Add sandbox support and SHOW SYSTEM (fe1639ce) · Commits · Personal Projects / bulletin

README.md

+15 −12

Original line number	Diff line number	Diff line
		@@ -18,14 +18,17 @@ will initialise itself with that user for that session.
		The code is organised like so:

		* `ask` - Contains routines for asking the user questions.
		* `authorized` - Authorises a new user.
		* `batch` - Contains the batch routines - the `-b` flag.
		* `dclish` - A command line parser akin to DCL.
		* `decus` - Historical version this version is based on.
		* `editor` - An editor function.
		* `folders` - A higher level version of `storage` routines.
		* `key` - Routines for handling ssh keys.
		* `onboard` - Routines to onboard a new user.
		* `pager` - A pager function.
		* `repl` - Actions and commands for the REPL.
		* `security` - Routines to lock things down better.
		* `storage` - Lower level storage routines.
		* `this` - The current session.
		* `users` - Validation routines for users.

go.mod

+2 −0

Original line number	Diff line number	Diff line
		@@ -61,6 +61,7 @@ require (
		github.com/jackc/puddle/v2 v2.2.2 // indirect
		github.com/jinzhu/inflection v1.0.0 // indirect
		github.com/kr/pretty v0.3.1 // indirect
		github.com/landlock-lsm/go-landlock v0.7.0 // indirect
		github.com/lucasb-eyer/go-colorful v1.3.0 // indirect
		github.com/mattn/go-colorable v0.1.13 // indirect
		github.com/mattn/go-isatty v0.0.20 // indirect
		@@ -116,6 +117,7 @@ require (
		gopkg.in/yaml.v3 v3.0.1 // indirect
		gotest.tools/gotestsum v1.13.0 // indirect
		honnef.co/go/tools v0.7.0 // indirect
		kernel.org/pub/linux/libs/security/libcap/psx v1.2.77 // indirect
		modernc.org/libc v1.67.7 // indirect
		modernc.org/mathutil v1.7.1 // indirect
		modernc.org/memory v1.11.0 // indirect

go.sum

+4 −0

Original line number	Diff line number	Diff line
		@@ -140,6 +140,8 @@ github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
		github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
		github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
		github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
		github.com/landlock-lsm/go-landlock v0.7.0 h1:gXz0+Phg3vddZjpPzXL4pQy/MgsTMHZBs+9zgUIyu/0=
		github.com/landlock-lsm/go-landlock v0.7.0/go.mod h1:mn5GSi81Jf7yMs5WSi+SUi4sUeNLUGVdbT4Id6wXNQw=
		github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
		github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
		github.com/lib/pq v1.11.1 h1:wuChtj2hfsGmmx3nf1m7xC2XpK6OtelS2shMY+bGMtI=
		@@ -459,6 +461,8 @@ gotest.tools/gotestsum v1.13.0 h1:+Lh454O9mu9AMG1APV4o0y7oDYKyik/3kBOiCqiEpRo=
		gotest.tools/gotestsum v1.13.0/go.mod h1:7f0NS5hFb0dWr4NtcsAsF0y1kzjEFfAil0HiBQJE03Q=
		honnef.co/go/tools v0.7.0 h1:w6WUp1VbkqPEgLz4rkBzH/CSU6HkoqNLp6GstyTx3lU=
		honnef.co/go/tools v0.7.0/go.mod h1:pm29oPxeP3P82ISxZDgIYeOaf9ta6Pi0EWvCFoLG2vc=
		kernel.org/pub/linux/libs/security/libcap/psx v1.2.77 h1:Z06sMOzc0GNCwp6efaVrIrz4ywGJ1v+DP0pjVkOfDuA=
		kernel.org/pub/linux/libs/security/libcap/psx v1.2.77/go.mod h1:+l6Ee2F59XiJ2I6WR5ObpC1utCQJZ/VLsEbQCD8RG24=
		modernc.org/cc/v4 v4.26.1 h1:+X5NtzVBn0KgsBCBe+xkDC7twLb/jNVj9FPgiwSQO3s=
		modernc.org/cc/v4 v4.26.1/go.mod h1:uVtb5OGqUKpoLWhqwNQo/8LwvoiEBLvZXIQ/SmO6mL0=
		modernc.org/cc/v4 v4.27.1 h1:9W30zRlYrefrDV2JE2O8VDtJ1yPGownxciz5rrbQZis=

main.go

+23 −0

Original line number	Diff line number	Diff line
		@@ -28,6 +28,7 @@ import (
		"git.lyda.ie/pp/bulletin/batch"
		"git.lyda.ie/pp/bulletin/onboard"
		"git.lyda.ie/pp/bulletin/repl"
		"git.lyda.ie/pp/bulletin/security"
		"git.lyda.ie/pp/bulletin/storage"
		"git.lyda.ie/pp/bulletin/this"

		@@ -69,6 +70,10 @@ func main() {
		Usage: "AuthorizedKeysCommand for sshd integration",
		ArgsUsage: "USERNAME KEYTYPE BASE64KEY",
		Action: func(_ context.Context, cmd *cli.Command) error {
		if err := security.InitSandbox(); err != nil {
		fmt.Printf("ERROR: %s.\n", err)
		os.Exit(1)
		}
		os.Exit(authorized.Run(cmd.Args().Slice()))
		return nil
		},
		@@ -87,6 +92,11 @@ func main() {
		fmt.Println("ERROR: --onboard requires --fp and --pubkey.")
		os.Exit(1)
		}
		// Sandbox onboarding too.
		if err := security.InitSandbox(); err != nil {
		fmt.Printf("ERROR: %s.\n", err)
		os.Exit(1)
		}
		os.Exit(onboard.Run(fp, pubkeyFlag))
		return nil
		}
		@@ -102,6 +112,14 @@ func main() {
		fmt.Println("ERROR: can only run batch commands as SYSTEM.")
		os.Exit(1)
		}
		// Don't sandbox install/migrate-keys/new-user as they need
		// broader filesystem and network access.
		if batchFlag != "install" && batchFlag != "migrate-keys" && batchFlag != "new-user" {
		if err := security.InitSandbox(); err != nil {
		fmt.Printf("ERROR: %s.\n", err)
		os.Exit(1)
		}
		}
		exitcode := 0
		switch batchFlag {
		case "reboot":
		@@ -126,6 +144,11 @@ func main() {
		updateKeyLastUsed(fp)
		}

		if err := security.InitSandbox(); err != nil {
		fmt.Printf("ERROR: %s.\n", err)
		os.Exit(1)
		}

		err := this.StartThis(user)
		if err != nil {
		return err

repl/command.go

+9 −1

Original line number	Diff line number	Diff line
		@@ -1519,7 +1519,8 @@ that folder cannot be removed.`,

		The following options are available:

		FLAGS FOLDER NEW PRIVILEGES USER VERSION
		FLAGS FOLDER NEW PRIVILEGES SYSTEM USER
		VERSION
		`,
		Action: ActionShow,
		Commands: dclish.Commands{
		@@ -1558,6 +1559,13 @@ any rights identifiers that would also give a user privileges. (The
		latter are ACLs which are set on the BULLUSER.DAT file.)`,
		Action: ActionShowPrivileges,
		},
		"SYSTEM": {
		Description: `Displays system identification, current date and time, and system uptime.

		Format:
		SHOW SYSTEM`,
		Action: ActionShowSystem,
		},
		"USER": {
		Description: `Shows the last time that a user logged in, or if /FOLDER is specified,
		the latest message which a user has read in the folder. If NOLOGIN is