int zuluCryptBindSharedMountPointPathTaken( string_t path ) { struct stat str ; ssize_t index = StringLastIndexOfChar( path,'/' ) ; string_t st = String( "/run/media/public" ) ; const char * e = StringAppend( st,StringContent( path ) + index ) ; int r = stat( e,&str ) ; StringDelete( &st ) ; return r == 0 ; }
void zuluCryptFileSystemProperties( string_t p,const char * mapper,const char * m_point ) { const char * e ; blkid_probe blkid ; struct statvfs vfs ; u_int64_t total ; u_int64_t used ; u_int64_t unused ; u_int64_t block_size ; char buff[ SIZE ] ; char * buffer = buff ; string_t q ; ssize_t index ; struct stat statstr ; blkid = blkid_new_probe_from_filename( mapper ) ; if( blkid == NULL ){ return ; } blkid_do_probe( blkid ) ; if( blkid_probe_lookup_value( blkid,"TYPE",&e,NULL ) == 0 ){ StringMultipleAppend( p,"\n file system:\t",e,NULL ) ; }else{ StringAppend( p,"\n file system:\tNil" ) ; } blkid_free_probe( blkid ) ; if( statvfs( m_point,&vfs ) != 0 ){ return ; } block_size = vfs.f_frsize ; total = block_size * vfs.f_blocks ; unused = block_size * vfs.f_bavail ; used = total - unused ; zuluCryptFormatSize( total,buffer,SIZE ) ; StringMultipleAppend( p,"\n total space:\t",buffer,NULL ) ; zuluCryptFormatSize( used,buffer,SIZE ) ; StringMultipleAppend( p,"\n used space:\t",buffer,NULL ) ; zuluCryptFormatSize( unused,buffer,SIZE ) ; StringMultipleAppend( p,"\n free space:\t",buffer,NULL ) ; if( used == total ){ StringAppend( p,"\n used%: \t100%\n" ) ; }else if( used == 0 ){ StringAppend( p,"\n used%: \t0%\n" ) ; }else{ snprintf( buff,SIZE,"%.2f%%",100 * ( ( float ) used / ( float ) total ) ) ; StringMultipleAppend( p,"\n used%: \t",buff,"\n",NULL ) ; } buffer = zuluCryptGetUUIDFromMapper( mapper ) ; StringAppend( p,buffer ) ; StringFree( buffer ) ; StringMultipleAppend( p,"\n mount point1:\t",m_point,NULL ) ; q = String( m_point ) ; index = StringLastIndexOfChar( q,'/' ) ; if( index == -1 ){ StringAppend( p,"\n mount point2:\tNil" ) ; }else{ StringRemoveLeft( q,index ) ; e = StringPrepend( q,"/run/media/public" ) ; if( stat( e,&statstr ) == 0 ){ StringMultipleAppend( p,"\n mount point2:\t",e,NULL ) ; }else{ StringAppend( p,"\n mount point2:\tNil" ) ; } } StringDelete( &q ) ; }
int zuluCryptBindUnmountVolume( stringList_t stx,const char * device,uid_t uid ) { stringList_t stl ; string_t xt ; string_t st ; string_t zt ; ssize_t index = -1 ; const char * f ; const char * g ; char * h = NULL ; int r = 1 ; int k ; int delete_stx = 0 ; /* * zuluCryptUserIsAMemberOfAGroup() is defined in security.c */ /* * root user is a member of all groups and hence is allowed */ int allowedUser = zuluCryptUserIsAMemberOfAGroup( uid,"zulumount" ) ; zuluCryptSecurityGainElevatedPrivileges() ; if( stx == StringListVoid ){ /* * zuluCryptGetMoutedListFromMountInfo() is defined in ../lib/process_mountinfo.c */ stx = zuluCryptGetMoutedListFromMountInfo() ; delete_stx = 1 ; } if( StringPrefixEqual( device,"/dev/loop" ) ){ /* * zuluCryptLoopDeviceAddress_2() is defined in ../lib/create_loop_device.c */ st = zuluCryptLoopDeviceAddress_2( device ) ; /* * Add a space at the end of the device name to make sure we check the full device name to avoid possible collisions * that may exist if one device is named "/home/abc" and another "/home/abcdef" */ zt = StringListHasStartSequence_1( stx,StringAppend( st," " ) ) ; StringRemoveRight( st,1 ) ; device = h = StringDeleteHandle( &st ) ; }else{ /* * Add a space at the end of the device name to make sure we check the full device name to avoid possible collisions * that may exist if one device is named "/dev/sdc1" and another "/dev/sdc12" */ st = String( device ) ; zt = StringListHasStartSequence_1( stx,StringAppend( st," " ) ) ; StringDelete( &st ) ; } if( zt == StringVoid ){ /* * The volume does not appear to be mounted */ r = 1 ; }else{ stl = StringListStringSplit( zt,' ' ) ; xt = StringListCopyStringAtSecondPlace( stl ) ; StringListDelete( &stl ) ; st = StringCopy( xt ) ; /* * zuluCryptDecodeMountEntry() is defined in ../lib/mount_volume.c * g will contain something like "/run/media/private/$USER/sdc1" */ g = zuluCryptDecodeMountEntry( st ) ; if( allowedUser ){ /* * a privileged user is attempting to unmount a shared mount point,allow them */ k = 1 ; }else{ /* * a non privileged user is attempting to unmount a shared mount point,allow them only if * they are the one that created it */ /* * zuluCryptSecurityMountPointPrefixMatch() is defined in ./security.c */ k = zuluCryptMountPointPrefixMatch( g,uid,NULL ) ; } StringDelete( &st ) ; if( k != 1 ){ /* * One none privileged user is attempting to unmount a bind mount from another use,disallow it */ r = 4 ; }else{ index = StringLastIndexOfChar( xt,'/' ) + 1 ; StringRemoveLeft( xt,index ) ; StringPrepend( xt,"/run/media/public/" ) ; /* * f will now contain something like "/run/media/public/sdc1" * space character is added before checking to avoid possible collisions * as explained in above comments */ f = StringAppend( xt," " ) ; zt = StringListHasSequence_1( stx,f ) ; f = StringRemoveRight( xt,1 ) ; if( zt == StringVoid ){ /* * volume is not shared */ }else{ /* * volume is shared,try to unmount it * a volume is assumed to be shared if its device path in mountinfo has two mount points,one * in /run/media/private/$USER and the other in /run/media/public/ */ if( StringStartsWith( zt,device ) ){ f = zuluCryptDecodeMountEntry( xt ) ; /* * good,the device associated with the shared mount is the same as that of the * private mount,try to unmount it. */ r = 3 ; for( k = 0 ; k < 3 ; k++ ){ /* * try to unmount 3 times before giving up */ if( umount( f ) == 0 ){ rmdir( f ) ; r = 0 ; break ; }else{ sleep( 1 ) ; } } }else{ /* * i dont see how we will get here,we shouldnt */ r = 0 ; } } } StringDelete( &xt ) ; } if( delete_stx ){ StringListDelete( &stx ) ; } StringFree( h ) ; zuluCryptSecurityDropElevatedPrivileges() ; return r ; }
int zuluCryptBindMountVolume( const char * device,string_t z_path,unsigned long flags ) { struct stat st ; string_t path ; string_t tmp ; ssize_t index = StringLastIndexOfChar( z_path,'/' ) ; const char * o_path = StringContent( z_path ) ; const char * m_path ; const char * e ; int xt ; stringList_t stl ; mode_t mode = S_IRWXU | S_IRGRP | S_IXGRP | S_IXOTH | S_IROTH ; if( index == -1 ){ return 1 ; } if( device ){;} zuluCryptSecurityGainElevatedPrivileges() ; /* * zuluCryptGetMoutedListFromMountInfo() is defined in ../lib/process_mountinfo.c */ stl = zuluCryptGetMoutedListFromMountInfo() ; path = String( "/run/media/public/" ) ; m_path = StringAppend( path,o_path + index + 1 ) ; #define path_does_not_exist( x ) stat( x,&st ) != 0 #define path_does_exist( x ) stat( x,&st ) == 0 if( path_does_not_exist( "/run" ) ){ mkdir( "/run",mode ) ; _chown( "/run",0,0 ) ; } if( path_does_not_exist( "/run/media" ) ){ mkdir( "/run/media",mode ) ; _chown( "/run/media",0,0 ) ; } if( path_does_not_exist( "/run/media/public" ) ){ mkdir( "/run/media/public",mode ) ; _chown( "/run/media/public",0,0 ) ; } if( path_does_exist( m_path ) ){ /* * bind mount point exists,this will happen if the mount point is already taken or a mount point folder * was not autodeleted for some reason */ tmp = StringCopy( path ) ; e = StringAppend( tmp," " ) ; if( StringListHasSequence( stl,e ) != -1 ){ /* * An attempt is made to bind mount on a path already bind mounted path,dont attempt to mount */ xt = 1 ; }else{ /* * the mount point folder is there for some reason but is not being used. */ xt = mount( o_path,m_path,"",flags|MS_BIND,"" ) ; } StringDelete( &tmp ) ; }else{ mkdir( m_path,S_IRWXU | S_IRWXG | S_IRWXG ) ; _chown( m_path,0,0 ) ; xt = mount( o_path,m_path,"",flags|MS_BIND,"" ) ; if( xt != 0 ){ rmdir( m_path ) ; } } StringListDelete( &stl ) ; StringDelete( &path ) ; zuluCryptSecurityDropElevatedPrivileges() ; return xt ; }
stringList_t zuluCryptOpenedVolumesList( uid_t uid ) { const char * e ; const char * c ; const char * d ; const char * t ; char * f ; char * g ; StringListIterator it ; StringListIterator end ; ssize_t k ; string_t q ; string_t z ; string_t j ; stringList_t stx ; stringList_t list = StringListVoid ; stringList_t stl = zuluCryptGetMoutedList() ; if( uid ) { ; } /* * zuluCryptMapperPrefix() is defined in create_mapper_name.c */ j = String_1( zuluCryptMapperPrefix(),"/zuluCrypt-",NULL ) ; /* * t will probably contain "/dev/mapper/zuluCrypt-" */ t = StringContent( j ) ; StringListGetIterators( stl,&it,&end ) ; while( it != end ) { c = StringContent( *it ) ; it++ ; if( StringPrefixNotEqual( c,t ) ) { /* * we only care about zuluCrypt volumes and these volumes that we care about starts with * "/dev/mapper/zuluCrypt-" */ continue ; } if( StringHasComponent( c,"/run/media/public/" ) ) { /* * dont show mirror images due to bind mounts */ continue ; } stx = StringListSplit( c,' ' ) ; e = StringListContentAtFirstPlace( stx ) ; k = StringHasComponent_1( e,"-UUID-" ) ; if( k != -1 ) { q = StringListStringAtFirstPlace( stx ) ; /* * zuluCryptDecodeMountEntry() is defined in mount_volume.c */ d = zuluCryptDecodeMountEntry( StringListStringAtSecondPlace( stx ) ) ; /* * zuluCryptGetVolumeTypeFromMapperPath() is defined in status.c */ f = zuluCryptGetVolumeTypeFromMapperPath( StringContent( q ) ) ; e = StringSubChar( q,StringLastIndexOfChar( q,'-' ),'\0' ) + k + 6 ; z = String_1( "UUID=\"",e,"\"\t",d,"\t",f,NULL ) ; list = StringListAppendString_1( list,&z ) ; StringFree( f ) ; } else { /* * zuluCryptVolumeDeviceName() is defined in status.c */ g = zuluCryptVolumeDeviceName( e ) ; if( g != NULL ) { d = zuluCryptDecodeMountEntry( StringListStringAtSecondPlace( stx ) ) ; /* * zuluCryptGetVolumeTypeFromMapperPath() is defined in status.c */ f = zuluCryptGetVolumeTypeFromMapperPath( StringListContentAtFirstPlace( stx ) ) ; z = String_1( g,"\t",d,"\t",f,NULL ) ; list = StringListAppendString_1( list,&z ) ; StringFree( f ) ; StringFree( g ) ; } } StringListDelete( &stx ) ; } StringListDelete( &stl ) ; StringDelete( &j ) ; return list ; }
static stringList_t _zuluCryptVolumeList_0( int resolve_loop_devices ) { const char * device ; const char * e ; ssize_t index ; StringListIterator it ; StringListIterator end ; stringList_t stz = StringListVoid ; stringList_t stl = StringListVoid ; stringList_t stl_1 = StringListVoid ; string_t st = StringGetFromVirtualFile( "/proc/partitions" ) ; string_t st_1 = String( "/dev/" ) ; stl = StringListStringSplit( st,'\n' ) ; StringDelete( &st ) ; if( stl == StringListVoid ){ return StringListVoid ; } StringListGetIterators( stl,&it,&end ) ; /* * skip the first entry */ it++ ; zuluCryptSecurityGainElevatedPrivileges() ; while( it != end ){ st = *it ; it++ ; index = StringLastIndexOfChar( st,' ' ) ; if( index != -1 ){ e = StringContent( st ) + index + 1 ; device = StringAppendAt( st_1,5,e ) ; if( _supported_device( device ) ){ if( StringPrefixEqual( device,"/dev/loop" ) ){ /* * zuluCryptLoopDeviceAddress_1() id defined in ../lib/create_loop_device.c */ e = zuluCryptLoopDeviceAddress_1( device ) ; if( StringListHasNoEntry( stz,e ) ){ /* * Here we only keep one loop device if the volume file has * more than one loop device */ if( resolve_loop_devices ){ stl_1 = StringListAppend( stl_1,e ) ; }else{ stl_1 = StringListAppend( stl_1,device ) ; } stz = StringListAppend( stz,e ) ; } StringFree( e ) ; }else{ stl_1 = StringListAppendIfAbsent( stl_1,device ) ; } } } } zuluCryptSecurityDropElevatedPrivileges() ; StringListMultipleDelete( &stl,&stz,NULL ) ; StringDelete( &st_1 ) ; return _zuluCryptAddLVMVolumes( _zuluCryptAddMDRAIDVolumes( _remove_root_devices( stl_1 ) ) ) ; }