]>
Commit | Line | Data |
---|---|---|
ef416fc2 | 1 | /* |
75bd9771 | 2 | * "$Id: process.c 7256 2008-01-25 00:48:54Z mike $" |
ef416fc2 | 3 | * |
cc754834 | 4 | * Process management routines for the CUPS scheduler. |
ef416fc2 | 5 | * |
e60ec91f | 6 | * Copyright 2007-2011 by Apple Inc. |
f7deaa1a | 7 | * Copyright 1997-2007 by Easy Software Products, all rights reserved. |
ef416fc2 | 8 | * |
9 | * These coded instructions, statements, and computer programs are the | |
bc44d920 | 10 | * property of Apple Inc. and are protected by Federal copyright |
11 | * law. Distribution and use rights are outlined in the file "LICENSE.txt" | |
12 | * which should have been included with this file. If this file is | |
13 | * file is missing or damaged, see the license at "http://www.cups.org/". | |
ef416fc2 | 14 | * |
15 | * Contents: | |
16 | * | |
a4924f6c MS |
17 | * cupsdCreateProfile() - Create an execution profile for a subprocess. |
18 | * cupsdDestroyProfile() - Delete an execution profile. | |
19 | * cupsdEndProcess() - End a process. | |
20 | * cupsdFinishProcess() - Finish a process and get its name. | |
21 | * cupsdStartProcess() - Start a process. | |
22 | * compare_procs() - Compare two processes. | |
23 | * cupsd_requote() - Make a regular-expression version of a string. | |
ef416fc2 | 24 | */ |
25 | ||
26 | /* | |
27 | * Include necessary headers... | |
28 | */ | |
29 | ||
30 | #include "cupsd.h" | |
31 | #include <grp.h> | |
a4924f6c | 32 | #ifdef __APPLE__ |
4400e98d | 33 | # include <libgen.h> |
6d2f911b | 34 | #endif /* __APPLE__ */ |
ef416fc2 | 35 | |
36 | ||
e00b005a | 37 | /* |
38 | * Process structure... | |
39 | */ | |
40 | ||
41 | typedef struct | |
42 | { | |
b9faaae1 MS |
43 | int pid, /* Process ID */ |
44 | job_id; /* Job associated with process */ | |
e00b005a | 45 | char name[1]; /* Name of process */ |
46 | } cupsd_proc_t; | |
47 | ||
48 | ||
49 | /* | |
50 | * Local globals... | |
51 | */ | |
52 | ||
53 | static cups_array_t *process_array = NULL; | |
54 | ||
55 | ||
56 | /* | |
57 | * Local functions... | |
58 | */ | |
59 | ||
60 | static int compare_procs(cupsd_proc_t *a, cupsd_proc_t *b); | |
a4924f6c MS |
61 | #ifdef HAVE_SANDBOX_H |
62 | static char *cupsd_requote(char *dst, const char *src, size_t dstsize); | |
63 | #endif /* HAVE_SANDBOX_H */ | |
64 | ||
65 | ||
66 | /* | |
67 | * 'cupsdCreateProfile()' - Create an execution profile for a subprocess. | |
68 | */ | |
69 | ||
70 | void * /* O - Profile or NULL on error */ | |
71 | cupsdCreateProfile(int job_id) /* I - Job ID or 0 for none */ | |
72 | { | |
73 | #ifdef HAVE_SANDBOX_H | |
74 | cups_file_t *fp; /* File pointer */ | |
75 | char profile[1024], /* File containing the profile */ | |
76 | cache[1024], /* Quoted CacheDir */ | |
77 | request[1024], /* Quoted RequestRoot */ | |
78 | root[1024], /* Quoted ServerRoot */ | |
79 | temp[1024]; /* Quoted TempDir */ | |
80 | ||
81 | ||
0268488e | 82 | if (!UseProfiles) |
b9faaae1 MS |
83 | { |
84 | /* | |
85 | * Only use sandbox profiles as root... | |
86 | */ | |
87 | ||
88 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = NULL", | |
89 | job_id); | |
90 | ||
91 | return (NULL); | |
92 | } | |
93 | ||
a4924f6c MS |
94 | if ((fp = cupsTempFile2(profile, sizeof(profile))) == NULL) |
95 | { | |
b9faaae1 MS |
96 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = NULL", |
97 | job_id); | |
a4924f6c MS |
98 | cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to create security profile: %s", |
99 | strerror(errno)); | |
100 | return (NULL); | |
101 | } | |
102 | ||
0268488e MS |
103 | fchown(cupsFileNumber(fp), RunUser, Group); |
104 | fchmod(cupsFileNumber(fp), 0640); | |
105 | ||
a4924f6c MS |
106 | cupsd_requote(cache, CacheDir, sizeof(cache)); |
107 | cupsd_requote(request, RequestRoot, sizeof(request)); | |
108 | cupsd_requote(root, ServerRoot, sizeof(root)); | |
109 | cupsd_requote(temp, TempDir, sizeof(temp)); | |
110 | ||
111 | cupsFilePuts(fp, "(version 1)\n"); | |
cc754834 MS |
112 | if (LogLevel >= CUPSD_LOG_DEBUG) |
113 | cupsFilePuts(fp, "(debug deny)\n"); | |
a4924f6c MS |
114 | cupsFilePuts(fp, "(allow default)\n"); |
115 | cupsFilePrintf(fp, | |
116 | "(deny file-write* file-read-data file-read-metadata\n" | |
5a6b583a MS |
117 | " (regex" |
118 | " #\"^%s$\"" /* RequestRoot */ | |
119 | " #\"^%s/\"" /* RequestRoot/... */ | |
5a6b583a MS |
120 | "))\n", |
121 | request, request); | |
0268488e MS |
122 | if (!RunUser) |
123 | cupsFilePuts(fp, | |
124 | "(deny file-write* file-read-data file-read-metadata\n" | |
125 | " (regex" | |
126 | " #\"^/Users$\"" | |
127 | " #\"^/Users/\"" | |
128 | "))\n"); | |
a4924f6c MS |
129 | cupsFilePrintf(fp, |
130 | "(deny file-write*\n" | |
5a6b583a MS |
131 | " (regex" |
132 | " #\"^%s$\"" /* ServerRoot */ | |
133 | " #\"^%s/\"" /* ServerRoot/... */ | |
134 | " #\"^/private/etc$\"" | |
135 | " #\"^/private/etc/\"" | |
136 | " #\"^/usr/local/etc$\"" | |
137 | " #\"^/usr/local/etc/\"" | |
138 | " #\"^/Library$\"" | |
139 | " #\"^/Library/\"" | |
140 | " #\"^/System$\"" | |
141 | " #\"^/System/\"" | |
142 | "))\n", | |
143 | root, root); | |
7cf5915e MS |
144 | /* Specifically allow applications to stat RequestRoot */ |
145 | cupsFilePrintf(fp, | |
146 | "(allow file-read-metadata\n" | |
147 | " (regex" | |
148 | " #\"^%s$\"" /* RequestRoot */ | |
149 | "))\n", | |
150 | request); | |
a4924f6c MS |
151 | cupsFilePrintf(fp, |
152 | "(allow file-write* file-read-data file-read-metadata\n" | |
5a6b583a MS |
153 | " (regex" |
154 | " #\"^%s$\"" /* TempDir */ | |
155 | " #\"^%s/\"" /* TempDir/... */ | |
156 | " #\"^%s$\"" /* CacheDir */ | |
157 | " #\"^%s/\"" /* CacheDir/... */ | |
158 | " #\"^%s/Library$\"" /* RequestRoot/Library */ | |
159 | " #\"^%s/Library/\"" /* RequestRoot/Library/... */ | |
ed6e7faf MS |
160 | " #\"^/Library/Application Support/\"" |
161 | " #\"^/Library/Caches/\"" | |
162 | " #\"^/Library/Preferences/\"" | |
5a6b583a MS |
163 | " #\"^/Library/Printers/.*/\"" |
164 | " #\"^/Users/Shared/\"" | |
ed6e7faf | 165 | "))\n", |
5a6b583a | 166 | temp, temp, cache, cache, request, request); |
ed6e7faf MS |
167 | cupsFilePuts(fp, |
168 | "(deny file-write*\n" | |
5a6b583a MS |
169 | " (regex" |
170 | " #\"^/Library/Printers/PPDs$\"" | |
171 | " #\"^/Library/Printers/PPDs/\"" | |
172 | " #\"^/Library/Printers/PPD Plugins$\"" | |
ed6e7faf MS |
173 | " #\"^/Library/Printers/PPD Plugins/\"" |
174 | "))\n"); | |
a4924f6c | 175 | if (job_id) |
e60ec91f MS |
176 | { |
177 | /* | |
178 | * Allow job filters to read the spool file(s)... | |
179 | */ | |
180 | ||
a4924f6c MS |
181 | cupsFilePrintf(fp, |
182 | "(allow file-read-data file-read-metadata\n" | |
183 | " (regex #\"^%s/([ac]%05d|d%05d-[0-9][0-9][0-9])$\"))\n", | |
5bd77a73 | 184 | request, job_id, job_id); |
e60ec91f MS |
185 | } |
186 | else | |
187 | { | |
188 | /* | |
189 | * Allow email notifications from notifiers... | |
190 | */ | |
191 | ||
192 | cupsFilePuts(fp, | |
193 | "(allow process-exec\n" | |
194 | " (literal \"/usr/sbin/sendmail\")\n" | |
195 | " (with no-sandbox)\n" | |
196 | ")\n"); | |
197 | } | |
a4924f6c MS |
198 | |
199 | cupsFileClose(fp); | |
200 | ||
5bd77a73 MS |
201 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = \"%s\"", |
202 | job_id, profile); | |
a4924f6c | 203 | return ((void *)strdup(profile)); |
b9faaae1 | 204 | |
a4924f6c | 205 | #else |
b9faaae1 MS |
206 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = NULL", |
207 | job_id); | |
a4924f6c MS |
208 | |
209 | return (NULL); | |
210 | #endif /* HAVE_SANDBOX_H */ | |
211 | } | |
212 | ||
213 | ||
214 | /* | |
215 | * 'cupsdDestroyProfile()' - Delete an execution profile. | |
216 | */ | |
217 | ||
218 | void | |
219 | cupsdDestroyProfile(void *profile) /* I - Profile */ | |
220 | { | |
b9faaae1 MS |
221 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdDeleteProfile(profile=\"%s\")", |
222 | profile ? (char *)profile : "(null)"); | |
223 | ||
a4924f6c MS |
224 | #ifdef HAVE_SANDBOX_H |
225 | if (profile) | |
226 | { | |
227 | unlink((char *)profile); | |
228 | free(profile); | |
229 | } | |
230 | #endif /* HAVE_SANDBOX_H */ | |
231 | } | |
e00b005a | 232 | |
233 | ||
ef416fc2 | 234 | /* |
235 | * 'cupsdEndProcess()' - End a process. | |
236 | */ | |
237 | ||
238 | int /* O - 0 on success, -1 on failure */ | |
239 | cupsdEndProcess(int pid, /* I - Process ID */ | |
240 | int force) /* I - Force child to die */ | |
241 | { | |
b9faaae1 MS |
242 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdEndProcess(pid=%d, force=%d)", pid, |
243 | force); | |
244 | ||
ef55b745 MS |
245 | if (!pid) |
246 | return (0); | |
247 | else if (force) | |
ef416fc2 | 248 | return (kill(pid, SIGKILL)); |
249 | else | |
250 | return (kill(pid, SIGTERM)); | |
251 | } | |
252 | ||
253 | ||
e00b005a | 254 | /* |
255 | * 'cupsdFinishProcess()' - Finish a process and get its name. | |
256 | */ | |
257 | ||
258 | const char * /* O - Process name */ | |
259 | cupsdFinishProcess(int pid, /* I - Process ID */ | |
260 | char *name, /* I - Name buffer */ | |
b9faaae1 MS |
261 | int namelen, /* I - Size of name buffer */ |
262 | int *job_id) /* O - Job ID pointer or NULL */ | |
e00b005a | 263 | { |
264 | cupsd_proc_t key, /* Search key */ | |
265 | *proc; /* Matching process */ | |
266 | ||
267 | ||
268 | key.pid = pid; | |
269 | ||
270 | if ((proc = (cupsd_proc_t *)cupsArrayFind(process_array, &key)) != NULL) | |
271 | { | |
b9faaae1 MS |
272 | if (job_id) |
273 | *job_id = proc->job_id; | |
274 | ||
e00b005a | 275 | strlcpy(name, proc->name, namelen); |
276 | cupsArrayRemove(process_array, proc); | |
277 | free(proc); | |
e00b005a | 278 | } |
279 | else | |
b9faaae1 MS |
280 | { |
281 | if (job_id) | |
282 | *job_id = 0; | |
283 | ||
284 | strlcpy(name, "unknown", namelen); | |
285 | } | |
286 | ||
287 | cupsdLogMessage(CUPSD_LOG_DEBUG2, | |
288 | "cupsdFinishProcess(pid=%d, name=%p, namelen=%d, " | |
289 | "job_id=%p(%d)) = \"%s\"", pid, name, namelen, job_id, | |
290 | job_id ? *job_id : 0, name); | |
291 | ||
292 | return (name); | |
e00b005a | 293 | } |
294 | ||
295 | ||
ef416fc2 | 296 | /* |
297 | * 'cupsdStartProcess()' - Start a process. | |
298 | */ | |
299 | ||
300 | int /* O - Process ID or 0 */ | |
301 | cupsdStartProcess( | |
b9faaae1 MS |
302 | const char *command, /* I - Full path to command */ |
303 | char *argv[], /* I - Command-line arguments */ | |
304 | char *envp[], /* I - Environment */ | |
305 | int infd, /* I - Standard input file descriptor */ | |
306 | int outfd, /* I - Standard output file descriptor */ | |
307 | int errfd, /* I - Standard error file descriptor */ | |
308 | int backfd, /* I - Backchannel file descriptor */ | |
309 | int sidefd, /* I - Sidechannel file descriptor */ | |
310 | int root, /* I - Run as root? */ | |
311 | void *profile, /* I - Security profile to use */ | |
38e73f87 | 312 | cupsd_job_t *job, /* I - Job associated with process */ |
b9faaae1 | 313 | int *pid) /* O - Process ID */ |
ef416fc2 | 314 | { |
0268488e | 315 | int i; /* Looping var */ |
e60ec91f | 316 | const char *exec_path = command; /* Command to be exec'd */ |
0268488e MS |
317 | char *real_argv[103], /* Real command-line arguments */ |
318 | cups_exec[1024]; /* Path to "cups-exec" program */ | |
bf3816c7 MS |
319 | int user; /* Command UID */ |
320 | struct stat commandinfo; /* Command file information */ | |
e00b005a | 321 | cupsd_proc_t *proc; /* New process record */ |
ef416fc2 | 322 | #if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET) |
e00b005a | 323 | struct sigaction action; /* POSIX signal handler */ |
ef416fc2 | 324 | #endif /* HAVE_SIGACTION && !HAVE_SIGSET */ |
e53920b9 | 325 | #if defined(__APPLE__) |
e00b005a | 326 | char processPath[1024], /* CFProcessPath environment variable */ |
327 | linkpath[1024]; /* Link path for symlinks... */ | |
328 | int linkbytes; /* Bytes for link path */ | |
e53920b9 | 329 | #endif /* __APPLE__ */ |
ef416fc2 | 330 | |
331 | ||
0268488e MS |
332 | /* |
333 | * Figure out the UID for the child process... | |
334 | */ | |
335 | ||
bf3816c7 MS |
336 | if (RunUser) |
337 | user = RunUser; | |
338 | else if (root) | |
339 | user = 0; | |
340 | else | |
341 | user = User; | |
342 | ||
0268488e MS |
343 | /* |
344 | * Check the permissions of the command we are running... | |
345 | */ | |
346 | ||
bf3816c7 | 347 | if (stat(command, &commandinfo)) |
76cd9e37 | 348 | { |
b9faaae1 MS |
349 | *pid = 0; |
350 | ||
351 | cupsdLogMessage(CUPSD_LOG_DEBUG2, | |
352 | "cupsdStartProcess(command=\"%s\", argv=%p, envp=%p, " | |
353 | "infd=%d, outfd=%d, errfd=%d, backfd=%d, sidefd=%d, root=%d, " | |
38e73f87 | 354 | "profile=%p, job=%p(%d), pid=%p) = %d", |
b9faaae1 | 355 | command, argv, envp, infd, outfd, errfd, backfd, sidefd, |
38e73f87 | 356 | root, profile, job, job ? job->id : 0, pid, *pid); |
c8fef167 MS |
357 | cupsdLogMessage(CUPSD_LOG_ERROR, |
358 | "%s%s \"%s\" not available: %s", | |
359 | job && job->printer ? job->printer->name : "", | |
360 | job && job->printer ? ": Printer driver" : "Program", | |
361 | command, strerror(errno)); | |
38e73f87 MS |
362 | |
363 | if (job && job->printer) | |
e07d4801 MS |
364 | { |
365 | if (cupsdSetPrinterReasons(job->printer, "+cups-missing-filter-warning")) | |
366 | cupsdAddEvent(CUPSD_EVENT_PRINTER_STATE, job->printer, NULL, | |
c8fef167 | 367 | "Printer driver \"%s\" not available.", command); |
e07d4801 | 368 | } |
38e73f87 | 369 | |
76cd9e37 MS |
370 | return (0); |
371 | } | |
ef55b745 | 372 | else if (!RunUser && |
c8fef167 | 373 | ((commandinfo.st_mode & (S_ISUID | S_IWOTH)) || |
ef55b745 | 374 | commandinfo.st_uid)) |
bf3816c7 | 375 | { |
b9faaae1 MS |
376 | *pid = 0; |
377 | ||
378 | cupsdLogMessage(CUPSD_LOG_DEBUG2, | |
379 | "cupsdStartProcess(command=\"%s\", argv=%p, envp=%p, " | |
380 | "infd=%d, outfd=%d, errfd=%d, backfd=%d, sidefd=%d, root=%d, " | |
38e73f87 | 381 | "profile=%p, job=%p(%d), pid=%p) = %d", |
b9faaae1 | 382 | command, argv, envp, infd, outfd, errfd, backfd, sidefd, |
38e73f87 | 383 | root, profile, job, job ? job->id : 0, pid, *pid); |
bf3816c7 | 384 | cupsdLogMessage(CUPSD_LOG_ERROR, |
c8fef167 MS |
385 | "%s%s \"%s\" has insecure permissions (%d/0%o).", |
386 | job && job->printer ? job->printer->name : "", | |
387 | job && job->printer ? ": Printer driver" : "Program", | |
388 | command, (int)commandinfo.st_uid, commandinfo.st_mode); | |
b9faaae1 | 389 | |
38e73f87 | 390 | if (job && job->printer) |
e07d4801 MS |
391 | { |
392 | if (cupsdSetPrinterReasons(job->printer, "+cups-insecure-filter-warning")) | |
393 | cupsdAddEvent(CUPSD_EVENT_PRINTER_STATE, job->printer, NULL, | |
c8fef167 MS |
394 | "Printer driver \"%s\" has insecure permissions " |
395 | "(%d/0%o).", command, | |
396 | (int)commandinfo.st_uid, commandinfo.st_mode); | |
e07d4801 | 397 | } |
38e73f87 | 398 | |
bf3816c7 | 399 | errno = EPERM; |
38e73f87 | 400 | |
bf3816c7 MS |
401 | return (0); |
402 | } | |
403 | else if ((commandinfo.st_uid != user || !(commandinfo.st_mode & S_IXUSR)) && | |
404 | (commandinfo.st_gid != Group || !(commandinfo.st_mode & S_IXGRP)) && | |
405 | !(commandinfo.st_mode & S_IXOTH)) | |
406 | { | |
b9faaae1 MS |
407 | *pid = 0; |
408 | ||
409 | cupsdLogMessage(CUPSD_LOG_DEBUG2, | |
410 | "cupsdStartProcess(command=\"%s\", argv=%p, envp=%p, " | |
411 | "infd=%d, outfd=%d, errfd=%d, backfd=%d, sidefd=%d, root=%d, " | |
38e73f87 | 412 | "profile=%p, job=%p(%d), pid=%p) = %d", |
b9faaae1 | 413 | command, argv, envp, infd, outfd, errfd, backfd, sidefd, |
38e73f87 | 414 | root, profile, job, job ? job->id : 0, pid, *pid); |
bf3816c7 | 415 | cupsdLogMessage(CUPSD_LOG_ERROR, |
c8fef167 MS |
416 | "%s%s \"%s\" does not have execute permissions (%d/0%o).", |
417 | job && job->printer ? job->printer->name : "", | |
418 | job && job->printer ? ": Printer driver" : "Program", | |
419 | command, (int)commandinfo.st_uid, commandinfo.st_mode); | |
b9faaae1 | 420 | |
bf3816c7 MS |
421 | errno = EPERM; |
422 | return (0); | |
423 | } | |
c8fef167 MS |
424 | else if (!RunUser && (commandinfo.st_mode & S_IWGRP)) |
425 | { | |
426 | cupsdLogMessage(CUPSD_LOG_WARN, | |
427 | "%s%s \"%s\" has insecure permissions (%d/0%o).", | |
428 | job && job->printer ? job->printer->name : "", | |
429 | job && job->printer ? ": Printer driver" : "Program", | |
430 | command, (int)commandinfo.st_uid, commandinfo.st_mode); | |
431 | ||
432 | if (job && job->printer) | |
433 | { | |
434 | if (cupsdSetPrinterReasons(job->printer, "+cups-insecure-filter-warning")) | |
435 | cupsdAddEvent(CUPSD_EVENT_PRINTER_STATE, job->printer, NULL, | |
436 | "Printer driver \"%s\" has insecure permissions " | |
437 | "(%d/0%o).", command, (int)commandinfo.st_uid, | |
438 | commandinfo.st_mode); | |
439 | } | |
440 | } | |
76cd9e37 | 441 | |
e53920b9 | 442 | #if defined(__APPLE__) |
443 | if (envp) | |
e00b005a | 444 | { |
445 | /* | |
6d2f911b | 446 | * Add special voodoo magic for Mac OS X - this allows Mac OS X |
e53920b9 | 447 | * programs to access their bundle resources properly... |
e00b005a | 448 | */ |
449 | ||
e53920b9 | 450 | if ((linkbytes = readlink(command, linkpath, sizeof(linkpath) - 1)) > 0) |
451 | { | |
452 | /* | |
453 | * Yes, this is a symlink to the actual program, nul-terminate and | |
454 | * use it... | |
455 | */ | |
456 | ||
457 | linkpath[linkbytes] = '\0'; | |
e00b005a | 458 | |
e53920b9 | 459 | if (linkpath[0] == '/') |
460 | snprintf(processPath, sizeof(processPath), "CFProcessPath=%s", | |
461 | linkpath); | |
462 | else | |
463 | snprintf(processPath, sizeof(processPath), "CFProcessPath=%s/%s", | |
f7deaa1a | 464 | dirname((char *)command), linkpath); |
e53920b9 | 465 | } |
e00b005a | 466 | else |
e53920b9 | 467 | snprintf(processPath, sizeof(processPath), "CFProcessPath=%s", command); |
bd7854cb | 468 | |
e53920b9 | 469 | envp[0] = processPath; /* Replace <CFProcessPath> string */ |
470 | } | |
471 | #endif /* __APPLE__ */ | |
e00b005a | 472 | |
0268488e MS |
473 | /* |
474 | * Use helper program when we have a sandbox profile... | |
475 | */ | |
476 | ||
477 | if (profile) | |
478 | { | |
479 | snprintf(cups_exec, sizeof(cups_exec), "%s/daemon/cups-exec", ServerBin); | |
480 | ||
481 | real_argv[0] = cups_exec; | |
482 | real_argv[1] = profile; | |
483 | real_argv[2] = (char *)command; | |
484 | ||
485 | for (i = 0; | |
486 | i < (int)(sizeof(real_argv) / sizeof(real_argv[0]) - 4) && argv[i]; | |
487 | i ++) | |
488 | real_argv[i + 3] = argv[i]; | |
489 | ||
490 | real_argv[i + 3] = NULL; | |
491 | ||
e60ec91f MS |
492 | argv = real_argv; |
493 | exec_path = cups_exec; | |
0268488e MS |
494 | } |
495 | ||
ef416fc2 | 496 | /* |
497 | * Block signals before forking... | |
498 | */ | |
499 | ||
500 | cupsdHoldSignals(); | |
501 | ||
502 | if ((*pid = fork()) == 0) | |
503 | { | |
504 | /* | |
505 | * Child process goes here... | |
506 | * | |
507 | * Update stdin/stdout/stderr as needed... | |
508 | */ | |
509 | ||
510 | if (infd != 0) | |
511 | { | |
68b10830 MS |
512 | if (infd < 0) |
513 | infd = open("/dev/null", O_RDONLY); | |
514 | ||
515 | if (infd != 0) | |
516 | { | |
517 | dup2(infd, 0); | |
518 | close(infd); | |
519 | } | |
ef416fc2 | 520 | } |
68b10830 | 521 | |
ef416fc2 | 522 | if (outfd != 1) |
523 | { | |
68b10830 MS |
524 | if (outfd < 0) |
525 | outfd = open("/dev/null", O_WRONLY); | |
526 | ||
527 | if (outfd != 1) | |
528 | { | |
529 | dup2(outfd, 1); | |
530 | close(outfd); | |
531 | } | |
ef416fc2 | 532 | } |
68b10830 | 533 | |
ef416fc2 | 534 | if (errfd != 2) |
535 | { | |
68b10830 MS |
536 | if (errfd < 0) |
537 | errfd = open("/dev/null", O_WRONLY); | |
538 | ||
539 | if (errfd != 2) | |
540 | { | |
541 | dup2(errfd, 2); | |
542 | close(errfd); | |
543 | } | |
ef416fc2 | 544 | } |
68b10830 MS |
545 | |
546 | if (backfd != 3 && backfd >= 0) | |
ef416fc2 | 547 | { |
68b10830 MS |
548 | dup2(backfd, 3); |
549 | close(backfd); | |
ef416fc2 | 550 | fcntl(3, F_SETFL, O_NDELAY); |
551 | } | |
68b10830 MS |
552 | |
553 | if (sidefd != 4 && sidefd >= 0) | |
f7deaa1a | 554 | { |
68b10830 MS |
555 | dup2(sidefd, 4); |
556 | close(sidefd); | |
f7deaa1a | 557 | fcntl(4, F_SETFL, O_NDELAY); |
558 | } | |
ef416fc2 | 559 | |
560 | /* | |
561 | * Change the priority of the process based on the FilterNice setting. | |
5bd77a73 | 562 | * (this is not done for root processes...) |
ef416fc2 | 563 | */ |
564 | ||
565 | if (!root) | |
566 | nice(FilterNice); | |
567 | ||
568 | /* | |
569 | * Change user to something "safe"... | |
570 | */ | |
571 | ||
572 | if (!root && !RunUser) | |
573 | { | |
574 | /* | |
575 | * Running as root, so change to non-priviledged user... | |
576 | */ | |
577 | ||
578 | if (setgid(Group)) | |
e00b005a | 579 | exit(errno); |
ef416fc2 | 580 | |
581 | if (setgroups(1, &Group)) | |
e00b005a | 582 | exit(errno); |
ef416fc2 | 583 | |
584 | if (setuid(User)) | |
585 | exit(errno); | |
586 | } | |
587 | else | |
588 | { | |
589 | /* | |
590 | * Reset group membership to just the main one we belong to. | |
591 | */ | |
592 | ||
41681883 MS |
593 | if (setgid(Group) && !RunUser) |
594 | exit(errno); | |
595 | ||
596 | if (setgroups(1, &Group) && !RunUser) | |
597 | exit(errno); | |
ef416fc2 | 598 | } |
599 | ||
600 | /* | |
601 | * Change umask to restrict permissions on created files... | |
602 | */ | |
603 | ||
604 | umask(077); | |
605 | ||
606 | /* | |
607 | * Unblock signals before doing the exec... | |
608 | */ | |
609 | ||
610 | #ifdef HAVE_SIGSET | |
611 | sigset(SIGTERM, SIG_DFL); | |
612 | sigset(SIGCHLD, SIG_DFL); | |
ef55b745 | 613 | sigset(SIGPIPE, SIG_DFL); |
ef416fc2 | 614 | #elif defined(HAVE_SIGACTION) |
615 | memset(&action, 0, sizeof(action)); | |
616 | ||
617 | sigemptyset(&action.sa_mask); | |
618 | action.sa_handler = SIG_DFL; | |
619 | ||
620 | sigaction(SIGTERM, &action, NULL); | |
621 | sigaction(SIGCHLD, &action, NULL); | |
ef55b745 | 622 | sigaction(SIGPIPE, &action, NULL); |
ef416fc2 | 623 | #else |
624 | signal(SIGTERM, SIG_DFL); | |
625 | signal(SIGCHLD, SIG_DFL); | |
ef55b745 | 626 | signal(SIGPIPE, SIG_DFL); |
ef416fc2 | 627 | #endif /* HAVE_SIGSET */ |
628 | ||
629 | cupsdReleaseSignals(); | |
630 | ||
631 | /* | |
0268488e MS |
632 | * Execute the command; if for some reason this doesn't work, log an error |
633 | * exit with a non-zero value... | |
ef416fc2 | 634 | */ |
635 | ||
636 | if (envp) | |
e60ec91f | 637 | execve(exec_path, argv, envp); |
ef416fc2 | 638 | else |
e60ec91f | 639 | execv(exec_path, argv); |
ef416fc2 | 640 | |
641 | perror(command); | |
642 | ||
0268488e | 643 | exit(1); |
ef416fc2 | 644 | } |
645 | else if (*pid < 0) | |
646 | { | |
647 | /* | |
648 | * Error - couldn't fork a new process! | |
649 | */ | |
650 | ||
651 | cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to fork %s - %s.", command, | |
652 | strerror(errno)); | |
653 | ||
654 | *pid = 0; | |
655 | } | |
e00b005a | 656 | else |
657 | { | |
658 | if (!process_array) | |
659 | process_array = cupsArrayNew((cups_array_func_t)compare_procs, NULL); | |
660 | ||
661 | if (process_array) | |
662 | { | |
663 | if ((proc = calloc(1, sizeof(cupsd_proc_t) + strlen(command))) != NULL) | |
664 | { | |
b9faaae1 | 665 | proc->pid = *pid; |
38e73f87 | 666 | proc->job_id = job ? job->id : 0; |
e60ec91f | 667 | _cups_strcpy(proc->name, command); |
e00b005a | 668 | |
669 | cupsArrayAdd(process_array, proc); | |
670 | } | |
671 | } | |
672 | } | |
ef416fc2 | 673 | |
674 | cupsdReleaseSignals(); | |
675 | ||
b9faaae1 MS |
676 | cupsdLogMessage(CUPSD_LOG_DEBUG2, |
677 | "cupsdStartProcess(command=\"%s\", argv=%p, envp=%p, " | |
678 | "infd=%d, outfd=%d, errfd=%d, backfd=%d, sidefd=%d, root=%d, " | |
38e73f87 | 679 | "profile=%p, job=%p(%d), pid=%p) = %d", |
b9faaae1 | 680 | command, argv, envp, infd, outfd, errfd, backfd, sidefd, |
38e73f87 | 681 | root, profile, job, job ? job->id : 0, pid, *pid); |
b9faaae1 | 682 | |
ef416fc2 | 683 | return (*pid); |
684 | } | |
685 | ||
686 | ||
687 | /* | |
e00b005a | 688 | * 'compare_procs()' - Compare two processes. |
689 | */ | |
690 | ||
691 | static int /* O - Result of comparison */ | |
692 | compare_procs(cupsd_proc_t *a, /* I - First process */ | |
693 | cupsd_proc_t *b) /* I - Second process */ | |
694 | { | |
695 | return (a->pid - b->pid); | |
696 | } | |
697 | ||
698 | ||
a4924f6c MS |
699 | #ifdef HAVE_SANDBOX_H |
700 | /* | |
701 | * 'cupsd_requote()' - Make a regular-expression version of a string. | |
702 | */ | |
703 | ||
704 | static char * /* O - Quoted string */ | |
705 | cupsd_requote(char *dst, /* I - Destination buffer */ | |
706 | const char *src, /* I - Source string */ | |
707 | size_t dstsize) /* I - Size of destination buffer */ | |
708 | { | |
709 | int ch; /* Current character */ | |
710 | char *dstptr, /* Current position in buffer */ | |
711 | *dstend; /* End of destination buffer */ | |
712 | ||
713 | ||
714 | dstptr = dst; | |
715 | dstend = dst + dstsize - 2; | |
716 | ||
717 | while (*src && dstptr < dstend) | |
718 | { | |
719 | ch = *src++; | |
720 | ||
721 | if (strchr(".?*()[]^$\\", ch)) | |
722 | *dstptr++ = '\\'; | |
723 | ||
724 | *dstptr++ = ch; | |
725 | } | |
726 | ||
727 | *dstptr = '\0'; | |
728 | ||
729 | return (dst); | |
730 | } | |
731 | #endif /* HAVE_SANDBOX_H */ | |
732 | ||
733 | ||
e00b005a | 734 | /* |
75bd9771 | 735 | * End of "$Id: process.c 7256 2008-01-25 00:48:54Z mike $". |
ef416fc2 | 736 | */ |