Ophestra Umiker
62cb8a91b6
There was an earlier attempt of cleaning up the app package however it ended up creating even more of a mess and the code structure largely still looked like Ego with state setup scattered everywhere and a bunch of ugly hacks had to be implemented to keep track of all of them. In this commit the entire app package is rewritten to track everything that has to do with an app in one thread safe value. In anticipation of the client/server split also made changes: - Console messages are cleaned up to be consistent - State tracking is fully rewritten to be cleaner and usable for multiple process and client/server - Encapsulate errors to easier identify type of action causing the error as well as additional info - System-level setup operations is grouped in a way that can be collectively committed/reverted and gracefully handles errors returned by each operation - Resource sharing is made more fine-grained with PID-scoped resources whenever possible, a few remnants (X11, Wayland, PulseAudio) will be addressed when a generic proxy is available - Application setup takes a JSON-friendly config struct and deterministically generates system setup operations Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
84 lines
1.9 KiB
Go
84 lines
1.9 KiB
Go
package app
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/base64"
|
|
"encoding/gob"
|
|
"fmt"
|
|
"os"
|
|
"os/exec"
|
|
"strings"
|
|
"syscall"
|
|
)
|
|
|
|
const shimPayload = "FORTIFY_SHIM_PAYLOAD"
|
|
|
|
func (a *app) shimPayloadEnv() string {
|
|
r := &bytes.Buffer{}
|
|
enc := base64.NewEncoder(base64.StdEncoding, r)
|
|
|
|
if err := gob.NewEncoder(enc).Encode(a.seal.command); err != nil {
|
|
// should be unreachable
|
|
panic(err)
|
|
}
|
|
|
|
_ = enc.Close()
|
|
return shimPayload + "=" + r.String()
|
|
}
|
|
|
|
// TryShim attempts the early hidden launcher shim path
|
|
func TryShim() {
|
|
// environment variable contains encoded argv
|
|
if r, ok := os.LookupEnv(shimPayload); ok {
|
|
// everything beyond this point runs as target user
|
|
// proceed with caution!
|
|
|
|
// parse base64 revealing underlying gob stream
|
|
dec := base64.NewDecoder(base64.StdEncoding, strings.NewReader(r))
|
|
|
|
// decode argv gob stream
|
|
var argv []string
|
|
if err := gob.NewDecoder(dec).Decode(&argv); err != nil {
|
|
fmt.Println("fortify-shim: cannot decode shim payload:", err)
|
|
os.Exit(1)
|
|
}
|
|
|
|
// remove payload variable since the child does not need to see it
|
|
if err := os.Unsetenv(shimPayload); err != nil {
|
|
fmt.Println("fortify-shim: cannot unset shim payload:", err)
|
|
// not fatal, do not fail
|
|
}
|
|
|
|
// look up argv0
|
|
var argv0 string
|
|
|
|
if len(argv) > 0 {
|
|
// look up program from $PATH
|
|
if p, err := exec.LookPath(argv[0]); err != nil {
|
|
fmt.Printf("%s not found: %s\n", argv[0], err)
|
|
os.Exit(1)
|
|
} else {
|
|
argv0 = p
|
|
}
|
|
} else {
|
|
// no argv, look up shell instead
|
|
if argv0, ok = os.LookupEnv("SHELL"); !ok {
|
|
fmt.Println("fortify-shim: no command was specified and $SHELL was unset")
|
|
os.Exit(1)
|
|
}
|
|
|
|
argv = []string{argv0}
|
|
}
|
|
|
|
// exec target process
|
|
if err := syscall.Exec(argv0, argv, os.Environ()); err != nil {
|
|
fmt.Println("fortify-shim: cannot execute shim payload:", err)
|
|
os.Exit(1)
|
|
}
|
|
|
|
// unreachable
|
|
os.Exit(1)
|
|
return
|
|
}
|
|
}
|