diff options
| -rwxr-xr-x | configure | 42 | ||||
| -rw-r--r-- | configure.ac | 2 | ||||
| -rw-r--r-- | run-stap.in | 2 | ||||
| -rw-r--r-- | run-staprun.in | 29 | ||||
| -rw-r--r-- | runtime/staprun/staprun_funcs.c | 15 |
5 files changed, 35 insertions, 55 deletions
@@ -667,7 +667,6 @@ sqlite3_LIBS PIECXXFLAGS PIECFLAGS PIELDFLAGS -PERL RANLIB ANSI2KNR U @@ -5972,47 +5971,6 @@ fi -# Extract the first word of "perl", so it can be a program name with args. -set dummy perl; ac_word=$2 -{ $as_echo "$as_me:$LINENO: checking for $ac_word" >&5 -$as_echo_n "checking for $ac_word... " >&6; } -if test "${ac_cv_path_PERL+set}" = set; then - $as_echo_n "(cached) " >&6 -else - case $PERL in - [\\/]* | ?:[\\/]*) - ac_cv_path_PERL="$PERL" # Let the user override the test with a path. - ;; - *) - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_path_PERL="$as_dir/$ac_word$ac_exec_ext" - $as_echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - - ;; -esac -fi -PERL=$ac_cv_path_PERL -if test -n "$PERL"; then - { $as_echo "$as_me:$LINENO: result: $PERL" >&5 -$as_echo "$PERL" >&6; } -else - { $as_echo "$as_me:$LINENO: result: no" >&5 -$as_echo "no" >&6; } -fi - - - # Check whether --enable-perfmon was given. if test "${enable_perfmon+set}" = set; then enableval=$enable_perfmon; diff --git a/configure.ac b/configure.ac index 9b66a724..ee8ae61f 100644 --- a/configure.ac +++ b/configure.ac @@ -25,8 +25,6 @@ AC_PROG_MAKE_SET AC_SUBST(CFLAGS) AC_SUBST(CXXFLAGS) -AC_PATH_PROG(PERL, perl) - dnl Handle the perfmon option. AC_ARG_ENABLE([perfmon], AS_HELP_STRING([--enable-perfmon@<:@=DIRECTORY@:>@], diff --git a/run-stap.in b/run-stap.in index 1bfb6a77..8b150ece 100644 --- a/run-stap.in +++ b/run-stap.in @@ -19,7 +19,7 @@ esac # Set all the variables to find the source and build trees. SYSTEMTAP_TAPSET="${srcdir}/tapset" SYSTEMTAP_RUNTIME="${srcdir}/runtime" -SYSTEMTAP_STAPRUN="sudo -P builddir='${builddir}' ${builddir}/run-staprun" +SYSTEMTAP_STAPRUN="${builddir}/run-staprun" export SYSTEMTAP_TAPSET SYSTEMTAP_RUNTIME SYSTEMTAP_STAPRUN # If there were private elfutils libs built, use them. diff --git a/run-staprun.in b/run-staprun.in index 0b5f795b..e0615556 100644 --- a/run-staprun.in +++ b/run-staprun.in @@ -1,13 +1,24 @@ -#!@PERL@ -w +#!/bin/sh -# Reset real IDs to those we had before we were sudo-invoked. -# This gives staprun the IDs it expects from a setuid exec. -$< = $ENV{'SUDO_UID'}; -$( = $ENV{'SUDO_GID'}; +srcdir='@abs_top_srcdir@' +builddir='@abs_top_builddir@' -$ENV{'SYSTEMTAP_STAPRUN'} = "sudo '$ENV{'builddir'}/staprun'"; -$ENV{'SYSTEMTAP_STAPIO'} = "$ENV{'builddir'}/stapio"; +rundir="${0%/*}" +[ "$rundir" == "$0" ] || builddir="$rundir" -exec { "$ENV{'builddir'}/staprun" } ('staprun', @ARGV); +# Absolutify the paths. +case "$srcdir" in +/*) ;; +*) srcdir=`cd "$srcdir" && pwd` || exit ;; +esac +case "$builddir" in +/*) ;; +*) builddir=`cd "$builddir" && pwd` || exit ;; +esac -exit; +exec sudo -P "SYSTEMTAP_STAPIO=${builddir}/stapio" \ + "SYSTEMTAP_STAPRUN=${builddir}/run-staprun" \ + "SYSTEMTAP_RUNTIME=${srcdir}/runtime" \ + "SYSTEMTAP_REAL_UID=`id -ru`" \ + "SYSTEMTAP_REAL_GID=`id -rg`" \ + ${builddir}/staprun ${1+"$@"} diff --git a/runtime/staprun/staprun_funcs.c b/runtime/staprun/staprun_funcs.c index e94e5d13..49b37988 100644 --- a/runtime/staprun/staprun_funcs.c +++ b/runtime/staprun/staprun_funcs.c @@ -316,8 +316,21 @@ int check_permissions(void) int path_check = 0; /* If we're root, we can do anything. */ - if (getuid() == 0) + if (getuid() == 0) { + /* ... like overriding the real UID */ + const char *env_id = getenv("SYSTEMTAP_REAL_UID"); + if (env_id && setreuid(atoi(env_id), -1)) + err("WARNING: couldn't set staprun UID to '%s': %s", + env_id, strerror(errno)); + + /* ... or overriding the real GID */ + env_id = getenv("SYSTEMTAP_REAL_GID"); + if (env_id && setregid(atoi(env_id), -1)) + err("WARNING: couldn't set staprun GID to '%s': %s", + env_id, strerror(errno)); + return 1; + } /* Lookup the gid for group "stapdev" */ errno = 0; |