search

COVESA / dlt-daemon

Diagnostic Log and Trace.
https://covesa.github.io/dlt-daemon/
Mozilla Public License 2.0
377 stars 292 forks source link

[Draft] daemon: Prevent new daemon created on same machine #646

Closed minminlittleshrimp closed 2 months ago

minminlittleshrimp commented 3 months ago
minminlittleshrimp commented 3 months ago

Currently, the toctou issue is not yet solved, could you kindly provide further idea @duvanan13 ?

duvanan13 commented 3 months ago

Hello @minminlittleshrimp, this is my code of dlt_daemon_init_fifo() that pass the Code Scanning/CodeQL.

static int dlt_daemon_init_fifo(DltDaemonLocal *daemon_local)
{
    int ret;
    int fd = -1;
    int fifo_size;

    /* open named pipe(FIFO) to receive DLT messages from users */
    umask(0);

    /* Valid fifo means there is a daemon running, stop init phase of the new */
    const char *tmpFifo = daemon_local->flags.daemonFifoName;
    if (access(tmpFifo, F_OK) == 0) {
        dlt_vlog(LOG_WARNING, "FIFO user %s is in use (%s)!\n",
                 tmpFifo, strerror(errno));
        return -1;
    }

    ret = mkfifo(tmpFifo, S_IRUSR | S_IWUSR | S_IWGRP);

    if (ret == -1) {
        dlt_vlog(LOG_WARNING, "FIFO user %s cannot be created (%s)!\n",
                 tmpFifo, strerror(errno));
        return -1;
    } /* if */

    const char* nameDir = "/tmp";
    int dir_fd;
    dir_fd = open(nameDir, O_RDONLY);
    if (dir_fd == -1) {
        dlt_vlog(LOG_WARNING, "Directory %s of fifo  cannot be opened (%s)!\n",
                 nameDir, strerror(errno));
        return -1;
    }

    fd = openat(dir_fd, tmpFifo, O_RDWR);

    if (fd == -1) {
        dlt_vlog(LOG_WARNING, "FIFO user %s cannot be opened (%s)!\n",
                 tmpFifo, strerror(errno));
        return -1;
    } /* if */

    /* Set group of daemon FIFO */
    if (daemon_local->flags.daemonFifoGroup[0] != 0) {
        errno = 0;
        struct group *group_dlt = getgrnam(daemon_local->flags.daemonFifoGroup);

        if (group_dlt) {
            ret = fchown(fd, -1, group_dlt->gr_gid);

            if (ret == -1)
                dlt_vlog(LOG_ERR, "FIFO user %s cannot be chowned to group %s (%s)\n",
                         tmpFifo, daemon_local->flags.daemonFifoGroup,
                         strerror(errno));
        }
        else if ((errno == 0) || (errno == ENOENT) || (errno == EBADF) || (errno == EPERM))
        {
            dlt_vlog(LOG_ERR, "Group name %s is not found (%s)\n",
                     daemon_local->flags.daemonFifoGroup,
                     strerror(errno));
        }
        else {
            dlt_vlog(LOG_ERR, "Failed to get group id of %s (%s)\n",
                     daemon_local->flags.daemonFifoGroup,
                     strerror(errno));
        }
    }
    ...

Please kindly review and send me feedback!

minminlittleshrimp commented 3 months ago

Hello @duvanan13 Kindly provide the patchset view (the view with + for adding and - for removing). Thanks

duvanan13 commented 3 months ago

Hello @minminlittleshrimp, This is my changes: a.patch

minminlittleshrimp commented 2 months ago

Hello @duvanan13 Kindly create your PR and push for review. I will close mine as duplicate. Thanks

minminlittleshrimp commented 2 months ago

Close as duplicate, head to @duvanan13 PR