mirrors/passt
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

make conf_ugid() exit immediately after logging error

Browse source 
Again, it can then be made to return void, simplifying the caller.

Signed-off-by: Laine Stump <laine@redhat.com>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
Laine Stump 2023-02-15 03:24:34 -05:00 committed by Stefano Brivio
parent fe2a54e86e
commit ead4a98111
1 changed files with 9 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
conf.c
View file

@ -995,22 +995,18 @@ static int conf_runas(char *opt, unsigned int *uid, unsigned int *gid)
* @runas: --runas option, may be NULL * @runas: --runas option, may be NULL
* @uid: User ID, set on success * @uid: User ID, set on success
* @gid: Group ID, set on success * @gid: Group ID, set on success
*
* Return: 0 on success, negative error code on failure
*/ */
static int conf_ugid(char *runas, uid_t *uid, gid_t *gid) static void conf_ugid(char *runas, uid_t *uid, gid_t *gid)
{ {
const char root_uid_map[] = " 0 0 4294967295"; const char root_uid_map[] = " 0 0 4294967295";
char buf[BUFSIZ]; char buf[BUFSIZ];
int ret;
int fd; int fd;
/* If user has specified --runas, that takes precedence... */ /* If user has specified --runas, that takes precedence... */
if (runas) { if (runas) {
ret = conf_runas(runas, uid, gid); if (conf_runas(runas, uid, gid))
if (ret) die("Invalid --runas option: %s", runas);
err("Invalid --runas option: %s", runas); return;
return ret;
} }
/* ...otherwise default to current user and group... */ /* ...otherwise default to current user and group... */
@ -1019,20 +1015,18 @@ static int conf_ugid(char *runas, uid_t *uid, gid_t *gid)
/* ...as long as it's not root... */ /* ...as long as it's not root... */
if (*uid) if (*uid)
return 0; return;
/* ...or at least not root in the init namespace... */ /* ...or at least not root in the init namespace... */
if ((fd = open("/proc/self/uid_map", O_RDONLY | O_CLOEXEC)) < 0) { if ((fd = open("/proc/self/uid_map", O_RDONLY | O_CLOEXEC)) < 0) {
ret = -errno; die("Can't determine if we're in init namespace: %s",
err("Can't determine if we're in init namespace: %s", strerror(errno));
strerror(-ret));
return ret;
} }
if (read(fd, buf, BUFSIZ) != sizeof(root_uid_map) || if (read(fd, buf, BUFSIZ) != sizeof(root_uid_map) ||
strncmp(buf, root_uid_map, sizeof(root_uid_map) - 1)) { strncmp(buf, root_uid_map, sizeof(root_uid_map) - 1)) {
close(fd); close(fd);
return 0; return;
} }
close(fd); close(fd);
@ -1056,7 +1050,6 @@ static int conf_ugid(char *runas, uid_t *uid, gid_t *gid)
*uid = *gid = 65534; *uid = *gid = 65534;
#endif #endif
} }
return 0;
} }
/** /**
@ -1520,9 +1513,7 @@ void conf(struct ctx *c, int argc, char **argv)
if (*c->sock_path && c->fd_tap >= 0) if (*c->sock_path && c->fd_tap >= 0)
die("Options --socket and --fd are mutually exclusive"); die("Options --socket and --fd are mutually exclusive");
ret = conf_ugid(runas, &uid, &gid); conf_ugid(runas, &uid, &gid);
if (ret)
usage(argv[0]);
if (logfile) { if (logfile) {
logfile_init(c->mode == MODE_PASST ? "passt" : "pasta", logfile_init(c->mode == MODE_PASST ? "passt" : "pasta",