| Mike Frysinger | f9da3d3 | 2017-09-19 23:41:27 -0400 | [diff] [blame] | 1 | // Copyright 2017 The Chromium OS Authors. All rights reserved. |
| 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
| 5 | // WARNING: |
| 6 | // This callback is intended to be a legacy entry point. New scripts should not |
| 7 | // be added here. Instead a proper UI should be created to manage the system |
| 8 | // interactions. |
| 9 | |
| 10 | #include "debugd/src/shill_scripts_tool.h" |
| 11 | |
| 12 | #include <string> |
| 13 | #include <utility> |
| 14 | #include <vector> |
| 15 | |
| 16 | #include <base/files/file_path.h> |
| 17 | #include <base/memory/ptr_util.h> |
| 18 | |
| 19 | #include "debugd/src/error_utils.h" |
| 20 | #include "debugd/src/process_with_id.h" |
| 21 | |
| 22 | namespace debugd { |
| 23 | |
| 24 | namespace { |
| 25 | |
| 26 | const char kUnsupportedShillScriptToolErrorName[] = |
| 27 | "org.chromium.debugd.error.UnsupportedShillScriptTool"; |
| 28 | |
| 29 | const char kUser[] = "shill-scripts"; |
| 30 | const char kGroup[] = "shill-scripts"; |
| 31 | |
| 32 | // Where shill scripts are installed. |
| 33 | const char kScriptsDir[] = "/usr/bin"; |
| 34 | |
| 35 | // clang-format off |
| 36 | const char * const kWhitelistedScripts[] = { |
| 37 | "connectivity", |
| 38 | "ff_debug", |
| 39 | "modem", |
| 40 | "network_diag", |
| 41 | "set_apn", |
| 42 | "set_arpgw", |
| 43 | "set_cellular_ppp", |
| 44 | "set_wake_on_lan", |
| 45 | "wpa_debug", |
| 46 | }; |
| 47 | // clang-format on |
| 48 | |
| 49 | // Only permit certain scripts here. |
| 50 | bool WhitelistedScript(const std::string& script, brillo::ErrorPtr* error) { |
| 51 | for (const char* listed : kWhitelistedScripts) |
| 52 | if (script == listed) |
| 53 | return true; |
| 54 | |
| 55 | DEBUGD_ADD_ERROR(error, kUnsupportedShillScriptToolErrorName, script.c_str()); |
| 56 | return false; |
| 57 | } |
| 58 | |
| 59 | } // namespace |
| 60 | |
| 61 | bool ShillScriptsTool::Run(const dbus::FileDescriptor& outfd, |
| 62 | const std::string& script, |
| 63 | const std::vector<std::string>& script_args, |
| 64 | std::string* out_id, |
| 65 | brillo::ErrorPtr* error) { |
| 66 | if (!WhitelistedScript(script, error)) |
| 67 | return false; |
| 68 | |
| 69 | auto p = base::MakeUnique<ProcessWithId>(); |
| 70 | p->SandboxAs(kUser, kGroup); |
| 71 | p->Init(); |
| 72 | |
| 73 | const base::FilePath dir(kScriptsDir); |
| 74 | p->AddArg(dir.Append(script).value()); |
| 75 | |
| 76 | for (const auto& arg : script_args) |
| 77 | p->AddArg(arg); |
| 78 | |
| 79 | p->BindFd(outfd.value(), STDOUT_FILENO); |
| 80 | p->BindFd(outfd.value(), STDERR_FILENO); |
| 81 | *out_id = p->id(); |
| 82 | p->Start(); |
| 83 | |
| 84 | RecordProcess(std::move(p)); |
| 85 | |
| 86 | return true; |
| 87 | } |
| 88 | |
| 89 | } // namespace debugd |