1
/*
2
 * SPDX-License-Identifier: ISC
3
 *
4
 * Copyright (c) 2009-2022 Todd C. Miller <[email protected]>
5
 *
6
 * Permission to use, copy, modify, and distribute this software for any
7
 * purpose with or without fee is hereby granted, provided that the above
8
 * copyright notice and this permission notice appear in all copies.
9
 *
10
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
11
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
12
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
13
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
14
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
 */
18

19
#include <config.h>
20

21
#include <sys/stat.h>
22
#include <stdio.h>
23
#include <stdlib.h>
24
#ifdef HAVE_STDBOOL_H
25
# include <stdbool.h>
26
#else
27
# include <compat/stdbool.h>
28
#endif /* HAVE_STDBOOL_H */
29
#include <string.h>
30
#include <unistd.h>
31
#include <dirent.h>
32
#include <errno.h>
33
#include <fcntl.h>
34
#include <limits.h>
35

36
#include <sudo_compat.h>
37
#include <sudo_fatal.h>
38
#include <sudo_gettext.h>
39
#include <sudo_debug.h>
40
#include <sudo_util.h>
41

42
#ifndef O_NOFOLLOW
43
# define O_NOFOLLOW 0
44
#endif
45

46
/*
47
 * Returns true if fd is a directory, else false.
48
 * Warns on failure if not quiet.
49
 */
50
static bool
51
is_dir(int dfd, const char *name, int namelen, bool quiet)
52
{
53
    struct stat sb;
54
    debug_decl(is_dir, SUDO_DEBUG_UTIL);
55

56
    if (fstat(dfd, &sb) != 0) {
57
	if (!quiet) {
58
	    sudo_warn(U_("unable to stat %.*s"), namelen, name);
59
	}
60
	debug_return_bool(false);
61
    }
62
    if (!S_ISDIR(sb.st_mode)) {
63
	if (!quiet) {
64
	    sudo_warnx(U_("%.*s exists but is not a directory (0%o)"),
65
		namelen, name, (unsigned int) sb.st_mode);
66
	}
67
	debug_return_bool(false);
68
    }
69

70
    debug_return_bool(true);
71
}
72

73
/*
74
 * Create any parent directories needed by path (but not path itself)
75
 * and return an open fd for the parent directory or -1 on error.
76
 */
77
int
78
sudo_open_parent_dir_v1(const char *path, uid_t uid, gid_t gid, mode_t mode,
79
    bool quiet)
80
{
81
    const char *cp, *ep, *pathend;
82
    char name[PATH_MAX];
83
    int parentfd;
84
    debug_decl(sudo_open_parent_dir, SUDO_DEBUG_UTIL);
85

86
    /* Starting parent dir is either root or cwd. */
87
    cp = path;
88
    if (*cp == '/') {
89
	do {
90
	    cp++;
91
	} while (*cp == '/');
92
	parentfd = open("/", O_RDONLY|O_NONBLOCK|O_DIRECTORY);
93
    } else {
94
	parentfd = open(".", O_RDONLY|O_NONBLOCK|O_DIRECTORY);
95
    }
96
    if (parentfd == -1) {
97
	if (!quiet)
98
	    sudo_warn(U_("unable to open %s"), *path == '/' ? "/" : ".");
99
	debug_return_int(-1);
100
    }
101

102
    /* Iterate over path components, skipping the last one. */
103
    pathend = cp + strlen(cp);
104
    for (cp = sudo_strsplit(cp, pathend, "/", &ep); cp != NULL && ep < pathend;
105
	cp = sudo_strsplit(NULL, pathend, "/", &ep)) {
106
	size_t len = (size_t)(ep - cp);
107
	int dfd;
108

109
	sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
110
	    "mkdir %.*s, mode 0%o, uid %d, gid %d", (int)(ep - path), path,
111
	    (unsigned int)mode, (int)uid, (int)gid);
112
	if (len >= sizeof(name)) {
113
	    errno = ENAMETOOLONG;
114
	    if (!quiet)
115
		sudo_warn(U_("unable to mkdir %.*s"), (int)(ep - path), path);
116
	    goto bad;
117
	}
118
	memcpy(name, cp, len);
119
	name[len] = '\0';
120
reopen:
121
	dfd = openat(parentfd, name, O_RDONLY|O_NONBLOCK|O_DIRECTORY, 0);
122
	if (dfd == -1) {
123
	    if (errno != ENOENT) {
124
		if (!quiet) {
125
		    sudo_warn(U_("unable to open %.*s"),
126
			(int)(ep - path), path);
127
		}
128
		goto bad;
129
	    }
130
	    if (mkdirat(parentfd, name, mode) == 0) {
131
		dfd = openat(parentfd, name,
132
		    O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_NOFOLLOW, 0);
133
		if (dfd == -1) {
134
		    if (!quiet) {
135
			sudo_warn(U_("unable to open %.*s"),
136
			    (int)(ep - path), path);
137
		    }
138
		    goto bad;
139
		}
140
		/* Make sure the path we created is still a directory. */
141
		if (!is_dir(dfd, path, (int)(ep - path), quiet)) {
142
		    close(dfd);
143
		    goto bad;
144
		}
145
		if (uid != (uid_t)-1 && gid != (gid_t)-1) {
146
		    if (fchown(dfd, uid, gid) != 0) {
147
			sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
148
			    "%s: unable to chown %d:%d %.*s", __func__,
149
			    (int)uid, (int)gid, (int)(ep - path), path);
150
		    }
151
		}
152
	    } else {
153
		if (errno == EEXIST)
154
		    goto reopen;
155
		if (!quiet) {
156
		    sudo_warn(U_("unable to mkdir %.*s"),
157
			(int)(ep - path), path);
158
		}
159
		goto bad;
160
	    }
161
	} else {
162
	    /* Already exists, make sure it is a directory. */
163
	    if (!is_dir(dfd, path, (int)(ep - path), quiet)) {
164
		close(dfd);
165
		goto bad;
166
	    }
167
	}
168
	close(parentfd);
169
	parentfd = dfd;
170
    }
171

172
    debug_return_int(parentfd);
173
bad:
174
    if (parentfd != -1)
175
	close(parentfd);
176
    debug_return_int(-1);
177
}
178

179
/*
180
 * Create any parent directories needed by path (but not path itself).
181
 * Not currently used.
182
 */
183
bool
184
sudo_mkdir_parents_v1(const char *path, uid_t uid, gid_t gid, mode_t mode,
185
    bool quiet)
186
{
187
    int fd;
188
    debug_decl(sudo_mkdir_parents, SUDO_DEBUG_UTIL);
189

190
    fd = sudo_open_parent_dir(path, uid, gid, mode, quiet);
191
    if (fd == -1)
192
	debug_return_bool(false);
193
    close(fd);
194
    debug_return_bool(true);
195
}
196

197