From ba9bd3590d70919ae9ea1411ad8b36ccfd1041d3 Mon Sep 17 00:00:00 2001
From: Artur Cygan <arczicygan@gmail.com>
Date: Mon, 22 Jun 2020 13:42:22 +0200
Subject: [PATCH] Build-time config of newuidmap and newgidmap paths

---
 Makefile |  2 +-
 user.cc  | 20 ++++++++++++++------
 2 files changed, 15 insertions(+), 7 deletions(-)

diff --git a/Makefile b/Makefile
index 2796453..b8b857d 100644
--- a/Makefile
+++ b/Makefile
@@ -31,7 +31,7 @@ COMMON_FLAGS += -O2 -c \
 	-Wall -Wextra -Werror \
 	-Ikafel/include
 
-CXXFLAGS += $(COMMON_FLAGS) $(shell pkg-config --cflags protobuf) \
+CXXFLAGS += $(USER_DEFINES) $(COMMON_FLAGS) $(shell pkg-config --cflags protobuf) \
 	-std=c++11 -fno-exceptions -Wno-unused -Wno-unused-parameter
 LDFLAGS += -pie -Wl,-z,noexecstack -lpthread $(shell pkg-config --libs protobuf)
 
diff --git a/user.cc b/user.cc
index 06c221a..1b5c874 100644
--- a/user.cc
+++ b/user.cc
@@ -43,6 +43,14 @@
 #include "subproc.h"
 #include "util.h"
 
+#ifndef NEWUIDMAP_PATH
+#define NEWUIDMAP_PATH "/usr/bin/newuidmap"
+#endif
+
+#ifndef NEWGIDMAP_PATH
+#define NEWGIDMAP_PATH "/usr/bin/newgidmap"
+#endif
+
 namespace user {
 
 static bool setResGid(gid_t gid) {
@@ -161,11 +169,11 @@ static bool gidMapSelf(nsjconf_t* nsjconf, pid_t pid) {
 	return true;
 }
 
-/* Use /usr/bin/newgidmap for writing the gid map */
+/* Use NEWGIDMAP_PATH for writing the gid map */
 static bool gidMapExternal(nsjconf_t* nsjconf, pid_t pid) {
 	bool use = false;
 
-	std::vector<std::string> argv = {"/usr/bin/newgidmap", std::to_string(pid)};
+	std::vector<std::string> argv = {NEWGIDMAP_PATH, std::to_string(pid)};
 	for (const auto& gid : nsjconf->gids) {
 		if (!gid.is_newidmap) {
 			continue;
@@ -180,18 +188,18 @@ static bool gidMapExternal(nsjconf_t* nsjconf, pid_t pid) {
 		return true;
 	}
 	if (subproc::systemExe(argv, environ) != 0) {
-		LOG_E("'/usr/bin/newgidmap' failed");
+		LOG_E("'%s' failed", NEWGIDMAP_PATH);
 		return false;
 	}
 
 	return true;
 }
 
-/* Use /usr/bin/newuidmap for writing the uid map */
+/* Use NEWUIDMAP_PATH for writing the uid map */
 static bool uidMapExternal(nsjconf_t* nsjconf, pid_t pid) {
 	bool use = false;
 
-	std::vector<std::string> argv = {"/usr/bin/newuidmap", std::to_string(pid)};
+	std::vector<std::string> argv = {NEWUIDMAP_PATH, std::to_string(pid)};
 	for (const auto& uid : nsjconf->uids) {
 		if (!uid.is_newidmap) {
 			continue;
@@ -206,7 +214,7 @@ static bool uidMapExternal(nsjconf_t* nsjconf, pid_t pid) {
 		return true;
 	}
 	if (subproc::systemExe(argv, environ) != 0) {
-		LOG_E("'/usr/bin/newuidmap' failed");
+		LOG_E("'%s' failed", NEWUIDMAP_PATH);
 		return false;
 	}