Merge pull request #27 from LeChatP/develop

more tests and fixes
LeChatP · Jul 15, 2023 · fb9a2db · fb9a2db
2 parents 08ddd55 + c672885
commit fb9a2db
Show file tree

Hide file tree

Showing 7 changed files with 485 additions and 300 deletions.
diff --git a/src/params.c b/src/params.c
@@ -36,8 +36,8 @@ static settings_t options = { .env_keep = d_keep_vars,
 			      .path = d_path,
 			      .setuid = NULL,
 			      .setgid = NULL,
-			      .no_root = 1,
-			      .bounding = 1 };
+			      .disable_root = 1,
+			      .apply_bounding = 1 };
 
 /**
  * @brief Set the POSIX user variables
@@ -94,28 +94,24 @@ settings_t *default_options_get(){
 }
 
 void set_default_options(settings_t *settings){
-	if(settings->env_keep == NULL){
-		settings->env_keep = d_keep_vars;
-	}
-	if(settings->env_check == NULL){
-		settings->env_check = d_check_vars;
-	}
-	if(settings->path == NULL){
-		settings->path = d_path;
+	if (settings == NULL){
+		return;
 	}
+	settings->env_keep = d_keep_vars;
+	settings->env_check = d_check_vars;
+	settings->path = d_path;
 	settings->setuid = NULL;
 	settings->setgid = NULL;
-	if(settings->no_root == 0){
-		settings->no_root = 1;
-	}
-	if(settings->bounding == 0){
-		settings->bounding = 1;
-	}
+	settings->disable_root = 1;
+	settings->apply_bounding = 1;
 	settings->role = NULL;
 	settings->iab = cap_iab_init();
 }
 
 void options_assign(settings_t *dst, settings_t *src) {
+	if (src == NULL || dst == NULL) {
+		return;
+	}
 	if (src->env_keep != NULL) {
 		dst->env_keep = src->env_keep;
 	}
@@ -131,8 +127,8 @@ void options_assign(settings_t *dst, settings_t *src) {
 	if (src->setgid != NULL) {
 		dst->setgid = src->setgid;
 	}
-	dst->no_root = src->no_root;
-	dst->bounding = src->bounding;
+	dst->disable_root = src->disable_root;
+	dst->apply_bounding = src->apply_bounding;
 	if (src->role != NULL) {
 		dst->role = src->role;
 	}
@@ -197,11 +193,11 @@ void set_options_from_node(xmlNodePtr options_node, settings_t *options)
 		if (node->type == XML_ELEMENT_NODE) {
 			if (!xmlStrcmp(node->name,
 				       (const xmlChar *)"allow-root")) {
-						options->no_root = !option_enforced(node);
+						options->disable_root = !option_enforced(node);
 			} else if (!xmlStrcmp(
 					   node->name,
 					   (const xmlChar *)"allow-bounding")) {
-				options->bounding = !option_enforced(node);
+				options->apply_bounding = !option_enforced(node);
 			} else if (!xmlStrcmp(node->name,
 					      (const xmlChar *)"path")) {
 				options->path = (char *)xmlNodeGetContent(node);
@@ -257,7 +253,7 @@ void free_options(settings_t *options)
 {
 	//free(options->role);
 	//free(options->iab);
-	options->bounding = 0;
+	options->apply_bounding = 0;
 }
 
 /* 

diff --git a/src/params.h b/src/params.h
@@ -27,8 +27,8 @@ struct s_settings {
     char *role;
     char *setuid;
     char *setgid;
-    int no_root;
-    int bounding;
+    int disable_root;
+    int apply_bounding;
     cap_iab_t iab;
 };
 

diff --git a/src/sr.c b/src/sr.c
@@ -223,7 +223,7 @@ int sr_setcaps(settings_t *settings)
 */
 int sr_noroot(settings_t *options)
 {
-	if (options->no_root) {
+	if (options->disable_root) {
 		if (activates_securebits()) {
 			error(0, 0, "Unable to activate securebits");
 			syslog(LOG_ERR, "Unable to activate securebits");
@@ -290,9 +290,9 @@ int main(int argc, char *argv[])
 
 	if (arguments.info) {
 		if (arguments.role == NULL)
-			print_rights(user, RESTRICTED);
+			print_rights(user);
 		else {
-			print_rights_role(arguments.role, user, RESTRICTED);
+			print_rights_role(arguments.role, user);
 		}
 		goto free_error;
 	}
@@ -313,7 +313,7 @@ int main(int argc, char *argv[])
 			goto free_error;
 		}		   	
 	} else {
-		int ret = get_settings_from_config(user, cmd, &options);
+		int ret = get_settings_from_config(XML_FILE, user, cmd, &options);
 		if (!ret) {
 			syslog(LOG_ERR,
 			       "User '%s' tries to execute '%s', without permission",