QubesOS/qubes-core-admin-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
912861c8b0
qubes-core-admin-linux/qrexec/qubes-rpc-multiplexer
Marek Marczykowski-Górecki d54d953af1
qrexec: use separate variables for original target type and value 
Avoid passing special characters (like '$' or '@') to the service, even
if in environment variable. Use separate variable (and
qubes-rpc-multiplexer argument) to provide type of original target.
There are two:
 - specific VM by name ("name")
 - special name, like $adminvm, $dispvm etc ("keyword")

Then, use separate variables to provide actual value:
 - QREXEC_REQUESTED_TARGET_KEYWORD (if _TYPE == "keyword")
 - QREXEC_REQUESTED_TARGET (if _TYPE == "name")

The later one intentionally is the same as in previous implementation,
to preserve compatibility.
2018-02-19 03:30:04 +01:00

46 lines
1.4 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
mkfifo /tmp/qrexec-rpc-stderr.$$
logger -t "$1-$2" -f /tmp/qrexec-rpc-stderr.$$ >/dev/null 2>&1 </dev/null &
exec 2>/tmp/qrexec-rpc-stderr.$$
rm -f /tmp/qrexec-rpc-stderr.$$
QUBES_RPC=/etc/qubes-rpc
LOCAL_QUBES_RPC=/usr/local/etc/qubes-rpc
if ! [ $# = 2 -o $# = 4 ] ; then
echo "$0: bad argument count, usage: $0 SERVICE-NAME REMOTE-DOMAIN-NAME [REQUESTED_TARGET_TYPE REQUESTED_TARGET]" >&2
exit 1
fi
export QREXEC_REQUESTED_TARGET_TYPE="$3"
if [ "$QREXEC_REQUESTED_TARGET_TYPE" = "name" ]; then
export QREXEC_REQUESTED_TARGET="$4"
elif [ "$QREXEC_REQUESTED_TARGET_TYPE" = "keyword" ]; then
export QREXEC_REQUESTED_TARGET_KEYWORD="$4"
fi
# else: requested target type unknown or not given, ignore
export QREXEC_REMOTE_DOMAIN="$2"
export QREXEC_SERVICE_FULL_NAME="$1"
SERVICE_WITHOUT_ARGUMENT="${1%%+*}"
if [ "${QREXEC_SERVICE_FULL_NAME}" != "${SERVICE_WITHOUT_ARGUMENT}" ]; then
export QREXEC_SERVICE_ARGUMENT="${QREXEC_SERVICE_FULL_NAME#*+}"
fi
for CFG_FILE in $LOCAL_QUBES_RPC/"$1" $QUBES_RPC/"$1" \
$LOCAL_QUBES_RPC/"${SERVICE_WITHOUT_ARGUMENT}" \
$QUBES_RPC/"${SERVICE_WITHOUT_ARGUMENT}"; do
if [ -s "$CFG_FILE" ]; then
break
fi
done
if [ -x "$CFG_FILE" ] ; then
exec "$CFG_FILE" ${QREXEC_SERVICE_ARGUMENT}
echo "$0: failed to execute handler for" "$1" >&2
exit 1
else
exec /bin/sh -- "$CFG_FILE" ${QREXEC_SERVICE_ARGUMENT}
echo "$0: failed to execute handler for" "$1" >&2
exit 1
fi
Reference in New Issue View Git Blame Copy Permalink