]>
git.ipfire.org Git - thirdparty/cups.git/blob - scheduler/process.c
4 * Process management routines for the CUPS scheduler.
6 * Copyright 2007-2011 by Apple Inc.
7 * Copyright 1997-2007 by Easy Software Products, all rights reserved.
9 * These coded instructions, statements, and computer programs are the
10 * property of Apple Inc. and are protected by Federal copyright
11 * law. Distribution and use rights are outlined in the file "LICENSE.txt"
12 * which should have been included with this file. If this file is
13 * file is missing or damaged, see the license at "http://www.cups.org/".
17 * cupsdCreateProfile() - Create an execution profile for a subprocess.
18 * cupsdDestroyProfile() - Delete an execution profile.
19 * cupsdEndProcess() - End a process.
20 * cupsdFinishProcess() - Finish a process and get its name.
21 * cupsdStartProcess() - Start a process.
22 * compare_procs() - Compare two processes.
23 * cupsd_requote() - Make a regular-expression version of a string.
27 * Include necessary headers...
34 #endif /* __APPLE__ */
38 * Process structure...
43 int pid
, /* Process ID */
44 job_id
; /* Job associated with process */
45 char name
[1]; /* Name of process */
53 static cups_array_t
*process_array
= NULL
;
60 static int compare_procs(cupsd_proc_t
*a
, cupsd_proc_t
*b
);
62 static char *cupsd_requote(char *dst
, const char *src
, size_t dstsize
);
63 #endif /* HAVE_SANDBOX_H */
67 * 'cupsdCreateProfile()' - Create an execution profile for a subprocess.
70 void * /* O - Profile or NULL on error */
71 cupsdCreateProfile(int job_id
) /* I - Job ID or 0 for none */
74 cups_file_t
*fp
; /* File pointer */
75 char profile
[1024], /* File containing the profile */
76 cache
[1024], /* Quoted CacheDir */
77 request
[1024], /* Quoted RequestRoot */
78 root
[1024], /* Quoted ServerRoot */
79 temp
[1024]; /* Quoted TempDir */
80 const char *nodebug
; /* " (with no-log)" for no debug */
86 * Only use sandbox profiles as root...
89 cupsdLogMessage(CUPSD_LOG_DEBUG2
, "cupsdCreateProfile(job_id=%d) = NULL",
95 if ((fp
= cupsTempFile2(profile
, sizeof(profile
))) == NULL
)
97 cupsdLogMessage(CUPSD_LOG_DEBUG2
, "cupsdCreateProfile(job_id=%d) = NULL",
99 cupsdLogMessage(CUPSD_LOG_ERROR
, "Unable to create security profile: %s",
104 fchown(cupsFileNumber(fp
), RunUser
, Group
);
105 fchmod(cupsFileNumber(fp
), 0640);
107 cupsd_requote(cache
, CacheDir
, sizeof(cache
));
108 cupsd_requote(request
, RequestRoot
, sizeof(request
));
109 cupsd_requote(root
, ServerRoot
, sizeof(root
));
110 cupsd_requote(temp
, TempDir
, sizeof(temp
));
112 nodebug
= LogLevel
< CUPSD_LOG_DEBUG
? " (with no-log)" : "";
114 cupsFilePuts(fp
, "(version 1)\n");
115 cupsFilePuts(fp
, "(allow default)\n");
117 "(deny file-write* file-read-data file-read-metadata\n"
119 " #\"^%s$\"" /* RequestRoot */
120 " #\"^%s/\"" /* RequestRoot/... */
122 request
, request
, nodebug
);
125 "(deny file-write* file-read-data file-read-metadata\n"
131 "(deny file-write*\n"
133 " #\"^%s$\"" /* ServerRoot */
134 " #\"^%s/\"" /* ServerRoot/... */
135 " #\"^/private/etc$\""
136 " #\"^/private/etc/\""
137 " #\"^/usr/local/etc$\""
138 " #\"^/usr/local/etc/\""
144 root
, root
, nodebug
);
145 /* Specifically allow applications to stat RequestRoot */
147 "(allow file-read-metadata\n"
149 " #\"^%s$\"" /* RequestRoot */
153 "(allow file-write* file-read-data file-read-metadata\n"
155 " #\"^%s$\"" /* TempDir */
156 " #\"^%s/\"" /* TempDir/... */
157 " #\"^%s$\"" /* CacheDir */
158 " #\"^%s/\"" /* CacheDir/... */
159 " #\"^%s/Library$\"" /* RequestRoot/Library */
160 " #\"^%s/Library/\"" /* RequestRoot/Library/... */
161 " #\"^/Library/Application Support/\""
162 " #\"^/Library/Caches/\""
163 " #\"^/Library/Preferences/\""
164 " #\"^/Library/Printers/.*/\""
165 " #\"^/Users/Shared/\""
167 temp
, temp
, cache
, cache
, request
, request
);
169 "(deny file-write*\n"
171 " #\"^/Library/Printers/PPDs$\""
172 " #\"^/Library/Printers/PPDs/\""
173 " #\"^/Library/Printers/PPD Plugins$\""
174 " #\"^/Library/Printers/PPD Plugins/\""
179 * Allow job filters to read the spool file(s)...
183 "(allow file-read-data file-read-metadata\n"
184 " (regex #\"^%s/([ac]%05d|d%05d-[0-9][0-9][0-9])$\"))\n",
185 request
, job_id
, job_id
);
190 * Allow email notifications from notifiers...
194 "(allow process-exec\n"
195 " (literal \"/usr/sbin/sendmail\")\n"
196 " (with no-sandbox)\n"
202 cupsdLogMessage(CUPSD_LOG_DEBUG2
, "cupsdCreateProfile(job_id=%d) = \"%s\"",
204 return ((void *)strdup(profile
));
207 cupsdLogMessage(CUPSD_LOG_DEBUG2
, "cupsdCreateProfile(job_id=%d) = NULL",
211 #endif /* HAVE_SANDBOX_H */
216 * 'cupsdDestroyProfile()' - Delete an execution profile.
220 cupsdDestroyProfile(void *profile
) /* I - Profile */
222 cupsdLogMessage(CUPSD_LOG_DEBUG2
, "cupsdDeleteProfile(profile=\"%s\")",
223 profile
? (char *)profile
: "(null)");
225 #ifdef HAVE_SANDBOX_H
228 unlink((char *)profile
);
231 #endif /* HAVE_SANDBOX_H */
236 * 'cupsdEndProcess()' - End a process.
239 int /* O - 0 on success, -1 on failure */
240 cupsdEndProcess(int pid
, /* I - Process ID */
241 int force
) /* I - Force child to die */
243 cupsdLogMessage(CUPSD_LOG_DEBUG2
, "cupsdEndProcess(pid=%d, force=%d)", pid
,
249 return (kill(pid
, SIGKILL
));
251 return (kill(pid
, SIGTERM
));
256 * 'cupsdFinishProcess()' - Finish a process and get its name.
259 const char * /* O - Process name */
260 cupsdFinishProcess(int pid
, /* I - Process ID */
261 char *name
, /* I - Name buffer */
262 int namelen
, /* I - Size of name buffer */
263 int *job_id
) /* O - Job ID pointer or NULL */
265 cupsd_proc_t key
, /* Search key */
266 *proc
; /* Matching process */
271 if ((proc
= (cupsd_proc_t
*)cupsArrayFind(process_array
, &key
)) != NULL
)
274 *job_id
= proc
->job_id
;
276 strlcpy(name
, proc
->name
, namelen
);
277 cupsArrayRemove(process_array
, proc
);
285 strlcpy(name
, "unknown", namelen
);
288 cupsdLogMessage(CUPSD_LOG_DEBUG2
,
289 "cupsdFinishProcess(pid=%d, name=%p, namelen=%d, "
290 "job_id=%p(%d)) = \"%s\"", pid
, name
, namelen
, job_id
,
291 job_id
? *job_id
: 0, name
);
298 * 'cupsdStartProcess()' - Start a process.
301 int /* O - Process ID or 0 */
303 const char *command
, /* I - Full path to command */
304 char *argv
[], /* I - Command-line arguments */
305 char *envp
[], /* I - Environment */
306 int infd
, /* I - Standard input file descriptor */
307 int outfd
, /* I - Standard output file descriptor */
308 int errfd
, /* I - Standard error file descriptor */
309 int backfd
, /* I - Backchannel file descriptor */
310 int sidefd
, /* I - Sidechannel file descriptor */
311 int root
, /* I - Run as root? */
312 void *profile
, /* I - Security profile to use */
313 cupsd_job_t
*job
, /* I - Job associated with process */
314 int *pid
) /* O - Process ID */
316 int i
; /* Looping var */
317 const char *exec_path
= command
; /* Command to be exec'd */
318 char *real_argv
[103], /* Real command-line arguments */
319 cups_exec
[1024]; /* Path to "cups-exec" program */
320 int user
; /* Command UID */
321 cupsd_proc_t
*proc
; /* New process record */
322 #if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET)
323 struct sigaction action
; /* POSIX signal handler */
324 #endif /* HAVE_SIGACTION && !HAVE_SIGSET */
325 #if defined(__APPLE__)
326 char processPath
[1024], /* CFProcessPath environment variable */
327 linkpath
[1024]; /* Link path for symlinks... */
328 int linkbytes
; /* Bytes for link path */
329 #endif /* __APPLE__ */
335 * Figure out the UID for the child process...
346 * Check the permissions of the command we are running...
349 if (_cupsFileCheck(command
, _CUPS_FILE_CHECK_PROGRAM
, !RunUser
,
350 cupsdLogFCMessage
, job
? job
->printer
: NULL
))
353 #if defined(__APPLE__)
357 * Add special voodoo magic for Mac OS X - this allows Mac OS X
358 * programs to access their bundle resources properly...
361 if ((linkbytes
= readlink(command
, linkpath
, sizeof(linkpath
) - 1)) > 0)
364 * Yes, this is a symlink to the actual program, nul-terminate and
368 linkpath
[linkbytes
] = '\0';
370 if (linkpath
[0] == '/')
371 snprintf(processPath
, sizeof(processPath
), "CFProcessPath=%s",
374 snprintf(processPath
, sizeof(processPath
), "CFProcessPath=%s/%s",
375 dirname((char *)command
), linkpath
);
378 snprintf(processPath
, sizeof(processPath
), "CFProcessPath=%s", command
);
380 envp
[0] = processPath
; /* Replace <CFProcessPath> string */
382 #endif /* __APPLE__ */
385 * Use helper program when we have a sandbox profile...
390 snprintf(cups_exec
, sizeof(cups_exec
), "%s/daemon/cups-exec", ServerBin
);
392 real_argv
[0] = cups_exec
;
393 real_argv
[1] = profile
;
394 real_argv
[2] = (char *)command
;
397 i
< (int)(sizeof(real_argv
) / sizeof(real_argv
[0]) - 4) && argv
[i
];
399 real_argv
[i
+ 3] = argv
[i
];
401 real_argv
[i
+ 3] = NULL
;
404 exec_path
= cups_exec
;
408 * Block signals before forking...
413 if ((*pid
= fork()) == 0)
416 * Child process goes here...
418 * Update stdin/stdout/stderr as needed...
424 infd
= open("/dev/null", O_RDONLY
);
436 outfd
= open("/dev/null", O_WRONLY
);
448 errfd
= open("/dev/null", O_WRONLY
);
457 if (backfd
!= 3 && backfd
>= 0)
461 fcntl(3, F_SETFL
, O_NDELAY
);
464 if (sidefd
!= 4 && sidefd
>= 0)
468 fcntl(4, F_SETFL
, O_NDELAY
);
472 * Change the priority of the process based on the FilterNice setting.
473 * (this is not done for root processes...)
480 * Change user to something "safe"...
483 if (!root
&& !RunUser
)
486 * Running as root, so change to non-priviledged user...
492 if (setgroups(1, &Group
))
501 * Reset group membership to just the main one we belong to.
504 if (setgid(Group
) && !RunUser
)
507 if (setgroups(1, &Group
) && !RunUser
)
512 * Change umask to restrict permissions on created files...
518 * Unblock signals before doing the exec...
522 sigset(SIGTERM
, SIG_DFL
);
523 sigset(SIGCHLD
, SIG_DFL
);
524 sigset(SIGPIPE
, SIG_DFL
);
525 #elif defined(HAVE_SIGACTION)
526 memset(&action
, 0, sizeof(action
));
528 sigemptyset(&action
.sa_mask
);
529 action
.sa_handler
= SIG_DFL
;
531 sigaction(SIGTERM
, &action
, NULL
);
532 sigaction(SIGCHLD
, &action
, NULL
);
533 sigaction(SIGPIPE
, &action
, NULL
);
535 signal(SIGTERM
, SIG_DFL
);
536 signal(SIGCHLD
, SIG_DFL
);
537 signal(SIGPIPE
, SIG_DFL
);
538 #endif /* HAVE_SIGSET */
540 cupsdReleaseSignals();
543 * Execute the command; if for some reason this doesn't work, log an error
544 * exit with a non-zero value...
548 execve(exec_path
, argv
, envp
);
550 execv(exec_path
, argv
);
559 * Error - couldn't fork a new process!
562 cupsdLogMessage(CUPSD_LOG_ERROR
, "Unable to fork %s - %s.", command
,
570 process_array
= cupsArrayNew((cups_array_func_t
)compare_procs
, NULL
);
574 if ((proc
= calloc(1, sizeof(cupsd_proc_t
) + strlen(command
))) != NULL
)
577 proc
->job_id
= job
? job
->id
: 0;
578 _cups_strcpy(proc
->name
, command
);
580 cupsArrayAdd(process_array
, proc
);
585 cupsdReleaseSignals();
587 cupsdLogMessage(CUPSD_LOG_DEBUG2
,
588 "cupsdStartProcess(command=\"%s\", argv=%p, envp=%p, "
589 "infd=%d, outfd=%d, errfd=%d, backfd=%d, sidefd=%d, root=%d, "
590 "profile=%p, job=%p(%d), pid=%p) = %d",
591 command
, argv
, envp
, infd
, outfd
, errfd
, backfd
, sidefd
,
592 root
, profile
, job
, job
? job
->id
: 0, pid
, *pid
);
599 * 'compare_procs()' - Compare two processes.
602 static int /* O - Result of comparison */
603 compare_procs(cupsd_proc_t
*a
, /* I - First process */
604 cupsd_proc_t
*b
) /* I - Second process */
606 return (a
->pid
- b
->pid
);
610 #ifdef HAVE_SANDBOX_H
612 * 'cupsd_requote()' - Make a regular-expression version of a string.
615 static char * /* O - Quoted string */
616 cupsd_requote(char *dst
, /* I - Destination buffer */
617 const char *src
, /* I - Source string */
618 size_t dstsize
) /* I - Size of destination buffer */
620 int ch
; /* Current character */
621 char *dstptr
, /* Current position in buffer */
622 *dstend
; /* End of destination buffer */
626 dstend
= dst
+ dstsize
- 2;
628 while (*src
&& dstptr
< dstend
)
632 if (strchr(".?*()[]^$\\", ch
))
642 #endif /* HAVE_SANDBOX_H */