#include <lttng/lttng-consumer.h>
#include <lttngerr.h>
+#include <runas.h>
#include "channel.h"
#include "compat/poll.h"
#include "context.h"
#include "event.h"
#include "futex.h"
-#include "hashtable.h"
+#include "../common/hashtable.h"
#include "kernel.h"
#include "lttng-sessiond.h"
#include "shm.h"
int ret;
char *type = "debugfs";
- ret = mkdir_recursive(path, S_IRWXU | S_IRWXG, geteuid(), getegid());
+ ret = mkdir_recursive_run_as(path, S_IRWXU | S_IRWXG, geteuid(), getegid());
if (ret < 0) {
PERROR("Cannot create debugfs path");
goto error;
goto error;
}
- ret = mkdir_recursive(lus->pathname, S_IRWXU | S_IRWXG,
+ ret = mkdir_recursive_run_as(lus->pathname, S_IRWXU | S_IRWXG,
session->uid, session->gid);
if (ret < 0) {
if (ret != -EEXIST) {
session->kernel_session->consumer_fd = kconsumer_data.cmd_sock;
}
- ret = mkdir_recursive(session->kernel_session->trace_path,
+ ret = mkdir_recursive_run_as(session->kernel_session->trace_path,
S_IRWXU | S_IRWXG, session->uid, session->gid);
if (ret < 0) {
if (ret != -EEXIST) {
return ret;
}
+/*
+ * Check if the UID or GID match the session. Root user has access to
+ * all sessions.
+ */
+static int session_access_ok(struct ltt_session *session,
+ uid_t uid, gid_t gid)
+{
+ if (uid != session->uid && gid != session->gid
+ && uid != 0) {
+ return 0;
+ } else {
+ return 1;
+ }
+}
+
+static unsigned int lttng_sessions_count(uid_t uid, gid_t gid)
+{
+ unsigned int i = 0;
+ struct ltt_session *session;
+
+ DBG("Counting number of available session for UID %d GID %d",
+ uid, gid);
+ cds_list_for_each_entry(session, &session_list_ptr->head, list) {
+ /*
+ * Only list the sessions the user can control.
+ */
+ if (!session_access_ok(session, uid, gid)) {
+ continue;
+ }
+ i++;
+ }
+ return i;
+}
+
/*
* Using the session list, filled a lttng_session array to send back to the
* client for session listing.
* The session list lock MUST be acquired before calling this function. Use
* session_lock_list() and session_unlock_list().
*/
-static void list_lttng_sessions(struct lttng_session *sessions)
+static void list_lttng_sessions(struct lttng_session *sessions,
+ uid_t uid, gid_t gid)
{
- int i = 0;
+ unsigned int i = 0;
struct ltt_session *session;
- DBG("Getting all available session");
+ DBG("Getting all available session for UID %d GID %d",
+ uid, gid);
/*
* Iterate over session list and append data after the control struct in
* the buffer.
*/
cds_list_for_each_entry(session, &session_list_ptr->head, list) {
+ /*
+ * Only list the sessions the user can control.
+ */
+ if (!session_access_ok(session, uid, gid)) {
+ continue;
+ }
strncpy(sessions[i].path, session->path, PATH_MAX);
sessions[i].path[PATH_MAX - 1] = '\0';
strncpy(sessions[i].name, session->name, NAME_MAX);
break;
}
+ /*
+ * Check that the UID or GID match that of the tracing session.
+ * The root user can interact with all sessions.
+ */
+ if (need_tracing_session) {
+ if (!session_access_ok(cmd_ctx->session,
+ cmd_ctx->creds.uid, cmd_ctx->creds.gid)) {
+ ret = LTTCOMM_EPERM;
+ goto error;
+ }
+ }
+
/* Process by command type */
switch (cmd_ctx->lsm->cmd_type) {
case LTTNG_ADD_CONTEXT:
}
case LTTNG_LIST_SESSIONS:
{
- session_lock_list();
+ unsigned int nr_sessions;
- if (session_list_ptr->count == 0) {
+ session_lock_list();
+ nr_sessions = lttng_sessions_count(cmd_ctx->creds.uid, cmd_ctx->creds.gid);
+ if (nr_sessions == 0) {
ret = LTTCOMM_NO_SESSION;
session_unlock_list();
goto error;
}
-
- ret = setup_lttng_msg(cmd_ctx, sizeof(struct lttng_session) *
- session_list_ptr->count);
+ ret = setup_lttng_msg(cmd_ctx, sizeof(struct lttng_session) * nr_sessions);
if (ret < 0) {
session_unlock_list();
goto setup_error;
}
/* Filled the session array */
- list_lttng_sessions((struct lttng_session *)(cmd_ctx->llm->payload));
+ list_lttng_sessions((struct lttng_session *)(cmd_ctx->llm->payload),
+ cmd_ctx->creds.uid, cmd_ctx->creds.gid);
session_unlock_list();