]> git.ipfire.org Git - thirdparty/cups.git/blame - scheduler/process.c
projects / thirdparty / cups.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Sandbox tweaking.
[thirdparty/cups.git] / scheduler / process.c
CommitLineData
ef416fc2 1/*
f2d18633 2 * "$Id$"
ef416fc2 3 *
7e86f2f6 4 * Process management routines for the CUPS scheduler.
ef416fc2 5 *
7e86f2f6
MS		 6 * Copyright 2007-2014 by Apple Inc.
7 * Copyright 1997-2007 by Easy Software Products, all rights reserved.
ef416fc2 8 *
7e86f2f6
MS		 9 * These coded instructions, statements, and computer programs are the
10 * property of Apple Inc. and are protected by Federal copyright
11 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 * which should have been included with this file. If this file is
13 * file is missing or damaged, see the license at "http://www.cups.org/".
ef416fc2 14 */
15
16/*
17 * Include necessary headers...
18 */
19
20#include "cupsd.h"
21#include <grp.h>
a4924f6c 22#ifdef __APPLE__
4400e98d 23# include <libgen.h>
6d2f911b 24#endif /* __APPLE__ */
c82f05ea
MS		 25#ifdef HAVE_POSIX_SPAWN
26# include <spawn.h>
27extern char **environ;
28#endif /* HAVE_POSIX_SPAWN */
ef416fc2 29
30
e00b005a 31/*
32 * Process structure...
33 */
34
35typedef struct
36{
b9faaae1
MS		 37 int pid, /* Process ID */
38 job_id; /* Job associated with process */
e00b005a 39 char name[1]; /* Name of process */
40} cupsd_proc_t;
41
42
43/*
44 * Local globals...
45 */
46
47static cups_array_t *process_array = NULL;
48
49
50/*
51 * Local functions...
52 */
53
54static int compare_procs(cupsd_proc_t *a, cupsd_proc_t *b);
a4924f6c
MS		 55#ifdef HAVE_SANDBOX_H
56static char *cupsd_requote(char *dst, const char *src, size_t dstsize);
57#endif /* HAVE_SANDBOX_H */
58
59
60/*
61 * 'cupsdCreateProfile()' - Create an execution profile for a subprocess.
62 */
63
64void * /* O - Profile or NULL on error */
8fe0183a
MS		 65cupsdCreateProfile(int job_id, /* I - Job ID or 0 for none */
66 int allow_networking)/* I - Allow networking off machine? */
a4924f6c
MS		 67{
68#ifdef HAVE_SANDBOX_H
8fe0183a
MS		 69 cups_file_t *fp; /* File pointer */
70 char profile[1024], /* File containing the profile */
71 bin[1024], /* Quoted ServerBin */
72 cache[1024], /* Quoted CacheDir */
73 domain[1024], /* Domain socket, if any */
74 request[1024], /* Quoted RequestRoot */
75 root[1024], /* Quoted ServerRoot */
76 temp[1024]; /* Quoted TempDir */
77 const char *nodebug; /* " (with no-log)" for no debug */
78 cupsd_listener_t *lis; /* Current listening socket */
79
80
81 if (!UseSandboxing || Sandboxing == CUPSD_SANDBOXING_OFF)
b9faaae1
MS		 82 {
83 /*
84 * Only use sandbox profiles as root...
85 */
86
8fe0183a 87 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d, allow_networking=%d) = NULL", job_id, allow_networking);
b9faaae1
MS		 88
89 return (NULL);
90 }
91
a4924f6c
MS		 92 if ((fp = cupsTempFile2(profile, sizeof(profile))) == NULL)
93 {
8fe0183a 94 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d, allow_networking=%d) = NULL", job_id, allow_networking);
a4924f6c
MS		 95 cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to create security profile: %s",
96 strerror(errno));
97 return (NULL);
98 }
99
0268488e
MS		 100 fchown(cupsFileNumber(fp), RunUser, Group);
101 fchmod(cupsFileNumber(fp), 0640);
102
8fe0183a 103 cupsd_requote(bin, ServerBin, sizeof(bin));
a4924f6c
MS		 104 cupsd_requote(cache, CacheDir, sizeof(cache));
105 cupsd_requote(request, RequestRoot, sizeof(request));
106 cupsd_requote(root, ServerRoot, sizeof(root));
107 cupsd_requote(temp, TempDir, sizeof(temp));
108
88f9aafc
MS		 109 nodebug = LogLevel < CUPSD_LOG_DEBUG ? " (with no-log)" : "";
110
a4924f6c 111 cupsFilePuts(fp, "(version 1)\n");
8fe0183a
MS		 112 if (Sandboxing == CUPSD_SANDBOXING_STRICT)
113 cupsFilePuts(fp, "(deny default)\n");
114 else
115 cupsFilePuts(fp, "(allow default)\n");
116 if (LogLevel >= CUPSD_LOG_DEBUG)
117 cupsFilePuts(fp, "(debug deny)\n");
118 cupsFilePuts(fp, "(import \"system.sb\")\n");
119 cupsFilePuts(fp, "(system-network)\n");
120 cupsFilePuts(fp, "(allow mach-per-user-lookup)\n");
121 cupsFilePuts(fp, "(allow ipc-posix-sem)\n");
122 cupsFilePuts(fp, "(allow ipc-posix-shm)\n");
123 cupsFilePuts(fp, "(allow ipc-sysv-shm)\n");
124 cupsFilePuts(fp, "(allow mach-lookup)\n");
a4924f6c 125 cupsFilePrintf(fp,
8fe0183a
MS		 126 "(deny file-write* file-read-data file-read-metadata\n"
127 " (regex"
5a6b583a
MS		 128 " #\"^%s$\"" /* RequestRoot */
129 " #\"^%s/\"" /* RequestRoot/... */
88f9aafc
MS		 130 ")%s)\n",
131 request, request, nodebug);
0268488e 132 if (!RunUser)
88f9aafc
MS		 133 cupsFilePrintf(fp,
134 "(deny file-write* file-read-data file-read-metadata\n"
135 " (regex"
136 " #\"^/Users$\""
137 " #\"^/Users/\""
138 ")%s)\n", nodebug);
a4924f6c
MS		 139 cupsFilePrintf(fp,
140 "(deny file-write*\n"
5a6b583a
MS		 141 " (regex"
142 " #\"^%s$\"" /* ServerRoot */
143 " #\"^%s/\"" /* ServerRoot/... */
144 " #\"^/private/etc$\""
145 " #\"^/private/etc/\""
146 " #\"^/usr/local/etc$\""
147 " #\"^/usr/local/etc/\""
148 " #\"^/Library$\""
149 " #\"^/Library/\""
150 " #\"^/System$\""
151 " #\"^/System/\""
88f9aafc
MS		 152 ")%s)\n",
153 root, root, nodebug);
8fe0183a 154 /* Specifically allow applications to stat RequestRoot and some other system folders */
7cf5915e
MS		 155 cupsFilePrintf(fp,
156 "(allow file-read-metadata\n"
157 " (regex"
8fe0183a
MS		 158 " #\"^/$\"" /* / */
159 " #\"^/usr$\"" /* /usr */
160 " #\"^/Library$\"" /* /Library */
161 " #\"^/Library/Printers$\"" /* /Library/Printers */
7cf5915e
MS		 162 " #\"^%s$\"" /* RequestRoot */
163 "))\n",
164 request);
8fe0183a 165 /* Read and write TempDir, CacheDir, and other common folders */
a4924f6c
MS		 166 cupsFilePrintf(fp,
167 "(allow file-write* file-read-data file-read-metadata\n"
5a6b583a
MS		 168 " (regex"
169 " #\"^%s$\"" /* TempDir */
170 " #\"^%s/\"" /* TempDir/... */
171 " #\"^%s$\"" /* CacheDir */
172 " #\"^%s/\"" /* CacheDir/... */
bcc4b655 173 " #\"^/private/var/db/\""
8fe0183a 174 " #\"^/private/var/folders/\""
777e09f8 175 " #\"^/private/var/run/\""
ed6e7faf
MS		 176 " #\"^/Library/Application Support/\""
177 " #\"^/Library/Caches/\""
178 " #\"^/Library/Preferences/\""
5a6b583a 179 " #\"^/Users/Shared/\""
ed6e7faf 180 "))\n",
8fe0183a
MS		 181 temp, temp, cache, cache);
182 /* Read common folders */
88f9aafc 183 cupsFilePrintf(fp,
8fe0183a 184 "(allow file-read-data file-read-metadata\n"
8fe0183a 185 " (regex"
bcc4b655
MS		 186 " #\"^/AppleInternal$\""
187 " #\"^/AppleInternal/\""
8fe0183a
MS		 188 " #\"^/bin$\"" /* /bin */
189 " #\"^/bin/\"" /* /bin/... */
777e09f8
MS		 190 " #\"^/private$\""
191 " #\"^/private/etc/services$\""
192 " #\"^/private/var$\""
193 " #\"^/private/var/db$\""
194 " #\"^/private/var/spool$\""
8fe0183a
MS		 195 " #\"^/usr/bin$\"" /* /usr/bin */
196 " #\"^/usr/bin/\"" /* /usr/bin/... */
197 " #\"^/usr/libexec/cups$\"" /* /usr/libexec/cups */
198 " #\"^/usr/libexec/cups/\"" /* /usr/libexec/cups/... */
199 " #\"^/usr/sbin$\"" /* /usr/sbin */
200 " #\"^/usr/sbin/\"" /* /usr/sbin/... */
201 " #\"^/Library/Caches$\""
202 " #\"^/Library/Fonts$\""
203 " #\"^/Library/Fonts/\""
777e09f8
MS		 204 " #\"^/Library/Keychains$\""
205 " #\"^/Library/Keychains/\""
8fe0183a 206 " #\"^/Library/Printers$\""
777e09f8 207 " #\"^/Library/Printers/\""
8fe0183a
MS		 208 " #\"^%s/Library$\"" /* RequestRoot/Library */
209 " #\"^%s/Library/\"" /* RequestRoot/Library/... */
210 " #\"^%s$\"" /* ServerBin */
211 " #\"^%s/\"" /* ServerBin/... */
212 " #\"^%s$\"" /* ServerRoot */
213 " #\"^%s/\"" /* ServerRoot/... */
214 "))\n",
215 request, request, bin, bin, root, root);
216 if (Sandboxing == CUPSD_SANDBOXING_RELAXED)
217 {
218 /* Limited write access to /Library/Printers/... */
219 cupsFilePuts(fp,
220 "(allow file-write*\n"
88f9aafc 221 " (regex"
8fe0183a
MS		 222 " #\"^/Library/Printers/.*/\""
223 "))\n");
224 cupsFilePrintf(fp,
225 "(deny file-write*\n"
226 " (regex"
227 " #\"^/Library/Printers/PPDs$\""
228 " #\"^/Library/Printers/PPDs/\""
229 " #\"^/Library/Printers/PPD Plugins$\""
230 " #\"^/Library/Printers/PPD Plugins/\""
231 ")%s)\n", nodebug);
232 }
233 /* Allow execution of child processes */
234 cupsFilePuts(fp, "(allow process-fork)\n");
235 cupsFilePrintf(fp,
236 "(allow process-exec\n"
237 " (regex"
238 " #\"^/bin/\"" /* /bin/... */
239 " #\"^/usr/bin/\"" /* /usr/bin/... */
240 " #\"^/usr/libexec/cups/\"" /* /usr/libexec/cups/... */
241 " #\"^/usr/sbin/\"" /* /usr/sbin/... */
242 " #\"^%s/\"" /* ServerBin/... */
243 " #\"^/Library/Printers/.*/\""
244 "))\n",
245 bin);
246 if (RunUser && getenv("CUPS_TESTROOT"))
e60ec91f 247 {
8fe0183a
MS		 248 /* Allow source directory access in "make test" environment */
249 char testroot[1024]; /* Root directory of test files */
e60ec91f 250
8fe0183a
MS		 251 cupsd_requote(testroot, getenv("CUPS_TESTROOT"), sizeof(testroot));
252
253 cupsFilePrintf(fp,
254 "(allow file-write* file-read-data file-read-metadata\n"
255 " (regex"
256 " #\"^%s$\"" /* CUPS_TESTROOT */
257 " #\"^%s/\"" /* CUPS_TESTROOT/... */
258 "))\n",
259 testroot, testroot);
260 cupsFilePrintf(fp,
261 "(allow process-exec\n"
262 " (regex"
263 " #\"^%s/\"" /* CUPS_TESTROOT/... */
264 "))\n",
265 testroot);
266 }
267 if (job_id)
268 {
269 /* Allow job filters to read the current job files... */
a4924f6c
MS		 270 cupsFilePrintf(fp,
271 "(allow file-read-data file-read-metadata\n"
5a757074 272 " (regex #\"^%s/([ac]%05d|d%05d-[0-9][0-9][0-9])$\"))\n",
5bd77a73 273 request, job_id, job_id);
e60ec91f
MS		 274 }
275 else
276 {
8fe0183a 277 /* Allow email notifications from notifiers... */
e60ec91f
MS		 278 cupsFilePuts(fp,
279 "(allow process-exec\n"
280 " (literal \"/usr/sbin/sendmail\")\n"
8fe0183a
MS		 281 " (with no-sandbox))\n");
282 }
777e09f8 283 /* Allow outbound networking to local services */
8fe0183a 284 cupsFilePuts(fp, "(allow network-outbound"
777e09f8 285 "\n (regex #\"^/private/var/run/\")");
8fe0183a
MS		 286 for (lis = (cupsd_listener_t *)cupsArrayFirst(Listeners);
287 lis;
288 lis = (cupsd_listener_t *)cupsArrayNext(Listeners))
289 {
290 if (httpAddrFamily(&(lis->address)) == AF_LOCAL)
291 {
292 httpAddrString(&(lis->address), domain, sizeof(domain));
293 cupsFilePrintf(fp, "\n (literal \"%s\")", domain);
294 }
295 }
296 if (allow_networking)
297 {
298 /* Allow TCP and UDP networking off the machine... */
299 cupsFilePuts(fp, "\n (remote tcp))\n");
4c6277cc 300 cupsFilePuts(fp, "(allow network-bind)\n"); /* for LPD resvport */
8fe0183a
MS		 301 cupsFilePuts(fp, "(allow network*\n"
302 " (local udp \"*:*\")\n"
303 " (remote udp \"*:*\"))\n");
bcc4b655 304
4c6277cc 305 /* Also allow access to Bluetooth, USB, and device files */
bcc4b655 306 cupsFilePuts(fp, "(allow iokit-open)\n");
e2685126 307 cupsFilePuts(fp, "(allow file-write* file-read-data file-read-metadata file-ioctl\n"
4c6277cc 308 " (regex #\"^/dev/\"))\n");
8fe0183a
MS		 309 }
310 else
311 {
312 /* Only allow SNMP (UDP) off the machine... */
313 cupsFilePuts(fp, ")\n");
314 cupsFilePuts(fp, "(allow network-outbound\n"
315 " (remote udp \"*:161\"))\n");
316 cupsFilePuts(fp, "(allow network-inbound\n"
317 " (local udp \"localhost:*\"))\n");
e60ec91f 318 }
a4924f6c
MS		 319 cupsFileClose(fp);
320
8fe0183a 321 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d,allow_networking=%d) = \"%s\"", job_id, allow_networking, profile);
a4924f6c 322 return ((void *)strdup(profile));
b9faaae1 323
a4924f6c 324#else
8fe0183a 325 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d, allow_networking=%d) = NULL", job_id, allow_networking);
a4924f6c
MS		 326
327 return (NULL);
328#endif /* HAVE_SANDBOX_H */
329}
330
331
332/*
333 * 'cupsdDestroyProfile()' - Delete an execution profile.
334 */
335
336void
337cupsdDestroyProfile(void *profile) /* I - Profile */
338{
b9faaae1
MS		 339 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdDeleteProfile(profile=\"%s\")",
340 profile ? (char *)profile : "(null)");
341
a4924f6c
MS		 342#ifdef HAVE_SANDBOX_H
343 if (profile)
344 {
345 unlink((char *)profile);
346 free(profile);
347 }
348#endif /* HAVE_SANDBOX_H */
349}
e00b005a 350
351
ef416fc2 352/*
353 * 'cupsdEndProcess()' - End a process.
354 */
355
356int /* O - 0 on success, -1 on failure */
357cupsdEndProcess(int pid, /* I - Process ID */
358 int force) /* I - Force child to die */
359{
b9faaae1
MS		 360 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdEndProcess(pid=%d, force=%d)", pid,
361 force);
362
ef55b745
MS		 363 if (!pid)
364 return (0);
88f9aafc
MS		 365
366 if (!RunUser)
367 {
368 /*
369 * When running as root, cupsd puts child processes in their own process
370 * group. Using "-pid" sends a signal to all processes in the group.
371 */
372
373 pid = -pid;
374 }
375
376 if (force)
ef416fc2 377 return (kill(pid, SIGKILL));
378 else
379 return (kill(pid, SIGTERM));
380}
381
382
e00b005a 383/*
384 * 'cupsdFinishProcess()' - Finish a process and get its name.
385 */
386
387const char * /* O - Process name */
07623986
MS		 388cupsdFinishProcess(int pid, /* I - Process ID */
389 char *name, /* I - Name buffer */
390 size_t namelen, /* I - Size of name buffer */
391 int *job_id) /* O - Job ID pointer or NULL */
e00b005a 392{
393 cupsd_proc_t key, /* Search key */
394 *proc; /* Matching process */
395
396
397 key.pid = pid;
398
399 if ((proc = (cupsd_proc_t *)cupsArrayFind(process_array, &key)) != NULL)
400 {
b9faaae1
MS		 401 if (job_id)
402 *job_id = proc->job_id;
403
e00b005a 404 strlcpy(name, proc->name, namelen);
405 cupsArrayRemove(process_array, proc);
406 free(proc);
e00b005a 407 }
408 else
b9faaae1
MS		 409 {
410 if (job_id)
411 *job_id = 0;
412
413 strlcpy(name, "unknown", namelen);
414 }
415
07623986 416 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdFinishProcess(pid=%d, name=%p, namelen=" CUPS_LLFMT ", job_id=%p(%d)) = \"%s\"", pid, name, CUPS_LLCAST namelen, job_id, job_id ? *job_id : 0, name);
b9faaae1
MS		 417
418 return (name);
e00b005a 419}
420
421
ef416fc2 422/*
423 * 'cupsdStartProcess()' - Start a process.
424 */
425
426int /* O - Process ID or 0 */
427cupsdStartProcess(
b9faaae1
MS		 428 const char *command, /* I - Full path to command */
429 char *argv[], /* I - Command-line arguments */
430 char *envp[], /* I - Environment */
431 int infd, /* I - Standard input file descriptor */
432 int outfd, /* I - Standard output file descriptor */
433 int errfd, /* I - Standard error file descriptor */
434 int backfd, /* I - Backchannel file descriptor */
435 int sidefd, /* I - Sidechannel file descriptor */
436 int root, /* I - Run as root? */
437 void *profile, /* I - Security profile to use */
38e73f87 438 cupsd_job_t *job, /* I - Job associated with process */
b9faaae1 439 int *pid) /* O - Process ID */
ef416fc2 440{
0268488e 441 int i; /* Looping var */
e60ec91f 442 const char *exec_path = command; /* Command to be exec'd */
28c194b0 443 char *real_argv[110], /* Real command-line arguments */
0268488e 444 cups_exec[1024]; /* Path to "cups-exec" program */
7e86f2f6 445 uid_t user; /* Command UID */
e00b005a 446 cupsd_proc_t *proc; /* New process record */
c82f05ea
MS		 447#ifdef HAVE_POSIX_SPAWN
448 posix_spawn_file_actions_t actions; /* Spawn file actions */
449 posix_spawnattr_t attrs; /* Spawn attributes */
450 char user_str[16], /* User string */
451 group_str[16], /* Group string */
452 nice_str[16]; /* FilterNice string */
07623986 453#elif defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET)
e00b005a 454 struct sigaction action; /* POSIX signal handler */
07623986 455#endif /* HAVE_POSIX_SPAWN */
e53920b9 456#if defined(__APPLE__)
e00b005a 457 char processPath[1024], /* CFProcessPath environment variable */
458 linkpath[1024]; /* Link path for symlinks... */
459 int linkbytes; /* Bytes for link path */
e53920b9 460#endif /* __APPLE__ */
ef416fc2 461
462
22c9029b
MS		 463 *pid = 0;
464
0268488e
MS		 465 /*
466 * Figure out the UID for the child process...
467 */
468
bf3816c7
MS		 469 if (RunUser)
470 user = RunUser;
471 else if (root)
472 user = 0;
473 else
474 user = User;
475
0268488e
MS		 476 /*
477 * Check the permissions of the command we are running...
478 */
479
22c9029b
MS		 480 if (_cupsFileCheck(command, _CUPS_FILE_CHECK_PROGRAM, !RunUser,
481 cupsdLogFCMessage, job ? job->printer : NULL))
bf3816c7 482 return (0);
76cd9e37 483
e53920b9 484#if defined(__APPLE__)
485 if (envp)
e00b005a 486 {
487 /*
f3c17241
MS		 488 * Add special voodoo magic for OS X - this allows OS X programs to access
489 * their bundle resources properly...
e00b005a 490 */
491
e53920b9 492 if ((linkbytes = readlink(command, linkpath, sizeof(linkpath) - 1)) > 0)
493 {
494 /*
495 * Yes, this is a symlink to the actual program, nul-terminate and
496 * use it...
497 */
498
499 linkpath[linkbytes] = '\0';
e00b005a 500
e53920b9 501 if (linkpath[0] == '/')
502 snprintf(processPath, sizeof(processPath), "CFProcessPath=%s",
503 linkpath);
504 else
505 snprintf(processPath, sizeof(processPath), "CFProcessPath=%s/%s",
f7deaa1a 506 dirname((char *)command), linkpath);
e53920b9 507 }
e00b005a 508 else
e53920b9 509 snprintf(processPath, sizeof(processPath), "CFProcessPath=%s", command);
bd7854cb 510
e53920b9 511 envp[0] = processPath; /* Replace <CFProcessPath> string */
512 }
513#endif /* __APPLE__ */
e00b005a 514
0268488e
MS		 515 /*
516 * Use helper program when we have a sandbox profile...
517 */
518
c82f05ea 519#ifndef HAVE_POSIX_SPAWN
0268488e 520 if (profile)
c82f05ea 521#endif /* !HAVE_POSIX_SPAWN */
0268488e
MS		 522 {
523 snprintf(cups_exec, sizeof(cups_exec), "%s/daemon/cups-exec", ServerBin);
8fe0183a 524 snprintf(user_str, sizeof(user_str), "%d", user);
c82f05ea
MS		 525 snprintf(group_str, sizeof(group_str), "%d", Group);
526 snprintf(nice_str, sizeof(nice_str), "%d", FilterNice);
0268488e
MS		 527
528 real_argv[0] = cups_exec;
28c194b0
MS		 529 real_argv[1] = (char *)"-g";
530 real_argv[2] = group_str;
531 real_argv[3] = (char *)"-n";
c82f05ea 532 real_argv[4] = nice_str;
28c194b0
MS		 533 real_argv[5] = (char *)"-u";
534 real_argv[6] = user_str;
535 real_argv[7] = profile;
536 real_argv[8] = (char *)command;
0268488e
MS		 537
538 for (i = 0;
28c194b0 539 i < (int)(sizeof(real_argv) / sizeof(real_argv[0]) - 10) && argv[i];
0268488e 540 i ++)
28c194b0 541 real_argv[i + 9] = argv[i];
0268488e 542
28c194b0 543 real_argv[i + 9] = NULL;
0268488e 544
e60ec91f
MS		 545 argv = real_argv;
546 exec_path = cups_exec;
0268488e
MS		 547 }
548
c82f05ea
MS		 549 if (LogLevel == CUPSD_LOG_DEBUG2)
550 {
551 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartProcess: Preparing to start \"%s\", arguments:", command);
552
553 for (i = 0; argv[i]; i ++)
554 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartProcess: argv[%d] = \"%s\"", i, argv[i]);
555 }
556
557#ifdef HAVE_POSIX_SPAWN
558 /*
559 * Setup attributes and file actions for the spawn...
560 */
561
562 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartProcess: Setting spawn attributes.");
563 posix_spawnattr_init(&attrs);
564 posix_spawnattr_setflags(&attrs, POSIX_SPAWN_SETPGROUP | POSIX_SPAWN_SETSIGDEF);
565
566 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartProcess: Setting file actions.");
567 posix_spawn_file_actions_init(&actions);
568 if (infd != 0)
569 {
570 if (infd < 0)
571 posix_spawn_file_actions_addopen(&actions, 0, "/dev/null", O_WRONLY, 0);
572 else
573 posix_spawn_file_actions_adddup2(&actions, infd, 0);
574 }
575
576 if (outfd != 1)
577 {
578 if (outfd < 0)
579 posix_spawn_file_actions_addopen(&actions, 1, "/dev/null", O_WRONLY, 0);
580 else
581 posix_spawn_file_actions_adddup2(&actions, outfd, 1);
582 }
583
584 if (errfd != 2)
585 {
586 if (errfd < 0)
587 posix_spawn_file_actions_addopen(&actions, 2, "/dev/null", O_WRONLY, 0);
588 else
589 posix_spawn_file_actions_adddup2(&actions, errfd, 2);
590 }
591
592 if (backfd != 3 && backfd >= 0)
593 posix_spawn_file_actions_adddup2(&actions, backfd, 3);
594
595 if (sidefd != 4 && sidefd >= 0)
596 posix_spawn_file_actions_adddup2(&actions, sidefd, 4);
597
598 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartProcess: Calling posix_spawn.");
599
600 if (posix_spawn(pid, exec_path, &actions, &attrs, argv, envp ? envp : environ))
601 {
602 cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to fork %s - %s.", command, strerror(errno));
603
604 *pid = 0;
605 }
606 else
607 cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdStartProcess: pid=%d", (int)*pid);
608
609 posix_spawn_file_actions_destroy(&actions);
610 posix_spawnattr_destroy(&attrs);
611
612#else
ef416fc2 613 /*
614 * Block signals before forking...
615 */
616
617 cupsdHoldSignals();
618
619 if ((*pid = fork()) == 0)
620 {
621 /*
88f9aafc
MS		 622 * Child process goes here; update stderr as needed...
623 */
624
625 if (errfd != 2)
626 {
627 if (errfd < 0)
628 errfd = open("/dev/null", O_WRONLY);
629
630 if (errfd != 2)
631 {
632 dup2(errfd, 2);
633 close(errfd);
634 }
635 }
636
637 /*
638 * Put this process in its own process group so that we can kill any child
639 * processes it creates.
640 */
641
c82f05ea 642# ifdef HAVE_SETPGID
88f9aafc
MS		 643 if (!RunUser && setpgid(0, 0))
644 exit(errno + 100);
c82f05ea 645# else
88f9aafc
MS		 646 if (!RunUser && setpgrp())
647 exit(errno + 100);
c82f05ea 648# endif /* HAVE_SETPGID */
88f9aafc
MS		 649
650 /*
651 * Update the remaining file descriptors as needed...
ef416fc2 652 */
653
654 if (infd != 0)
655 {
68b10830
MS		 656 if (infd < 0)
657 infd = open("/dev/null", O_RDONLY);
658
659 if (infd != 0)
660 {
661 dup2(infd, 0);
662 close(infd);
663 }
ef416fc2 664 }
68b10830 665
ef416fc2 666 if (outfd != 1)
667 {
68b10830
MS		 668 if (outfd < 0)
669 outfd = open("/dev/null", O_WRONLY);
670
671 if (outfd != 1)
672 {
673 dup2(outfd, 1);
674 close(outfd);
675 }
ef416fc2 676 }
68b10830 677
68b10830 678 if (backfd != 3 && backfd >= 0)
ef416fc2 679 {
68b10830
MS		 680 dup2(backfd, 3);
681 close(backfd);
ef416fc2 682 fcntl(3, F_SETFL, O_NDELAY);
683 }
68b10830
MS		 684
685 if (sidefd != 4 && sidefd >= 0)
f7deaa1a 686 {
68b10830
MS		 687 dup2(sidefd, 4);
688 close(sidefd);
f7deaa1a 689 fcntl(4, F_SETFL, O_NDELAY);
690 }
ef416fc2 691
692 /*
693 * Change the priority of the process based on the FilterNice setting.
5bd77a73 694 * (this is not done for root processes...)
ef416fc2 695 */
696
697 if (!root)
698 nice(FilterNice);
699
700 /*
88f9aafc 701 * Reset group membership to just the main one we belong to.
ef416fc2 702 */
703
88f9aafc
MS		 704 if (!RunUser && setgid(Group))
705 exit(errno + 100);
ef416fc2 706
88f9aafc
MS		 707 if (!RunUser && setgroups(1, &Group))
708 exit(errno + 100);
ef416fc2 709
88f9aafc
MS		 710 /*
711 * Change user to something "safe"...
712 */
41681883 713
88f9aafc
MS		 714 if (!RunUser && user && setuid(user))
715 exit(errno + 100);
ef416fc2 716
717 /*
718 * Change umask to restrict permissions on created files...
719 */
720
721 umask(077);
722
723 /*
724 * Unblock signals before doing the exec...
725 */
726
c82f05ea 727# ifdef HAVE_SIGSET
ef416fc2 728 sigset(SIGTERM, SIG_DFL);
729 sigset(SIGCHLD, SIG_DFL);
ef55b745 730 sigset(SIGPIPE, SIG_DFL);
c82f05ea 731# elif defined(HAVE_SIGACTION)
ef416fc2 732 memset(&action, 0, sizeof(action));
733
734 sigemptyset(&action.sa_mask);
735 action.sa_handler = SIG_DFL;
736
737 sigaction(SIGTERM, &action, NULL);
738 sigaction(SIGCHLD, &action, NULL);
ef55b745 739 sigaction(SIGPIPE, &action, NULL);
c82f05ea 740# else
ef416fc2 741 signal(SIGTERM, SIG_DFL);
742 signal(SIGCHLD, SIG_DFL);
ef55b745 743 signal(SIGPIPE, SIG_DFL);
c82f05ea 744# endif /* HAVE_SIGSET */
ef416fc2 745
746 cupsdReleaseSignals();
747
748 /*
0268488e
MS		 749 * Execute the command; if for some reason this doesn't work, log an error
750 * exit with a non-zero value...
ef416fc2 751 */
752
753 if (envp)
e60ec91f 754 execve(exec_path, argv, envp);
ef416fc2 755 else
e60ec91f 756 execv(exec_path, argv);
ef416fc2 757
88f9aafc 758 exit(errno + 100);
ef416fc2 759 }
760 else if (*pid < 0)
761 {
762 /*
763 * Error - couldn't fork a new process!
764 */
765
766 cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to fork %s - %s.", command,
767 strerror(errno));
768
769 *pid = 0;
770 }
c82f05ea
MS		 771
772 cupsdReleaseSignals();
773#endif /* HAVE_POSIX_SPAWN */
774
775 if (*pid)
e00b005a 776 {
777 if (!process_array)
778 process_array = cupsArrayNew((cups_array_func_t)compare_procs, NULL);
f3c17241 779
e00b005a 780 if (process_array)
781 {
782 if ((proc = calloc(1, sizeof(cupsd_proc_t) + strlen(command))) != NULL)
783 {
b9faaae1 784 proc->pid = *pid;
38e73f87 785 proc->job_id = job ? job->id : 0;
e60ec91f 786 _cups_strcpy(proc->name, command);
e00b005a 787
788 cupsArrayAdd(process_array, proc);
789 }
790 }
791 }
ef416fc2 792
b9faaae1
MS		 793 cupsdLogMessage(CUPSD_LOG_DEBUG2,
794 "cupsdStartProcess(command=\"%s\", argv=%p, envp=%p, "
795 "infd=%d, outfd=%d, errfd=%d, backfd=%d, sidefd=%d, root=%d, "
38e73f87 796 "profile=%p, job=%p(%d), pid=%p) = %d",
b9faaae1 797 command, argv, envp, infd, outfd, errfd, backfd, sidefd,
38e73f87 798 root, profile, job, job ? job->id : 0, pid, *pid);
b9faaae1 799
ef416fc2 800 return (*pid);
801}
802
803
804/*
e00b005a 805 * 'compare_procs()' - Compare two processes.
806 */
807
808static int /* O - Result of comparison */
809compare_procs(cupsd_proc_t *a, /* I - First process */
810 cupsd_proc_t *b) /* I - Second process */
811{
812 return (a->pid - b->pid);
813}
814
815
a4924f6c
MS		 816#ifdef HAVE_SANDBOX_H
817/*
818 * 'cupsd_requote()' - Make a regular-expression version of a string.
819 */
820
821static char * /* O - Quoted string */
822cupsd_requote(char *dst, /* I - Destination buffer */
823 const char *src, /* I - Source string */
824 size_t dstsize) /* I - Size of destination buffer */
825{
826 int ch; /* Current character */
827 char *dstptr, /* Current position in buffer */
828 *dstend; /* End of destination buffer */
829
830
831 dstptr = dst;
832 dstend = dst + dstsize - 2;
833
834 while (*src && dstptr < dstend)
835 {
836 ch = *src++;
837
cb7f98ee
MS		 838 if (ch == '/' && !*src)
839 break; /* Don't add trailing slash */
840
a4924f6c
MS		 841 if (strchr(".?*()[]^$\\", ch))
842 *dstptr++ = '\\';
843
7e86f2f6 844 *dstptr++ = (char)ch;
a4924f6c
MS		 845 }
846
847 *dstptr = '\0';
848
849 return (dst);
850}
851#endif /* HAVE_SANDBOX_H */
852
853
e00b005a 854/*
f2d18633 855 * End of "$Id$".
ef416fc2 856 */
Unnamed repository; edit this file 'description' to name the repository.