From f9c82590500358d21b80ba12f0686c2bb860fbbd Mon Sep 17 00:00:00 2001 From: Vincent Li Date: Wed, 2 Oct 2024 18:28:58 +0000 Subject: [PATCH] Add xdpdnsctrl program for safe execution add xdpdnsctrl to start/stop/status XDP program from xdpdns.cgi safely. permission of xdpdnsctrl chown root.nobody /usr/local/bin/xdpdnsctrl chmod u+s /usr/local/bin/xdpdnsctrl result: -rwsr-x--- 1 root nobody 14672 Mar 19 09:58 /usr/local/bin/xdpdnsctrl --- config/rootfiles/common/misc-progs | 1 + src/misc-progs/Makefile | 2 +- src/misc-progs/xdpdnsctrl.c | 40 ++++++++++++++++++++++++++++++ 3 files changed, 42 insertions(+), 1 deletion(-) create mode 100644 src/misc-progs/xdpdnsctrl.c diff --git a/config/rootfiles/common/misc-progs b/config/rootfiles/common/misc-progs index aa54144dd..d921ed218 100644 --- a/config/rootfiles/common/misc-progs +++ b/config/rootfiles/common/misc-progs @@ -41,3 +41,4 @@ usr/local/bin/wirelessctrl usr/local/bin/ddosctrl usr/local/bin/loxilbctrl usr/local/bin/keepalivedctrl +usr/local/bin/xdpdnsctrl diff --git a/src/misc-progs/Makefile b/src/misc-progs/Makefile index 9509be5f4..cb828dfb4 100644 --- a/src/misc-progs/Makefile +++ b/src/misc-progs/Makefile @@ -32,7 +32,7 @@ SUID_PROGS = squidctrl sshctrl ipfirereboot \ smartctrl clamavctrl addonctrl pakfire mpfirectrl wlanapctrl \ setaliases urlfilterctrl updxlratorctrl fireinfoctrl rebuildroutes \ getconntracktable wirelessclient torctrl ddnsctrl unboundctrl \ - captivectrl ddosctrl loxilbctrl keepalivedctrl + captivectrl ddosctrl loxilbctrl keepalivedctrl xdpdnsctrl OBJS = $(patsubst %,%.o,$(PROGS) $(SUID_PROGS)) diff --git a/src/misc-progs/xdpdnsctrl.c b/src/misc-progs/xdpdnsctrl.c new file mode 100644 index 000000000..e0396b640 --- /dev/null +++ b/src/misc-progs/xdpdnsctrl.c @@ -0,0 +1,40 @@ +/* This file is part of the BPFire Firewall. + * + * This program is distributed under the terms of the GNU General Public + * Licence. See the file COPYING for details. + * + */ + +#include +#include +#include +#include +#include +#include +#include "setuid.h" + +int main(int argc, char *argv[]) { + + if (!(initsetuid())) + exit(1); + + if (argc < 2) { + fprintf(stderr, "\nNo argument given.\n\nddosctrl (start|stop|restart)\n\n"); + exit(1); + } + + if (strcmp(argv[1], "start") == 0) { + safe_system("/etc/rc.d/init.d/xdpdns start"); + } else if (strcmp(argv[1], "stop") == 0) { + safe_system("/etc/rc.d/init.d/xdpdns stop"); + } else if (strcmp(argv[1], "restart") == 0) { + safe_system("/etc/rc.d/init.d/xdpdns restart"); + } else if (strcmp(argv[1], "status") == 0) { + safe_system("/etc/rc.d/init.d/xdpdns status"); + } else { + fprintf(stderr, "\nBad argument given.\n\nxdpdnsctrl (start|stop|restart|status)\n\n"); + exit(1); + } + + return 0; +}