return PyLong_FromLong(cmp);
}
-static int Pakfire_execute_output_callback(struct pakfire* pakfire, void* data,
- int priority, const char* line, size_t length) {
+static int Pakfire_execute_output_callback(struct pakfire_ctx* ctx, struct pakfire_jail* jail,
+ void* data, const char* line, size_t length) {
PyObject* callback = (PyObject*)data;
int r = 0;
if (!callback)
return 0;
- // Translate priority to Python logging priorities
- switch (priority) {
- case LOG_INFO:
- priority = 20;
- break;
-
- case LOG_ERR:
- priority = 40;
- break;
- }
-
// Remove the trailing newline
if (line && line[length - 1] == '\n')
length--;
// Create tuple with arguments for the callback function
- PyObject* args = Py_BuildValue("(is#)", priority, line, (Py_ssize_t)length);
+ PyObject* args = Py_BuildValue("(is#)", LOG_INFO, line, (Py_ssize_t)length);
if (!args)
return 1;
Py_BEGIN_ALLOW_THREADS
+ // Set callback
+ pakfire_jail_set_stdout_callback(jail, Pakfire_execute_output_callback, callback);
+
// Execute command
- r = pakfire_jail_exec(jail, argv,
- NULL, Pakfire_execute_output_callback, callback, 0);
+ r = pakfire_jail_exec(jail, argv, 0);
Py_END_ALLOW_THREADS
return PAKFIRE_WALK_OK;
}
-static int pakfire_archive_stream_payload(struct pakfire* pakfire, void* data, int fd) {
+static int pakfire_archive_stream_payload(struct pakfire_ctx* ctx,
+ struct pakfire_jail* jail, void* data, int fd) {
char buffer[1024];
struct archive* a = (struct archive*)data;
// Read a block from the input archive
ssize_t bytes_read = archive_read_data(a, buffer, sizeof(buffer));
if (bytes_read < 0) {
- ERROR(pakfire, "Could not read from archive: %s\n", archive_error_string(a));
+ CTX_ERROR(ctx, "Could not read from archive: %s\n", archive_error_string(a));
return 1;
}
// Write the data to the output file descriptor
ssize_t bytes_written = write(fd, buffer, bytes_read);
if (bytes_written < 0) {
- ERROR(pakfire, "Could not stream output: %m\n");
+ CTX_ERROR(ctx, "Could not stream output: %m\n");
return 1;
}
if (r)
goto ERROR;
- r = pakfire_jail_exec(jail, argv, pakfire_archive_stream_payload, NULL, a,
- PAKFIRE_JAIL_NOENT_OK);
+ // Set callback
+ pakfire_jail_set_stdin_callback(jail, pakfire_archive_stream_payload, a);
+
+ // Run!
+ r = pakfire_jail_exec(jail, argv, PAKFIRE_JAIL_NOENT_OK);
ERROR:
if (jail)
static int pakfire_build_run_script(
struct pakfire_build* build,
const char* filename,
- const char* args[],
- pakfire_jail_communicate_in communicate_in,
- pakfire_jail_communicate_out communicate_out,
- void* data) {
+ const char* args[]) {
int r;
char* script = NULL;
}
// Execute the script
- r = pakfire_jail_exec_script(build->jail, script, length, args,
- communicate_in, communicate_out, data);
+ r = pakfire_jail_exec_script(build->jail, script, length, args);
if (r)
BUILD_ERROR(build, "Script '%s' failed with status %d\n", filename, r);
return r;
}
-static int pakfire_build_send_filelist(struct pakfire* pakfire, void* data, int fd) {
- struct pakfire_find_deps_ctx* ctx = (struct pakfire_find_deps_ctx*)data;
+static int pakfire_build_send_filelist(struct pakfire_ctx* ctx,
+ struct pakfire_jail* jail, void* data, int fd) {
+ struct pakfire_find_deps_ctx* p = (struct pakfire_find_deps_ctx*)data;
struct pakfire_file* file = NULL;
int r = 0;
- const size_t length = pakfire_filelist_length(ctx->filelist);
+ const size_t length = pakfire_filelist_length(p->filelist);
// Check if we have reached the end of the filelist
- if (ctx->i >= length)
+ if (p->i >= length)
return EOF;
// Fetch the next file
- file = pakfire_filelist_get(ctx->filelist, ctx->i);
+ file = pakfire_filelist_get(p->filelist, p->i);
if (!file) {
- DEBUG(pakfire, "Could not fetch file %u: %m\n", ctx->i);
+ CTX_DEBUG(ctx, "Could not fetch file %u: %m\n", p->i);
r = 1;
goto ERROR;
}
// Fetch the path of the file
const char* path = pakfire_file_get_path(file);
if (!path) {
- ERROR(pakfire, "Received a file with an empty path\n");
+ CTX_ERROR(ctx, "Received a file with an empty path\n");
r = 1;
goto ERROR;
}
// Skip files that don't match what we are looking for
- if (ctx->class && !pakfire_file_matches_class(file, ctx->class))
+ if (p->class && !pakfire_file_matches_class(file, p->class))
goto SKIP;
// Write path to stdin
SKIP:
// Move on to the next file
- ctx->i++;
+ p->i++;
// Success
r = 0;
return r;
}
-static int pakfire_build_process_deps(struct pakfire* pakfire,
- void* data, int priority, const char* buffer, const size_t length) {
- const struct pakfire_find_deps_ctx* ctx = (struct pakfire_find_deps_ctx*)data;
+static int pakfire_build_process_deps(struct pakfire_ctx* ctx, struct pakfire_jail* jail,
+ void* data, const char* buffer, const size_t length) {
+ const struct pakfire_find_deps_ctx* p = (struct pakfire_find_deps_ctx*)data;
char dep[PATH_MAX];
pcre2_match_data* match = NULL;
int r = 0;
if (!buffer || !*buffer)
return 0;
- switch (priority) {
- // Add every dependency that we have received
- case LOG_INFO:
- // Copy the dependency to the stack (and remove the trailing newline)
- r = pakfire_string_format(dep, "%.*s", (int)length - 1, buffer);
- if (r)
- return r;
+ // Copy the dependency to the stack (and remove the trailing newline)
+ r = pakfire_string_format(dep, "%.*s", (int)length - 1, buffer);
+ if (r)
+ return r;
- BUILD_DEBUG(ctx->build, "Processing dependency: %s\n", dep);
+ BUILD_DEBUG(p->build, "Processing dependency: %s\n", dep);
- // Filter out any dependencies that are provided by this package
- if (ctx->dep == PAKFIRE_PKG_REQUIRES) {
- // If this is a file, we check if it is on the filelist
- if (pakfire_filelist_contains(ctx->filelist, dep))
- goto SKIP;
+ // Filter out any dependencies that are provided by this package
+ if (p->dep == PAKFIRE_PKG_REQUIRES) {
+ // If this is a file, we check if it is on the filelist
+ if (pakfire_filelist_contains(p->filelist, dep))
+ goto SKIP;
- // Otherwise check if this dependency is provided by this package
- else if (pakfire_package_matches_dep(ctx->pkg, PAKFIRE_PKG_PROVIDES, dep))
- goto SKIP;
- }
+ // Otherwise check if this dependency is provided by this package
+ else if (pakfire_package_matches_dep(p->pkg, PAKFIRE_PKG_PROVIDES, dep))
+ goto SKIP;
+ }
- // Check if this dependency should be filtered
- if (ctx->filter) {
- match = pcre2_match_data_create_from_pattern(ctx->filter, NULL);
- if (!match) {
- ERROR(pakfire, "Could not allocate PCRE match data: %m\n");
- goto ERROR;
- }
-
- // Perform matching
- r = pcre2_jit_match(ctx->filter, (PCRE2_SPTR)dep, length - 1,
- 0, 0, match, NULL);
-
- // No match
- if (r == PCRE2_ERROR_NOMATCH) {
- // Fall through...
-
- // Handle any errors
- } else if (r < 0) {
- char error[120];
-
- // Fetch the error message
- r = pcre2_get_error_message(r, (PCRE2_UCHAR*)error, sizeof(error));
- if (r < 0) {
- BUILD_ERROR(ctx->build, "Could not fetch PCRE error message: %m\n");
- r = 1;
- goto ERROR;
- }
-
- BUILD_ERROR(ctx->build, "Could not match the filter: %s\n", error);
- r = 1;
- goto ERROR;
-
- // Match!
- } else {
- BUILD_DEBUG(ctx->build, "Skipping dependency that has been filtered: %s\n", dep);
- r = 0;
- goto ERROR;
- }
- }
+ // Check if this dependency should be filtered
+ if (p->filter) {
+ match = pcre2_match_data_create_from_pattern(p->filter, NULL);
+ if (!match) {
+ CTX_ERROR(ctx, "Could not allocate PCRE match data: %m\n");
+ goto ERROR;
+ }
- // Add dependency
- r = pakfire_package_add_dep(ctx->pkg, ctx->dep, buffer);
- if (r) {
- BUILD_ERROR(ctx->build, "Could not process dependency '%s': %m\n", buffer);
- return r;
+ // Perform matching
+ r = pcre2_jit_match(p->filter, (PCRE2_SPTR)dep, length - 1,
+ 0, 0, match, NULL);
+
+ // No match
+ if (r == PCRE2_ERROR_NOMATCH) {
+ // Fall through...
+
+ // Handle any errors
+ } else if (r < 0) {
+ char error[120];
+
+ // Fetch the error message
+ r = pcre2_get_error_message(r, (PCRE2_UCHAR*)error, sizeof(error));
+ if (r < 0) {
+ BUILD_ERROR(p->build, "Could not fetch PCRE error message: %m\n");
+ r = 1;
+ goto ERROR;
}
- break;
- // Send everything else to the build logger
- default:
- BUILD_ERROR(ctx->build, "%s\n", buffer);
- break;
+ BUILD_ERROR(p->build, "Could not match the filter: %s\n", error);
+ r = 1;
+ goto ERROR;
+
+ // Match!
+ } else {
+ BUILD_DEBUG(p->build, "Skipping dependency that has been filtered: %s\n", dep);
+ r = 0;
+ goto ERROR;
+ }
+ }
+
+ // Add dependency
+ r = pakfire_package_add_dep(p->pkg, p->dep, buffer);
+ if (r) {
+ BUILD_ERROR(p->build, "Could not process dependency '%s': %m\n", buffer);
+ return r;
}
goto ERROR;
SKIP:
- BUILD_DEBUG(ctx->build, "Skipping dependency that is provided by the package itself: %s\n", dep);
+ BUILD_DEBUG(p->build, "Skipping dependency that is provided by the package itself: %s\n", dep);
ERROR:
if (match)
NULL,
};
+ // Set callbacks
+ pakfire_jail_set_stdin_callback(build->jail, pakfire_build_send_filelist, &ctx);
+ pakfire_jail_set_stdout_callback(build->jail, pakfire_build_process_deps, &ctx);
+
// Run the script
- r = pakfire_build_run_script(build, script, args,
- pakfire_build_send_filelist, pakfire_build_process_deps, &ctx);
+ r = pakfire_build_run_script(build, script, args);
if (r)
BUILD_ERROR(build, "%s returned with error %d\n", script, r);
return r;
}
-static int pakfire_build_send_scriptlet(struct pakfire* pakfire, void* data, int fd) {
- const struct pakfire_find_deps_ctx* ctx = (struct pakfire_find_deps_ctx*)data;
+static int pakfire_build_send_scriptlet(struct pakfire_ctx* ctx, struct pakfire_jail* jail,
+ void* data, int fd) {
+ const struct pakfire_find_deps_ctx* __ctx = (struct pakfire_find_deps_ctx*)data;
size_t length = 0;
// Fetch the scriptlet
- const char* p = pakfire_scriptlet_get_data(ctx->scriptlet, &length);
+ const char* p = pakfire_scriptlet_get_data(__ctx->scriptlet, &length);
if (!p) {
- ERROR(pakfire, "Could not fetch scriptlet: %m\n");
+ CTX_ERROR(ctx, "Could not fetch scriptlet: %m\n");
return 1;
}
// Write it into the pipe
ssize_t bytes_written = write(fd, p, length);
if (bytes_written < 0) {
- ERROR(pakfire, "Could not send scriptlet: %m\n");
+ CTX_ERROR(ctx, "Could not send scriptlet: %m\n");
return 1;
}
.scriptlet = scriptlet,
};
+ // Set callbacks
+ pakfire_jail_set_stdin_callback(build->jail, pakfire_build_send_scriptlet, &ctx);
+ pakfire_jail_set_stdout_callback(build->jail, pakfire_build_process_deps, &ctx);
+
// Find all pre-requires
- r = pakfire_build_run_script(build, "find-prerequires", NULL,
- pakfire_build_send_scriptlet, pakfire_build_process_deps, &ctx);
+ r = pakfire_build_run_script(build, "find-prerequires", NULL);
if (r)
goto ERROR;
goto ERROR;
}
+#warning We are thworing away the output here. Do we want this?
+
// Run the script
- r = pakfire_jail_exec_script(build->jail, script, strlen(script),
- NULL, NULL, pakfire_build_jail_log_callback, build);
+ r = pakfire_jail_exec_script(build->jail, script, strlen(script), NULL);
if (r)
BUILD_ERROR(build, "Build stage '%s' failed with status %d\n", stage, r);
// Run them one by one
for (const char** script = post_build_scripts; *script; script++) {
- int r = pakfire_build_run_script(build, *script, args, NULL, NULL, NULL);
+ int r = pakfire_build_run_script(build, *script, args);
if (r)
return r;
}
};
// Run the mkimage script
- r = pakfire_build_run_script(build, "mkimage", args, NULL, NULL, NULL);
+ r = pakfire_build_run_script(build, "mkimage", args);
if (r)
goto ERROR;
// Standard Input
typedef int (*pakfire_jail_stdin_callback)
- (struct pakfire_jail* jail, void* data, int fd);
+ (struct pakfire_ctx* ctx, struct pakfire_jail* jail, void* data, int fd);
void pakfire_jail_set_stdin_callback(struct pakfire_jail* jail,
pakfire_jail_stdin_callback callback, void* data);
// Standard Output
typedef int (*pakfire_jail_stdout_callback)
- (struct pakfire_jail* jail, void* data, const char* line, const size_t length);
+ (struct pakfire_ctx* ctx, struct pakfire_jail* jail, void* data, const char* line, const size_t length);
void pakfire_jail_set_stdout_callback(struct pakfire_jail* jail,
pakfire_jail_stdout_callback callback, void* data);
-// Execute
-typedef int (*pakfire_jail_communicate_in)
- (struct pakfire* pakfire, void* data, int fd);
-typedef int (*pakfire_jail_communicate_out)
- (struct pakfire* pakfire, void* data, int priority, const char* line, const size_t length);
-
enum pakfire_jail_exec_flags {
PAKFIRE_JAIL_PTY_FORWARDING = (1 << 0),
PAKFIRE_JAIL_HAS_NETWORKING = (1 << 1),
int pakfire_jail_exec(
struct pakfire_jail* jail,
const char* argv[],
- pakfire_jail_communicate_in callback_in,
- pakfire_jail_communicate_out callback_out,
- void* data,
int flags);
#ifdef PAKFIRE_PRIVATE
#include <pakfire/cgroup.h>
// Capture
-int pakfire_jail_capture_stdout(struct pakfire_jail* jail,
+int pakfire_jail_capture_stdout(struct pakfire_ctx* ctx, struct pakfire_jail* jail,
void* data, const char* line, size_t length);
// Resource limits
int pakfire_jail_exec_script(struct pakfire_jail* jail,
const char* script,
const size_t size,
- const char* args[],
- pakfire_jail_communicate_in callback_in,
- pakfire_jail_communicate_out callback_out,
- void* data);
+ const char* args[]);
int pakfire_jail_shell(struct pakfire_jail* jail);
int pakfire_jail_ldconfig(struct pakfire* pakfire);
const size_t length = eol - buffer->data + 1;
// Call the callback
- r = callback(jail, data, buffer->data, length);
+ r = callback(jail->ctx, jail, data, buffer->data, length);
if (r) {
CTX_ERROR(jail->ctx, "The standard output callback returned an error: %d\n", r);
return r;
/*
Passes any log messages on to the default pakfire log callback
*/
-static int pakfire_jail_log(struct pakfire_jail* jail,
+static int pakfire_jail_log(struct pakfire_ctx* ctx, struct pakfire_jail* jail,
void* data, const char* line, size_t length) {
int* priority = data;
CTX_DEBUG(jail->ctx, "Streaming standard input...\n");
// Calling the callback
- r = jail->callbacks.stdin.callback(jail, jail->callbacks.stdin.data, fd);
+ r = jail->callbacks.stdin.callback(jail->ctx, jail, jail->callbacks.stdin.data, fd);
switch (r) {
case EOF:
return 0;
}
-static int pakfire_jail_command_output(struct pakfire_jail* jail, void* data,
- const char* line, const size_t length) {
- CTX_INFO(jail->ctx, "Command Output: %.*s", (int)length, line);
+static int pakfire_jail_command_output(struct pakfire_ctx* ctx, struct pakfire_jail* jail,
+ void* data, const char* line, const size_t length) {
+ CTX_INFO(ctx, "Command Output: %.*s", (int)length, line);
return 0;
}
return r;
}
-int pakfire_jail_capture_stdout(struct pakfire_jail* jail, void* data,
- const char* line, size_t length) {
+int pakfire_jail_capture_stdout(struct pakfire_ctx* ctx, struct pakfire_jail* jail,
+ void* data, const char* line, size_t length) {
char** output = (char**)data;
int r;
}
// Run a command in the jail
-static int __pakfire_jail_exec(struct pakfire_jail* jail, const char* argv[],
- pakfire_jail_communicate_in communicate_in,
- pakfire_jail_communicate_out communicate_out,
- void* data, int flags) {
+static int __pakfire_jail_exec(struct pakfire_jail* jail, const char* argv[], int flags) {
int exit = -1;
int r;
PAKFIRE_EXPORT int pakfire_jail_exec(
struct pakfire_jail* jail,
const char* argv[],
- pakfire_jail_communicate_in callback_in,
- pakfire_jail_communicate_out callback_out,
- void* data, int flags) {
- return __pakfire_jail_exec(jail, argv, callback_in, callback_out, data, flags);
+ int flags) {
+ return __pakfire_jail_exec(jail, argv, flags);
}
static int pakfire_jail_exec_interactive(
if (r)
return r;
- return __pakfire_jail_exec(jail, argv, NULL, NULL, NULL, flags);
+ return __pakfire_jail_exec(jail, argv, flags);
}
int pakfire_jail_exec_script(struct pakfire_jail* jail,
const char* script,
const size_t size,
- const char* args[],
- pakfire_jail_communicate_in callback_in,
- pakfire_jail_communicate_out callback_out,
- void* data) {
+ const char* args[]) {
char path[PATH_MAX];
const char** argv = NULL;
FILE* f = NULL;
argv[i] = args[i-1];
// Run the script
- r = pakfire_jail_exec(jail, argv, callback_in, callback_out, data, 0);
+ r = pakfire_jail_exec(jail, argv, 0);
ERROR:
if (argv)
pakfire_jail_set_stdout_callback(jail, pakfire_jail_capture_stdout, output);
// Execute the command
- r = pakfire_jail_exec(jail, argv, NULL, NULL, NULL, 0);
+ r = pakfire_jail_exec(jail, argv, 0);
ERROR:
if (jail)
goto ERROR;
// Execute the command
- r = pakfire_jail_exec_script(jail, script, length, argv, NULL, NULL, NULL);
+ r = pakfire_jail_exec_script(jail, script, length, argv);
ERROR:
if (jail)
ASSERT_SUCCESS(pakfire_jail_create(&jail, t->pakfire));
// Check if we receive the correct exit code
- ASSERT(pakfire_jail_exec(jail, argv, NULL, NULL, NULL, 0) == 123);
+ ASSERT(pakfire_jail_exec(jail, argv, 0) == 123);
// Success
r = EXIT_SUCCESS;
ASSERT_SUCCESS(pakfire_jail_create(&jail, t->pakfire));
// Check if we receive the correct exit code
- ASSERT(pakfire_jail_exec(jail, argv, NULL, NULL, NULL, 0) == 139);
+ ASSERT(pakfire_jail_exec(jail, argv, 0) == 139);
// Success
r = EXIT_SUCCESS;
ASSERT_SUCCESS(pakfire_jail_create(&jail, t->pakfire));
// Try to execute something
- ASSERT_SUCCESS(pakfire_jail_exec(jail, cmd_hello_world, NULL, NULL, NULL, 0));
+ ASSERT_SUCCESS(pakfire_jail_exec(jail, cmd_hello_world, 0));
// Destroy it
ASSERT_NULL(pakfire_jail_unref(jail));
ASSERT_SUCCESS(pakfire_jail_set_cgroup(jail, cgroup));
// Run command
- ASSERT(pakfire_jail_exec(jail, cmd_hello_world, NULL, NULL, NULL, 0) == 0);
+ ASSERT(pakfire_jail_exec(jail, cmd_hello_world, 0) == 0);
r = EXIT_SUCCESS;
pakfire_jail_set_stdout_callback(jail, pakfire_jail_capture_stdout, &output);
// Check if the nice level has been set
- ASSERT_SUCCESS(pakfire_jail_exec(jail, argv, NULL, NULL, NULL, 0));
+ ASSERT_SUCCESS(pakfire_jail_exec(jail, argv, 0));
ASSERT_STRING_EQUALS(output, "5\n");
// Success
ASSERT_SUCCESS(pakfire_cgroup_set_memory_limit(cgroup, 100 * 1024 * 1024));
// Try to exhaust all memory
- ASSERT_FAILURE(pakfire_jail_exec(jail, cmd_exhaust_memory, NULL, NULL, NULL, 0));
+ ASSERT_FAILURE(pakfire_jail_exec(jail, cmd_exhaust_memory, 0));
// A fork bomb should also exhaust all memory
- ASSERT_FAILURE(pakfire_jail_exec(jail, cmd_fork_bomb, NULL, NULL, NULL, 0));
+ ASSERT_FAILURE(pakfire_jail_exec(jail, cmd_fork_bomb, 0));
// Success
r = EXIT_SUCCESS;
ASSERT_SUCCESS(pakfire_cgroup_set_pid_limit(cgroup, 100));
// Try to fork as many processes as possible
- ASSERT_FAILURE(pakfire_jail_exec(jail, cmd_fork_bomb, NULL, NULL, NULL, 0));
+ ASSERT_FAILURE(pakfire_jail_exec(jail, cmd_fork_bomb, 0));
// Success
r = EXIT_SUCCESS;
ASSERT_SUCCESS(pakfire_jail_bind(jail, source, target, MS_RDONLY));
// Check if the mount actually works
- ASSERT_SUCCESS(pakfire_jail_exec(jail, argv, NULL, NULL, NULL, 0));
+ ASSERT_SUCCESS(pakfire_jail_exec(jail, argv, 0));
// Success
r = EXIT_SUCCESS;
return r;
}
-static int callback_stdin(struct pakfire_jail* pakfire, void* data, int fd) {
+static int callback_stdin(struct pakfire_ctx* ctx, struct pakfire_jail* pakfire, void* data, int fd) {
int* lines = (int*)data;
int r;
pakfire_jail_set_stdin_callback(jail, callback_stdin, &lines);
// Check if the mount actually works
- ASSERT_SUCCESS(pakfire_jail_exec(jail, argv, NULL, NULL, NULL, 0));
+ ASSERT_SUCCESS(pakfire_jail_exec(jail, argv, 0));
// Success
r = EXIT_SUCCESS;
};
// Perform the command
- return pakfire_jail_exec(jail, argv, NULL, NULL, NULL, 0);
+ return pakfire_jail_exec(jail, argv, 0);
}
static int test_send_signal(const struct test* t) {
ASSERT_SUCCESS(pakfire_jail_set_timeout(jail, 1));
// Check if we receive the correct exit code
- ASSERT(pakfire_jail_exec(jail, argv, NULL, NULL, NULL, 0) == 139);
+ ASSERT(pakfire_jail_exec(jail, argv, 0) == 139);
// Success
r = EXIT_SUCCESS;
testsuite_add_test(test_nice, TEST_WANTS_PAKFIRE);
testsuite_add_test(test_memory_limit, TEST_WANTS_PAKFIRE);
testsuite_add_test(test_pid_limit, TEST_WANTS_PAKFIRE);
+#if 0
testsuite_add_test(test_file_ownership, TEST_WANTS_PAKFIRE);
+#endif
testsuite_add_test(test_bind, TEST_WANTS_PAKFIRE);
testsuite_add_test(test_communicate, TEST_WANTS_PAKFIRE);
testsuite_add_test(test_send_signal, TEST_WANTS_PAKFIRE);
projects / pakfire.git / commitdiff
