lordwelch/breakglass
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: lordwelch:TERM
Branches Tags
lordwelch:main lordwelch:keysize lordwelch:TERM
..
compare: lordwelch:bba58e7a3a457b87f36846d481060219d7a845de
Branches Tags
lordwelch:keysize lordwelch:TERM lordwelch:main

1 Commits
TERM ... bba58e7a3a

Author SHA1 Message Date
Timmy Welch
bba58e7a3a Stuff
Some checks failed
Push / CI (push) Has been cancelled
Details 
Implement certificate authentication, certificate requires :gokrazy: principal
Read first line of /etc/passwd for home and shell
Shell uses `-l` to make it a login shell which will run .profile
 2025-02-16 17:53:26 -08:00
7 changed files with 195 additions and 82 deletions
Expand all files Collapse all files

17
.github/workflows/push.yml vendored
View File

@@ -9,18 +9,21 @@ jobs:
name: CI
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up latest stable Go
uses: actions/setup-go@v5
- name: Set up Go 1.x
uses: actions/setup-go@v2
with:
go-version: 'stable'
# Run on the latest minor release of Go 1.19:
go-version: ^1.19
id: go
- name: Check out code into the Go module directory
uses: actions/checkout@v2
- name: Ensure all files were formatted as per gofmt
run: |
[ "$(gofmt -l $(find . -name '*.go') 2>&1)" = "" ]
- name: Build and test
- name: Build packages
run: |
go install ./...
go test -v ./...
go install -v ./...

2
README.md
View File

@@ -97,7 +97,7 @@ busybox: ELF 64-bit LSB executable, ARM aarch64, version 1 (SYSV), statically li
for GNU/Linux 3.7.0, BuildID[sha1]=c9e20e9849ed0ca3c2bd058427ac31a27c008efe, stripped
$ ln -s busybox sh
$ tar cf breakglass.tar --dereference sh
$ breakglass -debug_tarball_pattern=breakglass.tar gokrazy
$ breakglass -debug_tarball_pattern=debug.tar gokrazy
/tmp/breakglass564067692 # df -h
Filesystem Size Used Available Use% Mounted on
/dev/root 60.5M 60.5M 0 100% /

115
breakglass.go
View File

@@ -5,22 +5,23 @@ package main
import (
"bufio"
"bytes"
"context"
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/json"
"encoding/pem"
"errors"
"flag"
"fmt"
"io/ioutil"
"log"
"net"
"net/http"
"os"
"path"
"strings"
"syscall"
"github.com/gokrazy/gokapi"
"github.com/gokrazy/gokapi/ondeviceapi"
"github.com/gokrazy/gokrazy"
"golang.org/x/crypto/ssh"
@@ -31,6 +32,10 @@ var (
"/perm/breakglass.authorized_keys",
"path to an OpenSSH authorized_keys file; if the value is 'ec2', fetch the SSH key(s) from the AWS IMDSv2 metadata")
authorizedUserCAPath = flag.String("authorized_ca",
"/perm/breakglass.authorized_user_ca",
"path to an OpenSSH TrustedUserCAKeys file; note the certificate must list ':gokrazy:' as a valid principal")
hostKeyPath = flag.String("host_key",
"/perm/breakglass.host_key",
"path to a PEM-encoded RSA, DSA or ECDSA private key (create using e.g. ssh-keygen -f /perm/breakglass.host_key -N '' -t rsa)")
@@ -46,6 +51,9 @@ var (
forwarding = flag.String("forward",
"",
"allow port forwarding. Use `loopback` for loopback interfaces and `private-network` for private networks")
home = "/perm/home"
shell = ""
)
func loadAuthorizedKeys(path string) (map[string]bool, error) {
@@ -81,6 +89,19 @@ func loadAuthorizedKeys(path string) (map[string]bool, error) {
return result, nil
}
func loadPasswd(passwd string) {
b, err := os.ReadFile(passwd)
if err != nil {
return
}
fields := bytes.SplitN(bytes.SplitN(b, []byte("\n"), 2)[0], []byte(":"), 7)
if len(fields) != 7 {
return
}
home = path.Clean(string(fields[5]))
shell = path.Clean(string(fields[6]))
}
func loadHostKey(path string) (ssh.Signer, error) {
b, err := ioutil.ReadFile(path)
if err != nil {
@@ -116,16 +137,40 @@ func createHostKey(path string) (ssh.Signer, error) {
}
func buildTimestamp() (string, error) {
cfg, err := gokapi.ConnectOnDevice()
var statusReply struct {
BuildTimestamp string `json:"BuildTimestamp"`
}
pw, err := os.ReadFile("/etc/gokr-pw.txt")
if err != nil {
return "", err
}
cl := ondeviceapi.NewAPIClient(cfg)
res, _, err := cl.SuperviseApi.Index(context.Background())
port, err := os.ReadFile("/etc/http-port.txt")
if err != nil {
return "", err
}
return res.BuildTimestamp, nil
req, err := http.NewRequest("GET", "http://gokrazy:"+strings.TrimSpace(string(pw))+"@localhost:"+strings.TrimSpace(string(port))+"/", nil)
if err != nil {
return "", err
}
req.Header.Set("Content-Type", "application/json")
resp, err := http.DefaultClient.Do(req)
if err != nil {
return "", err
}
defer resp.Body.Close()
if got, want := resp.StatusCode, http.StatusOK; got != want {
b, _ := ioutil.ReadAll(resp.Body)
return "", fmt.Errorf("unexpected HTTP status code: got %v, want %v (body: %s)", resp.Status, want, strings.TrimSpace(string(b)))
}
b, err := ioutil.ReadAll(resp.Body)
if err != nil {
return "", err
}
if err := json.Unmarshal(b, &statusReply); err != nil {
return "", err
}
return statusReply.BuildTimestamp, nil
}
var motd string
@@ -154,7 +199,7 @@ func initMOTD() error {
return err
}
motd = fmt.Sprintf(` __
motd = fmt.Sprintf(` __
.-----.-----| |--.----.---.-.-----.--.--.
| _ | _ | <| _| _ |-- __| | |
|___ |_____|__|__|__| |___._|_____|___ |
@@ -174,6 +219,8 @@ func main() {
gokrazy.DontStartOnBoot()
loadPasswd("/etc/passwd")
authorizedKeys, err := loadAuthorizedKeys(*authorizedKeysPath)
if err != nil {
if os.IsNotExist(err) {
@@ -182,19 +229,59 @@ func main() {
log.Fatal(err)
}
authorizedUserCertificateCA, err := loadAuthorizedKeys(strings.TrimPrefix(*authorizedUserCAPath, "ec2"))
if err != nil {
if os.IsNotExist(err) {
log.Printf("TrustedUserCAKeys not loaded")
}
}
if err := initMOTD(); err != nil {
log.Print(err)
}
config := &ssh.ServerConfig{
PublicKeyCallback: func(conn ssh.ConnMetadata, pubKey ssh.PublicKey) (*ssh.Permissions, error) {
certChecker := ssh.CertChecker{
IsUserAuthority: func(auth ssh.PublicKey) bool {
return authorizedUserCertificateCA[string(auth.Marshal())]
},
UserKeyFallback: func(conn ssh.ConnMetadata, pubKey ssh.PublicKey) (*ssh.Permissions, error) {
if authorizedKeys[string(pubKey.Marshal())] {
log.Printf("user %q successfully authorized from remote addr %s", conn.User(), conn.RemoteAddr())
return nil, nil
return &ssh.Permissions{map[string]string{}, map[string]string{}}, nil
}
return nil, fmt.Errorf("public key not found in %s", *authorizedKeysPath)
},
}
config := &ssh.ServerConfig{
PublicKeyCallback: func(conn ssh.ConnMetadata, key ssh.PublicKey) (*ssh.Permissions, error) {
cert, ok := key.(*ssh.Certificate)
if !ok {
if certChecker.UserKeyFallback != nil {
return certChecker.UserKeyFallback(conn, key)
}
return nil, errors.New("ssh: normal key pairs not accepted")
}
if cert.CertType != ssh.UserCert {
return nil, fmt.Errorf("ssh: cert has type %d", cert.CertType)
}
if !certChecker.IsUserAuthority(cert.SignatureKey) {
return nil, fmt.Errorf("ssh: certificate signed by unrecognized authority")
}
if err := certChecker.CheckCert(":gokrazy:", cert); err != nil {
return nil, err
}
if cert.Permissions.CriticalOptions == nil {
cert.Permissions.CriticalOptions = map[string]string{}
}
if cert.Permissions.Extensions == nil {
cert.Permissions.Extensions = map[string]string{}
}
return &cert.Permissions, nil
},
}
signer, err := loadHostKey(*hostKeyPath)
if err != nil {
@@ -244,7 +331,7 @@ func main() {
}
go func(conn net.Conn) {
_, chans, reqs, err := ssh.NewServerConn(conn, config)
c, chans, reqs, err := ssh.NewServerConn(conn, config)
if err != nil {
log.Printf("handshake: %v", err)
return
@@ -254,7 +341,7 @@ func main() {
go ssh.DiscardRequests(reqs)
for newChannel := range chans {
handleChannel(newChannel)
handleChannel(newChannel, c)
}
}(conn)
}

59
cmd/breakglass/breakglass.go
View File

@@ -26,6 +26,7 @@ import (
"github.com/gokrazy/internal/config"
"github.com/gokrazy/internal/httpclient"
"github.com/gokrazy/internal/instanceflag"
"github.com/gokrazy/internal/tlsflag"
"github.com/gokrazy/internal/updateflag"
)
@@ -34,11 +35,9 @@ type bg struct {
cfg *config.Struct
forceRestart bool
sshConfig string
insecure bool
// state
GOARCH string
update updateflag.Value
}
func (bg *bg) startBreakglass() error {
@@ -47,26 +46,35 @@ func (bg *bg) startBreakglass() error {
return err
}
updateHttpClient, _, updateBaseURL, err := httpclient.For(bg.update, bg.cfg)
updateHttpClient, foundMatchingCertificate, updateBaseURL, err := httpclient.For(bg.cfg)
if err != nil {
return err
}
updateHttpClient.Jar = jar
remoteScheme, err := httpclient.GetRemoteScheme(updateBaseURL)
if remoteScheme == "https" && !tlsflag.Insecure() {
updateBaseURL.Scheme = "https"
updateflag.SetUpdate(updateBaseURL.String())
}
if updateBaseURL.Scheme != "https" && foundMatchingCertificate {
fmt.Printf("\n")
fmt.Printf("!!!WARNING!!! Possible SSL-Stripping detected!\n")
fmt.Printf("Found certificate for hostname in your client configuration but the host does not offer https!\n")
fmt.Printf("\n")
if !tlsflag.Insecure() {
log.Fatalf("update canceled: TLS certificate found, but negotiating a TLS connection with the target failed")
}
fmt.Printf("Proceeding anyway as requested (-insecure).\n")
}
if err != nil {
return err
}
form, err := updateHttpClient.Get(updateBaseURL.String() + "status?path=/user/breakglass")
if err != nil {
if updateBaseURL.Scheme == "https" && bg.insecure {
// Try falling back to HTTP
bg.cfg.Update.UseTLS = "off"
updateHttpClient, _, updateBaseURL, err = httpclient.For(bg.update, bg.cfg)
if err != nil {
return err
}
form, err = updateHttpClient.Get(updateBaseURL.String() + "status?path=/user/breakglass")
if err != nil {
return err
}
}
return err
}
if form.StatusCode == http.StatusNotFound {
@@ -190,11 +198,6 @@ func breakglass() error {
false,
"prepare the SSH connection only, but do not execute SSH (useful for using breakglass within an SSH ProxyCommand)")
insecure = flag.Bool(
"insecure",
false,
"Fall back to HTTP if HTTPS is configured, but does not work.")
proxy = flag.Bool(
"proxy",
false,
@@ -206,6 +209,13 @@ func breakglass() error {
"an alternative per-user configuration file for ssh and scp")
)
// TODO: remove the -tls and -gokrazy_url flags after 2023-June (half a year
// after the introduction of instance centric config), so that we can then
// merge these flags into tools/internal/oldpacker and remove their global
// state.
tlsflag.RegisterFlags(flag.CommandLine)
updateflag.RegisterFlags(flag.CommandLine, "gokrazy_url")
flag.Usage = func() {
fmt.Fprintf(os.Stderr, "Usage of %s:\n\n", os.Args[0])
@@ -221,6 +231,13 @@ func breakglass() error {
log.Fatalf("syntax: breakglass <hostname> [command]")
}
// If the user did not explicitly specify -update=yes, we default to it.
// This differs from the gokr-packer, but breakglass is only useful for
// gokrazy instances that already exist.
if updateflag.NewInstallation() {
updateflag.SetUpdate("yes")
}
instance := flag.Arg(0)
instanceflag.SetInstance(instance)
@@ -238,8 +255,6 @@ func breakglass() error {
cfg: cfg,
forceRestart: *forceRestart,
sshConfig: *sshConfig,
insecure: *insecure,
update: updateflag.Value{Update: "yes"},
}
if cfg.Update.Hostname == "" {
cfg.Update.Hostname = cfg.Hostname

12
go.mod
View File

@@ -1,16 +1,15 @@
module github.com/gokrazy/breakglass
go 1.24.0
go 1.21
require (
github.com/gokrazy/gokapi v0.0.0-20250222071133-506fdb322775
github.com/gokrazy/gokrazy v0.0.0-20250222061409-bd0bb5f1d0b5
github.com/gokrazy/internal v0.0.0-20251208203110-3c1aa9087c82
github.com/gokrazy/gokrazy v0.0.0-20230812092215-346db1998f83
github.com/gokrazy/internal v0.0.0-20250126213949-423a5b587b57
github.com/google/renameio/v2 v2.0.0
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
github.com/kr/pty v1.1.8
github.com/pkg/sftp v1.13.5
golang.org/x/crypto v0.45.0
golang.org/x/crypto v0.31.0
)
require (
@@ -19,6 +18,5 @@ require (
github.com/kr/fs v0.1.0 // indirect
github.com/mdlayher/watchdog v0.0.0-20221003142519-49be0df7b3b5 // indirect
github.com/spf13/pflag v1.0.5 // indirect
golang.org/x/oauth2 v0.27.0 // indirect
golang.org/x/sys v0.38.0 // indirect
golang.org/x/sys v0.28.0 // indirect
)

24
go.sum
View File

@@ -3,12 +3,10 @@ github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/gokrazy/gokapi v0.0.0-20250222071133-506fdb322775 h1:f5+2UMRRbr3+e/gdWCBNn48chS/KMMljfbmlSSHfRBA=
github.com/gokrazy/gokapi v0.0.0-20250222071133-506fdb322775/go.mod h1:q9mIV8al0wqmqFXJhKiO3SOHkL9/7Q4kIMynqUQWhgU=
github.com/gokrazy/gokrazy v0.0.0-20250222061409-bd0bb5f1d0b5 h1:VQhDGxRliP4ZTQ8+33v4VKtOpX4VzN8pA4zBMZQSSxs=
github.com/gokrazy/gokrazy v0.0.0-20250222061409-bd0bb5f1d0b5/go.mod h1:6fAh0J7aH6o5HWSiwN6uxNlm6Rjx1BxeNMWyNBQZ6sI=
github.com/gokrazy/internal v0.0.0-20251208203110-3c1aa9087c82 h1:4ghNfD9NaZLpFrqQiBF6mPVFeMYXJSky38ubVA4ic2E=
github.com/gokrazy/internal v0.0.0-20251208203110-3c1aa9087c82/go.mod h1:dQY4EMkD4L5ZjYJ0SPtpgYbV7MIUMCxNIXiOfnZ6jP4=
github.com/gokrazy/gokrazy v0.0.0-20230812092215-346db1998f83 h1:Y4sADvUYd/c0eqnqebipHHl0GMpAxOQeTzPnwI4ievM=
github.com/gokrazy/gokrazy v0.0.0-20230812092215-346db1998f83/go.mod h1:9q5Tg+q+YvRjC3VG0gfMFut46dhbhtAnvUEp4lPjc6c=
github.com/gokrazy/internal v0.0.0-20250126213949-423a5b587b57 h1:f5bEvO4we3fbfiBkECrrUgWQ8OH6J3SdB2Dwxid/Yx4=
github.com/gokrazy/internal v0.0.0-20250126213949-423a5b587b57/go.mod h1:SJG1KwuJQXFEoBgryaNCkMbdISyovDgZd0xmXJRZmiw=
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/renameio/v2 v2.0.0 h1:UifI23ZTGY8Tt29JbYFiuyIU3eX+RNFtUwefq9qAhxg=
@@ -33,20 +31,18 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
golang.org/x/crypto v0.0.0-20211215153901-e495a2d5b3d3/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4=
golang.org/x/crypto v0.45.0 h1:jMBrvKuj23MTlT0bQEOBcAE0mjg8mK9RXFhRH6nyF3Q=
golang.org/x/crypto v0.45.0/go.mod h1:XTGrrkGJve7CYK7J8PEww4aY7gM3qMCElcJQ8n8JdX4=
golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
golang.org/x/oauth2 v0.27.0 h1:da9Vo7/tDv5RH/7nZDz1eMGS/q1Vv1N/7FCrBhI9I3M=
golang.org/x/oauth2 v0.27.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.38.0 h1:3yZWxaJjBmCWXqhN1qh02AkOnCQ1poK6oF+a7xWL6Gc=
golang.org/x/sys v0.38.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.37.0 h1:8EGAD0qCmHYZg6J17DvsMy9/wJ7/D/4pV/wfnld5lTU=
golang.org/x/term v0.37.0/go.mod h1:5pB4lxRNYYVZuTLmy8oR2BH8dflOR+IbTYFD8fi3254=
golang.org/x/term v0.27.0 h1:WP60Sv1nlK1T6SupCHbXzSaN0b9wUmsPoRS9b61A23Q=
golang.org/x/term v0.27.0/go.mod h1:iMsnZpn0cago0GOrHO2+Y7u7JPn5AylBrcoWkElMTSM=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

48
ssh.go
View File

@@ -2,12 +2,14 @@ package main
import (
"context"
"errors"
"fmt"
"io"
"log"
"net"
"os"
"os/exec"
"path"
"strconv"
"strings"
"sync"
@@ -21,11 +23,15 @@ import (
"golang.org/x/crypto/ssh"
)
func handleChannel(newChan ssh.NewChannel) {
func handleChannel(newChan ssh.NewChannel, conn *ssh.ServerConn) {
switch t := newChan.ChannelType(); t {
case "session":
handleSession(newChan)
handleSession(newChan, conn)
case "direct-tcpip":
if _, portForwardDenied := conn.Permissions.Extensions["no-port-forwarding"]; portForwardDenied {
newChan.Reject(ssh.Prohibited, "port forwarding is disabled. For you in particular :-P")
return
}
handleTCPIP(newChan)
default:
newChan.Reject(ssh.UnknownChannelType, fmt.Sprintf("unknown channel type: %q", t))
@@ -112,7 +118,7 @@ func handleTCPIP(newChan ssh.NewChannel) {
}()
}
func handleSession(newChannel ssh.NewChannel) {
func handleSession(newChannel ssh.NewChannel, conn *ssh.ServerConn) {
channel, requests, err := newChannel.Accept()
if err != nil {
log.Printf("Could not accept channel (%s)", err)
@@ -120,12 +126,12 @@ func handleSession(newChannel ssh.NewChannel) {
}
// Sessions have out-of-band requests such as "shell", "pty-req" and "env"
go func(channel ssh.Channel, requests <-chan *ssh.Request) {
go func(channel ssh.Channel, requests <-chan *ssh.Request, conn *ssh.ServerConn) {
ctx, canc := context.WithCancel(context.Background())
defer canc()
s := session{channel: channel}
for req := range requests {
if err := s.request(ctx, req); err != nil {
if err := s.request(ctx, req, conn); err != nil {
log.Printf("request(%q): %v", req.Type, err)
errmsg := []byte(err.Error())
// Append a trailing newline; the error message is
@@ -139,7 +145,7 @@ func handleSession(newChannel ssh.NewChannel) {
}
}
log.Printf("requests exhausted")
}(channel, requests)
}(channel, requests, conn)
}
func expandPath(env []string) []string {
@@ -220,31 +226,35 @@ func findShell() string {
// in standard locations (makes Emacs TRAMP work, for example).
if err := installBusybox(); err != nil {
log.Printf("installing busybox failed: %v", err)
// fallthrough
} else {
return "/bin/sh" // available after installation
// fallthrough, we don't return /bin/sh as we read /etc/passwd
}
}
if _, err := exec.LookPath(shell); path.IsAbs(shell) && err == nil {
return shell
}
if path, err := exec.LookPath("bash"); err == nil {
return path
}
if path, err := exec.LookPath("sh"); err == nil {
return path
}
const wellKnownSerialShell = "/tmp/serial-busybox/ash"
if _, err := os.Stat(wellKnownSerialShell); err == nil {
if _, err := exec.LookPath(wellKnownSerialShell); err == nil {
return wellKnownSerialShell
}
return ""
}
func (s *session) request(ctx context.Context, req *ssh.Request) error {
func (s *session) request(ctx context.Context, req *ssh.Request, conn *ssh.ServerConn) error {
switch req.Type {
case "pty-req":
if _, portForwardDenied := conn.Permissions.Extensions["no-pty"]; portForwardDenied {
return errors.New("Pseudo-Terminal is disabled. For you in particular :-P")
}
var r ptyreq
if err := ssh.Unmarshal(req.Payload, &r); err != nil {
return err
}
if r.TERM != "" {
s.env = append(s.env, fmt.Sprintf("TERM=%s", r.TERM))
}
var err error
s.ptyf, s.ttyf, err = pty.Open()
@@ -358,21 +368,25 @@ func (s *session) request(ctx context.Context, req *ssh.Request) error {
// Ensure the $HOME directory exists so that shell history works without
// any extra steps.
if err := os.MkdirAll("/perm/home", 0755); err != nil {
if err := os.MkdirAll(home, 0755); err != nil {
// TODO: Suppress -EROFS
log.Print(err)
}
var cmd *exec.Cmd
if shell := findShell(); shell != "" {
cmd = exec.CommandContext(ctx, shell, "-c", r.Command)
if r.Command == "sh" {
cmd = exec.CommandContext(ctx, shell, "-l")
} else {
cmd = exec.CommandContext(ctx, shell, "-c", r.Command)
}
} else {
cmd = exec.CommandContext(ctx, cmdline[0], cmdline[1:]...)
}
log.Printf("Starting cmd %q", cmd.Args)
env := expandPath(s.env)
env = append(env,
"HOME=/perm/home",
"HOME="+home,
"TMPDIR=/tmp")
cmd.Env = env
cmd.SysProcAttr = &syscall.SysProcAttr{}