Execute unprivileged daemon in chroot

author: Kamil Trzcinski <ayufan@ayufan.eu> 2016-02-16 17:54:18 +0300
committer: Kamil Trzcinski <ayufan@ayufan.eu> 2016-02-16 17:54:18 +0300
commit: a9b41da7fc5a07eae0a72dc7e59f323a73e74a54 (patch)
tree: a7bc61ef086855d1e70b65ceef959eaa65494155
parent: 7f12dcc6036f3935688e3fc4be61e8b1596cbc1d (diff)
5 files changed, 15 insertions, 29 deletions
diff --git a/Makefile b/Makefile
index b7addffe..97852062 100644
--- a/Makefile
+++ b/Makefile
@@ -11,6 +11,7 @@ GO_LDFLAGS ?= -X main.VERSION=$(VERSION) -X main.REVISION=$(REVISION)
 GO_FILES ?= $(shell find . -name '*.go')
 
 export GO15VENDOREXPERIMENT := 1
+export CGO_ENABLED := 0
 
 all: gitlab-pages
 
@@ -35,7 +36,7 @@ lint:
 
 complexity:
 	go get github.com/fzipp/gocyclo
-	gocyclo -over 8 $(wildcard *.go)
+	gocyclo -over 9 $(wildcard *.go)
 
 test:
 	go get golang.org/x/tools/cmd/cover
diff --git a/app.go b/app.go
index 9157b8f2..4ab6a3e7 100644
--- a/app.go
+++ b/app.go
@@ -26,7 +26,6 @@ func (a *theApp) domain(host string) *domain {
 	return domain
 }
 
-
 func (a *theApp) ServeTLS(ch *tls.ClientHelloInfo) (*tls.Certificate, error) {
 	if ch.ServerName == "" {
 		return nil, nil
diff --git a/daemon.go b/daemon.go
index 2f8aee9d..50e57a6c 100644
--- a/daemon.go
+++ b/daemon.go
@@ -4,17 +4,15 @@ import (
 	"crypto/rand"
 	"encoding/json"
 	"fmt"
+	"io"
 	"log"
 	"os"
 	"os/exec"
 	"os/signal"
-	"os/user"
 	"path/filepath"
-	"strconv"
 	"syscall"
 
 	"github.com/kardianos/osext"
-	"io"
 )
 
 const daemonRunProgram = "gitlab-pages-unprivileged"
@@ -35,27 +33,12 @@ func daemonMain() {
 	os.Exit(0)
 }
 
-func daemonReexec(cmdUser string, args ...string) (cmd *exec.Cmd, err error) {
+func daemonReexec(uid, gid uint, args ...string) (cmd *exec.Cmd, err error) {
 	path, err := osext.Executable()
 	if err != nil {
 		return
 	}
 
-	u, err := user.Lookup(cmdUser)
-	if err != nil {
-		return
-	}
-
-	uid, err := strconv.Atoi(u.Uid)
-	if err != nil {
-		return
-	}
-
-	gid, err := strconv.Atoi(u.Gid)
-	if err != nil {
-		return
-	}
-
 	cmd = &exec.Cmd{
 		Path:   path,
 		Args:   args,
@@ -176,22 +159,22 @@ func daemonChroot(cmd *exec.Cmd) (path string, err error) {
 
 	// Update command to use chroot
 	cmd.SysProcAttr.Chroot = wd
-	cmd.Path = "/" + temporaryExecutable.Name()
+	cmd.Path = temporaryExecutable.Name()
 	cmd.Dir = "/"
 	path = filepath.Join(wd, temporaryExecutable.Name())
 	return
 }
 
-func daemonize(config appConfig, cmdUser string) {
+func daemonize(config appConfig, uid, gid uint) {
 	var err error
 	defer func() {
 		if err != nil {
 			log.Fatalln(err)
 		}
 	}()
-	log.Printf("Running the daemon as unprivileged user: %v...", cmdUser)
+	log.Printf("Running the daemon as unprivileged user (uid:%d, gid: %d)...", uid, gid)
 
-	cmd, err := daemonReexec(cmdUser, daemonRunProgram)
+	cmd, err := daemonReexec(uid, gid, daemonRunProgram)
 	if err != nil {
 		return
 	}
@@ -200,6 +183,7 @@ func daemonize(config appConfig, cmdUser string) {
 	// Run daemon in chroot environment
 	temporaryExecutable, err := daemonChroot(cmd)
 	if err != nil {
+		println("Chroot failed", err)
 		return
 	}
 	defer os.Remove(temporaryExecutable)
@@ -219,6 +203,7 @@ func daemonize(config appConfig, cmdUser string) {
 
 	// Start the process
 	if err = cmd.Start(); err != nil {
+		println("Start failed", err)
 		return
 	}
 
diff --git a/domains.go b/domains.go
index 92e84ce8..6b4849fb 100644
--- a/domains.go
+++ b/domains.go
@@ -139,7 +139,7 @@ func watchDomains(rootDomain string, updater domainsUpdater, interval time.Durat
 		domains := make(domains)
 		domains.ReadGroups(rootDomain)
 		duration := time.Since(started)
-		log.Println("Updated", len(domains), "domains in", duration)
+		log.Println("Updated", len(domains), "domains in", duration, "Hash:", update)
 
 		if updater != nil {
 			updater(domains)
diff --git a/main.go b/main.go
index d0d6d1c4..e5b43a6e 100644
--- a/main.go
+++ b/main.go
@@ -24,7 +24,8 @@ func appMain() {
 	var useHTTP2 = flag.Bool("use-http2", true, "Enable HTTP2 support")
 	var pagesRoot = flag.String("pages-root", "shared/pages", "The directory where pages are stored")
 	var pagesDomain = flag.String("pages-domain", "gitlab-example.com", "The domain to serve static pages")
-	var pagesUser = flag.String("pages-user", "", "Drop privileges to this user")
+	var daemonUID = flag.Uint("daemon-uid", 0, "Drop privileges to this user")
+	var daemonGID = flag.Uint("daemon-gid", 0, "Drop privileges to this group")
 
 	log.Printf("GitLab Pages Daemon %s (%s)", VERSION, REVISION)
 	log.Printf("URL: https://gitlab.com/gitlab-org/gitlab-pages\n")
@@ -66,8 +67,8 @@ func appMain() {
 		defer l.Close()
 	}
 
-	if *pagesUser != "" {
-		daemonize(config, *pagesUser)
+	if *daemonUID != 0 || *daemonGID != 0 {
+		daemonize(config, *daemonUID, *daemonGID)
 		return
 	}
author	Kamil Trzcinski <ayufan@ayufan.eu>	2016-02-16 17:54:18 +0300
committer	Kamil Trzcinski <ayufan@ayufan.eu>	2016-02-16 17:54:18 +0300
commit	a9b41da7fc5a07eae0a72dc7e59f323a73e74a54 (patch)
tree	a7bc61ef086855d1e70b65ceef959eaa65494155
parent	7f12dcc6036f3935688e3fc4be61e8b1596cbc1d (diff)