Fix prepare-dirs permission exploit

refs #5793

diff --git a/etc/initsystem/icinga2.sysconfig.cmake b/etc/initsystem/icinga2.sysconfig.cmake
index e7fa54bafbf0f64550764e10c728de88d072c046..7daf305be5cfa0af679aa044f27b633dc6e0e328 100644 (file)
--- a/etc/initsystem/icinga2.sysconfig.cmake
+++ b/etc/initsystem/icinga2.sysconfig.cmake
@@ -3,9 +3,10 @@ ICINGA2_CONFIG_FILE=@CMAKE_INSTALL_FULL_SYSCONFDIR@/icinga2/icinga2.conf
 ICINGA2_RUN_DIR=@ICINGA2_RUNDIR@
 ICINGA2_STATE_DIR=@CMAKE_INSTALL_FULL_LOCALSTATEDIR@
 ICINGA2_PID_FILE=$ICINGA2_RUN_DIR/icinga2/icinga2.pid
-ICINGA2_ERROR_LOG=@CMAKE_INSTALL_FULL_LOCALSTATEDIR@/log/icinga2/error.log
-ICINGA2_STARTUP_LOG=@CMAKE_INSTALL_FULL_LOCALSTATEDIR@/log/icinga2/startup.log
-ICINGA2_LOG=@CMAKE_INSTALL_FULL_LOCALSTATEDIR@/log/icinga2/icinga2.log
+ICINGA2_LOG_DIR=@CMAKE_INSTALL_FULL_LOCALSTATEDIR@/log/icinga2
+ICINGA2_ERROR_LOG=$ICINGA2_LOG_DIR/error.log
+ICINGA2_STARTUP_LOG=$ICINGA2_LOG_DIR/startup.log
+ICINGA2_LOG=$ICINGA2_LOG_DIR/icinga2.log
 ICINGA2_CACHE_DIR=$ICINGA2_STATE_DIR/cache/icinga2
 ICINGA2_USER=@ICINGA2_USER@
 ICINGA2_GROUP=@ICINGA2_GROUP@

diff --git a/etc/initsystem/prepare-dirs b/etc/initsystem/prepare-dirs
index 5d67d476d73f00a688c8a67fb8a37da3ef7583d1..799e3226f8acfbf1e2eedbdccd9ad51ef643dda8 100644 (file)
--- a/etc/initsystem/prepare-dirs
+++ b/etc/initsystem/prepare-dirs
@@ -29,33 +29,28 @@ getent passwd $ICINGA2_USER >/dev/null 2>&1 || (echo "Icinga user '$ICINGA2_USER
 getent group $ICINGA2_GROUP >/dev/null 2>&1 || (echo "Icinga group '$ICINGA2_GROUP' does not exist. Exiting." && exit 6)
 getent group $ICINGA2_COMMAND_GROUP >/dev/null 2>&1 || (echo "Icinga command group '$ICINGA2_COMMAND_GROUP' does not exist. Exiting." && exit 6)
 
-mkdir -p $(dirname -- $ICINGA2_PID_FILE)
-chown $ICINGA2_USER:$ICINGA2_COMMAND_GROUP $(dirname -- $ICINGA2_PID_FILE)
-if [ -f $ICINGA2_PID_FILE ]; then
-       chown $ICINGA2_USER:$ICINGA2_GROUP $ICINGA2_PID_FILE
+if [ ! -e "$ICINGA2_RUN_DIR"/icinga2 ]; then
+       mkdir "$ICINGA2_RUN_DIR"/icinga2
+       mkdir "$ICINGA2_RUN_DIR"/icinga2/cmd
+       chmod 755 "$ICINGA2_RUN_DIR"/icinga2
+       chmod 2750 "$ICINGA2_RUN_DIR"/icinga2/cmd
+       chown -R $ICINGA2_USER:$ICINGA2_COMMAND_GROUP "$ICINGA2_RUN_DIR"/icinga2
 fi
 
-mkdir -p $(dirname -- $ICINGA2_ERROR_LOG)
-chown $ICINGA2_USER:$ICINGA2_COMMAND_GROUP $(dirname -- $ICINGA2_ERROR_LOG)
-chmod 750 $(dirname -- $ICINGA2_ERROR_LOG)
-if [ -f $ICINGA2_ERROR_LOG ]; then
-       chown $ICINGA2_USER:$ICINGA2_COMMAND_GROUP $ICINGA2_ERROR_LOG
-fi
-if [ -f $ICINGA2_LOG ]; then
-       chown $ICINGA2_USER:$ICINGA2_COMMAND_GROUP $ICINGA2_LOG
+# Could be undefined in installations where sysconf is not overridden on upgrade
+if [ -z "$ICINGA2_LOG_DIR" ]; then
+       $ICINGA2_LOG_DIR=$(dirname -- "$ICINGA2_LOG")
 fi
 
-mkdir -p $ICINGA2_RUN_DIR/icinga2/cmd
-chown $ICINGA2_USER:$ICINGA2_COMMAND_GROUP $ICINGA2_RUN_DIR/icinga2/cmd
+test -e "$ICINGA2_LOG_DIR" || install -m 750 -o $ICINGA2_USER -g $ICINGA2_COMMAND_GROUP -d "$ICINGA2_LOG_DIR"
+
 if type restorecon >/dev/null 2>&1; then
-       restorecon -R $ICINGA2_RUN_DIR/icinga2/
+       restorecon -R "$ICINGA2_RUN_DIR"/icinga2/
 fi
-chmod 2750 $ICINGA2_RUN_DIR/icinga2/cmd
 
 # Add a fallback if the user did not specify this directory in the sysconfig file
 if [ -z "$ICINGA2_CACHE_DIR" ]; then
-       ICINGA2_CACHE_DIR=$ICINGA2_STATE_DIR/cache/icinga2
+       ICINGA2_CACHE_DIR="$ICINGA2_STATE_DIR"/cache/icinga2
 fi
-mkdir -p $ICINGA2_CACHE_DIR
-chown $ICINGA2_USER:$ICINGA2_GROUP $ICINGA2_CACHE_DIR
-chmod 750 $ICINGA2_CACHE_DIR
+
+test -e "$ICINGA2_CACHE_DIR" || install -m 750 -o $ICINGA2_USER -g $ICINGA2_COMMAND_GROUP -d "$ICINGA2_CACHE_DIR"