On Fri, Jan 29, 2021 at 03:31:10AM -0500, Horia Racoviceanu wrote: > Hi, > > I noticed the syspatch(8) and sysupgrade(8) ksh scripts test if the > invoking user has the right privileges i.e. (($(id -u) != 0)) > > The test for the effective user ID number can be bypassed in > syspatch(8) and sysupgrade(8) by sh e.g. > $ id -u > 1000 > $ sh /usr/sbin/sysupgrade -s > /usr/sbin/sysupgrade[90]: 1000: not found > install: /home/_sysupgrade: Permission denied > $ sh /usr/sbin/syspatch -r > [snip] > /usr/sbin/syspatch[280]: 1000: not found > Reverting patch 012_carp > [snip] > > The syspatch(8) and sysupgrade(8) test for the EUID number could be > improved by adding "set +o sh" (see netstart(8)) or by using the > "[[expression]]" test (see sysmerge(8)) or "[expression]" test (see > rcctl(8)) instead of "((expression))" e.g. [ "$(id -u)" -ne 0 ] > > Moreover, other scripts could benefit from the addition of the > above-mentioned test for the EUID number e.g. daily(8), weekly(8), and > monthly(8) which are intended to run as root e.g. > $ id -u > 1000 > $ sh /etc/weekly > install: /var/log/INS@FJvExvWnUh: Permission denied > [snip]
But these are ksh(1) scripts, not strict sh(1); so they are not meant to be run with "sh syspatch". Like you wouldn't run them with python or perl. > [1] http://man.openbsd.org/ksh#__ > [2] http://man.openbsd.org/ksh#test~2 > [3] http://man.openbsd.org/ksh#Strict_Bourne_shell_mode > Index: syspatch.sh > =================================================================== > RCS file: /cvs/src/usr.sbin/syspatch/syspatch.sh,v > retrieving revision 1.167 > diff -u -p -r1.167 syspatch.sh > --- syspatch.sh 7 Dec 2020 21:19:28 -0000 1.167 > +++ syspatch.sh 29 Jan 2021 08:04:08 -0000 > @@ -276,7 +276,7 @@ set -A _KERNV -- $(sysctl -n kern.versio > ((${#_KERNV[*]} > 1)) && err "Unsupported release: ${_KERNV[0]}${_KERNV[1]}" > > [[ $@ == @(|-[[:alpha:]]) ]] || usage; [[ $@ == @(|-(c|R|r)) ]] && > - (($(id -u) != 0)) && err "need root privileges" > + [ "$(id -u)" -ne 0 ] && err "need root privileges" > [[ $@ == @(|-(R|r)) ]] && pgrep -qxf '/bin/ksh .*reorder_kernel' && > err "cannot apply patches while reorder_kernel is running" > > Index: sysupgrade.sh > =================================================================== > RCS file: /cvs/src/usr.sbin/sysupgrade/sysupgrade.sh,v > retrieving revision 1.44 > diff -u -p -r1.44 sysupgrade.sh > --- sysupgrade.sh 22 Oct 2020 07:19:42 -0000 1.44 > +++ sysupgrade.sh 29 Jan 2021 07:53:31 -0000 > @@ -89,7 +89,7 @@ while getopts fknrs arg; do > esac > done > > -(($(id -u) != 0)) && err "need root privileges" > +[ "$(id -u)" -ne 0 ] && err "need root privileges" > > if $RELEASE && $SNAP; then > usage > Index: daily > =================================================================== > RCS file: /cvs/src/etc/daily,v > retrieving revision 1.95 > diff -u -p -r1.95 daily > --- daily 20 Oct 2020 22:42:29 -0000 1.95 > +++ daily 29 Jan 2021 08:08:44 -0000 > @@ -9,6 +9,7 @@ umask 022 > > PARTOUT=/var/log/daily.part > MAINOUT=/var/log/daily.out > +[ "$(id -u)" -ne 0 ] && echo "${0##*/}: need root privileges" && exit 1 > install -o 0 -g 0 -m 600 /dev/null $PARTOUT > install -o 0 -g 0 -m 600 -b /dev/null $MAINOUT > -- Antoine
