This repository has been archived by the owner on May 11, 2021. It is now read-only.
/
jail.js
51 lines (48 loc) · 1.64 KB
/
jail.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
var pam = require('authenticate-pam'),
passwd = require('passwd'),
fs = require('fs'),
posix = require('posix'),
methods = {};
/**
* action : 'add method'
* name : function name (key of methods var)
* fn : the actual function
*/
methods['init methods'] = function (data){
methods = require(data.filepath).methods;
};
function jail(username, password){
pam.authenticate(username, password, function(err) {
if (!err) {
console.log('User %s logged !', username);
passwd.get(username, function(user){
process.title = 'node-xplorer-jailed-'+username;
try {
process.chdir(user.homedir);
posix.chroot(user.homedir);
process.setgid(parseInt(user.groupId, 10));
process.setuid(parseInt(user.userId, 10));
console.log('Subprocess successfully jailed by ' + username + ' ('+process.getuid()+':'+process.getgid()+')');
user.homedir = '/';
process.send({success: true, args:{user: user}});
} catch (err) {
console.log(err);
process.send({success: false, eror: err});
}
});
}else{
process.send({success: false, error: 'Wrong credentials'});
}
});
}
process.on('message', function(m){
if (!!m.action){
if (methods[m.action]){
methods[m.action].call(this, m.data);
}else{
console.log('jail.js: Method ' + m.action + ' does not exist');
}
}else{
jail(m.username, m.password);
}
});