Llewellyn/Tomb
1
0
Fork 0
mirror of https://github.com/Llewellynvdm/Tomb.git synced 2024-11-05 21:07:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #267 from dyne/exec-hooks

Browse Source 
Exec hooks
This commit is contained in:
Jaromil 2017-06-13 09:30:14 +02:00 committed by GitHub
commit fb5eee002b
2 changed files with 35 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
doc/tomb.1
View File

@ -298,13 +298,14 @@ example:
.EE .EE
.B .B
.IP "post-hooks" .IP "exec-hooks"
This hook file gets executed as user by tomb right after opening it; This hook file gets executed as user by tomb with the first argument
it should be a regular shell script, starting with a shebang. Tomb determining the step of execution: "open" or "close". The exec-hooks
executes this hook as user (dropping root privileges) and giving it file should be an executable (ELF or shell script) present inside the
two arguments: "$1" is "open" or "close" depending from the tomb Tomb. Tomb executes this hook as user supplying two or more arguments,
command given, "$2" is the full path to the mountpoint where the tomb the first being the step, followed by the mountpoint of the tomb and,
is open. on close events, its name, loopback device and dev-mapper device
paths.
.SH PRIVILEGE ESCALATION .SH PRIVILEGE ESCALATION

50
tomb
View File

@ -2065,10 +2065,11 @@ mount_tomb() {
# process bind-hooks (mount -o bind of directories) # process bind-hooks (mount -o bind of directories)
# and post-hooks (execute on open) # and exec-hooks (execute on open)
{ option_is_set -n } || { option_is_set -n || {
exec_safe_bind_hooks ${tombmount} exec_safe_bind_hooks ${tombmount}
exec_safe_post_hooks ${tombmount} open } exec_safe_func_hooks open ${tombmount}
}
return 0 return 0
} }
@ -2145,27 +2146,23 @@ exec_safe_bind_hooks() {
# Execute automated actions configured in the tomb. # Execute automated actions configured in the tomb.
# #
# Synopsis: exec_safe_post_hooks /path/to/mounted/tomb [open|close] # Synopsis: exec_safe_func_hooks /path/to/mounted/tomb
# #
# If an executable file named 'post-hooks' is found inside the tomb, # If an executable file named 'exec-hooks' is found inside the tomb,
# run it as a user. This might need a dialog for security on what is # run it as a user. This might need a dialog for security on what is
# being run, however we expect you know well what is inside your tomb. # being run, however we expect you know well what is inside your tomb.
# If you're mounting an untrusted tomb, be safe and use the -n switch # If you're mounting an untrusted tomb, be safe and use the -n switch
# to verify what it would run if you let it. This feature opens the # to verify what it would run if you let it. This feature opens the
# possibility to make encrypted executables. # possibility to make encrypted executables.
exec_safe_post_hooks() { exec_safe_func_hooks() {
local mnt=$1 # First argument is where the tomb is mounted
local act=$2 # Either 'open' or 'close'
# Only run if post-hooks has the executable bit set # Only run if post-hooks has the executable bit set
[[ -x $mnt/post-hooks ]] || return [[ -x $mnt/exec-hooks ]] && {
_success "Exec hook: ::1 exec hook:: ::2 action:: ::3 argument::" \
# If the file starts with a shebang, run it. "${mnt}/exec-hooks" "$1" "$2"
head -n1 $mnt/post-hooks | grep '^#!\s*/' $mnt/exec-hooks "$1" "$2"
[[ $? == 0 ]] && { return $?
_success "Post hooks found, executing as user ::1 user name::." $USERNAME
$mnt/post-hooks $act $mnt
} }
return 0
} }
# }}} - Tomb open # }}} - Tomb open
@ -2629,6 +2626,16 @@ umount_tomb() {
_warning "Please specify an existing tomb." _warning "Please specify an existing tomb."
return 0 } return 0 }
option_is_set -n || {
exec_safe_func_hooks \
close "$tombmount" "$tombname" "$tombloop" "$mapper"
exec_hook_res=$?
[[ $exec_hook_res = 0 ]] || {
_warning "close exec-hook returns a non-zero error code: ::1 error::" $exec_hook_res
_failure "Operation aborted"
}
}
[[ -n $SLAM ]] && { [[ -n $SLAM ]] && {
_success "Slamming tomb ::1 tomb name:: mounted on ::2 mount point::" \ _success "Slamming tomb ::1 tomb name:: mounted on ::2 mount point::" \
$tombname $tombmount $tombname $tombmount
@ -2656,10 +2663,6 @@ umount_tomb() {
} }
done done
# Execute post-hooks for eventual cleanup
{ option_is_set -n } || {
exec_safe_post_hooks ${tombmount%%/} close }
_verbose "Performing umount of ::1 mount point::" $tombmount _verbose "Performing umount of ::1 mount point::" $tombmount
_sudo umount ${tombmount} _sudo umount ${tombmount}
[[ $? = 0 ]] || { _failure "Tomb is busy, cannot umount!" } [[ $? = 0 ]] || { _failure "Tomb is busy, cannot umount!" }
@ -2676,9 +2679,10 @@ umount_tomb() {
_failure "Error occurred in cryptsetup luksClose ::1 mapper::" $mapper } _failure "Error occurred in cryptsetup luksClose ::1 mapper::" $mapper }
# Normally the loopback device is detached when unused # Normally the loopback device is detached when unused
[[ -e "/dev/$tombloop" ]] && _sudo losetup -d "/dev/$tombloop" [[ -e "/dev/$tombloop" ]] && {
[[ $? = 0 ]] || { _sudo losetup -d "/dev/$tombloop"
_verbose "/dev/$tombloop was already closed." } [[ $? = 0 ]] || _verbose "/dev/$tombloop was already closed."
}
_success "Tomb ::1 tomb name:: closed: your bones will rest in peace." $tombname _success "Tomb ::1 tomb name:: closed: your bones will rest in peace." $tombname