From e3a2e14ffa6a5842bc836d5809fcbb0494cbbfdd Mon Sep 17 00:00:00 2001
From: Kaarle Ritvanen <kaarle.ritvanen@datakunkku.fi>
Date: Wed, 5 Apr 2017 16:28:13 +0300
Subject: abuild: build in chroot
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This patch is based on earlier work by Timo Teräs.
---
 abuild-rmtemp.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 49 insertions(+)
 create mode 100644 abuild-rmtemp.c

(limited to 'abuild-rmtemp.c')

diff --git a/abuild-rmtemp.c b/abuild-rmtemp.c
new file mode 100644
index 0000000..36a12ec
--- /dev/null
+++ b/abuild-rmtemp.c
@@ -0,0 +1,49 @@
+/*
+ * abuild-rmtemp
+ * Copyright (c) 2017 Kaarle Ritvanen
+ * Distributed under GPL-2
+ */
+
+#include <err.h>
+#include <errno.h>
+#include <ftw.h>
+#include <pwd.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#define PREFIX "/var/tmp/abuild."
+
+static void fail() {
+	errx(1, "%s", strerror(errno));
+}
+
+static int handler(const char *fpath, const struct stat *sb, int typeflag, struct FTW *ftwbuf) {
+	return remove(fpath);
+}
+
+int main(int argc, char **argv) {
+	if (argc < 2) return 0;
+
+	if (getuid()) {
+		argv[0] = "-abuild-rmtemp";
+		execv("/usr/bin/abuild-sudo", argv);
+	}
+
+	if (strncmp(argv[1], PREFIX, strlen(PREFIX)) || \
+		strchr(argv[1] + strlen(PREFIX), '/'))
+		errx(1, "Invalid path: %s", argv[1]);
+
+	struct stat s;
+	if (lstat(argv[1], &s)) fail();
+	struct passwd *p = getpwnam(getenv("USER"));
+	if (!p) errx(1, "Incorrect user");
+	if (s.st_uid != p->pw_uid) errx(1, "Permission denied");
+
+	if (nftw(argv[1], handler, 512, FTW_DEPTH)) fail();
+
+	return 0;
+}
-- 
cgit v1.2.3