]>
Commit | Line | Data |
---|---|---|
ef416fc2 | 1 | /* |
75bd9771 | 2 | * "$Id: process.c 7256 2008-01-25 00:48:54Z mike $" |
ef416fc2 | 3 | * |
cc754834 | 4 | * Process management routines for the CUPS scheduler. |
ef416fc2 | 5 | * |
5a6b583a | 6 | * Copyright 2007-2010 by Apple Inc. |
f7deaa1a | 7 | * Copyright 1997-2007 by Easy Software Products, all rights reserved. |
ef416fc2 | 8 | * |
9 | * These coded instructions, statements, and computer programs are the | |
bc44d920 | 10 | * property of Apple Inc. and are protected by Federal copyright |
11 | * law. Distribution and use rights are outlined in the file "LICENSE.txt" | |
12 | * which should have been included with this file. If this file is | |
13 | * file is missing or damaged, see the license at "http://www.cups.org/". | |
ef416fc2 | 14 | * |
15 | * Contents: | |
16 | * | |
a4924f6c MS |
17 | * cupsdCreateProfile() - Create an execution profile for a subprocess. |
18 | * cupsdDestroyProfile() - Delete an execution profile. | |
19 | * cupsdEndProcess() - End a process. | |
20 | * cupsdFinishProcess() - Finish a process and get its name. | |
21 | * cupsdStartProcess() - Start a process. | |
22 | * compare_procs() - Compare two processes. | |
23 | * cupsd_requote() - Make a regular-expression version of a string. | |
ef416fc2 | 24 | */ |
25 | ||
26 | /* | |
27 | * Include necessary headers... | |
28 | */ | |
29 | ||
30 | #include "cupsd.h" | |
31 | #include <grp.h> | |
a4924f6c | 32 | #ifdef __APPLE__ |
4400e98d | 33 | # include <libgen.h> |
6d2f911b | 34 | #endif /* __APPLE__ */ |
a4924f6c MS |
35 | #ifdef HAVE_SANDBOX_H |
36 | # define __APPLE_API_PRIVATE | |
37 | # include <sandbox.h> | |
38 | #endif /* HAVE_SANDBOX_H */ | |
ef416fc2 | 39 | |
40 | ||
e00b005a | 41 | /* |
42 | * Process structure... | |
43 | */ | |
44 | ||
45 | typedef struct | |
46 | { | |
b9faaae1 MS |
47 | int pid, /* Process ID */ |
48 | job_id; /* Job associated with process */ | |
e00b005a | 49 | char name[1]; /* Name of process */ |
50 | } cupsd_proc_t; | |
51 | ||
52 | ||
53 | /* | |
54 | * Local globals... | |
55 | */ | |
56 | ||
57 | static cups_array_t *process_array = NULL; | |
58 | ||
59 | ||
60 | /* | |
61 | * Local functions... | |
62 | */ | |
63 | ||
64 | static int compare_procs(cupsd_proc_t *a, cupsd_proc_t *b); | |
a4924f6c MS |
65 | #ifdef HAVE_SANDBOX_H |
66 | static char *cupsd_requote(char *dst, const char *src, size_t dstsize); | |
67 | #endif /* HAVE_SANDBOX_H */ | |
68 | ||
69 | ||
70 | /* | |
71 | * 'cupsdCreateProfile()' - Create an execution profile for a subprocess. | |
72 | */ | |
73 | ||
74 | void * /* O - Profile or NULL on error */ | |
75 | cupsdCreateProfile(int job_id) /* I - Job ID or 0 for none */ | |
76 | { | |
77 | #ifdef HAVE_SANDBOX_H | |
78 | cups_file_t *fp; /* File pointer */ | |
79 | char profile[1024], /* File containing the profile */ | |
80 | cache[1024], /* Quoted CacheDir */ | |
81 | request[1024], /* Quoted RequestRoot */ | |
82 | root[1024], /* Quoted ServerRoot */ | |
83 | temp[1024]; /* Quoted TempDir */ | |
84 | ||
85 | ||
1340db2d | 86 | if (!UseProfiles || RunUser) |
b9faaae1 MS |
87 | { |
88 | /* | |
89 | * Only use sandbox profiles as root... | |
90 | */ | |
91 | ||
92 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = NULL", | |
93 | job_id); | |
94 | ||
95 | return (NULL); | |
96 | } | |
97 | ||
a4924f6c MS |
98 | if ((fp = cupsTempFile2(profile, sizeof(profile))) == NULL) |
99 | { | |
b9faaae1 MS |
100 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = NULL", |
101 | job_id); | |
a4924f6c MS |
102 | cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to create security profile: %s", |
103 | strerror(errno)); | |
104 | return (NULL); | |
105 | } | |
106 | ||
107 | cupsd_requote(cache, CacheDir, sizeof(cache)); | |
108 | cupsd_requote(request, RequestRoot, sizeof(request)); | |
109 | cupsd_requote(root, ServerRoot, sizeof(root)); | |
110 | cupsd_requote(temp, TempDir, sizeof(temp)); | |
111 | ||
112 | cupsFilePuts(fp, "(version 1)\n"); | |
cc754834 MS |
113 | if (LogLevel >= CUPSD_LOG_DEBUG) |
114 | cupsFilePuts(fp, "(debug deny)\n"); | |
a4924f6c MS |
115 | cupsFilePuts(fp, "(allow default)\n"); |
116 | cupsFilePrintf(fp, | |
117 | "(deny file-write* file-read-data file-read-metadata\n" | |
5a6b583a MS |
118 | " (regex" |
119 | " #\"^%s$\"" /* RequestRoot */ | |
120 | " #\"^%s/\"" /* RequestRoot/... */ | |
121 | " #\"^/Users$\"" | |
122 | " #\"^/Users/\"" | |
123 | "))\n", | |
124 | request, request); | |
a4924f6c MS |
125 | cupsFilePrintf(fp, |
126 | "(deny file-write*\n" | |
5a6b583a MS |
127 | " (regex" |
128 | " #\"^%s$\"" /* ServerRoot */ | |
129 | " #\"^%s/\"" /* ServerRoot/... */ | |
130 | " #\"^/private/etc$\"" | |
131 | " #\"^/private/etc/\"" | |
132 | " #\"^/usr/local/etc$\"" | |
133 | " #\"^/usr/local/etc/\"" | |
134 | " #\"^/Library$\"" | |
135 | " #\"^/Library/\"" | |
136 | " #\"^/System$\"" | |
137 | " #\"^/System/\"" | |
138 | "))\n", | |
139 | root, root); | |
7cf5915e MS |
140 | /* Specifically allow applications to stat RequestRoot */ |
141 | cupsFilePrintf(fp, | |
142 | "(allow file-read-metadata\n" | |
143 | " (regex" | |
144 | " #\"^%s$\"" /* RequestRoot */ | |
145 | "))\n", | |
146 | request); | |
a4924f6c MS |
147 | cupsFilePrintf(fp, |
148 | "(allow file-write* file-read-data file-read-metadata\n" | |
5a6b583a MS |
149 | " (regex" |
150 | " #\"^%s$\"" /* TempDir */ | |
151 | " #\"^%s/\"" /* TempDir/... */ | |
152 | " #\"^%s$\"" /* CacheDir */ | |
153 | " #\"^%s/\"" /* CacheDir/... */ | |
154 | " #\"^%s/Library$\"" /* RequestRoot/Library */ | |
155 | " #\"^%s/Library/\"" /* RequestRoot/Library/... */ | |
ed6e7faf MS |
156 | " #\"^/Library/Application Support/\"" |
157 | " #\"^/Library/Caches/\"" | |
158 | " #\"^/Library/Preferences/\"" | |
5a6b583a MS |
159 | " #\"^/Library/Printers/.*/\"" |
160 | " #\"^/Users/Shared/\"" | |
ed6e7faf | 161 | "))\n", |
5a6b583a | 162 | temp, temp, cache, cache, request, request); |
ed6e7faf MS |
163 | cupsFilePuts(fp, |
164 | "(deny file-write*\n" | |
5a6b583a MS |
165 | " (regex" |
166 | " #\"^/Library/Printers/PPDs$\"" | |
167 | " #\"^/Library/Printers/PPDs/\"" | |
168 | " #\"^/Library/Printers/PPD Plugins$\"" | |
ed6e7faf MS |
169 | " #\"^/Library/Printers/PPD Plugins/\"" |
170 | "))\n"); | |
a4924f6c MS |
171 | if (job_id) |
172 | cupsFilePrintf(fp, | |
173 | "(allow file-read-data file-read-metadata\n" | |
174 | " (regex #\"^%s/([ac]%05d|d%05d-[0-9][0-9][0-9])$\"))\n", | |
5bd77a73 | 175 | request, job_id, job_id); |
a4924f6c MS |
176 | |
177 | cupsFileClose(fp); | |
178 | ||
5bd77a73 MS |
179 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = \"%s\"", |
180 | job_id, profile); | |
a4924f6c | 181 | return ((void *)strdup(profile)); |
b9faaae1 | 182 | |
a4924f6c | 183 | #else |
b9faaae1 MS |
184 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = NULL", |
185 | job_id); | |
a4924f6c MS |
186 | |
187 | return (NULL); | |
188 | #endif /* HAVE_SANDBOX_H */ | |
189 | } | |
190 | ||
191 | ||
192 | /* | |
193 | * 'cupsdDestroyProfile()' - Delete an execution profile. | |
194 | */ | |
195 | ||
196 | void | |
197 | cupsdDestroyProfile(void *profile) /* I - Profile */ | |
198 | { | |
b9faaae1 MS |
199 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdDeleteProfile(profile=\"%s\")", |
200 | profile ? (char *)profile : "(null)"); | |
201 | ||
a4924f6c MS |
202 | #ifdef HAVE_SANDBOX_H |
203 | if (profile) | |
204 | { | |
205 | unlink((char *)profile); | |
206 | free(profile); | |
207 | } | |
208 | #endif /* HAVE_SANDBOX_H */ | |
209 | } | |
e00b005a | 210 | |
211 | ||
ef416fc2 | 212 | /* |
213 | * 'cupsdEndProcess()' - End a process. | |
214 | */ | |
215 | ||
216 | int /* O - 0 on success, -1 on failure */ | |
217 | cupsdEndProcess(int pid, /* I - Process ID */ | |
218 | int force) /* I - Force child to die */ | |
219 | { | |
b9faaae1 MS |
220 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdEndProcess(pid=%d, force=%d)", pid, |
221 | force); | |
222 | ||
ef55b745 MS |
223 | if (!pid) |
224 | return (0); | |
225 | else if (force) | |
ef416fc2 | 226 | return (kill(pid, SIGKILL)); |
227 | else | |
228 | return (kill(pid, SIGTERM)); | |
229 | } | |
230 | ||
231 | ||
e00b005a | 232 | /* |
233 | * 'cupsdFinishProcess()' - Finish a process and get its name. | |
234 | */ | |
235 | ||
236 | const char * /* O - Process name */ | |
237 | cupsdFinishProcess(int pid, /* I - Process ID */ | |
238 | char *name, /* I - Name buffer */ | |
b9faaae1 MS |
239 | int namelen, /* I - Size of name buffer */ |
240 | int *job_id) /* O - Job ID pointer or NULL */ | |
e00b005a | 241 | { |
242 | cupsd_proc_t key, /* Search key */ | |
243 | *proc; /* Matching process */ | |
244 | ||
245 | ||
246 | key.pid = pid; | |
247 | ||
248 | if ((proc = (cupsd_proc_t *)cupsArrayFind(process_array, &key)) != NULL) | |
249 | { | |
b9faaae1 MS |
250 | if (job_id) |
251 | *job_id = proc->job_id; | |
252 | ||
e00b005a | 253 | strlcpy(name, proc->name, namelen); |
254 | cupsArrayRemove(process_array, proc); | |
255 | free(proc); | |
e00b005a | 256 | } |
257 | else | |
b9faaae1 MS |
258 | { |
259 | if (job_id) | |
260 | *job_id = 0; | |
261 | ||
262 | strlcpy(name, "unknown", namelen); | |
263 | } | |
264 | ||
265 | cupsdLogMessage(CUPSD_LOG_DEBUG2, | |
266 | "cupsdFinishProcess(pid=%d, name=%p, namelen=%d, " | |
267 | "job_id=%p(%d)) = \"%s\"", pid, name, namelen, job_id, | |
268 | job_id ? *job_id : 0, name); | |
269 | ||
270 | return (name); | |
e00b005a | 271 | } |
272 | ||
273 | ||
ef416fc2 | 274 | /* |
275 | * 'cupsdStartProcess()' - Start a process. | |
276 | */ | |
277 | ||
278 | int /* O - Process ID or 0 */ | |
279 | cupsdStartProcess( | |
b9faaae1 MS |
280 | const char *command, /* I - Full path to command */ |
281 | char *argv[], /* I - Command-line arguments */ | |
282 | char *envp[], /* I - Environment */ | |
283 | int infd, /* I - Standard input file descriptor */ | |
284 | int outfd, /* I - Standard output file descriptor */ | |
285 | int errfd, /* I - Standard error file descriptor */ | |
286 | int backfd, /* I - Backchannel file descriptor */ | |
287 | int sidefd, /* I - Sidechannel file descriptor */ | |
288 | int root, /* I - Run as root? */ | |
289 | void *profile, /* I - Security profile to use */ | |
38e73f87 | 290 | cupsd_job_t *job, /* I - Job associated with process */ |
b9faaae1 | 291 | int *pid) /* O - Process ID */ |
ef416fc2 | 292 | { |
bf3816c7 MS |
293 | int user; /* Command UID */ |
294 | struct stat commandinfo; /* Command file information */ | |
e00b005a | 295 | cupsd_proc_t *proc; /* New process record */ |
ef416fc2 | 296 | #if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET) |
e00b005a | 297 | struct sigaction action; /* POSIX signal handler */ |
ef416fc2 | 298 | #endif /* HAVE_SIGACTION && !HAVE_SIGSET */ |
e53920b9 | 299 | #if defined(__APPLE__) |
e00b005a | 300 | char processPath[1024], /* CFProcessPath environment variable */ |
301 | linkpath[1024]; /* Link path for symlinks... */ | |
302 | int linkbytes; /* Bytes for link path */ | |
e53920b9 | 303 | #endif /* __APPLE__ */ |
ef416fc2 | 304 | |
305 | ||
bf3816c7 MS |
306 | if (RunUser) |
307 | user = RunUser; | |
308 | else if (root) | |
309 | user = 0; | |
310 | else | |
311 | user = User; | |
312 | ||
313 | if (stat(command, &commandinfo)) | |
76cd9e37 | 314 | { |
b9faaae1 MS |
315 | *pid = 0; |
316 | ||
317 | cupsdLogMessage(CUPSD_LOG_DEBUG2, | |
318 | "cupsdStartProcess(command=\"%s\", argv=%p, envp=%p, " | |
319 | "infd=%d, outfd=%d, errfd=%d, backfd=%d, sidefd=%d, root=%d, " | |
38e73f87 | 320 | "profile=%p, job=%p(%d), pid=%p) = %d", |
b9faaae1 | 321 | command, argv, envp, infd, outfd, errfd, backfd, sidefd, |
38e73f87 | 322 | root, profile, job, job ? job->id : 0, pid, *pid); |
76cd9e37 MS |
323 | cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to execute %s: %s", command, |
324 | strerror(errno)); | |
38e73f87 MS |
325 | |
326 | if (job && job->printer) | |
e07d4801 MS |
327 | { |
328 | if (cupsdSetPrinterReasons(job->printer, "+cups-missing-filter-warning")) | |
329 | cupsdAddEvent(CUPSD_EVENT_PRINTER_STATE, job->printer, NULL, | |
330 | "Printer driver %s is missing.", command); | |
331 | } | |
38e73f87 | 332 | |
76cd9e37 MS |
333 | return (0); |
334 | } | |
ef55b745 MS |
335 | else if (!RunUser && |
336 | ((commandinfo.st_mode & (S_ISUID | S_IWGRP | S_IWOTH)) || | |
337 | commandinfo.st_uid)) | |
bf3816c7 | 338 | { |
b9faaae1 MS |
339 | *pid = 0; |
340 | ||
341 | cupsdLogMessage(CUPSD_LOG_DEBUG2, | |
342 | "cupsdStartProcess(command=\"%s\", argv=%p, envp=%p, " | |
343 | "infd=%d, outfd=%d, errfd=%d, backfd=%d, sidefd=%d, root=%d, " | |
38e73f87 | 344 | "profile=%p, job=%p(%d), pid=%p) = %d", |
b9faaae1 | 345 | command, argv, envp, infd, outfd, errfd, backfd, sidefd, |
38e73f87 | 346 | root, profile, job, job ? job->id : 0, pid, *pid); |
bf3816c7 MS |
347 | cupsdLogMessage(CUPSD_LOG_ERROR, |
348 | "Unable to execute %s: insecure file permissions (0%o)", | |
349 | command, commandinfo.st_mode); | |
b9faaae1 | 350 | |
38e73f87 | 351 | if (job && job->printer) |
e07d4801 MS |
352 | { |
353 | if (cupsdSetPrinterReasons(job->printer, "+cups-insecure-filter-warning")) | |
354 | cupsdAddEvent(CUPSD_EVENT_PRINTER_STATE, job->printer, NULL, | |
355 | "Printer driver %s has insecure file permissions (0%o).", | |
356 | command, commandinfo.st_mode); | |
357 | } | |
38e73f87 | 358 | |
bf3816c7 | 359 | errno = EPERM; |
38e73f87 | 360 | |
bf3816c7 MS |
361 | return (0); |
362 | } | |
363 | else if ((commandinfo.st_uid != user || !(commandinfo.st_mode & S_IXUSR)) && | |
364 | (commandinfo.st_gid != Group || !(commandinfo.st_mode & S_IXGRP)) && | |
365 | !(commandinfo.st_mode & S_IXOTH)) | |
366 | { | |
b9faaae1 MS |
367 | *pid = 0; |
368 | ||
369 | cupsdLogMessage(CUPSD_LOG_DEBUG2, | |
370 | "cupsdStartProcess(command=\"%s\", argv=%p, envp=%p, " | |
371 | "infd=%d, outfd=%d, errfd=%d, backfd=%d, sidefd=%d, root=%d, " | |
38e73f87 | 372 | "profile=%p, job=%p(%d), pid=%p) = %d", |
b9faaae1 | 373 | command, argv, envp, infd, outfd, errfd, backfd, sidefd, |
38e73f87 | 374 | root, profile, job, job ? job->id : 0, pid, *pid); |
bf3816c7 MS |
375 | cupsdLogMessage(CUPSD_LOG_ERROR, |
376 | "Unable to execute %s: no execute permissions (0%o)", | |
377 | command, commandinfo.st_mode); | |
b9faaae1 | 378 | |
bf3816c7 MS |
379 | errno = EPERM; |
380 | return (0); | |
381 | } | |
76cd9e37 | 382 | |
e53920b9 | 383 | #if defined(__APPLE__) |
384 | if (envp) | |
e00b005a | 385 | { |
386 | /* | |
6d2f911b | 387 | * Add special voodoo magic for Mac OS X - this allows Mac OS X |
e53920b9 | 388 | * programs to access their bundle resources properly... |
e00b005a | 389 | */ |
390 | ||
e53920b9 | 391 | if ((linkbytes = readlink(command, linkpath, sizeof(linkpath) - 1)) > 0) |
392 | { | |
393 | /* | |
394 | * Yes, this is a symlink to the actual program, nul-terminate and | |
395 | * use it... | |
396 | */ | |
397 | ||
398 | linkpath[linkbytes] = '\0'; | |
e00b005a | 399 | |
e53920b9 | 400 | if (linkpath[0] == '/') |
401 | snprintf(processPath, sizeof(processPath), "CFProcessPath=%s", | |
402 | linkpath); | |
403 | else | |
404 | snprintf(processPath, sizeof(processPath), "CFProcessPath=%s/%s", | |
f7deaa1a | 405 | dirname((char *)command), linkpath); |
e53920b9 | 406 | } |
e00b005a | 407 | else |
e53920b9 | 408 | snprintf(processPath, sizeof(processPath), "CFProcessPath=%s", command); |
bd7854cb | 409 | |
e53920b9 | 410 | envp[0] = processPath; /* Replace <CFProcessPath> string */ |
411 | } | |
412 | #endif /* __APPLE__ */ | |
e00b005a | 413 | |
ef416fc2 | 414 | /* |
415 | * Block signals before forking... | |
416 | */ | |
417 | ||
418 | cupsdHoldSignals(); | |
419 | ||
420 | if ((*pid = fork()) == 0) | |
421 | { | |
422 | /* | |
423 | * Child process goes here... | |
424 | * | |
425 | * Update stdin/stdout/stderr as needed... | |
426 | */ | |
427 | ||
428 | if (infd != 0) | |
429 | { | |
68b10830 MS |
430 | if (infd < 0) |
431 | infd = open("/dev/null", O_RDONLY); | |
432 | ||
433 | if (infd != 0) | |
434 | { | |
435 | dup2(infd, 0); | |
436 | close(infd); | |
437 | } | |
ef416fc2 | 438 | } |
68b10830 | 439 | |
ef416fc2 | 440 | if (outfd != 1) |
441 | { | |
68b10830 MS |
442 | if (outfd < 0) |
443 | outfd = open("/dev/null", O_WRONLY); | |
444 | ||
445 | if (outfd != 1) | |
446 | { | |
447 | dup2(outfd, 1); | |
448 | close(outfd); | |
449 | } | |
ef416fc2 | 450 | } |
68b10830 | 451 | |
ef416fc2 | 452 | if (errfd != 2) |
453 | { | |
68b10830 MS |
454 | if (errfd < 0) |
455 | errfd = open("/dev/null", O_WRONLY); | |
456 | ||
457 | if (errfd != 2) | |
458 | { | |
459 | dup2(errfd, 2); | |
460 | close(errfd); | |
461 | } | |
ef416fc2 | 462 | } |
68b10830 MS |
463 | |
464 | if (backfd != 3 && backfd >= 0) | |
ef416fc2 | 465 | { |
68b10830 MS |
466 | dup2(backfd, 3); |
467 | close(backfd); | |
ef416fc2 | 468 | fcntl(3, F_SETFL, O_NDELAY); |
469 | } | |
68b10830 MS |
470 | |
471 | if (sidefd != 4 && sidefd >= 0) | |
f7deaa1a | 472 | { |
68b10830 MS |
473 | dup2(sidefd, 4); |
474 | close(sidefd); | |
f7deaa1a | 475 | fcntl(4, F_SETFL, O_NDELAY); |
476 | } | |
ef416fc2 | 477 | |
478 | /* | |
479 | * Change the priority of the process based on the FilterNice setting. | |
5bd77a73 | 480 | * (this is not done for root processes...) |
ef416fc2 | 481 | */ |
482 | ||
483 | if (!root) | |
484 | nice(FilterNice); | |
485 | ||
5bd77a73 MS |
486 | #ifdef HAVE_SANDBOX_H |
487 | /* | |
488 | * Run in a separate security profile... | |
489 | */ | |
490 | ||
491 | if (profile) | |
492 | { | |
493 | char *error = NULL; /* Sandbox error, if any */ | |
494 | ||
495 | if (sandbox_init((char *)profile, SANDBOX_NAMED_EXTERNAL, &error)) | |
496 | { | |
497 | fprintf(stderr, "ERROR: sandbox_init failed: %s (%s)\n", error, | |
498 | strerror(errno)); | |
499 | sandbox_free_error(error); | |
500 | } | |
501 | } | |
502 | #endif /* HAVE_SANDBOX_H */ | |
503 | ||
ef416fc2 | 504 | /* |
505 | * Change user to something "safe"... | |
506 | */ | |
507 | ||
508 | if (!root && !RunUser) | |
509 | { | |
510 | /* | |
511 | * Running as root, so change to non-priviledged user... | |
512 | */ | |
513 | ||
514 | if (setgid(Group)) | |
e00b005a | 515 | exit(errno); |
ef416fc2 | 516 | |
517 | if (setgroups(1, &Group)) | |
e00b005a | 518 | exit(errno); |
ef416fc2 | 519 | |
520 | if (setuid(User)) | |
521 | exit(errno); | |
522 | } | |
523 | else | |
524 | { | |
525 | /* | |
526 | * Reset group membership to just the main one we belong to. | |
527 | */ | |
528 | ||
41681883 MS |
529 | if (setgid(Group) && !RunUser) |
530 | exit(errno); | |
531 | ||
532 | if (setgroups(1, &Group) && !RunUser) | |
533 | exit(errno); | |
ef416fc2 | 534 | } |
535 | ||
536 | /* | |
537 | * Change umask to restrict permissions on created files... | |
538 | */ | |
539 | ||
540 | umask(077); | |
541 | ||
542 | /* | |
543 | * Unblock signals before doing the exec... | |
544 | */ | |
545 | ||
546 | #ifdef HAVE_SIGSET | |
547 | sigset(SIGTERM, SIG_DFL); | |
548 | sigset(SIGCHLD, SIG_DFL); | |
ef55b745 | 549 | sigset(SIGPIPE, SIG_DFL); |
ef416fc2 | 550 | #elif defined(HAVE_SIGACTION) |
551 | memset(&action, 0, sizeof(action)); | |
552 | ||
553 | sigemptyset(&action.sa_mask); | |
554 | action.sa_handler = SIG_DFL; | |
555 | ||
556 | sigaction(SIGTERM, &action, NULL); | |
557 | sigaction(SIGCHLD, &action, NULL); | |
ef55b745 | 558 | sigaction(SIGPIPE, &action, NULL); |
ef416fc2 | 559 | #else |
560 | signal(SIGTERM, SIG_DFL); | |
561 | signal(SIGCHLD, SIG_DFL); | |
ef55b745 | 562 | signal(SIGPIPE, SIG_DFL); |
ef416fc2 | 563 | #endif /* HAVE_SIGSET */ |
564 | ||
565 | cupsdReleaseSignals(); | |
566 | ||
567 | /* | |
568 | * Execute the command; if for some reason this doesn't work, | |
569 | * return the error code... | |
570 | */ | |
571 | ||
572 | if (envp) | |
573 | execve(command, argv, envp); | |
574 | else | |
575 | execv(command, argv); | |
576 | ||
577 | perror(command); | |
578 | ||
579 | exit(errno); | |
580 | } | |
581 | else if (*pid < 0) | |
582 | { | |
583 | /* | |
584 | * Error - couldn't fork a new process! | |
585 | */ | |
586 | ||
587 | cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to fork %s - %s.", command, | |
588 | strerror(errno)); | |
589 | ||
590 | *pid = 0; | |
591 | } | |
e00b005a | 592 | else |
593 | { | |
594 | if (!process_array) | |
595 | process_array = cupsArrayNew((cups_array_func_t)compare_procs, NULL); | |
596 | ||
597 | if (process_array) | |
598 | { | |
599 | if ((proc = calloc(1, sizeof(cupsd_proc_t) + strlen(command))) != NULL) | |
600 | { | |
b9faaae1 | 601 | proc->pid = *pid; |
38e73f87 | 602 | proc->job_id = job ? job->id : 0; |
e00b005a | 603 | strcpy(proc->name, command); |
604 | ||
605 | cupsArrayAdd(process_array, proc); | |
606 | } | |
607 | } | |
608 | } | |
ef416fc2 | 609 | |
610 | cupsdReleaseSignals(); | |
611 | ||
b9faaae1 MS |
612 | cupsdLogMessage(CUPSD_LOG_DEBUG2, |
613 | "cupsdStartProcess(command=\"%s\", argv=%p, envp=%p, " | |
614 | "infd=%d, outfd=%d, errfd=%d, backfd=%d, sidefd=%d, root=%d, " | |
38e73f87 | 615 | "profile=%p, job=%p(%d), pid=%p) = %d", |
b9faaae1 | 616 | command, argv, envp, infd, outfd, errfd, backfd, sidefd, |
38e73f87 | 617 | root, profile, job, job ? job->id : 0, pid, *pid); |
b9faaae1 | 618 | |
ef416fc2 | 619 | return (*pid); |
620 | } | |
621 | ||
622 | ||
623 | /* | |
e00b005a | 624 | * 'compare_procs()' - Compare two processes. |
625 | */ | |
626 | ||
627 | static int /* O - Result of comparison */ | |
628 | compare_procs(cupsd_proc_t *a, /* I - First process */ | |
629 | cupsd_proc_t *b) /* I - Second process */ | |
630 | { | |
631 | return (a->pid - b->pid); | |
632 | } | |
633 | ||
634 | ||
a4924f6c MS |
635 | #ifdef HAVE_SANDBOX_H |
636 | /* | |
637 | * 'cupsd_requote()' - Make a regular-expression version of a string. | |
638 | */ | |
639 | ||
640 | static char * /* O - Quoted string */ | |
641 | cupsd_requote(char *dst, /* I - Destination buffer */ | |
642 | const char *src, /* I - Source string */ | |
643 | size_t dstsize) /* I - Size of destination buffer */ | |
644 | { | |
645 | int ch; /* Current character */ | |
646 | char *dstptr, /* Current position in buffer */ | |
647 | *dstend; /* End of destination buffer */ | |
648 | ||
649 | ||
650 | dstptr = dst; | |
651 | dstend = dst + dstsize - 2; | |
652 | ||
653 | while (*src && dstptr < dstend) | |
654 | { | |
655 | ch = *src++; | |
656 | ||
657 | if (strchr(".?*()[]^$\\", ch)) | |
658 | *dstptr++ = '\\'; | |
659 | ||
660 | *dstptr++ = ch; | |
661 | } | |
662 | ||
663 | *dstptr = '\0'; | |
664 | ||
665 | return (dst); | |
666 | } | |
667 | #endif /* HAVE_SANDBOX_H */ | |
668 | ||
669 | ||
e00b005a | 670 | /* |
75bd9771 | 671 | * End of "$Id: process.c 7256 2008-01-25 00:48:54Z mike $". |
ef416fc2 | 672 | */ |