From patchwork Mon Mar 23 16:00:00 2015
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alexandru Ardelean <ardeleanalex@gmail.com>
X-Patchwork-Id: 453518
X-Patchwork-Delegate: jow@openwrt.org
Return-Path: <openwrt-devel-bounces@lists.openwrt.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from arrakis.dune.hu (arrakis.dune.hu [78.24.191.176])
	(using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 128E61400F1
	for <incoming@patchwork.ozlabs.org>;
	Tue, 24 Mar 2015 03:00:23 +1100 (AEDT)
Authentication-Results: ozlabs.org; dkim=fail
	reason="verification failed; unprotected key"
	header.d=gmail.com header.i=@gmail.com header.b=dWuiEV/G;
	dkim-adsp=none (unprotected policy); dkim-atps=neutral
Received: from arrakis.dune.hu (localhost [127.0.0.1])
	by arrakis.dune.hu (Postfix) with ESMTP id 4272728C674;
	Mon, 23 Mar 2015 16:59:43 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on arrakis.dune.hu
X-Spam-Level: 
X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	T_DKIM_INVALID autolearn=unavailable version=3.3.2
Received: from arrakis.dune.hu (localhost [127.0.0.1])
	by arrakis.dune.hu (Postfix) with ESMTP id CC43028C674
	for <openwrt-devel@lists.openwrt.org>;
	Mon, 23 Mar 2015 16:59:38 +0100 (CET)
X-policyd-weight: using cached result; rate: -8.5
Received: from mail-wi0-f177.google.com (mail-wi0-f177.google.com
	[209.85.212.177]) by arrakis.dune.hu (Postfix) with ESMTPS
	for <openwrt-devel@lists.openwrt.org>;
	Mon, 23 Mar 2015 16:59:38 +0100 (CET)
Received: by wixw10 with SMTP id w10so67315208wix.0
	for <openwrt-devel@lists.openwrt.org>;
	Mon, 23 Mar 2015 09:00:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=oA5p1P3363cV3r5lhT7kgkZyd8XjVzbl5y0u4QlZCZ0=;
	b=dWuiEV/GQNv5cRoP7dptnYr5R3xupB99rksQXlW496gHllVjGli6NkG/VlxC+0FHUJ
	a5+D2wteO2rWXgH8PsvgguYLk0u1GYHIXjGa3J7qMJdQcEm5HACRHwhd1WOof7S/RkUv
	UlzNaoNgExo4UJ9G+iXhQWQULSaQMd6QjUCghwJROrAmp1Ihmgme6WER92DMlOwZlUpZ
	iWG7Hpm4dAsfNoKAcs0zJFX0YcEfB+o2PElmT/OQox0AahjMV0TCnf5OZuR+e0W3hebv
	rVRrKOkG1DIQfFDOjtpz2XSrDnsF/Tlb7S8Lq9QYXp6sCKZanZwx093DrneHa7nXsTkR
	rVhA==
X-Received: by 10.194.121.68 with SMTP id
	li4mr187439613wjb.138.1427126410066;
	Mon, 23 Mar 2015 09:00:10 -0700 (PDT)
Received: from orion.local ([194.105.29.179])
	by mx.google.com with ESMTPSA id
	q10sm1954005wjr.41.2015.03.23.09.00.09
	(version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
	Mon, 23 Mar 2015 09:00:09 -0700 (PDT)
From: Alexandru Ardelean <ardeleanalex@gmail.com>
To: openwrt-devel@lists.openwrt.org 
Date: Mon, 23 Mar 2015 18:00:00 +0200
Message-Id: <1427126400-26800-1-git-send-email-ardeleanalex@gmail.com>
X-Mailer: git-send-email 2.1.2
In-Reply-To: <1427110307-22262-1-git-send-email-ardeleanalex@gmail.com>
References: <1427110307-22262-1-git-send-email-ardeleanalex@gmail.com>
Subject: [OpenWrt-Devel] [PATCH][RESEND V2] lldpd: add option to disable
	privilege separation
X-BeenThere: openwrt-devel@lists.openwrt.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OpenWrt Development List <openwrt-devel.lists.openwrt.org>
List-Unsubscribe: 
 <https://lists.openwrt.org/cgi-bin/mailman/options/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=unsubscribe>
List-Archive: <http://lists.openwrt.org/pipermail/openwrt-devel/>
List-Post: <mailto:openwrt-devel@lists.openwrt.org>
List-Help: <mailto:openwrt-devel-request@lists.openwrt.org?subject=help>
List-Subscribe: 
 <https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel>,
	<mailto:openwrt-devel-request@lists.openwrt.org?subject=subscribe>
MIME-Version: 1.0
Errors-To: openwrt-devel-bounces@lists.openwrt.org
Sender: "openwrt-devel" <openwrt-devel-bounces@lists.openwrt.org>

Helpful to disable when debugging lldpd crashes (when working on it).
When privilege separation is on, some crashes are stack-traced to
some privilege separation code.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
---
 package/network/services/lldpd/Config.in           |  5 ++
 package/network/services/lldpd/Makefile            |  2 +
 ...lookup-for-_lldpd-when-privsep-is-disable.patch | 73 ++++++++++++++++++++++
 3 files changed, 80 insertions(+)
 create mode 100644 package/network/services/lldpd/patches/001-priv-don-t-lookup-for-_lldpd-when-privsep-is-disable.patch

diff --git a/package/network/services/lldpd/Config.in b/package/network/services/lldpd/Config.in
index a416490..448506d 100644
--- a/package/network/services/lldpd/Config.in
+++ b/package/network/services/lldpd/Config.in
@@ -1,6 +1,11 @@
 menu "Configuration"
 	depends on PACKAGE_lldpd
 
+config LLDPD_WITH_PRIVSEP
+	bool
+	default y
+	prompt "Enable privilege separation (run lldpd with a chrooted 'lldp' user)"
+
 config LLDPD_WITH_CDP
 	bool
 	default y
diff --git a/package/network/services/lldpd/Makefile b/package/network/services/lldpd/Makefile
index ff367f1..d80840e 100644
--- a/package/network/services/lldpd/Makefile
+++ b/package/network/services/lldpd/Makefile
@@ -85,9 +85,11 @@ define Package/lldpd/conffiles
 endef
 
 CONFIGURE_ARGS += \
+	$(if $(CONFIG_LLDPD_WITH_PRIVSEP), \
 	--with-privsep-user=lldp \
 	--with-privsep-group=lldp \
 	--with-privsep-chroot=/var/run/lldp \
+	,--disable-privsep) \
 	--with-readline=no \
 	--with-embedded-libevent=no \
 	$(if $(CONFIG_LLDPD_WITH_CDP),,--disable-cdp) \
diff --git a/package/network/services/lldpd/patches/001-priv-don-t-lookup-for-_lldpd-when-privsep-is-disable.patch b/package/network/services/lldpd/patches/001-priv-don-t-lookup-for-_lldpd-when-privsep-is-disable.patch
new file mode 100644
index 0000000..907c21b
--- /dev/null
+++ b/package/network/services/lldpd/patches/001-priv-don-t-lookup-for-_lldpd-when-privsep-is-disable.patch
@@ -0,0 +1,73 @@
+From 28bf40220840c277d70ed66f6d58729ebb975de8 Mon Sep 17 00:00:00 2001
+From: Vincent Bernat <vincent@bernat.im>
+Date: Thu, 12 Feb 2015 08:07:43 +0100
+Subject: [PATCH] priv: don't lookup for _lldpd when privsep is disabled
+
+Closes #95
+---
+ src/daemon/lldpd.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/src/daemon/lldpd.c b/src/daemon/lldpd.c
+index f868fc7..6a3a160 100644
+--- a/src/daemon/lldpd.c
++++ b/src/daemon/lldpd.c
+@@ -1335,11 +1335,13 @@ lldpd_main(int argc, char *argv[], char *envp[])
+ 	int receiveonly = 0;
+ 	int ctl;
+ 
++#ifdef ENABLE_PRIVSEP
+ 	/* Non privileged user */
+ 	struct passwd *user;
+ 	struct group *group;
+ 	uid_t uid;
+ 	gid_t gid;
++#endif
+ 
+ 	saved_argv = argv;
+ 
+@@ -1493,12 +1495,14 @@ lldpd_main(int argc, char *argv[], char *envp[])
+ 	log_debug("main", "lldpd starting...");
+ 
+ 	/* Grab uid and gid to use for priv sep */
++#ifdef ENABLE_PRIVSEP
+ 	if ((user = getpwnam(PRIVSEP_USER)) == NULL)
+ 		fatal("main", "no " PRIVSEP_USER " user for privilege separation");
+ 	uid = user->pw_uid;
+ 	if ((group = getgrnam(PRIVSEP_GROUP)) == NULL)
+ 		fatal("main", "no " PRIVSEP_GROUP " group for privilege separation");
+ 	gid = group->gr_gid;
++#endif
+ 
+ 	/* Create and setup socket */
+ 	int retry = 1;
+@@ -1526,12 +1530,14 @@ lldpd_main(int argc, char *argv[], char *envp[])
+ 		log_warn("main", "unable to create control socket");
+ 		fatalx("giving up");
+ 	}
++#ifdef ENABLE_PRIVSEP
+ 	if (chown(ctlname, uid, gid) == -1)
+ 		log_warn("main", "unable to chown control socket");
+ 	if (chmod(ctlname,
+ 		S_IRUSR | S_IWUSR | S_IXUSR |
+ 		S_IRGRP | S_IWGRP | S_IXGRP) == -1)
+ 		log_warn("main", "unable to chmod control socket");
++#endif
+ 
+ 	/* Disable SIGPIPE */
+ 	signal(SIGPIPE, SIG_IGN);
+@@ -1576,7 +1582,11 @@ lldpd_main(int argc, char *argv[], char *envp[])
+ 	}
+ 
+ 	log_debug("main", "initialize privilege separation");
++#ifdef ENABLE_PRIVSEP
+ 	priv_init(PRIVSEP_CHROOT, ctl, uid, gid);
++#else
++	priv_init(PRIVSEP_CHROOT, ctl, 0, 0);
++#endif
+ 
+ 	/* Initialization of global configuration */
+ 	if ((cfg = (struct lldpd *)
+-- 
+2.1.2
+