From 8bad3e214eaf1580ded8cd4aff92b016a15fa55c Mon Sep 17 00:00:00 2001
From: Pat Riehecky <riehecky@fnal.gov>
Date: Thu, 30 May 2024 12:00:44 -0500
Subject: [PATCH 1/2] Drop comments from iwyu since they don't align well with
 clang-format

---
 .clang-format                   | 18 +++++++---------
 .gitignore                      |  1 +
 src/C/client-keytab-name.c      |  6 +++---
 src/C/init-kcron-keytab.c       | 38 +++++++++++++++------------------
 src/C/kcron_caps.h              | 17 ++++++---------
 src/C/kcron_empty_keytab_file.h |  4 ++--
 src/C/kcron_filename.h          |  9 ++++----
 src/C/kcron_landlock.h          | 11 +++++-----
 src/C/kcron_seccomp.h           |  8 +++----
 src/C/kcron_setup.h             | 17 +++++++--------
 10 files changed, 60 insertions(+), 69 deletions(-)

diff --git a/.clang-format b/.clang-format
index e38795d..043bec7 100644
--- a/.clang-format
+++ b/.clang-format
@@ -1,12 +1,10 @@
 ---
-BasedOnStyle:  LLVM
-AlignTrailingComments:	true
-AllowShortIfStatementsOnASingleLine:	false
-AllowShortLoopsOnASingleLine:	false
-BreakBeforeBraces:	Attach
-ColumnLimit:     160
+BasedOnStyle: LLVM
+AlignTrailingComments: true
+AllowShortIfStatementsOnASingleLine: false
+AllowShortLoopsOnASingleLine: false
+BreakBeforeBraces: Attach
+ColumnLimit: 240
 Cpp11BracedListStyle: true
-Standard:        Cpp11
-UseTab:          Never
-...
-
+Standard: Cpp11
+UseTab: Never
diff --git a/.gitignore b/.gitignore
index 4905d1a..7eabd5d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,4 @@ kcron.tar.gz
 *.swp
 RPMS
 SRPMS
+src/C/autoconf.h
diff --git a/src/C/client-keytab-name.c b/src/C/client-keytab-name.c
index 0db4597..abc2317 100644
--- a/src/C/client-keytab-name.c
+++ b/src/C/client-keytab-name.c
@@ -44,10 +44,10 @@
 #define __PROGRAM_NAME "client-keytab-name"
 #endif
 
-#include <stdio.h>  /* for fprintf, stderr, NULL, etc   */
-#include <stdlib.h> /* for free, EXIT_FAILURE, etc      */
+#include <stdio.h>
+#include <stdlib.h>
 
-#include "kcron_filename.h" /* for get_filename                 */
+#include "kcron_filename.h"
 
 int main(void) {
 
diff --git a/src/C/init-kcron-keytab.c b/src/C/init-kcron-keytab.c
index 3560129..cc50402 100644
--- a/src/C/init-kcron-keytab.c
+++ b/src/C/init-kcron-keytab.c
@@ -44,23 +44,21 @@
 #define __PROGRAM_NAME "init-kcron-keytab"
 #endif
 
-#include <dirent.h>    /* for dirfd                          */
-#include <fcntl.h>     /* for openat, O_WRONLY               */
-#include <libgen.h>    /* for dirname                        */
-#include <stdio.h>     /* for fprintf, stderr, NULL, etc     */
-#include <stdlib.h>    /* for free, EXIT_FAILURE, etc        */
-#include <sys/stat.h>  /* for S_IRWXU, stat, S_IXGRP, etc    */
-#include <sys/types.h> /* for uid_t, gid_t, etc              */
-#include <unistd.h>    /* for getuid, fchown, fchmod         */
-
-#include "kcron_caps.h"              /* for disable_capabilities, etc      */
-#include "kcron_empty_keytab_file.h" /* for write_empty_keytab             */
-#include "kcron_filename.h"          /* for get_filename                   */
-#include "kcron_setup.h"             /* for harden_runtime                 */
-
-#if USE_CAPABILITIES == 1
-#include <sys/capability.h> /* for CAP_CHOWN, CAP_FOWNER,etc      */
-#endif
+#include "autoconf.h"
+
+#include <dirent.h>
+#include <fcntl.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/capability.h>
+#include <sys/stat.h>
+#include <sys/types.h>
+#include <unistd.h>
+
+#include "kcron_caps.h"
+#include "kcron_empty_keytab_file.h"
+#include "kcron_filename.h"
+#include "kcron_setup.h"
 
 #ifndef _0600
 #define _0600 S_IRUSR | S_IWUSR
@@ -69,8 +67,7 @@
 #define _0700 S_IRWXU
 #endif
 
-static int mkdir_if_missing(const char *dir, uid_t owner, gid_t group, mode_t mode) __attribute__((nonnull(1))) __attribute__((access(read_only, 1)))
-__attribute__((warn_unused_result));
+static int mkdir_if_missing(const char *dir, uid_t owner, gid_t group, mode_t mode) __attribute__((nonnull(1))) __attribute__((access(read_only, 1))) __attribute__((warn_unused_result));
 static int mkdir_if_missing(const char *dir, uid_t owner, gid_t group, mode_t mode) {
 
 #if USE_CAPABILITIES == 1
@@ -194,8 +191,7 @@ static int mkdir_if_missing(const char *dir, uid_t owner, gid_t group, mode_t mo
   return 0;
 }
 
-static int chown_chmod_keytab(int filedescriptor, const char *keytab) __attribute__((nonnull(2))) __attribute__((access(read_only, 2)))
-__attribute__((warn_unused_result));
+static int chown_chmod_keytab(int filedescriptor, const char *keytab) __attribute__((nonnull(2))) __attribute__((access(read_only, 2))) __attribute__((warn_unused_result));
 static int chown_chmod_keytab(int filedescriptor, const char *keytab) {
 
 #if USE_CAPABILITIES == 1
diff --git a/src/C/kcron_caps.h b/src/C/kcron_caps.h
index c25d612..aedd118 100644
--- a/src/C/kcron_caps.h
+++ b/src/C/kcron_caps.h
@@ -43,10 +43,10 @@
 
 #if USE_CAPABILITIES == 1
 
-#include <stdio.h>          /* for fprintf, stderr, etc      */
-#include <stdlib.h>         /* for EXIT_FAILURE              */
-#include <sys/capability.h> /* for cap_t, cap_get_proc, etc  */
-#include <sys/types.h>      /* for cap_t, etc                */
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/capability.h>
+#include <sys/types.h>
 
 int disable_capabilities(void) __attribute__((flatten)) __attribute__((hot));
 int disable_capabilities(void) {
@@ -65,8 +65,7 @@ int disable_capabilities(void) {
   return 0;
 }
 
-static void print_cap_error(const char *mode, const cap_value_t expected_cap[], const int num_caps) __attribute__((nonnull(1)))
-__attribute__((access(read_only, 1))) __attribute__((flatten));
+static void print_cap_error(const char *mode, const cap_value_t expected_cap[], const int num_caps) __attribute__((nonnull(1))) __attribute__((access(read_only, 1))) __attribute__((flatten));
 static void print_cap_error(const char *mode, const cap_value_t expected_cap[], const int num_caps) {
   (void)fprintf(stderr, "%s: Unable to set CAPABILITIES %s\n", __PROGRAM_NAME, mode);
   (void)fprintf(stderr, "%s: Requested CAPABILITIES %s %i:\n", __PROGRAM_NAME, mode, num_caps);
@@ -75,8 +74,7 @@ static void print_cap_error(const char *mode, const cap_value_t expected_cap[],
   }
 }
 
-int enable_capabilities(const cap_value_t expected_cap[], const int num_caps) __attribute__((nonnull(1))) __attribute__((warn_unused_result))
-__attribute__((flatten)) __attribute__((hot));
+int enable_capabilities(const cap_value_t expected_cap[], const int num_caps) __attribute__((nonnull(1))) __attribute__((warn_unused_result)) __attribute__((flatten)) __attribute__((hot));
 int enable_capabilities(const cap_value_t expected_cap[], const int num_caps) {
   cap_t capabilities = cap_get_proc();
 
@@ -126,8 +124,7 @@ int disable_capabilities(void) {
   return 0;
 }
 
-int enable_capabilities(const cap_value_t expected_cap[], const int num_caps) __attribute__((nonnull(1))) __attribute__((warn_unused_result))
-__attribute__((flatten));
+int enable_capabilities(const cap_value_t expected_cap[], const int num_caps) __attribute__((nonnull(1))) __attribute__((warn_unused_result)) __attribute__((flatten));
 int enable_capabilities(const cap_value_t expected_cap[], const int num_caps) {
   DTRACE_PROBE1(__PROGRAM_NAME, "cap-set-flag-permitted", 2);
   DTRACE_PROBE1(__PROGRAM_NAME, "cap-set-flag-effective", 2);
diff --git a/src/C/kcron_empty_keytab_file.h b/src/C/kcron_empty_keytab_file.h
index 5ec9d8c..c67176c 100644
--- a/src/C/kcron_empty_keytab_file.h
+++ b/src/C/kcron_empty_keytab_file.h
@@ -41,8 +41,8 @@
 #ifndef KCRON_EMPTY_KEYTAB_FILE_H
 #define KCRON_EMPTY_KEYTAB_FILE_H 1
 
-#include <stdio.h>  /* for fprintf, stderr, NULL, etc   */
-#include <stdlib.h> /* for EXIT_FAILURE                 */
+#include <stdio.h>
+#include <stdlib.h>
 
 int write_empty_keytab(int filedescriptor) __attribute__((warn_unused_result));
 int write_empty_keytab(int filedescriptor) {
diff --git a/src/C/kcron_filename.h b/src/C/kcron_filename.h
index c2f2752..106a0f6 100644
--- a/src/C/kcron_filename.h
+++ b/src/C/kcron_filename.h
@@ -41,12 +41,11 @@
 #ifndef KCRON_FILENAME_H
 #define KCRON_FILENAME_H 1
 
-#include <stdio.h>  /* for calloc, fprintf, snprintf        */
-#include <stdlib.h> /* for EXIT_FAILURE                     */
-#include <unistd.h> /* for getuid                           */
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
 
-int get_client_dirname(char *keytab_dir) __attribute__((nonnull(1))) __attribute__((access(read_write, 1))) __attribute__((warn_unused_result))
-__attribute__((flatten));
+int get_client_dirname(char *keytab_dir) __attribute__((nonnull(1))) __attribute__((access(read_write, 1))) __attribute__((warn_unused_result)) __attribute__((flatten));
 int get_client_dirname(char *keytab_dir) {
 
   const char *nullpointer = NULL;
diff --git a/src/C/kcron_landlock.h b/src/C/kcron_landlock.h
index 99a0b90..574d712 100644
--- a/src/C/kcron_landlock.h
+++ b/src/C/kcron_landlock.h
@@ -41,11 +41,12 @@
 #ifndef KCRON_LANDLOCK_H
 #define KCRON_LANDLOCK_H 1
 
-#include <stdio.h>  /* for fprintf, stderr, NULL, etc     */
-#include <stdlib.h> /* for free, EXIT_FAILURE, etc        */
+#include <libgen.h>
+#include <stdio.h>
+#include <stdlib.h>
 
-#include <linux/landlock.h> /* Definition of LANDLOCK_* constants */
-#include <sys/syscall.h>    /* for  SYS_* constants               */
+#include <linux/landlock.h>
+#include <sys/syscall.h>
 
 void set_kcron_landlock(void) __attribute__((flatten));
 void set_kcron_landlock(void) {
@@ -93,7 +94,7 @@ void set_kcron_landlock(void) {
       exit(EXIT_FAILURE);
     }
 
-    path_beneath.parent_fd = open(client_keytab_dirname, O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
+    path_beneath.parent_fd = open(dirname(client_keytab_dirname), O_RDONLY | O_NOFOLLOW | O_CLOEXEC);
     if (path_beneath.parent_fd < 0) {
       (void)fprintf(stderr, "%s: landlock could not find %s?\n", __PROGRAM_NAME, client_keytab_dirname);
       (void)free(client_keytab_dirname);
diff --git a/src/C/kcron_seccomp.h b/src/C/kcron_seccomp.h
index 9a8cc7c..05c3786 100644
--- a/src/C/kcron_seccomp.h
+++ b/src/C/kcron_seccomp.h
@@ -41,11 +41,11 @@
 #ifndef KCRON_SECCOMP_H
 #define KCRON_SECCOMP_H 1
 
-#include <seccomp.h> /* libseccomp                  */
-#include <stdio.h>   /* for fprintf, stderr, NULL   */
-#include <stdlib.h>  /* for EXIT_FAILURE            */
+#include <seccomp.h>
+#include <stdio.h>
+#include <stdlib.h>
 
-#include <sys/stat.h> /* for S_IRUSR, S_IWUSR, stat, etc  */
+#include <sys/stat.h>
 
 #ifndef _0600
 #define _0600 S_IRUSR | S_IWUSR
diff --git a/src/C/kcron_setup.h b/src/C/kcron_setup.h
index 3c11182..6912ec6 100644
--- a/src/C/kcron_setup.h
+++ b/src/C/kcron_setup.h
@@ -41,21 +41,21 @@
 #ifndef KCRON_SETUP_H
 #define KCRON_SETUP_H 1
 
-#include <stdio.h>        /* for fprintf, fwrite, stderr, etc */
-#include <stdlib.h>       /* for EXIT_SUCCESS, EXIT_FAILURE   */
-#include <sys/prctl.h>    /* for prctl, PR_SET_DUMPABLE       */
-#include <sys/ptrace.h>   /* for ptrace                       */
-#include <sys/resource.h> /* for rlimit, RLIMIT_              */
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/prctl.h>
+#include <sys/ptrace.h>
+#include <sys/resource.h>
 
 #if USE_SECCOMP == 1
-#include "kcron_seccomp.h" /* for set_kcron_seccomp            */
+#include "kcron_seccomp.h"
 #endif
 
 #if USE_LANDLOCK == 1
-#include "kcron_landlock.h" /* for set_kcron_landlock           */
+#include "kcron_landlock.h"
 #endif
 
-#include "kcron_caps.h" /* for disable_capabilities         */
+#include "kcron_caps.h"
 
 int set_kcron_ulimits(void) __attribute__((warn_unused_result)) __attribute__((flatten));
 int set_kcron_ulimits(void) {
@@ -156,5 +156,4 @@ void harden_runtime(void) {
     exit(EXIT_FAILURE);
   }
 }
-
 #endif

From fbc3b28bc5097b9361bef09b06a61316b82f08dd Mon Sep 17 00:00:00 2001
From: Pat Riehecky <riehecky@fnal.gov>
Date: Thu, 30 May 2024 12:13:03 -0500
Subject: [PATCH 2/2] Add missing permission to create files

---
 src/C/kcron_landlock.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/C/kcron_landlock.h b/src/C/kcron_landlock.h
index 574d712..1de0565 100644
--- a/src/C/kcron_landlock.h
+++ b/src/C/kcron_landlock.h
@@ -67,7 +67,7 @@ void set_kcron_landlock(void) {
   };
 
   struct landlock_path_beneath_attr path_beneath = {
-      .allowed_access = LANDLOCK_ACCESS_FS_WRITE_FILE | LANDLOCK_ACCESS_FS_READ_FILE | LANDLOCK_ACCESS_FS_READ_DIR | LANDLOCK_ACCESS_FS_MAKE_DIR,
+      .allowed_access = LANDLOCK_ACCESS_FS_WRITE_FILE | LANDLOCK_ACCESS_FS_READ_FILE | LANDLOCK_ACCESS_FS_READ_DIR | LANDLOCK_ACCESS_FS_MAKE_DIR | LANDLOCK_ACCESS_FS_MAKE_FILE,
   };
 
   /* verify memory can be allocated */