[people/ms/systemd.git] / execute.c

/*-*- Mode: C; c-basic-offset: 8 -*-*/

#include <assert.h>
#include <dirent.h>
#include <errno.h>
#include <fcntl.h>
#include <unistd.h>

#include "execute.h"
#include "strv.h"
#include "macro.h"
#include "util.h"

static int close_fds(int except[], unsigned n_except) {
        DIR *d;
        struct dirent *de;
        int r = 0;

        /* Modifies the fds array! (sorts it) */

        if (!(d = opendir("/proc/self/fd")))
                return -errno;

        while ((de = readdir(d))) {
                int fd;

                if (de->d_name[0] == '.')
                        continue;

                if ((r = safe_atoi(de->d_name, &fd)) < 0)
                        goto finish;

                if (fd < 3)
                        continue;

                if (fd == dirfd(d))
                        continue;

                if (except) {
                        bool found;
                        unsigned i;

                        found = false;
                        for (i = 0; i < n_except; i++)
                                if (except[i] == fd) {
                                        found = true;
                                        break;
                                }

                        if (found)
                                continue;
                }

                if ((r = close_nointr(fd)) < 0)
                        goto finish;
        }

finish:
        closedir(d);
        return r;
}

static int shift_fds(int fds[], unsigned n_fds) {
        int start, restart_from;

        if (n_fds <= 0)
                return 0;

        assert(fds);

        start = 0;
        for (;;) {
                int i;

                restart_from = -1;

                for (i = start; i < (int) n_fds; i++) {
                        int nfd;

                        /* Already at right index? */
                        if (fds[i] == i+3)
                                continue;

                        if ((nfd = fcntl(fds[i], F_DUPFD, i+3)) < 0)
                                return -errno;

                        assert_se(close_nointr(fds[i]));
                        fds[i] = nfd;

                        /* Hmm, the fd we wanted isn't free? Then
                         * let's remember that and try again from here*/
                        if (nfd != i+3 && restart_from < 0)
                                restart_from = i;
                }

                if (restart_from < 0)
                        break;

                start = restart_from;
        }

        return 0;
}

int exec_spawn(const ExecCommand *command, const ExecContext *context, int *fds, unsigned n_fds, pid_t *ret) {
        pid_t pid;

        assert(command);
        assert(context);
        assert(ret);
        assert(fds || n_fds <= 0);

        if ((pid = fork()) < 0)
                return -errno;

        if (pid == 0) {
                char **e, **f = NULL;
                int i, r;
                char t[16];
                /* child */

                umask(context->umask);

                if (chdir(context->directory ? context->directory : "/") < 0) {
                        r = EXIT_CHDIR;
                        goto fail;
                }

                snprintf(t, sizeof(t), "%i", context->oom_adjust);
                char_array_0(t);

                if (write_one_line_file("/proc/self/oom_adj", t) < 0) {
                        r = EXIT_OOM_ADJUST;
                        goto fail;
                }

                if (setpriority(PRIO_PROCESS, 0, context->nice) < 0) {
                        r = EXIT_NICE;
                        goto fail;
                }

                if (close_fds(fds, n_fds) < 0 ||
                    shift_fds(fds, n_fds) < 0) {
                        r = EXIT_FDS;
                        goto fail;
                }

                for (i = 0; i < RLIMIT_NLIMITS; i++) {
                        if (!context->rlimit[i])
                                continue;

                        if (setrlimit(i, context->rlimit[i]) < 0) {
                                r = EXIT_LIMITS;
                                goto fail;
                        }
                }

                if (n_fds > 0) {
                        char a[64], b[64];
                        char *listen_env[3] = {
                                a,
                                b,
                                NULL
                        };

                        snprintf(a, sizeof(a), "LISTEN_PID=%llu", (unsigned long long) getpid());
                        snprintf(b, sizeof(b), "LISTEN_FDS=%u", n_fds);

                        a[sizeof(a)-1] = 0;
                        b[sizeof(b)-1] = 0;

                        if (context->environment) {
                                if (!(f = strv_merge(listen_env, context->environment))) {
                                        r = EXIT_MEMORY;
                                        goto fail;
                                }
                                e = f;
                        } else
                                e = listen_env;

                } else
                        e = context->environment;

                execve(command->path, command->argv, e);
                r = EXIT_EXEC;

        fail:
                strv_free(f);
                _exit(r);
        }

        *ret = pid;
        return 0;
}

void exec_context_init(ExecContext *c) {
        assert(c);

        c->umask = 0002;
        cap_clear(c->capabilities);
        c->oom_adjust = 0;
        c->nice = 0;
}

void exec_context_done(ExecContext *c) {
        unsigned l;

        assert(c);

        strv_free(c->environment);
        c->environment = NULL;

        for (l = 0; l < ELEMENTSOF(c->rlimit); l++) {
                free(c->rlimit[l]);
                c->rlimit[l] = NULL;
        }

        free(c->directory);
        c->directory = NULL;

        free(c->user);
        c->user = NULL;

        free(c->group);
        c->group = NULL;

        strv_free(c->supplementary_groups);
        c->supplementary_groups = NULL;
}

void exec_command_free_list(ExecCommand *c) {
        ExecCommand *i;

        while ((i = c)) {
                LIST_REMOVE(ExecCommand, command, c, i);

                free(i->path);
                free(i->argv);
                free(i);
        }
}

void exec_command_free_array(ExecCommand **c, unsigned n) {
        unsigned i;

        for (i = 0; i < n; i++) {
                exec_command_free_list(c[i]);
                c[i] = NULL;
        }
}


void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
        assert(c);
        assert(f);

        if (!prefix)
                prefix = "";

        fprintf(f,
                "%sUmask: %04o\n"
                "%sDirectory: %s\n"
                "%sNice: %i\n"
                "%sOOMAdjust: %i\n",
                prefix, c->umask,
                prefix, c->directory ? c->directory : "/",
                prefix, c->nice,
                prefix, c->oom_adjust);
}

void exec_status_fill(ExecStatus *s, pid_t pid, int code, int status) {
        assert(s);

        s->pid = pid;
        s->code = code;
        s->status = status;
        s->timestamp = now(CLOCK_REALTIME);
}
Commit	Line	Data
5cb5a6ff LP	1	/-- Mode: C; c-basic-offset: 8 --/
	2
	3	#include <assert.h>
034c6ed7 LP	4	#include <dirent.h>
	5	#include <errno.h>
	6	#include <fcntl.h>
	7	#include <unistd.h>
5cb5a6ff LP	8
	9	#include "execute.h"
	10	#include "strv.h"
	11	#include "macro.h"
	12	#include "util.h"
	13
034c6ed7 LP	14	static int close_fds(int except[], unsigned n_except) {
	15	DIR *d;
	16	struct dirent *de;
	17	int r = 0;
	18
	19	/* Modifies the fds array! (sorts it) */
	20
	21	if (!(d = opendir("/proc/self/fd")))
	22	return -errno;
	23
	24	while ((de = readdir(d))) {
	25	int fd;
	26
	27	if (de->d_name[0] == '.')
	28	continue;
	29
	30	if ((r = safe_atoi(de->d_name, &fd)) < 0)
	31	goto finish;
	32
	33	if (fd < 3)
	34	continue;
	35
	36	if (fd == dirfd(d))
	37	continue;
	38
	39	if (except) {
	40	bool found;
	41	unsigned i;
	42
	43	found = false;
	44	for (i = 0; i < n_except; i++)
	45	if (except[i] == fd) {
	46	found = true;
	47	break;
	48	}
	49
	50	if (found)
	51	continue;
	52	}
	53
	54	if ((r = close_nointr(fd)) < 0)
	55	goto finish;
	56	}
	57
	58	finish:
	59	closedir(d);
	60	return r;
	61	}
	62
	63	static int shift_fds(int fds[], unsigned n_fds) {
	64	int start, restart_from;
	65
	66	if (n_fds <= 0)
	67	return 0;
	68
	69	assert(fds);
	70
	71	start = 0;
	72	for (;;) {
	73	int i;
	74
	75	restart_from = -1;
	76
	77	for (i = start; i < (int) n_fds; i++) {
78	int nfd;
79
80	/* Already at right index? */
81	if (fds[i] == i+3)
82	continue;
83
84	if ((nfd = fcntl(fds[i], F_DUPFD, i+3)) < 0)
85	return -errno;
86
87	assert_se(close_nointr(fds[i]));
88	fds[i] = nfd;
89
90	/* Hmm, the fd we wanted isn't free? Then
91	* let's remember that and try again from here*/
92	if (nfd != i+3 && restart_from < 0)
93	restart_from = i;
94	}
95
96	if (restart_from < 0)
97	break;
98
99	start = restart_from;
100	}
101
102	return 0;
103	}
104
105	int exec_spawn(const ExecCommand command, const ExecContext context, int fds, unsigned n_fds, pid_t ret) {
106	pid_t pid;
107
5cb5a6ff LP	108	assert(command);
	109	assert(context);
	110	assert(ret);
034c6ed7 LP	111	assert(fds \|\| n_fds <= 0);
	112
	113	if ((pid = fork()) < 0)
	114	return -errno;
	115
	116	if (pid == 0) {
	117	char e, f = NULL;
	118	int i, r;
	119	char t[16];
	120	/* child */
5cb5a6ff	121
034c6ed7 LP	122	umask(context->umask);
	123
	124	if (chdir(context->directory ? context->directory : "/") < 0) {
	125	r = EXIT_CHDIR;
	126	goto fail;
	127	}
	128
	129	snprintf(t, sizeof(t), "%i", context->oom_adjust);
	130	char_array_0(t);
	131
	132	if (write_one_line_file("/proc/self/oom_adj", t) < 0) {
	133	r = EXIT_OOM_ADJUST;
	134	goto fail;
	135	}
	136
	137	if (setpriority(PRIO_PROCESS, 0, context->nice) < 0) {
	138	r = EXIT_NICE;
	139	goto fail;
	140	}
	141
	142	if (close_fds(fds, n_fds) < 0 \|\|
	143	shift_fds(fds, n_fds) < 0) {
	144	r = EXIT_FDS;
	145	goto fail;
	146	}
	147
	148	for (i = 0; i < RLIMIT_NLIMITS; i++) {
	149	if (!context->rlimit[i])
	150	continue;
	151
	152	if (setrlimit(i, context->rlimit[i]) < 0) {
	153	r = EXIT_LIMITS;
	154	goto fail;
	155	}
	156	}
	157
	158	if (n_fds > 0) {
	159	char a[64], b[64];
	160	char *listen_env[3] = {
	161	a,
	162	b,
	163	NULL
	164	};
	165
	166	snprintf(a, sizeof(a), "LISTEN_PID=%llu", (unsigned long long) getpid());
	167	snprintf(b, sizeof(b), "LISTEN_FDS=%u", n_fds);
	168
	169	a[sizeof(a)-1] = 0;
	170	b[sizeof(b)-1] = 0;
	171
	172	if (context->environment) {
	173	if (!(f = strv_merge(listen_env, context->environment))) {
	174	r = EXIT_MEMORY;
	175	goto fail;
	176	}
	177	e = f;
	178	} else
	179	e = listen_env;
	180
	181	} else
	182	e = context->environment;
	183
	184	execve(command->path, command->argv, e);
	185	r = EXIT_EXEC;
186
187	fail:
188	strv_free(f);
189	_exit(r);
190	}
191
192	*ret = pid;
5cb5a6ff LP	193	return 0;
	194	}
	195
034c6ed7 LP	196	void exec_context_init(ExecContext *c) {
	197	assert(c);
	198
	199	c->umask = 0002;
	200	cap_clear(c->capabilities);
	201	c->oom_adjust = 0;
	202	c->nice = 0;
	203	}
	204
	205	void exec_context_done(ExecContext *c) {
5cb5a6ff LP	206	unsigned l;
	207
	208	assert(c);
	209
	210	strv_free(c->environment);
034c6ed7	211	c->environment = NULL;
5cb5a6ff	212
034c6ed7	213	for (l = 0; l < ELEMENTSOF(c->rlimit); l++) {
5cb5a6ff	214	free(c->rlimit[l]);
034c6ed7 LP	215	c->rlimit[l] = NULL;
	216	}
	217
	218	free(c->directory);
	219	c->directory = NULL;
5cb5a6ff	220
5cb5a6ff	221	free(c->user);
034c6ed7 LP	222	c->user = NULL;
034c6ed7 LP	223
5cb5a6ff	224	free(c->group);
034c6ed7 LP	225	c->group = NULL;
	226
	227	strv_free(c->supplementary_groups);
	228	c->supplementary_groups = NULL;
5cb5a6ff LP	229	}
	230
	231	void exec_command_free_list(ExecCommand *c) {
	232	ExecCommand *i;
	233
	234	while ((i = c)) {
034c6ed7	235	LIST_REMOVE(ExecCommand, command, c, i);
5cb5a6ff LP	236
	237	free(i->path);
	238	free(i->argv);
	239	free(i);
	240	}
	241	}
	242
034c6ed7 LP	243	void exec_command_free_array(ExecCommand **c, unsigned n) {
	244	unsigned i;
	245
	246	for (i = 0; i < n; i++) {
	247	exec_command_free_list(c[i]);
	248	c[i] = NULL;
	249	}
	250	}
	251
	252
5cb5a6ff LP	253	void exec_context_dump(ExecContext c, FILE f, const char *prefix) {
	254	assert(c);
	255	assert(f);
	256
	257	if (!prefix)
	258	prefix = "";
	259
	260	fprintf(f,
	261	"%sUmask: %04o\n"
034c6ed7 LP	262	"%sDirectory: %s\n"
	263	"%sNice: %i\n"
	264	"%sOOMAdjust: %i\n",
5cb5a6ff	265	prefix, c->umask,
034c6ed7 LP	266	prefix, c->directory ? c->directory : "/",
	267	prefix, c->nice,
	268	prefix, c->oom_adjust);
5cb5a6ff LP	269	}
5cb5a6ff LP	270
034c6ed7 LP	271	void exec_status_fill(ExecStatus *s, pid_t pid, int code, int status) {
034c6ed7 LP	272	assert(s);
5cb5a6ff	273
034c6ed7 LP	274	s->pid = pid;
	275	s->code = code;
	276	s->status = status;
	277	s->timestamp = now(CLOCK_REALTIME);
5cb5a6ff	278	}