doas failsafe

Mon, 20 Jul 2015 05:27:43 -0700 

Hi,

I've just shot myself in the foot after /etc/doas.conf tweaking. This
patch adds a failsafe "permit :wheel" rule in case of syntax error. Is
this safe enough? Should it be done elsewhere (with some kind of
visudo)?

Index: doas.c
===================================================================
RCS file: /cvs/src/usr.bin/doas/doas.c,v
retrieving revision 1.14
diff -u -p -u -r1.14 doas.c
--- doas.c      20 Jul 2015 01:04:37 -0000      1.14
+++ doas.c      20 Jul 2015 12:16:11 -0000
@@ -138,12 +138,13 @@ permit(uid_t uid, gid_t *groups, int ngr
        return (*lastr)->action == PERMIT;
 }
 
-static void
+static int
 parseconfig(const char *filename)
 {
        extern FILE *yyfp;
        extern int yyparse(void);
        struct stat sb;
+       int ret;
 
        yyfp = fopen(filename, "r");
        if (!yyfp) {
@@ -158,8 +159,9 @@ parseconfig(const char *filename)
        if (sb.st_uid != 0)
                errx(1, "%s is not owned by root", filename);
 
-       yyparse();
+       ret = yyparse();
        fclose(yyfp);
+       return ret;
 }
 
 static int
@@ -201,7 +203,7 @@ copyenv(const char **oldenvp, struct rul
        int ei;
        int nsafe, nbad;
        int nextras = 0;
-       
+
        nbad = arraylen(badset);
        if ((rule->options & KEEPENV) && !rule->envlist) {
                size_t i, ii;
@@ -280,8 +282,18 @@ main(int argc, char **argv, char **envp)
        int ngroups;
        int i, ch;
        int sflag = 0;
+       const char *safeident = ":wheel";
 
-       parseconfig("/etc/doas.conf");
+       if (parseconfig("/etc/doas.conf") != 0) {
+               fprintf(stderr, "using failsafe rule\n");
+               if (!(rules = reallocarray(rules, 1, sizeof(*rules))))
+                       errx(1, "can't allocate rules");
+               if (!(rules[0] = calloc(1, sizeof(struct rule))))
+                       errx(1, "can't allocate rule");
+               rules[0]->action = PERMIT;
+               rules[0]->ident = safeident;
+               nrules = 1;
+       }
 
        while ((ch = getopt(argc, argv, "su:")) != -1) {
                switch (ch) {
Index: parse.y
===================================================================
RCS file: /cvs/src/usr.bin/doas/parse.y,v
retrieving revision 1.6
diff -u -p -u -r1.6 parse.y
--- parse.y     19 Jul 2015 22:11:41 -0000      1.6
+++ parse.y     20 Jul 2015 12:16:11 -0000
@@ -149,7 +149,7 @@ yyerror(const char *fmt, ...)
        va_list va;
 
        va_start(va, fmt);
-       verrx(1, fmt, va);
+       vwarnx(fmt, va);
 }
 
 struct keyword {

-- 
Manuel Giraud

Reply via email to