all: add permcheck, client fix; imp chlog

2024-10-02 18:24:07 +03:00
parent 8cb5781770
commit e8fd4b1872
40 changed files with 885 additions and 91 deletions
--- a/internal/permcheck/migrate.go
+++ b/internal/permcheck/migrate.go
@@ -0,0 +1,93 @@
+package permcheck
+
+import (
+	"io/fs"
+	"os"
+	"path/filepath"
+
+	"github.com/AdguardTeam/AdGuardHome/internal/aghos"
+	"github.com/AdguardTeam/golibs/errors"
+	"github.com/AdguardTeam/golibs/log"
+)
+
+// NeedsMigration returns true if AdGuard Home files need permission migration.
+//
+// TODO(a.garipov):  Consider ways to detect this better.
+func NeedsMigration(confFilePath string) (ok bool) {
+	s, err := os.Stat(confFilePath)
+	if err != nil {
+		if errors.Is(err, os.ErrNotExist) {
+			// Likely a first run.  Don't check.
+			return false
+		}
+
+		log.Error("permcheck: checking if files need migration: %s", err)
+
+		// Unexpected error.  Try to migrate just in case.
+		return true
+	}
+
+	return s.Mode().Perm() != aghos.DefaultPermFile
+}
+
+// Migrate attempts to change the permissions of AdGuard Home's files.  It logs
+// the results at an appropriate level.
+func Migrate(workDir, dataDir, statsDir, querylogDir, confFilePath string) {
+	chmodDir(workDir)
+
+	chmodFile(confFilePath)
+
+	// TODO(a.garipov): Put all paths in one place and remove this duplication.
+	chmodDir(dataDir)
+	chmodDir(filepath.Join(dataDir, "filters"))
+	chmodFile(filepath.Join(dataDir, "sessions.db"))
+	chmodFile(filepath.Join(dataDir, "leases.json"))
+
+	if dataDir != querylogDir {
+		chmodDir(querylogDir)
+	}
+	chmodFile(filepath.Join(querylogDir, "querylog.json"))
+	chmodFile(filepath.Join(querylogDir, "querylog.json.1"))
+
+	if dataDir != statsDir {
+		chmodDir(statsDir)
+	}
+	chmodFile(filepath.Join(statsDir, "stats.db"))
+}
+
+// chmodDir changes the permissions of a single directory.  The results are
+// logged at the appropriate level.
+func chmodDir(dirPath string) {
+	chmodPath(dirPath, typeDir, aghos.DefaultPermDir)
+}
+
+// chmodFile changes the permissions of a single file.  The results are logged
+// at the appropriate level.
+func chmodFile(filePath string) {
+	chmodPath(filePath, typeFile, aghos.DefaultPermFile)
+}
+
+// chmodPath changes the permissions of a single filesystem entity.  The results
+// are logged at the appropriate level.
+func chmodPath(entPath, fileType string, fm fs.FileMode) {
+	err := os.Chmod(entPath, fm)
+	if err == nil {
+		log.Info("permcheck: changed permissions for %s %q", fileType, entPath)
+
+		return
+	} else if errors.Is(err, os.ErrNotExist) {
+		log.Debug("permcheck: changing permissions for %s %q: %s", fileType, entPath, err)
+
+		return
+	}
+
+	log.Error(
+		"permcheck: SECURITY WARNING: cannot change permissions for %s %q to %#o: %s; "+
+			"this can leave your system vulnerable, see "+
+			"https://adguard-dns.io/kb/adguard-home/running-securely/#os-service-concerns",
+		fileType,
+		entPath,
+		fm,
+		err,
+	)
+}
--- a/internal/permcheck/permcheck.go
+++ b/internal/permcheck/permcheck.go
@@ -0,0 +1,86 @@
+// Package permcheck contains code for simplifying permissions checks on files
+// and directories.
+//
+// TODO(a.garipov):  Improve the approach on Windows.
+package permcheck
+
+import (
+	"io/fs"
+	"os"
+	"path/filepath"
+
+	"github.com/AdguardTeam/AdGuardHome/internal/aghos"
+	"github.com/AdguardTeam/golibs/errors"
+	"github.com/AdguardTeam/golibs/log"
+)
+
+// File type constants for logging.
+const (
+	typeDir  = "directory"
+	typeFile = "file"
+)
+
+// Check checks the permissions on important files.  It logs the results at
+// appropriate levels.
+func Check(workDir, dataDir, statsDir, querylogDir, confFilePath string) {
+	checkDir(workDir)
+
+	checkFile(confFilePath)
+
+	// TODO(a.garipov): Put all paths in one place and remove this duplication.
+	checkDir(dataDir)
+	checkDir(filepath.Join(dataDir, "filters"))
+	checkFile(filepath.Join(dataDir, "sessions.db"))
+	checkFile(filepath.Join(dataDir, "leases.json"))
+
+	if dataDir != querylogDir {
+		checkDir(querylogDir)
+	}
+	checkFile(filepath.Join(querylogDir, "querylog.json"))
+	checkFile(filepath.Join(querylogDir, "querylog.json.1"))
+
+	if dataDir != statsDir {
+		checkDir(statsDir)
+	}
+	checkFile(filepath.Join(statsDir, "stats.db"))
+}
+
+// checkDir checks the permissions of a single directory.  The results are
+// logged at the appropriate level.
+func checkDir(dirPath string) {
+	checkPath(dirPath, typeDir, aghos.DefaultPermDir)
+}
+
+// checkFile checks the permissions of a single file.  The results are logged at
+// the appropriate level.
+func checkFile(filePath string) {
+	checkPath(filePath, typeFile, aghos.DefaultPermFile)
+}
+
+// checkPath checks the permissions of a single filesystem entity.  The results
+// are logged at the appropriate level.
+func checkPath(entPath, fileType string, want fs.FileMode) {
+	s, err := os.Stat(entPath)
+	if err != nil {
+		logFunc := log.Error
+		if errors.Is(err, os.ErrNotExist) {
+			logFunc = log.Debug
+		}
+
+		logFunc("permcheck: checking %s %q: %s", fileType, entPath, err)
+
+		return
+	}
+
+	// TODO(a.garipov): Add a more fine-grained check and result reporting.
+	perm := s.Mode().Perm()
+	if perm != want {
+		log.Info(
+			"permcheck: SECURITY WARNING: %s %q has unexpected permissions %#o; want %#o",
+			fileType,
+			entPath,
+			perm,
+			want,
+		)
+	}
+}