jailbash

Posted on 2nd September 2011 in KDE, Linux

chroot for users suck!

It is work to maintain them and all in all you have to do a lot of nasty hacks to get it going! In the meantime AppArmor is in the mainline kernel. It is pretty simple to write rules for it and you can easily update it with tools like ‘logprof’.

Here is a small howto to trap users in their home directory with a simple AppArmor profile. First you need to compile the following C code:

#include <unistd.h>

int main(int argc, char *argv[]) {
    return execv("/bin/bash", argv);
}

gcc -o jailbash jailbash.c

Then move the binary to /bin.

The next step is to create an AppArmor profile for the jailbash. So create the file /etc/apparmor.d/bin.jailbash and add the following content:

# Last Modified: Tue Jun  7 08:53:41 2011
#----------------------------------------------------------
#
# JAILBASH
#
#----------------------------------------------------------

#include 

/bin/jailbash {
  #include 
  #include 
  #include 
  #include 
  #include 
  #include 
  #include 

  deny /bin/df r,
  deny /etc/bash_command_not_found r,

  /bin/ r,
  /bin/bash rix,
  /bin/cat rix,
  /bin/chmod rix,
  /bin/chown rix,
  /bin/cp rix,
  /bin/date rix,
  /bin/egrep rix,
  /bin/grep rix,
  /bin/gunzip rix,
  /bin/gzip rix,
  /bin/jailbash rix,
  /bin/ln rix,
  /bin/ls rix,
  /bin/mkdir rix,
  /bin/mktemp rix,
  /bin/more rix,
  /bin/mv rix,
  /bin/ping rix,
  /bin/readlink rix,
  /bin/rm rix,
  /bin/rmdir rix,
  /bin/sed rix,
  /bin/sleep rix,
  /bin/tar rix,
  /bin/touch rix,
  /bin/uname rix,
  /bin/vim rix,
  /bin/vim-normal rix,
  /bin/zcat rix,
  /dev/null rw,
  /dev/urandom r,
  /etc/ r,
  /etc/manpath.config r,
  /etc/opt/ r,
  /etc/sysconfig/console r,
  /etc/sysconfig/mail r,
  /etc/sysconfig/news r,
  /etc/sysconfig/proxy r,
  /etc/sysconfig/suseconfig r,
  /etc/sysconfig/windowmanager r,
  /etc/vimrc r,
  owner /home/*/ r,
  owner /home/*/** rwl,
  /opt/ r,
  owner /proc/*/cmdline r,
  owner /proc/*/exe r,
  owner /proc/*/mounts r,
  /proc/loadavg r,
  /usr/X11R6/bin/ r,
  /usr/bin/ r,
  /usr/bin/dircolors rix,
  /usr/bin/head rix,
  /usr/bin/id rix,
  /usr/bin/less rix,
  /usr/bin/man rix,
  /usr/bin/manpath rix,
  /usr/bin/mc rix,
  /usr/bin/scp rix,
  /usr/bin/screen rix,
  /usr/bin/ssh rix,
  /usr/bin/ssh-add rix,
  /usr/bin/ssh-agent rix,
  /usr/bin/ssh-copy-id rix,
  /usr/bin/ssh-keygen rix,
  /usr/bin/ssh-keyscan rix,
  /usr/bin/tail rix,
  /usr/bin/tty rix,
  /usr/bin/vim-enhanced rix,
  /usr/bin/wget rix,
  /usr/bin/which rix,
  /usr/lib*/git/git-update-ref rix,
  /usr/lib*/mc/cons.saver rix,
  /usr/lib*/ssh/sftp-server rix,
  /usr/lib*/ssh/ssh-keysign rix,
  /usr/local/bin/ r,
  /usr/share/git-core/*/ r,
  /usr/share/mc/** r,
  /usr/share/vim/** r,
}

This allows the user to execute the most basic commands he needs and allows ssh, sftp and git access. The user has access to some binaires and and can read directories he need for a working shell, like /usr/lib. The owner flag allows him only to write in his own home directory and browse only his home directory.

The next step is to create a new user and use /bin/jailbash as the bash. You can update the profile using logprof or manually if you watch /var/log/audit/audit.log.

flattr this!

comments: 5 »

libsmbconf

Posted on 14th April 2011 in Development, KDE, Linux, Samba

Three years ago Michael Adam created a nice library to easily read the Samba configuration or modify it if it is stored in the registry. Since we have a new build system it is much easier to create shared libraries, I’ve created a public smbconf library now. The library can be used to setup Samba or Winbind without touching any files. Ok, smb.conf needs one entry: config backend = registry. This library should be available with Samba 3.6 which will be released some time this year.

You can find the documentation for the new library here.

flattr this!

comments: 0 »

Logitech Linux Mouse Support

Posted on 22nd February 2011 in Gaming, Hardware, KDE, Linux

Maybe you ask: Why is there still no new version of lomoco to support the latest Logitech Mice?

The answer is that I still don’t know how they detect a mouse connected to a receiver. Maybe they just have a table which defines which mice come with which receiver and then try some commands. If it fails it is mouse X and if not it must be mouse Y.

I already wrote some proof of concept for the new protocol and sometimes people contact me and the proof of concept is enough for them. So here is a list of small proof of concept utils:

g_hack.c

This is a tool to change the resolution on some gaming mice like the G5, G7 and G9.

http://git.lomoco.org/projects/lomoco.git/tree/proof-of-concept/g_hack.c

lomoco_battery.c

Battery information for a lot of cordless mice like MX, VX and VX Nano.

http://git.lomoco.org/projects/lomoco.git/tree/proof-of-concept/lomoco_battery.c

lomoco_reconnect.c

This allows you to reconnect your cordless mouse to the receiver. This is for MX, VX or VX Nano.

http://git.lomoco.org/projects/lomoco.git/tree/proof-of-concept/lomoco_reconnect.c

flattr this!

comments: 44 »

Weave for PIM?

Posted on 9th January 2011 in KDE, Linux

Last year I discovered Mozilla Weave (now Sync). Weave is a Firefox addon and they offer the server components to install your own weave server. It offers everything I would like to have for PIM. So lets start with some details…

The Firefox Sync addon synchronizes the following things between your browsers/computers:

  • bookmarks
  • history
  • forms
  • prefs
  • tabs
  • passwords

The data stored on the weave server should be as private, and as safe, as data on your personal computer or device so they get encrypted on the client by a password only the user knows. So a server operator can’t read the information or disclose them.
The bookmarks are translated into a json format and added as a part to the weave json format. This is encrypted and the encrypted data is sent to the server. You can find more information about the storage format here.

On a second machine you configure the Firefox addon too. You select the synchronization profile (merge this data with my sync data, replace all data with my sync data, replace all other computers data with this data), enter your password for the encrypted data and start the synchronization. The data is downloaded and the sync engine synchronizes everything ins the json format and then translates it to the data store of firefox. I was really astonished how perfect this works.

And exactly this is what I miss for my PIM data! I would like to have my calender and addressbook in weave. This way it would be stored safely on my server. As soon as my machine has a connection to the weave server it should be synchronized or merged together.

I need a 72 hour day.

flattr this!

comments: 9 » tags: ,

gdb backtrace to file

Posted on 23rd December 2010 in KDE, Linux

I wanted a simple command to get a backtrace in a file from gdb. It took me years to finally discover and craft this command!

alias bt='echo 0 | gdb -batch-silent -ex "run" -ex "set logging overwrite on" -ex "set logging file gdb.bt" -ex "set logging on" -ex "set pagination off" -ex "handle SIG33 pass nostop noprint" -ex "echo backtrace:\n" -ex "backtrace full" -ex "echo \n\nregisters:\n" -ex "info registers" -ex "echo \n\ncurrent instructions:\n" -ex "x/16i \$pc" -ex "echo \n\nthreads backtrace:\n" -ex "thread apply all backtrace" -ex "set logging off" -ex "quit" --args'

bt $crashing_application

This will create gdb.bt in your current directory.

flattr this!

comments: 3 » tags: ,

The pain of poll(2)?

Posted on 5th September 2010 in KDE, Linux

If you’re working on a multi-platform project which does network communication you will end up thinking about replacing select(2) with poll(2) sooner or later. The problem with select are well known. poll(2) removes the limitations of select(2) and improves speed and features. The problem is that poll(2) isn’t available on all platforms. This means you need a poll(2)-emulation or create wrappers around other similar poll() functions.

In libssh we use a poll(2)-emulation based on select for platforms which don’t provide a poll(2) function like some Windows versions or UNIX systems.

Windows Vista or newer version provide a poll(2) like function called WSAPoll(). To be able to support this call which is faster the the poll(2)-emulation and allows to use more file descriptors we implemented a runtime detection for WSAPoll(). This means during initialization of the socket, we check if the functions can be found in the relevant library. If Windows doesn’t provide it, we fallback to the poll(2)-emulation.

I took several month to get this working correctly on UNIX and Windows. This feature starts to work correctly with libssh 0.4.6 released today.

flattr this!

comments: 2 » tags: , ,

Featurecasts

Posted on 23rd February 2010 in KDE

Yesterday I’ve visited the Tokamak4 Sprint. I’ve attended the talks in the evening and then had dinner with some KDE hackers. Today I’ve looked at PlanetKDE and saw the KDE bluetooth screencast from Alex Fiestas. I liked the screencasts in the KDE 4.4 announcement, it should the users what’s cool and new. Yesterday I’ve heard the first time about activities in KDE4. I wondered what Aaron is talking about.

Here comes the conclusion:

We need a Featurecast section on the KDE website with screencasts that shows all the cool hidden stuff!

This should be the first thing a user finds on the KDE website. The user normally hasn’t installed KDE at all or doesn’t have the latest version. So the first thing should be something which shows what you can do with it and how cool this stuff is.

flattr this!

comments: 2 » tags:

Documenting the Source

Posted on 10th February 2010 in KDE, Linux

As you maybe know I have a new job since last December and I’m working on
Samba4 now. Samba4 is a monster so I’ve asked for some simple tasks to get
started. The task was to migrate some code to a new Samba library called
tsocket. The problem was I didn’t know what to do and how. Some functions
of the API were documented but not all. So I had to guess from the names
what the function is doing and read the code to understand it. Then I’ve
started to work with the interface and I had to look again the the code to
find out possible return values. In the end I spent a lot of time jumping
through the source code to find out the return values for the functions.

If the API would be completely documented I could get my work done a lot of
faster so I simply started to document it cause I had to understand it anyway.
I’ve decided to write the documentation with doxygen and put it in the header
file, so that people who use the PAI always have the documentation with them.

After I finished it, started to work on the source code again and got some
things working as I was able to understand the API of the library. Then I
crossed the next undocumented API of a library. Ok, it wasn’t undocumented it
had a text file describing everything but having doxygen documentation is much
nicer than a text file. So I’ve started to document talloc from Samba4 with
doxygen.

The talloc API uses macros for a lot of things to make debugging easier or
to hide things you’re doing from the user. However if you document a macro
than normally you want that it looks like a function. To be able to do that
with doxygen you have to use a little trick. As doxygen has a C preprocessor
built in you can create a define for a doxygen mode. That’s what I’ve done in
the config file and all you need to do in the source code is to use it with
#ifdef.

#ifdef DOXYGEN
/**
* @brief Create a new talloc context.
*
* The talloc() macro is the core of the talloc library. It takes a memory
* context and a type, and returns a pointer to a new area of memory of the
* given type.
*
* The returned pointer is itself a talloc context, so you can use it as the
* context argument to more calls to talloc if you wish.
*
* The returned pointer is a "child" of the supplied context. This means that if
* you talloc_free() the context then the new child disappears as well.
* Alternatively you can free just the child.
*
* @param[in] ctx A talloc context to create a new reference on or NULL to
* create a new top level context.
*
* @param[in] type The type of memory to allocate.
*
* @return A type casted talloc context or NULL on error.
*
* @code
* unsigned int *a, *b;
*
* a = talloc(NULL, unsigned int);
* b = talloc(a, unsigned int);
* @endcode
*
* @see talloc_zero
* @see talloc_array
* @see talloc_steal
* @see talloc_free
*/
void *talloc(const void *ctx, #type);
#else
#define talloc(ctx, type) (type *)talloc_named_const(ctx, sizeof(type), #type)
void *_talloc(const void *context, size_t size);
#endif

So start to document your API. What you get well be something like this and other will love it!

flattr this!

comments: 0 » tags: , ,

csync at FOSDEM

Posted on 1st February 2010 in KDE, Linux

I’m currently updating csync to work with libssh 0.4 and I will give a lightning talk about csync at FOSDEM next weekend. csync is a file synchronizer to keep two folders in sync. This can be local or remote. The main purpose of csync is to provide Roaming Home Directories.

I will work with Aris on libssh stuff and try to get some small features in KDE for kio_sftp. I heard that some KDE guys are around too. I hope to see you there.

If you’re a Samba developer and go to FOSDEM, let me know :)

flattr this!

comments: 0 » tags: , , ,

kio_sftp updates

Posted on 1st October 2009 in KDE

openSUSE has backported the new kio_sftp implementation based on libssh to their KDE 4.3 packages. This increased the users and helped to find some bugs in kio_sftp and KDE. The current implementation is working fairly well.

As soon as libssh 0.4 will be released (hopefully soon) I will add more features. Users asked for ~/.ssh/config support and I’ve added openssh’s statvfs extension to libssh. This means I can check if there is enough space on the server before I copy a file.

flattr this!

comments: 5 » tags: , , , ,
« Previous