diff options
| author | Jason King <jason@ansipunx.net> | 2009-03-17 11:17:09 -0700 |
|---|---|---|
| committer | Jason King <jason@ansipunx.net> | 2009-03-17 11:17:09 -0700 |
| commit | 18c39a06713fa194e15052abbf2cc1816e7324ef (patch) | |
| tree | 9f11d557feb651a2f359811f93fed6672accb624 /usr/src/uts | |
| parent | d623bac84912310c3b2db0c8088bb18d499b4327 (diff) | |
| download | illumos-joyent-18c39a06713fa194e15052abbf2cc1816e7324ef.tar.gz | |
6613349 setuid not allowed message could be more useful
Diffstat (limited to 'usr/src/uts')
| -rw-r--r-- | usr/src/uts/common/os/exec.c | 49 |
1 files changed, 45 insertions, 4 deletions
diff --git a/usr/src/uts/common/os/exec.c b/usr/src/uts/common/os/exec.c index a6dca5bc40..9b3dce476a 100644 --- a/usr/src/uts/common/os/exec.c +++ b/usr/src/uts/common/os/exec.c @@ -20,7 +20,7 @@ */ /* - * Copyright 2008 Sun Microsystems, Inc. All rights reserved. + * Copyright 2009 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ @@ -607,9 +607,50 @@ gexec( /* SunOS 4.x buy-back */ if ((vp->v_vfsp->vfs_flag & VFS_NOSETUID) && (vattr.va_mode & (VSUID|VSGID))) { - cmn_err(CE_NOTE, - "!%s, uid %d: setuid execution not allowed, dev=%lx", - exec_file, cred->cr_uid, vp->v_vfsp->vfs_dev); + char path[MAXNAMELEN]; + refstr_t *mntpt = NULL; + int ret = -1; + + bzero(path, sizeof (path)); + zone_hold(pp->p_zone); + + ret = vnodetopath(pp->p_zone->zone_rootvp, vp, path, + sizeof (path), cred); + + /* fallback to mountpoint if a path can't be found */ + if ((ret != 0) || (ret == 0 && path[0] == '\0')) + mntpt = vfs_getmntpoint(vp->v_vfsp); + + if (mntpt == NULL) + zcmn_err(pp->p_zone->zone_id, CE_NOTE, + "!uid %d: setuid execution not allowed, " + "file=%s", cred->cr_uid, path); + else + zcmn_err(pp->p_zone->zone_id, CE_NOTE, + "!uid %d: setuid execution not allowed, " + "fs=%s, file=%s", cred->cr_uid, + ZONE_PATH_TRANSLATE(refstr_value(mntpt), + pp->p_zone), exec_file); + + if (!INGLOBALZONE(pp)) { + /* zone_rootpath always has trailing / */ + if (mntpt == NULL) + cmn_err(CE_NOTE, "!zone: %s, uid: %d " + "setuid execution not allowed, file=%s%s", + pp->p_zone->zone_name, cred->cr_uid, + pp->p_zone->zone_rootpath, path + 1); + else + cmn_err(CE_NOTE, "!zone: %s, uid: %d " + "setuid execution not allowed, fs=%s, " + "file=%s", pp->p_zone->zone_name, + cred->cr_uid, refstr_value(mntpt), + exec_file); + } + + if (mntpt != NULL) + refstr_rele(mntpt); + + zone_rele(pp->p_zone); } /* |