Add ld-iamroot.so

gportay · Mar 8, 2024 · 8144b73 · 8144b73
1 parent 5012344
commit 8144b73
Show file tree

Hide file tree

Showing 7 changed files with 346 additions and 12 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -10,6 +10,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 - Preload the iamroot library if `LD_PRELOAD` is unset and not in a chroot'ed
   environment
+- Add `ld-iamroot.so`, the [ld.so(8)] CLI for `iamroot(7)`
 
 ### Removed
 

diff --git a/Makefile b/Makefile
@@ -66,10 +66,10 @@ endif
 %.o: override CPPFLAGS += -D_GNU_SOURCE -DVERSION=$(VERSION) -DPREFIX=$(PREFIX)
 %.o: override CFLAGS += -fPIC -Wall -Wextra
 ifeq ($(OS),GNU/Linux)
-%.so: override LDFLAGS += -nodefaultlibs
+lib%.so: override LDFLAGS += -nodefaultlibs
 endif
 ifeq ($(OS),FreeBSD)
-%.so: override LDFLAGS += -ldl
+lib%.so: override LDFLAGS += -ldl
 endif
 
 ifneq ($(COVERAGE),0)
@@ -79,8 +79,33 @@ ifneq ($(COVERAGE),0)
 endif
 
 .PHONY: all
+all: ld-iamroot.so
 all: libiamroot.so
 
+ld-iamroot.so: __fxstat.o
+ld-iamroot.so: __fxstatat.o
+ld-iamroot.so: dlopen.o
+ld-iamroot.so: dso.o
+ld-iamroot.so: env.o
+ld-iamroot.so: execve.o
+ld-iamroot.so: faccessat.o
+ld-iamroot.so: fgetxattr.o
+ld-iamroot.so: fstat.o
+ld-iamroot.so: fstatat.o
+ld-iamroot.so: getcwd.o
+ld-iamroot.so: iamroot.o
+ld-iamroot.so: interpreter-script.o
+ld-iamroot.so: ld.o
+ld-iamroot.so: ldso-cache.o
+ld-iamroot.so: lgetxattr.o
+ld-iamroot.so: lremovexattr.o
+ld-iamroot.so: lsetxattr.o
+ld-iamroot.so: open.o
+ld-iamroot.so: path_resolution.o
+ld-iamroot.so: readlinkat.o
+ld-iamroot.so: realpath.o
+ld-iamroot.so: scandir.o
+
 libiamroot.so: __fstat64_time64.o
 libiamroot.so: __fstatat64_time64.o
 libiamroot.so: __fxstat.o
@@ -295,7 +320,7 @@ libiamroot.so: utmpname.o
 libiamroot.so: utmpxname.o
 
 .PHONY: doc
-doc: ido.1.gz ish.1.gz iamroot.7.gz
+doc: ido.1.gz ish.1.gz iamroot.7.gz ld-iamroot.so.8.gz
 
 .PHONY: install
 install: install-exec install-doc install-bash-completion
@@ -312,6 +337,8 @@ install-bin:
 	chmod a+x $(DESTDIR)$(PREFIX)/bin/ish
 	install -d -m755 $(DESTDIR)$(PREFIX)/lib/iamroot/
 	install -m755 exec.sh $(DESTDIR)$(PREFIX)/lib/iamroot/exec.sh
+	install -m755 ld-iamroot.so $(DESTDIR)$(PREFIX)/lib/iamroot/ld-iamroot.so
+	ln -sf $(PREFIX)/lib/iamroot/ld-iamroot.so $(DESTDIR)$(PREFIX)/bin/ld-iamroot.so
 
 .PHONY: install-lib
 install-lib:
@@ -422,7 +449,7 @@ cleanall: clean
 
 .PHONY: clean
 clean:
-	rm -Rf libiamroot.so fuzzer *.o *.i
+	rm -Rf ld-iamroot.so libiamroot.so fuzzer *.o *.i
 	$(MAKE) -C tests $@
 
 .PHONY: mrproper
@@ -456,14 +483,17 @@ PREPROCESS.c = $(PREPROCESS.S)
 %.i: %.c
 	$(PREPROCESS.c) $(OUTPUT_OPTION) $<
 
-%.so: override LDFLAGS += -shared
-%.so:
+lib%.so: override LDFLAGS += -shared
+lib%.so:
 	$(LINK.o) $^ $(LOADLIBES) $(LDLIBS) -o $@.tmp
 ifeq ($(OS),GNU/Linux)
 	patchelf --add-needed libc.so.6 --add-needed libdl.so.2 --add-needed libpthread.so.0 $@.tmp
 endif
 	mv $@.tmp $@
 
+ld%.so:
+	$(LINK.o) $^ $(LOADLIBES) $(LDLIBS) -o $@
+
 .PHONY: fuzzing
 fuzzing: PATH := $(CURDIR):$(PATH)
 fuzzing: fuzzer | corpus
@@ -496,5 +526,8 @@ fuzzer: fuzzer.o __fxstat.o __fxstatat.o env.o fgetxattr.o fstat.o fstatat.o get
 %.7: %.7.adoc
 	asciidoctor -b manpage -o $@ $<
 
+%.8: %.8.adoc
+	asciidoctor -b manpage -o $@ $<
+
 %.gz: %
 	gzip -c $< >$@
diff --git a/README.md b/README.md
@@ -100,19 +100,21 @@ Build the documentation using *make(1)*
 	gzip -c ish.1 >ish.1.gz
 	asciidoctor -b manpage -o iamroot.7 iamroot.7.adoc
 	gzip -c iamroot.7 >iamroot.7.gz
-	rm iamroot.7 ish.1 ido.1
+	asciidoctor -b manpage -o ld-iamroot.so.8 ld-iamroot.so.8.adoc
+	gzip -c ld-iamroot.so.8 >ld-iamroot.so.8.gz
+	rm iamroot.7 ish.1 ido.1 ld-iamroot.so.8
 
 ## BUILD
 
-Run the following command to build *libiamroot.so*
+Run the following command to build *ld-iamroot.so* and *libiamroot.so*
 
 For your home directory (i.e. your user only)
 
-	$ make libiamroot.so PREFIX=$HOME/.local
+	$ make ld-iamroot.so libiamroot.so PREFIX=$HOME/.local
 
 Or, for your system (i.e. every users)
 
-	$ make libiamroot.so
+	$ make ld-iamroot.so libiamroot.so
 
 ## INSTALL
 
@@ -153,8 +155,8 @@ later version.
 
 ## SEE ALSO
 
-[iamroot(7)], [ido(1)], [ish(1)], [chroot(2)], [path_resolution(7)],
-[fakechroot(1)], [fakeroot(1)], [binfmt_misc], [qemu]
+[iamroot(7)], [ido(1)], [ish(1)], [ld-iamroot.so(8)], [chroot(2)],
+[path_resolution(7)], [fakechroot(1)], [fakeroot(1)], [binfmt_misc], [qemu]
 
 [Alpine Linux]: https://www.alpinelinux.org/
 [Alpine Linux]: https://www.alpinelinux.org/
@@ -187,6 +189,7 @@ later version.
 [iamroot(7)]: iamroot.7.adoc
 [ido(1)]: ido.1.adoc
 [ish(1)]: ish.1.adoc
+[ld-iamroot.so(8)]: ld-iamroot.so.8.adoc
 [musl]: https://www.musl-libc.org/
 [open(2)]: https://linux.die.net/man/2/open
 [openSUSE]: https://www.opensuse.org/

diff --git a/ld-iamroot.so.8.adoc b/ld-iamroot.so.8.adoc
@@ -0,0 +1,91 @@
+= ld-iamroot.so(8)
+:doctype: manpage
+:author: Gaël PORTAY
+:email: gael.portay@gmail.com
+:lang: en
+:man manual: ld-iamroot.so Manual
+:man source: iamroot 19
+
+== NAME
+
+ld-iamroot.so - execute the program in an iamroot environment
+
+== SYNOPSIS
+
+_/usr/lib/iamroot/ld-iamroot.so_ [OPTIONS] [--] [PROGRAM [ARGUMENTS]]
+
+== DESCRIPTION
+
+Executes the _PROGRAM_ in an iamroot environment ready to emulate the
+*chroot*(2) syscall for unprivileged users.
+
+Under the hood, */usr/lib/iamroot/ld-iamroot.so* runs the _PROGRAM_ with its
+_ARGUMENTS_ by rewriting the command-line using the dynamic loader stored in
+the *.interp* section of the _PROGRAM_.
+
+For a more thorough description of *ld.so*(8), *ld-linux.so*(8), or any other
+dynamic loader, please refers to their manuals.
+
+== OPTIONS
+
+*-A* or *--argv0* _string_::
+	Set argv[0] to the value _string_ before running the PROGRAM.
+
+*-P* or *--preload* _list_::
+	Preload the objects specified in _list_.
+
+*-L* or *--library-path* _path_::
+	Use _path_ instead of *LD_LIBRARY_PATH* environment variable setting.
+
+*-R* or *--root* _dir_::
+	Set root directory to _dir_.
+
+*-C* or *--cwd* _dir_::
+	Set current working directory to _dir_.
+
+*-D* or *--debug*::
+	Turn on debug mode.
+
+*-h* or *--help*::
+	Display this message.
+
+*-V* or *--version*::
+	Display the version.
+
+== ENVIRONMENT VARIABLES
+
+*IAMROOT_ROOT*::
+	Set absolute path to root directory to chroot in.
+	Equivalent to --root DIR.
+
+*LD_LIBRARY_PATH*::
+	A list of directories in which to search for ELF libraries at execution
+	time. The items in the list are separated by either colons or
+	semicolons, and there is no support for escaping either separator. A
+	zero-length directory name indicates the current working directory.
+
+*LD_PRELOAD*::
+	A list of additional, user-specified, ELF shared objects to be loaded
+	before all others. This feature can be used to selectively override
+	functions in other shared objects.
+
+== BUGS
+
+Report bugs at *https://github.com/gportay/iamroot/issues*
+
+== AUTHOR
+
+Written by Gaël PORTAY *gael.portay@gmail.com*
+
+== COPYRIGHT
+
+Copyright (c) 2024 Gaël PORTAY
+
+This program is free software: you can redistribute it and/or modify it under
+the terms of the GNU Lesser General Public License as published by the Free
+Software Foundation, either version 2.1 of the License, or (at your option) any
+later version.
+
+== SEE ALSO
+
+*iamroot*(7), *ld.so*(8), *ld.so*(8), *ld-linux.so*(8), *chroot*(2)