ssh/tailssh: start login shell, fix arg passing, width/height mismatch

Updates #3802

Change-Id: I137d7a79195ee86d5dd7c8999f2797fc3cb57cec
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick 2022-03-10 15:55:06 -08:00 committed by Brad Fitzpatrick
parent efc48b0578
commit 1dd5cf62a5

View File

@ -69,11 +69,14 @@ func newIncubatorCommand(ctx context.Context, ci *sshConnInfo, lu *user.User, ta
"--remote-user=" + remoteUser, "--remote-user=" + remoteUser,
"--remote-ip=" + ci.src.IP().String(), "--remote-ip=" + ci.src.IP().String(),
"--cmd=" + name, "--cmd=" + name,
"--has-tty=false", // updated in-place by startWithPTY
"--tty-name=", // updated in-place by startWithPTY
}
if len(args) > 0 {
incubatorArgs = append(incubatorArgs, "--")
incubatorArgs = append(incubatorArgs, args...)
} }
if len(args) > 0 {
incubatorArgs = append(incubatorArgs, fmt.Sprintf("--cmd-args=%q", strings.Join(args, " ")))
}
return exec.CommandContext(ctx, tailscaled, incubatorArgs...) return exec.CommandContext(ctx, tailscaled, incubatorArgs...)
} }
@ -97,11 +100,12 @@ func beIncubator(args []string) error {
ttyName = flags.String("tty-name", "", "the tty name (pts/3)") ttyName = flags.String("tty-name", "", "the tty name (pts/3)")
hasTTY = flags.Bool("has-tty", false, "is the output attached to a tty") hasTTY = flags.Bool("has-tty", false, "is the output attached to a tty")
cmdName = flags.String("cmd", "", "the cmd to launch") cmdName = flags.String("cmd", "", "the cmd to launch")
cmdArgs = flags.String("cmd-args", "", "the args for cmd")
) )
if err := flags.Parse(args); err != nil { if err := flags.Parse(args); err != nil {
return err return err
} }
cmdArgs := flags.Args()
logf := logger.Discard logf := logger.Discard
if debugIncubator { if debugIncubator {
// We don't own stdout or stderr, so the only place we can log is syslog. // We don't own stdout or stderr, so the only place we can log is syslog.
@ -125,12 +129,7 @@ func beIncubator(args []string) error {
} }
} }
var cArgs []string cmd := exec.Command(*cmdName, cmdArgs...)
if *cmdArgs != "" {
cArgs = strings.Split(*cmdArgs, " ")
}
cmd := exec.Command(*cmdName, cArgs...)
cmd.Stdin = os.Stdin cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr cmd.Stderr = os.Stderr
@ -158,7 +157,9 @@ func (srv *server) launchProcess(ctx context.Context, s ssh.Session, ci *sshConn
shell := loginShell(lu.Uid) shell := loginShell(lu.Uid)
var args []string var args []string
if rawCmd := s.RawCommand(); rawCmd != "" { if rawCmd := s.RawCommand(); rawCmd != "" {
args = []string{"-c", rawCmd} args = append(args, "-c", rawCmd)
} else {
args = append(args, "-l") // login shell
} }
ptyReq, winCh, isPty := s.Pty() ptyReq, winCh, isPty := s.Pty()
@ -209,8 +210,8 @@ func startWithPTY(cmd *exec.Cmd, ptyReq ssh.Pty) (ptyFile *os.File, err error) {
} }
}() }()
if err = pty.Setsize(ptyFile, &pty.Winsize{ if err = pty.Setsize(ptyFile, &pty.Winsize{
Rows: uint16(ptyReq.Window.Width), Rows: uint16(ptyReq.Window.Height),
Cols: uint16(ptyReq.Window.Height), Cols: uint16(ptyReq.Window.Width),
}); err != nil { }); err != nil {
err = fmt.Errorf("pty.Setsize: %w", err) err = fmt.Errorf("pty.Setsize: %w", err)
return return
@ -219,10 +220,11 @@ func startWithPTY(cmd *exec.Cmd, ptyReq ssh.Pty) (ptyFile *os.File, err error) {
Setctty: true, Setctty: true,
Setsid: true, Setsid: true,
} }
cmd.Args = append(cmd.Args, "--has-tty=true") updateStringInSlice(cmd.Args, "--has-tty=false", "--has-tty=true")
if ptyName, err := ptyName(ptyFile); err == nil { if ptyName, err := ptyName(ptyFile); err == nil {
cmd.Args = append(cmd.Args, "--tty-name="+ptyName) updateStringInSlice(cmd.Args, "--tty-name=", "--tty-name="+ptyName)
} }
if ptyReq.Term != "" { if ptyReq.Term != "" {
cmd.Env = append(cmd.Env, fmt.Sprintf("TERM=%s", ptyReq.Term)) cmd.Env = append(cmd.Env, fmt.Sprintf("TERM=%s", ptyReq.Term))
} }
@ -286,3 +288,14 @@ func envForUser(u *user.User) []string {
fmt.Sprintf("HOME=" + u.HomeDir), fmt.Sprintf("HOME=" + u.HomeDir),
} }
} }
// updateStringInSlice mutates ss to change the first occurrence of a
// to b.
func updateStringInSlice(ss []string, a, b string) {
for i, s := range ss {
if s == a {
ss[i] = b
return
}
}
}