Merge branch 'main' of https://github.com/supechicken/crew-sudo

Author: supechicken

README.md

@@ -25,7 +25,34 @@ It works in a similar way compared with popular Android root solutions like Magi
 
 All communication between the `sudo` server and client is done via Unix socket.
 
+![How it works](images/how-it-works.svg)
+
+## Usage
+All you need to do is start the `crew-sudo` daemon in VT-2 and `sudo` will work again in `crosh` :)
+
+```text
+sudo <command to execute or sudo options>
+---
+crew-sudo [command] <options>
+crew-sudo -h|--help
+crew-sudo -V|--version
+```
+
+|Command       |Description|
+|:-------------|:----------|
+|`client`      |Run as client mode, pass all given command arguments to daemon|
+|`daemon`      |Run as daemon mode, listen incoming requests at `/tmp/crew-sudo.socket`|
+|`stop-daemon` |Stop currently running `crew-sudo` daemon|
+
+---
+
+|Options       |Description|
+|:-------------|:----------|
+|`--bashrc`    |Suppress `daemon is already running` error|
+|`--foreground`|Run `crew-sudo` daemon in foreground|
+|`--replace`   |Replace the currently running `crew-sudo` daemon|
+
 ## What works currently
 - Send terminal input to command/send command output back to `crosh`
 - Handle terminal size events
-- Sync exit code
+- Sync exit code

autocomplete/crew-sudo.sh

@@ -0,0 +1,26 @@
+# bash completion for crew-sudo command
+
+function _crew-sudo () {
+  # available options
+  local avail_opts=(--bashrc --foreground --replace)
+
+  # available commands
+  local cmds=(client daemon stop-daemon)
+
+  # parameter that trigger this function
+  local current="${COMP_WORDS[COMP_CWORD]}"
+
+  if [[ "${current:0:1}" == '-' ]]; then
+    # match ${current} with available option list if ${current} start with '-'
+    # save result to $COMPREPLY variable
+    COMPREPLY=( $(compgen -W "${avail_opts[*]}" -- "${current}") )
+  elif [[ ${COMP_CWORD} == 1 ]]; then
+    # match ${current} with command list if ${current} is the first argument
+    COMPREPLY=( $(compgen -W "${cmds[*]}" -- "${current}") )
+  else
+    return 1
+  fi
+}
+
+# register this function as completion function for crew-sudo command
+complete -F _crew-sudo crew-sudo

autostart/crew-sudo.conf

@@ -11,5 +11,5 @@ script
   # - It dropped a controlling tty (std{in,err,out} are /dev/null).
   # - It calls setsid() for every job.
   # - It forked for us.
-  exec /usr/local/bin/crew-sudo --daemon --foreground
+  exec /usr/local/bin/crew-sudo daemon --foreground
 end script

autostart/crew-sudo.sh

@@ -1,4 +1,4 @@
 if grep -q '^/sbin/frecon' < "/proc/$(ps -p $PPID -o ppid= | tr -d ' ')/cmdline"; then
   # start crew-sudo daemon if running in VT-2
-  [ -f /tmp/crew-sudo.socket ] || crew-sudo --daemon
+  [ -f /tmp/crew-sudo.socket ] || crew-sudo daemon --bashrc
 fi

component/client.rb

@@ -10,7 +10,13 @@ def restore_console
 end
 
 def runas_client(argv)
-  $mode     = :client
+  $mode = :client
+
+  unless Process.euid == 1000
+    message 'Client executed by non-chronos user, falling back to sudo...'
+    exec($0, *ARGV)
+  end
+
   is_tty    = $stdin.isatty && $stdout.isatty && $stderr.isatty
   $tty_attr = %x[/bin/stty -g].chomp if is_tty
   socket    = UNIXSocket.open(SOCKET_PATH) # connect to daemon

component/daemon.rb

@@ -7,38 +7,67 @@
 def runas_daemon(argv)
   $mode = :daemon
 
+  if File.exist?(SOCKET_PATH) && File.exist?(PID_FILE_PATH)
+    if ARGV.include?('--replace')
+      Process.kill('TERM', File.read(PID_FILE_PATH).to_i)
+      sleep 0.1 while File.exist?(SOCKET_PATH)
+    else
+      if IS_BASHRC
+        warn "crew-sudo: Daemon started with PID #{File.read(PID_FILE_PATH)}"
+      else
+        message <<~EOT, loglevel: :error
+          crew-sudo daemon (process #{File.read(PID_FILE_PATH)}) is already running.
+
+          Use `#{PROGNAME} daemon --replace` to replace the running daemon.
+        EOT
+      end
+      exit 1
+    end
+  end
+
+  @server = UNIXServer.new(SOCKET_PATH) # create unix socket
+
+  # fix permission if we are running as root
+  File.chown(0, 1000, SOCKET_PATH) if Process.euid.zero?
+  File.chmod(0o660, SOCKET_PATH)
+
   # daemonize
-  Process.daemon(false, true) unless ARGV.include?('--foreground')
+  if ARGV.include?('--foreground')
+    warn "crew-sudo: Daemon started with PID #{Process.pid}"
+  else
+    Process.daemon(false, true)
+    warn "crew-sudo: Daemon started with PID #{Process.pid}"
 
-  Process.setproctitle('crew-sudo daemon process')
+    # redirect output to log
+    $log = File.open(DAEMON_LOG_PATH, 'w')
 
-  warn "crew-sudo: Daemon started with PID #{Process.pid}"
+    $stdin.reopen('/dev/null')
+    $stdout.reopen($log)
+    $stderr.reopen($log)
 
-  # redirect output to log
-  $log = File.open(DAEMON_LOG_PATH, 'w')
+    [$log, $stdout, $stderr].each {|io| io.sync = true }
+  end
 
-  $stdin.reopen('/dev/null')
-  $stdout.reopen($log)
-  $stderr.reopen($log)
+  Process.setproctitle('crew-sudo daemon process')
+  File.write(PID_FILE_PATH, Process.pid)
 
-  [$log, $stdout, $stderr].each {|io| io.sync = true }
+  message "Daemon running with PID #{Process.pid}"
 
-  if Process.uid.zero?
+  if Process.euid.zero?
     message 'Daemon running with root permission.'
   else
-    message "Daemon running under UID #{Process.uid}."
+    message "Daemon running under UID #{Process.euid}."
   end
 
-  message "Started with PID #{Process.pid}"
-
-  # create unix socket
-  @server = UNIXServer.new(SOCKET_PATH)
-  File.chmod(0o660, SOCKET_PATH)
+  Socket.accept_loop(@server) do |socket, _|
+    client_pid, client_uid, client_gid = socket.getsockopt(:SOL_SOCKET, :SO_PEERCRED).unpack('L*')
 
-  # fix permission if we are running as root
-  File.chown(0, 1000, SOCKET_PATH) if Process.uid.zero?
+    unless client_uid == 1000
+      message "Request from PID #{client_pid} rejected (only chronos user is allowed)"
+      socket.close
+      next
+    end
 
-  Socket.accept_loop(@server) do |socket, _|
     Thread.new do
       # receive client's stdin/stdout/stderr io from client
       client_stdin, client_stdout, client_stderr = [socket.recv_io, socket.recv_io, socket.recv_io]
@@ -62,7 +91,7 @@ def runas_daemon(argv)
             chdir: client_request[:cwd]
       end
 
-      message "Process #{pid} spawned: #{cmdline}"
+      message "Process #{pid} spawned by client (#{client_pid}): #{cmdline}"
       send_event(socket, 'cmdSpawned', { pid: pid })
 
       # listen to client events
@@ -103,6 +132,7 @@ def runas_daemon(argv)
     end
   end
 ensure
-  @server.close
+  @server&.close
   File.delete(SOCKET_PATH) if File.exist?(SOCKET_PATH)
-end
+  File.delete(PID_FILE_PATH) if File.exist?(PID_FILE_PATH)
+end

crew-sudo

@@ -9,21 +9,36 @@ $verbose = ENV['CREW_SUDO_VERBOSE'].eql?('1')
 case PROGNAME
 when 'crew-sudo'
   case ARGV[0]
-  when '-d', '--daemon'
+  when 'daemon'
     runas_daemon(ARGV[1..-1])
-  when '-c', '--client'
+  when 'client'
     runas_client(ARGV[1..-1])
+  when 'stop-daemon'
+    exit(0) unless File.exist?(PID_FILE_PATH)
+    pid = File.read(PID_FILE_PATH).to_i
+
+    begin
+      Process.kill('TERM', pid)
+      warn "crew-sudo: Daemon with PID #{pid} stopped"
+    rescue Errno::ESRCH
+    end
   when '-h', '--help'
     warn <<~EOT
       #{File.basename($0)} multi-purpose launcher
 
-      Usage: #{PROGNAME} [mode]
+      Usage: #{PROGNAME} [command] <options>
              #{PROGNAME} -h|--help
              #{PROGNAME} -V|--version
 
-      Available modes:
-        --daemon: Run as daemon mode, listen incoming requests at #{SOCKET_PATH}
-        --client: Run as client mode, pass all given command arguments to daemon
+      Available commands:
+        client       Run as client mode, pass all given command arguments to daemon
+        daemon       Run as daemon mode, listen incoming requests at #{SOCKET_PATH}
+        stop-daemon  Stop currently running crew-sudo daemon
+
+      Available options:
+        --bashrc      Suppress "daemon is already running" error
+        --foreground  Run crew-sudo daemon in foreground
+        --replace     Replace the currently running crew-sudo daemon
 
     EOT
   when '-V', '--version'