armybox 0.3.0

A memory-safe #[no_std] BusyBox/Toybox clone in Rust - 299 Unix utilities in ~500KB
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108

//! chroot - run command with a different root directory
//!
//! Change the root directory and run a command.

use crate::io;
use crate::sys;
use crate::applets::get_arg;

/// chroot - run command with a different root directory
///
/// # Synopsis
/// ```text
/// chroot newroot [command]
/// ```
///
/// # Description
/// Change the root directory to newroot and run command (default: /bin/sh).
/// Requires root privileges.
///
/// # Exit Status
/// - 0: Success
/// - >0: An error occurred
pub fn chroot(argc: i32, argv: *const *const u8) -> i32 {
    if argc < 2 {
        io::write_str(2, b"chroot: missing operand\n");
        return 1;
    }
    let newroot = unsafe { get_arg(argv, 1).unwrap() };
    let mut root_buf = [0u8; 4096];
    root_buf[..newroot.len()].copy_from_slice(newroot);

    if unsafe { libc::chroot(root_buf.as_ptr() as *const i8) } != 0 {
        sys::perror(b"chroot");
        return 1;
    }
    if unsafe { libc::chdir(b"/\0".as_ptr() as *const i8) } != 0 {
        sys::perror(b"chdir");
        return 1;
    }

    // Execute command if provided
    if argc > 2 {
        let cmd = unsafe { get_arg(argv, 2).unwrap() };
        let mut cmd_buf = [0u8; 4096];
        cmd_buf[..cmd.len()].copy_from_slice(cmd);
        let cmd_ptr = cmd_buf.as_ptr() as *const i8;
        let argv_ptrs = [cmd_ptr, core::ptr::null()];
        unsafe { libc::execv(cmd_ptr, argv_ptrs.as_ptr()) };
        sys::perror(b"exec");
        return 1;
    }

    // Default: run /bin/sh
    let shell = b"/bin/sh\0";
    let argv_ptrs = [shell.as_ptr() as *const i8, core::ptr::null()];
    unsafe { libc::execv(shell.as_ptr() as *const i8, argv_ptrs.as_ptr()) };
    sys::perror(b"exec");
    1
}

#[cfg(test)]
mod tests {
    extern crate std;
    use std::process::Command;
    use std::path::PathBuf;

    fn get_armybox_path() -> PathBuf {
        if let Ok(path) = std::env::var("ARMYBOX_PATH") {
            return PathBuf::from(path);
        }
        let manifest_dir = std::env::var("CARGO_MANIFEST_DIR")
            .map(PathBuf::from)
            .unwrap_or_else(|_| std::env::current_dir().unwrap());
        let release = manifest_dir.join("target/release/armybox");
        if release.exists() { return release; }
        manifest_dir.join("target/debug/armybox")
    }

    #[test]
    fn test_chroot_no_args() {
        let armybox = get_armybox_path();
        if !armybox.exists() { return; }

        let output = Command::new(&armybox)
            .args(["chroot"])
            .output()
            .unwrap();

        assert_eq!(output.status.code(), Some(1));
        let stderr = std::string::String::from_utf8_lossy(&output.stderr);
        assert!(stderr.contains("missing operand"));
    }

    #[test]
    fn test_chroot_requires_root() {
        let armybox = get_armybox_path();
        if !armybox.exists() { return; }

        // This should fail without root privileges
        let output = Command::new(&armybox)
            .args(["chroot", "/tmp"])
            .output()
            .unwrap();

        // Should fail (permission denied)
        assert_eq!(output.status.code(), Some(1));
    }
}