Fall back to a hard-coded value which seems to be

2459

# common enough.

2460

logger.warning("SO_BINDTODEVICE not found, trying 25")

2461

SO_BINDTODEVICE = 25

2462

try:

2463

self.socket.setsockopt(

2464

socket.SOL_SOCKET, SO_BINDTODEVICE,

2465

(self.interface + "\0").encode("utf-8"))

2466

except socket.error as error:

2467

if error.errno == errno.EPERM:

2468

logger.error("No permission to bind to"

2469

" interface %s", self.interface)

2470

elif error.errno == errno.ENOPROTOOPT:

2471

logger.error("SO_BINDTODEVICE not available;"

2472

" cannot bind to interface %s",

2473

self.interface)

2474

elif error.errno == errno.ENODEV:

2475

logger.error("Interface %s does not exist,"

2476

" cannot bind", self.interface)

2477

else:

2478

raise

2438

logger.error("SO_BINDTODEVICE does not exist;"

2439

" cannot bind to interface %s",

2440

self.interface)

2441

else:

2442

try:

2443

self.socket.setsockopt(

2444

socket.SOL_SOCKET, SO_BINDTODEVICE,

2445

(self.interface + "\0").encode("utf-8"))

2446

except socket.error as error:

2447

if error.errno == errno.EPERM:

2448

logger.error("No permission to bind to"

2449

" interface %s", self.interface)

2450

elif error.errno == errno.ENOPROTOOPT:

2451

logger.error("SO_BINDTODEVICE not available;"

2452

" cannot bind to interface %s",

2453

self.interface)

2454

elif error.errno == errno.ENODEV:

2455

logger.error("Interface %s does not exist,"

2456

" cannot bind", self.interface)

2457

else:

2458

raise

2479

2459

# Only bind(2) the socket if we really need to.

2480

2460

if self.server_address[0] or self.server_address[1]:

2481

2461

if not self.server_address[0]:

3327

3307

3328

3308

mandos_dbus_service = MandosDBusService()

3329

3309

3330

# Save modules to variables to exempt the modules from being

3331

# unloaded before the function registered with atexit() is run.

3332

mp = multiprocessing

3333

wn = wnull

3334

3310

def cleanup():

3335

3311

"Cleanup function; run on exit"

3336

3312

if zeroconf:

3337

3313

service.cleanup()

3338

3314

3339

mp.active_children()

3340

wn.close()

3315

multiprocessing.active_children()

3316

wnull.close()

3341

3317

if not (tcp_server.clients or client_settings):

3342

3318

return

3343

3319

Older »