zuluCrypt  5.7.1
About: zuluCrypt is a simple but feature rich solution for hard drives encryption. It can manage PLAIN dm-crypt, LUKS, TrueCrypt and VeraCrypt encrypted volumes.
  Fossies Dox: zuluCrypt-5.7.1.tar.xz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

bind.c
Go to the documentation of this file.
1 /*
2 *
3 * Copyright (c) 2013-2015
4 * name : Francis Banyikwa
5 * email: mhogomchungu@gmail.com
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 2 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19 
20 #include "includes.h"
21 #include <sys/mount.h>
22 #include "../lib/includes.h"
23 
24 /*
25  * default value of "SHARE_MOUNT_PREFIX" is "/run/media/public"
26  */
27 #include "share_mount_prefix_path.h"
28 
29 #include <sys/stat.h>
30 #include <unistd.h>
31 
32 static void _chmod( const char * x,mode_t y )
33 {
34  if( chmod( x,y ) ){;}
35 }
36 
37 static int _zuluCryptBindUnmountVolume( stringList_t stx,const char * device,uid_t uid )
38 {
39  stringList_t stl ;
40  string_t xt ;
41  string_t st ;
42  string_t zt ;
43  ssize_t index = -1 ;
44  const char * f ;
45  const char * g ;
46  char * h = NULL ;
47  int r = 1 ;
48  int k ;
49 
50  /*
51  * zuluCryptUserIsAMemberOfAGroup() is defined in security.c
52  */
53  /*
54  * root user is a member of all groups and hence is allowed
55  */
56  int allowedUser = zuluCryptUserIsAMemberOfAGroup( uid,"zulumount" ) ;
57 
59 
60  if( StringPrefixEqual( device,"/dev/loop" ) ){
61 
62  /*
63  * zuluCryptLoopDeviceAddress_2() is defined in ../lib/create_loop_device.c
64  */
65 
66  st = zuluCryptLoopDeviceAddress_2( device ) ;
67 
68  /*
69  * Add a space at the end of the device name to make sure we check the full device name to avoid possible collisions
70  * that may exist if one device is named "/home/abc" and another "/home/abcdef"
71  */
72 
73  zt = StringListHasStartSequence_1( stx,StringAppend( st," " ) ) ;
74 
75  StringRemoveRight( st,1 ) ;
76 
77  device = h = StringDeleteHandle( &st ) ;
78  }else{
79  /*
80  * Add a space at the end of the device name to make sure we check the full device name to avoid possible collisions
81  * that may exist if one device is named "/dev/sdc1" and another "/dev/sdc12"
82  */
83  st = String( device ) ;
84  zt = StringListHasStartSequence_1( stx,StringAppend( st," " ) ) ;
85  StringDelete( &st ) ;
86  }
87 
88  if( zt == StringVoid ){
89  /*
90  * The volume does not appear to be mounted
91  */
92  r = 1 ;
93  }else{
94  stl = StringListStringSplit( zt,' ' ) ;
95 
97 
98  StringListDelete( &stl ) ;
99 
100  st = StringCopy( xt ) ;
101 
102  /*
103  * zuluCryptDecodeMountEntry() is defined in ../lib/mount_volume.c
104  * g will contain something like "/run/media/private/$USER/sdc1"
105  */
106  g = zuluCryptDecodeMountEntry( st ) ;
107 
108  if( allowedUser ){
109  /*
110  * a privileged user is attempting to unmount a shared mount point,allow them
111  */
112  k = 1 ;
113  }else{
114  /*
115  * a non privileged user is attempting to unmount a shared mount point,allow them only if
116  * they are the one that created it
117  */
118  /*
119  * zuluCryptMountPointPrefixMatch() is defined in create_mount_point.c
120  */
121  k = zuluCryptMountPointPrefixMatch( g,uid,NULL ) ;
122  }
123 
124  StringDelete( &st ) ;
125 
126  if( k != 1 ){
127  /*
128  * One none privileged user is attempting to unmount a bind mount from another use,disallow it
129  */
130  r = 4 ;
131  }else{
132  index = StringLastIndexOfChar( xt,'/' ) + 1 ;
133  StringRemoveLeft( xt,index ) ;
134 
135  StringPrepend( xt,SHARE_MOUNT_PREFIX "/" ) ;
136 
137  /*
138  * f will now contain something like "/run/media/public/sdc1"
139  * space character is added before checking to avoid possible collisions
140  * as explained in above comments
141  */
142  f = StringAppend( xt," " ) ;
143  zt = StringListHasSequence_1( stx,f ) ;
144  f = StringRemoveRight( xt,1 ) ;
145 
146  if( zt == StringVoid ){
147 
148  /*
149  * volume is not shared
150  */
151  }else{
152  /*
153  * volume is shared,try to unmount it
154  * a volume is assumed to be shared if its device path in mountinfo has two mount points,one
155  * in /run/media/private/$USER and the other in /run/media/public/
156  */
157 
158  if( StringStartsWith( zt,device ) ){
159 
160  f = zuluCryptDecodeMountEntry( xt ) ;
161  /*
162  * good,the device associated with the shared mount is the same as that of the
163  * private mount,try to unmount it.
164  */
165  r = 3 ;
166 
167  for( k = 0 ; k < 3 ; k++ ){
168 
169  /*
170  * try to unmount 3 times before giving up
171  */
172  if( umount( f ) == 0 ){
173 
174  rmdir( f ) ;
175  r = 0 ;
176  break ;
177  }else{
178  sleep( 1 ) ;
179  }
180  }
181  }else{
182  /*
183  * i dont see how we will get here,we shouldnt
184  */
185  r = 0 ;
186  }
187  }
188  }
189 
190  StringDelete( &xt ) ;
191  }
192 
193  StringFree( h ) ;
194 
196 
197  return r ;
198 }
199 
200 int zuluCryptBindUnmountVolume( stringList_t stx,const char * device,uid_t uid )
201 {
202  stringList_t stl ;
203  int r ;
204 
205  if( stx == StringListVoid ){
206 
207  /*
208  * zuluCryptGetMoutedList() is defined in ../lib/mountinfo.c
209  */
210 
211  stl = zuluCryptGetMoutedList() ;
212 
213  r = _zuluCryptBindUnmountVolume( stl,device,uid ) ;
214 
215  StringListDelete( &stl ) ;
216 
217  return r ;
218  }else{
219  return _zuluCryptBindUnmountVolume( stx,device,uid ) ;
220  }
221 }
222 
224 {
225  struct stat str ;
226 
227  ssize_t index = StringLastIndexOfChar( path,'/' ) ;
228 
229  string_t st = String( SHARE_MOUNT_PREFIX ) ;
230 
231  const char * e = StringAppend( st,StringContent( path ) + index ) ;
232 
233  int r = stat( e,&str ) ;
234 
235  StringDelete( &st ) ;
236 
237  return r == 0 ;
238 }
239 
240 int zuluCryptBindMountVolume( const char * device,string_t z_path,unsigned long flags )
241 {
242  struct stat st ;
243  string_t path ;
244  string_t tmp ;
245  ssize_t index = StringLastIndexOfChar( z_path,'/' ) ;
246  const char * o_path = StringContent( z_path ) ;
247  const char * m_path ;
248  const char * e ;
249  int xt ;
250 
251  stringList_t stl ;
252 
253  if( index == -1 ){
254 
255  return 1 ;
256  }
257  if( device ){;}
258 
260 
261  /*
262  * zuluCryptGetMoutedList() is defined in ../lib/process_mountinfo.c
263  */
264 
265  stl = zuluCryptGetMoutedList() ;
266 
267  path = String( SHARE_MOUNT_PREFIX "/" ) ;
268  m_path = StringAppend( path,o_path + index + 1 ) ;
269 
270  /*
271  * zuluCryptCreateMountPath() is defined in create_mount_point.c
272  */
273  zuluCryptCreateMountPath( SHARE_MOUNT_PREFIX ) ;
274 
275  if( stat( m_path,&st ) == 0 ){
276 
277  _chmod( m_path,st.st_mode | S_IXOTH | S_IROTH ) ;
278  /*
279  * bind mount point exists,this will happen if the mount point is already taken or a mount point folder
280  * was not autodeleted for some reason
281  */
282  tmp = StringCopy( path ) ;
283  e = StringAppend( tmp," " ) ;
284 
285  if( StringListHasSequence( stl,e ) != -1 ){
286 
287  /*
288  * An attempt is made to bind mount on a path already bind mounted path,dont attempt to mount
289  */
290 
291  xt = 1 ;
292  }else{
293  /*
294  * the mount point folder is there for some reason but is not being used.
295  */
296  xt = mount( o_path,m_path,"",flags|MS_BIND,"" ) ;
297  }
298  StringDelete( &tmp ) ;
299  }else{
300  zuluCryptCreateMountPath( m_path ) ;
301 
302  xt = mount( o_path,m_path,"",flags|MS_BIND,"" ) ;
303 
304  if( xt != 0 ){
305 
306  rmdir( m_path ) ;
307  }
308  }
309 
310  StringListDelete( &stl ) ;
311  StringDelete( &path ) ;
313  return xt ;
314 }
StringRemoveLeft
const char * StringRemoveLeft(string_t st, size_t x)
Definition: String.c:647
StringListVoid
#define StringListVoid
Definition: StringList.h:41
StringCopy
string_t StringCopy(string_t st)
Definition: String.c:260
zuluCryptMountPointPrefixMatch
int zuluCryptMountPointPrefixMatch(const char *m_path, uid_t uid, string_t *m_point)
Definition: create_mount_point.c:390
StringStartsWith
int StringStartsWith(string_t st, const char *s)
Definition: String.c:821
StringListHasStartSequence_1
string_t StringListHasStartSequence_1(stringList_t stl, const char *str)
Definition: StringList.c:897
zuluCryptLoopDeviceAddress_2
string_t zuluCryptLoopDeviceAddress_2(const char *device)
Definition: create_loop_device.c:101
zuluCryptCreateMountPath
void zuluCryptCreateMountPath(const char *path)
Definition: create_mount_point.c:291
zuluCryptBindMountVolume
int zuluCryptBindMountVolume(const char *device, string_t z_path, unsigned long flags)
Definition: bind.c:240
StringPrepend
const char * StringPrepend(string_t st, const char *s)
Definition: String.c:1015
zuluCryptUserIsAMemberOfAGroup
int zuluCryptUserIsAMemberOfAGroup(uid_t uid, const char *groupname)
Definition: mount_fs_options.c:172
StringListDelete
void StringListDelete(stringList_t *stl)
Definition: StringList.c:1184
StringListStringSplit
stringList_t StringListStringSplit(string_t st, char splitter)
Definition: StringList.c:483
_zuluCryptBindUnmountVolume
static int _zuluCryptBindUnmountVolume(stringList_t stx, const char *device, uid_t uid)
Definition: bind.c:37
zuluCryptBindSharedMountPointPathTaken
int zuluCryptBindSharedMountPointPathTaken(string_t path)
Definition: bind.c:223
StringLastIndexOfChar
ssize_t StringLastIndexOfChar(string_t st, char s)
Definition: String.c:488
StringDeleteHandle
char * StringDeleteHandle(string_t *xt)
Definition: String.c:233
StringContent
static const __inline__ char * StringContent(string_t st)
Definition: String.h:1011
StringType
Definition: String.c:49
StringListHasSequence_1
string_t StringListHasSequence_1(stringList_t stl, const char *str)
Definition: StringList.c:858
zuluCryptSecurityDropElevatedPrivileges
int zuluCryptSecurityDropElevatedPrivileges(void)
Definition: security.c:109
zuluCryptGetMoutedList
stringList_t zuluCryptGetMoutedList(void)
Definition: mountinfo.c:159
_chmod
static void _chmod(const char *x, mode_t y)
Definition: bind.c:32
String
string_t String(const char *cstring)
Definition: String.c:318
zuluCryptSecurityGainElevatedPrivileges
int zuluCryptSecurityGainElevatedPrivileges(void)
Definition: security.c:64
StringListHasSequence
ssize_t StringListHasSequence(stringList_t stl, const char *str)
Definition: StringList.c:832
zuluCryptDecodeMountEntry
const char * zuluCryptDecodeMountEntry(string_t)
Definition: mount_volume.c:417
StringListType
Definition: StringList.c:33
zuluCryptBindUnmountVolume
int zuluCryptBindUnmountVolume(stringList_t stx, const char *device, uid_t uid)
Definition: bind.c:200
e
static QString e
Definition: about.cpp:31
StringDelete
void StringDelete(string_t *st)
Definition: String.c:162
StringListCopyStringAtSecondPlace
static __inline__ string_t StringListCopyStringAtSecondPlace(stringList_t stl)
Definition: StringList.h:475
StringRemoveRight
const char * StringRemoveRight(string_t st, size_t x)
Definition: String.c:634
StringAppend
const char * StringAppend(string_t st, const char *s)
Definition: String.c:1052
includes.h
StringPrefixEqual
static __inline__ int StringPrefixEqual(const char *x, const char *y)
Definition: String.h:905
StringFree
static __inline__ void StringFree(const void *str)
Definition: String.h:823
StringVoid
#define StringVoid
Definition: String.h:47