tr1pd 0.3.1

tamper resistant audit log
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75

use libc;
#[cfg(not(target_os="linux"))]
use users;

#[cfg(target_os="linux")]
use sandbox::capabilities;
use config::Config;

use std::env;
use std::ffi::CString;

mod errors {
    #[cfg(target_os="linux")]
    use sandbox::capabilities;

    error_chain! {
        errors {
            FFI
        }
        links {
            Caps(capabilities::Error, capabilities::ErrorKind) #[cfg(target_os="linux")];
        }
    }
}
pub use self::errors::{Result, Error, ErrorKind};


#[cfg(target_os="linux")]
#[inline]
pub fn can_chroot() -> Result<bool> {
    let perm_chroot = capabilities::can_chroot()?;
    Ok(perm_chroot)
}

#[cfg(not(target_os="linux"))]
#[inline]
pub fn can_chroot() -> Result<bool> {
    let is_root = users::get_effective_uid() == 0;
    Ok(is_root)
}

#[inline]
pub fn lock_to_datadir(config: &mut Config) -> Result<()> {
    if can_chroot()? {
        {
            let target = config.datadir();
            debug!("chroot: -> {:?}", target);
            chroot(target)?;
        }
        config.set_datadir(Some("/"));

        // XXX: it's currently not recommended to use chroot
        // on a platform that isn't linux since we don't have
        // capabilities(7) there and we don't have setuid code yet.
    } else if config.security.strict_chroot {
        panic!("strict-chroot is set and process didn't chroot");
    }

    Ok(())
}

#[inline]
pub fn chroot(path: &str) -> Result<()> {
    let path = CString::new(path).unwrap();
    let ret = unsafe { libc::chroot(path.as_ptr()) };

    if ret != 0 {
        Err(ErrorKind::FFI.into())
    } else {
        match env::set_current_dir("/") {
            Ok(_) => Ok(()),
            Err(_) => Err(ErrorKind::FFI.into()),
        }
    }
}