lidi-clients: option to chroot lidi-receive-file (requires CAP_SYS_CHROOT)

github-af · github-af · commit 2924653072d8 · 2026-03-23T20:23:53.000+01:00
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -28,7 +28,9 @@ jobs:
         run: rustup update
 
       - name: Build release
-        run: just release
+        run: |
+          just release
+          just grant_chroot_receive_file
 
       - name: Gather artifacts
         run: |
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/justfile b/justfile
@@ -7,6 +7,9 @@ release_tcp_mmsg:
 release_tls_native:
     cargo build --release --no-default-features --features from-tls,to-tls,tls,receive-native,send-native
 
+grant_chroot_receive_file:
+    sudo setcap cap_sys_chroot=pe target/release/lidi-receive-file
+
 clean:
     cargo clean
 
diff --git a/lidi-clients/Cargo.toml b/lidi-clients/Cargo.toml
@@ -23,6 +23,11 @@ version = "0"
 optional = true
 default-features = false
 
+[dependencies.libc]
+version = "0"
+default-features = false
+features = [ "std" ]
+
 [dependencies.log]
 version = "0"
 default-features = false
diff --git a/lidi-clients/src/bin/lidi-receive-file.rs b/lidi-clients/src/bin/lidi-receive-file.rs
@@ -1,5 +1,5 @@
 use clap::Parser;
-use std::{net, path};
+use std::{net, os::unix::ffi::OsStrExt, path};
 
 #[derive(clap::Args)]
 #[group(required = true, multiple = false)]
@@ -54,10 +54,12 @@ struct Args {
         help = "Exits after receiving max_files files"
     )]
     max_files: usize,
-    #[clap(long, value_name = "overwrite", help = "Overwrite existing files")]
+    #[clap(long, help = "Overwrite existing files")]
     overwrite: bool,
     #[clap(flatten)]
     tls: lidi_clients::Tls,
+    #[clap(long, help = "Chroot in output directory before receiving files")]
+    chroot: bool,
     #[clap(default_value = ".", help = "Output directory")]
     output_directory: path::PathBuf,
 }
@@ -94,7 +96,41 @@ fn main() {
         tls: args.tls,
     };
 
-    if let Err(e) = lidi_clients::file::receive::receive_files(&config, &args.output_directory) {
+    let output_directory = if args.chroot {
+        let mut bytes_output_directory = Vec::from(args.output_directory.as_os_str().as_bytes());
+        bytes_output_directory.push(0);
+
+        let c_output_directory = match std::ffi::CString::from_vec_with_nul(bytes_output_directory)
+        {
+            Ok(res) => res,
+            Err(e) => {
+                log::error!(
+                    "failed to convert output directory to C string {}: {e}",
+                    args.output_directory.display()
+                );
+                std::process::exit(1);
+            }
+        };
+
+        if unsafe { libc::chroot(c_output_directory.as_ptr()) } != 0 {
+            let err_str =
+                unsafe { std::ffi::CStr::from_ptr(libc::strerror(*libc::__errno_location())) }
+                    .to_string_lossy();
+            log::error!(
+                "failed to chroot in {}: {err_str}",
+                args.output_directory.display()
+            );
+            std::process::exit(1);
+        }
+
+        log::info!("chrooted in {}", args.output_directory.display());
+
+        path::PathBuf::from("/")
+    } else {
+        args.output_directory
+    };
+
+    if let Err(e) = lidi_clients::file::receive::receive_files(&config, &output_directory) {
         log::error!("{e}");
     }
 }
