rdelaage
/
gmid
mirror of https://github.com/omar-polo/gmid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
1,359 Commits 4 Branches 28 Tags 5.4 MiB
Commit Graph

78 Commits

Author SHA1 Message Date
Omar Polo 9899a837af
[seccomp] allow sendmsg 2021-02-23 13:44:20 +01:00
Omar Polo d278a0c3c5
moving logging to its own process 2021-02-23 13:40:59 +01:00
Omar Polo 3cb3dd4d42 accept4 -> accept 
accept4(2) isn't part of any standard (even though it'll be part in
the future) and raises warnings on some linux distro.  Moreover, we
don't have thread that may fork at any time, so doing a mark_nonblock
after isn't a big deal.
 2021-02-12 11:59:03 +00:00
Omar Polo 8e56d6adc4 use fatal instead of err/fprintf+exit 
fatal logs to the correct place, err only on stderr.
 2021-02-11 09:07:28 +00:00
Omar Polo 2a911637be fix compilation on OSes without sandbox 2021-02-11 09:04:47 +00:00
Omar Polo 6827d2781e [seccomp] allow newfstatat and gettimeofday 
these are required to run on arch linux (at least)
 2021-02-10 19:20:59 +00:00
Omar Polo 4c857c0afc [seccomp] epoll_wait(2) isn't available on every arch 2021-02-10 18:02:08 +00:00
Omar Polo f6b9a079e3 allow epoll_wait 
fedora 33 issue an epoll_wait instead of pwait.
 2021-02-10 14:21:56 +00:00
Omar Polo c214d1ab67 allow sigreturn and sigaction on linux 2021-02-08 18:39:23 +00:00
Omar Polo df58efff26 fix seccomp for the new event loop 
add/remove syscalls from the BPF filter and move sandbox() after
libevent initialisation
 2021-02-08 12:46:46 +00:00
Omar Polo 8ef09de3d0 don't include err.h, gmid.h (via config.h) does that 2021-01-28 16:28:10 +00:00
Omar Polo 2d3f837ac5 [seccomp] allow getrandom 2021-01-25 15:25:04 +00:00
Omar Polo 2d3cc76f6d we don't need unveil "x" in listener 
not a big deal, since the pledge prohibits us to exec, but
nevertheless.
 2021-01-25 14:58:54 +00:00
Omar Polo f88311e534 [seccomp] allow fcntl F_SETFD 
musl does a F_SETFD in its fdopendir
 2021-01-24 19:12:32 +00:00
Omar Polo 1a49166de4 fix date 2021-01-23 11:29:02 +00:00
Omar Polo e29dbd7217 added missic copyright notice 2021-01-23 11:28:44 +00:00
Omar Polo 338f06f4e5 drop seccomp.h: not needed 2021-01-21 11:55:52 +00:00
Omar Polo 61f8d630c8 fmt 2021-01-20 16:22:35 +00:00
Omar Polo f2b3a5193f allow clock_gettime and a bit of fmt 
alpine on amd64 (under OpenBSD vmd) tries to do a clock_gettime.  I
don't know why, but it doesn't seem a problem to allow it.
 2021-01-20 16:19:54 +00:00
Omar Polo 3c0375e405 fix BPF 2021-01-20 16:09:04 +00:00
Omar Polo de4f713184 tighten the rules for fcntl 
allow only the F_GETFL and F_SETFL commands
 2021-01-20 15:54:26 +00:00
Omar Polo 298e4b96dc explain the poll mess 2021-01-20 15:44:11 +00:00
Omar Polo 94a79035ec __NR_poll doesn't seem to be defined on aarch64 2021-01-18 23:08:16 +00:00
Omar Polo 65fba1d570 [seccomp] allow also poll 
on the latest fedora we glibc uses poll.  On the other linux distro I
tried (void), musl is probably providing poll as a ppoll wrapper.
 2021-01-17 13:51:09 +00:00
Omar Polo c2e39fcfed we don't need to check for CGI anymore 2021-01-17 09:37:44 +00:00
Omar Polo 71b7eb2f8c initial seccomp support 2021-01-17 09:34:27 +00:00
Omar Polo 881a9dd9c2 split into two processes: listener and executor 
this way, we can sandbox the listener with seccomp (todo) or capsicum
(already done) and still have CGI scripts.  When we want to exec, we
tell the executor what to do, the executor executes the scripts and
send the fd backt to the listener.
 2021-01-16 19:41:34 +00:00
Omar Polo dafb57b8af sandbox also on FreeBSD with capsicum 2021-01-15 14:03:45 +00:00