src/mknod.c

   1 /* mknod -- make special files
   2    Copyright (C) 1990-2022 Free Software Foundation, Inc.
   3
   4    This program is free software: you can redistribute it and/or modify
   5    it under the terms of the GNU General Public License as published by
   6    the Free Software Foundation, either version 3 of the License, or
   7    (at your option) any later version.
   8
   9    This program is distributed in the hope that it will be useful,
  10    but WITHOUT ANY WARRANTY; without even the implied warranty of
  11    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12    GNU General Public License for more details.
  13
  14    You should have received a copy of the GNU General Public License
  15    along with this program.  If not, see <https://www.gnu.org/licenses/>.  */
  16
  17 /* Written by David MacKenzie <djm@ai.mit.edu>  */
  18
  19 #include <config.h>
  20 #include <stdio.h>
  21 #include <getopt.h>
  22 #include <sys/types.h>
  23 #include <selinux/label.h>
  24
  25 #include "system.h"
  26 #include "die.h"
  27 #include "error.h"
  28 #include "modechange.h"
  29 #include "quote.h"
  30 #include "selinux.h"
  31 #include "smack.h"
  32 #include "xstrtol.h"
  33
  34 /* The official name of this program (e.g., no 'g' prefix).  */
  35 #define PROGRAM_NAME "mknod"
  36
  37 #define AUTHORS proper_name ("David MacKenzie")
  38
  39 static struct option const longopts[] =
  40 {
  41   {GETOPT_SELINUX_CONTEXT_OPTION_DECL},
  42   {"mode", required_argument, NULL, 'm'},
  43   {GETOPT_HELP_OPTION_DECL},
  44   {GETOPT_VERSION_OPTION_DECL},
  45   {NULL, 0, NULL, 0}
  46 };
  47
  48 void
  49 usage (int status)
  50 {
  51   if (status != EXIT_SUCCESS)
  52     emit_try_help ();
  53   else
  54     {
  55       printf (_("Usage: %s [OPTION]... NAME TYPE [MAJOR MINOR]\n"),
  56               program_name);
  57       fputs (_("\
  58 Create the special file NAME of the given TYPE.\n\
  59 "), stdout);
  60
  61       emit_mandatory_arg_note ();
  62
  63       fputs (_("\
  64   -m, --mode=MODE    set file permission bits to MODE, not a=rw - umask\n\
  65 "), stdout);
  66       fputs (_("\
  67   -Z                   set the SELinux security context to default type\n\
  68       --context[=CTX]  like -Z, or if CTX is specified then set the SELinux\n\
  69                          or SMACK security context to CTX\n\
  70 "), stdout);
  71       fputs (HELP_OPTION_DESCRIPTION, stdout);
  72       fputs (VERSION_OPTION_DESCRIPTION, stdout);
  73       fputs (_("\
  74 \n\
  75 Both MAJOR and MINOR must be specified when TYPE is b, c, or u, and they\n\
  76 must be omitted when TYPE is p.  If MAJOR or MINOR begins with 0x or 0X,\n\
  77 it is interpreted as hexadecimal; otherwise, if it begins with 0, as octal;\n\
  78 otherwise, as decimal.  TYPE may be:\n\
  79 "), stdout);
  80       fputs (_("\
  81 \n\
  82   b      create a block (buffered) special file\n\
  83   c, u   create a character (unbuffered) special file\n\
  84   p      create a FIFO\n\
  85 "), stdout);
  86       printf (USAGE_BUILTIN_WARNING, PROGRAM_NAME);
  87       emit_ancillary_info (PROGRAM_NAME);
  88     }
  89   exit (status);
  90 }
  91
  92 int
  93 main (int argc, char **argv)
  94 {
  95   mode_t newmode;
  96   char const *specified_mode = NULL;
  97   int optc;
  98   size_t expected_operands;
  99   mode_t node_type;
 100   char const *scontext = NULL;
 101   struct selabel_handle *set_security_context = NULL;
 102
 103   initialize_main (&argc, &argv);
 104   set_program_name (argv[0]);
 105   setlocale (LC_ALL, "");
 106   bindtextdomain (PACKAGE, LOCALEDIR);
 107   textdomain (PACKAGE);
 108
 109   atexit (close_stdout);
 110
 111   while ((optc = getopt_long (argc, argv, "m:Z", longopts, NULL)) != -1)
 112     {
 113       switch (optc)
 114         {
 115         case 'm':
 116           specified_mode = optarg;
 117           break;
 118         case 'Z':
 119           if (is_smack_enabled ())
 120             {
 121               /* We don't yet support -Z to restore context with SMACK.  */
 122               scontext = optarg;
 123             }
 124           else if (is_selinux_enabled () > 0)
 125             {
 126               if (optarg)
 127                 scontext = optarg;
 128               else
 129                 {
 130                   set_security_context = selabel_open (SELABEL_CTX_FILE,
 131                                                        NULL, 0);
 132                   if (! set_security_context)
 133                     error (0, errno, _("warning: ignoring --context"));
 134                 }
 135             }
 136           else if (optarg)
 137             {
 138               error (0, 0,
 139                      _("warning: ignoring --context; "
 140                        "it requires an SELinux/SMACK-enabled kernel"));
 141             }
 142           break;
 143         case_GETOPT_HELP_CHAR;
 144         case_GETOPT_VERSION_CHAR (PROGRAM_NAME, AUTHORS);
 145         default:
 146           usage (EXIT_FAILURE);
 147         }
 148     }
 149
 150   newmode = MODE_RW_UGO;
 151   if (specified_mode)
 152     {
 153       mode_t umask_value;
 154       struct mode_change *change = mode_compile (specified_mode);
 155       if (!change)
 156         die (EXIT_FAILURE, 0, _("invalid mode"));
 157       umask_value = umask (0);
 158       umask (umask_value);
 159       newmode = mode_adjust (newmode, false, umask_value, change, NULL);
 160       free (change);
 161       if (newmode & ~S_IRWXUGO)
 162         die (EXIT_FAILURE, 0,
 163              _("mode must specify only file permission bits"));
 164     }
 165
 166   /* If the number of arguments is 0 or 1,
 167      or (if it's 2 or more and the second one starts with 'p'), then there
 168      must be exactly two operands.  Otherwise, there must be four.  */
 169   expected_operands = (argc <= optind
 170                        || (optind + 1 < argc && argv[optind + 1][0] == 'p')
 171                        ? 2 : 4);
 172
 173   if (argc - optind < expected_operands)
 174     {
 175       if (argc <= optind)
 176         error (0, 0, _("missing operand"));
 177       else
 178         error (0, 0, _("missing operand after %s"), quote (argv[argc - 1]));
 179       if (expected_operands == 4 && argc - optind == 2)
 180         fprintf (stderr, "%s\n",
 181                  _("Special files require major and minor device numbers."));
 182       usage (EXIT_FAILURE);
 183     }
 184
 185   if (expected_operands < argc - optind)
 186     {
 187       error (0, 0, _("extra operand %s"),
 188              quote (argv[optind + expected_operands]));
 189       if (expected_operands == 2 && argc - optind == 4)
 190         fprintf (stderr, "%s\n",
 191                  _("Fifos do not have major and minor device numbers."));
 192       usage (EXIT_FAILURE);
 193     }
 194
 195   if (scontext)
 196     {
 197       int ret = 0;
 198       if (is_smack_enabled ())
 199         ret = smack_set_label_for_self (scontext);
 200       else
 201         ret = setfscreatecon (scontext);
 202
 203       if (ret < 0)
 204         die (EXIT_FAILURE, errno,
 205              _("failed to set default file creation context to %s"),
 206              quote (scontext));
 207     }
 208
 209   /* Only check the first character, to allow mnemonic usage like
 210      'mknod /dev/rst0 character 18 0'. */
 211
 212   switch (argv[optind + 1][0])
 213     {
 214     case 'b':                   /* 'block' or 'buffered' */
 215 #ifndef S_IFBLK
 216       die (EXIT_FAILURE, 0, _("block special files not supported"));
 217 #else
 218       node_type = S_IFBLK;
 219 #endif
 220       goto block_or_character;
 221
 222     case 'c':                   /* 'character' */
 223     case 'u':                   /* 'unbuffered' */
 224 #ifndef S_IFCHR
 225       die (EXIT_FAILURE, 0, _("character special files not supported"));
 226 #else
 227       node_type = S_IFCHR;
 228 #endif
 229       goto block_or_character;
 230
 231     block_or_character:
 232       {
 233         char const *s_major = argv[optind + 2];
 234         char const *s_minor = argv[optind + 3];
 235         uintmax_t i_major, i_minor;
 236         dev_t device;
 237
 238         if (xstrtoumax (s_major, NULL, 0, &i_major, "") != LONGINT_OK
 239             || i_major != (major_t) i_major)
 240           die (EXIT_FAILURE, 0,
 241                _("invalid major device number %s"), quote (s_major));
 242
 243         if (xstrtoumax (s_minor, NULL, 0, &i_minor, "") != LONGINT_OK
 244             || i_minor != (minor_t) i_minor)
 245           die (EXIT_FAILURE, 0,
 246                _("invalid minor device number %s"), quote (s_minor));
 247
 248         device = makedev (i_major, i_minor);
 249 #ifdef NODEV
 250         if (device == NODEV)
 251           die (EXIT_FAILURE, 0, _("invalid device %s %s"),
 252                s_major, s_minor);
 253 #endif
 254
 255         if (set_security_context)
 256           defaultcon (set_security_context, argv[optind], node_type);
 257
 258         if (mknod (argv[optind], newmode | node_type, device) != 0)
 259           die (EXIT_FAILURE, errno, "%s", quotef (argv[optind]));
 260       }
 261       break;
 262
 263     case 'p':                   /* 'pipe' */
 264       if (set_security_context)
 265         defaultcon (set_security_context, argv[optind], S_IFIFO);
 266       if (mkfifo (argv[optind], newmode) != 0)
 267         die (EXIT_FAILURE, errno, "%s", quotef (argv[optind]));
 268       break;
 269
 270     default:
 271       error (0, 0, _("invalid device type %s"), quote (argv[optind + 1]));
 272       usage (EXIT_FAILURE);
 273     }
 274
 275   if (specified_mode && lchmod (argv[optind], newmode) != 0)
 276     die (EXIT_FAILURE, errno, _("cannot set permissions of %s"),
 277          quoteaf (argv[optind]));
 278
 279   return EXIT_SUCCESS;
 280 }