]>
Commit | Line | Data |
---|---|---|
ef416fc2 | 1 | /* |
f2d18633 | 2 | * "$Id$" |
ef416fc2 | 3 | * |
7e86f2f6 | 4 | * Process management routines for the CUPS scheduler. |
ef416fc2 | 5 | * |
7e86f2f6 MS |
6 | * Copyright 2007-2014 by Apple Inc. |
7 | * Copyright 1997-2007 by Easy Software Products, all rights reserved. | |
ef416fc2 | 8 | * |
7e86f2f6 MS |
9 | * These coded instructions, statements, and computer programs are the |
10 | * property of Apple Inc. and are protected by Federal copyright | |
11 | * law. Distribution and use rights are outlined in the file "LICENSE.txt" | |
12 | * which should have been included with this file. If this file is | |
13 | * file is missing or damaged, see the license at "http://www.cups.org/". | |
ef416fc2 | 14 | */ |
15 | ||
16 | /* | |
17 | * Include necessary headers... | |
18 | */ | |
19 | ||
20 | #include "cupsd.h" | |
21 | #include <grp.h> | |
a4924f6c | 22 | #ifdef __APPLE__ |
4400e98d | 23 | # include <libgen.h> |
6d2f911b | 24 | #endif /* __APPLE__ */ |
ef416fc2 | 25 | |
26 | ||
e00b005a | 27 | /* |
28 | * Process structure... | |
29 | */ | |
30 | ||
31 | typedef struct | |
32 | { | |
b9faaae1 MS |
33 | int pid, /* Process ID */ |
34 | job_id; /* Job associated with process */ | |
e00b005a | 35 | char name[1]; /* Name of process */ |
36 | } cupsd_proc_t; | |
37 | ||
38 | ||
39 | /* | |
40 | * Local globals... | |
41 | */ | |
42 | ||
43 | static cups_array_t *process_array = NULL; | |
44 | ||
45 | ||
46 | /* | |
47 | * Local functions... | |
48 | */ | |
49 | ||
50 | static int compare_procs(cupsd_proc_t *a, cupsd_proc_t *b); | |
a4924f6c MS |
51 | #ifdef HAVE_SANDBOX_H |
52 | static char *cupsd_requote(char *dst, const char *src, size_t dstsize); | |
53 | #endif /* HAVE_SANDBOX_H */ | |
54 | ||
55 | ||
56 | /* | |
57 | * 'cupsdCreateProfile()' - Create an execution profile for a subprocess. | |
58 | */ | |
59 | ||
60 | void * /* O - Profile or NULL on error */ | |
61 | cupsdCreateProfile(int job_id) /* I - Job ID or 0 for none */ | |
62 | { | |
63 | #ifdef HAVE_SANDBOX_H | |
64 | cups_file_t *fp; /* File pointer */ | |
65 | char profile[1024], /* File containing the profile */ | |
66 | cache[1024], /* Quoted CacheDir */ | |
67 | request[1024], /* Quoted RequestRoot */ | |
68 | root[1024], /* Quoted ServerRoot */ | |
69 | temp[1024]; /* Quoted TempDir */ | |
88f9aafc | 70 | const char *nodebug; /* " (with no-log)" for no debug */ |
a4924f6c MS |
71 | |
72 | ||
0268488e | 73 | if (!UseProfiles) |
b9faaae1 MS |
74 | { |
75 | /* | |
76 | * Only use sandbox profiles as root... | |
77 | */ | |
78 | ||
79 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = NULL", | |
80 | job_id); | |
81 | ||
82 | return (NULL); | |
83 | } | |
84 | ||
a4924f6c MS |
85 | if ((fp = cupsTempFile2(profile, sizeof(profile))) == NULL) |
86 | { | |
b9faaae1 MS |
87 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = NULL", |
88 | job_id); | |
a4924f6c MS |
89 | cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to create security profile: %s", |
90 | strerror(errno)); | |
91 | return (NULL); | |
92 | } | |
93 | ||
0268488e MS |
94 | fchown(cupsFileNumber(fp), RunUser, Group); |
95 | fchmod(cupsFileNumber(fp), 0640); | |
96 | ||
a4924f6c MS |
97 | cupsd_requote(cache, CacheDir, sizeof(cache)); |
98 | cupsd_requote(request, RequestRoot, sizeof(request)); | |
99 | cupsd_requote(root, ServerRoot, sizeof(root)); | |
100 | cupsd_requote(temp, TempDir, sizeof(temp)); | |
101 | ||
88f9aafc MS |
102 | nodebug = LogLevel < CUPSD_LOG_DEBUG ? " (with no-log)" : ""; |
103 | ||
a4924f6c | 104 | cupsFilePuts(fp, "(version 1)\n"); |
a4924f6c MS |
105 | cupsFilePuts(fp, "(allow default)\n"); |
106 | cupsFilePrintf(fp, | |
107 | "(deny file-write* file-read-data file-read-metadata\n" | |
5a6b583a MS |
108 | " (regex" |
109 | " #\"^%s$\"" /* RequestRoot */ | |
110 | " #\"^%s/\"" /* RequestRoot/... */ | |
88f9aafc MS |
111 | ")%s)\n", |
112 | request, request, nodebug); | |
0268488e | 113 | if (!RunUser) |
88f9aafc MS |
114 | cupsFilePrintf(fp, |
115 | "(deny file-write* file-read-data file-read-metadata\n" | |
116 | " (regex" | |
117 | " #\"^/Users$\"" | |
118 | " #\"^/Users/\"" | |
119 | ")%s)\n", nodebug); | |
a4924f6c MS |
120 | cupsFilePrintf(fp, |
121 | "(deny file-write*\n" | |
5a6b583a MS |
122 | " (regex" |
123 | " #\"^%s$\"" /* ServerRoot */ | |
124 | " #\"^%s/\"" /* ServerRoot/... */ | |
125 | " #\"^/private/etc$\"" | |
126 | " #\"^/private/etc/\"" | |
127 | " #\"^/usr/local/etc$\"" | |
128 | " #\"^/usr/local/etc/\"" | |
129 | " #\"^/Library$\"" | |
130 | " #\"^/Library/\"" | |
131 | " #\"^/System$\"" | |
132 | " #\"^/System/\"" | |
88f9aafc MS |
133 | ")%s)\n", |
134 | root, root, nodebug); | |
7cf5915e MS |
135 | /* Specifically allow applications to stat RequestRoot */ |
136 | cupsFilePrintf(fp, | |
137 | "(allow file-read-metadata\n" | |
138 | " (regex" | |
139 | " #\"^%s$\"" /* RequestRoot */ | |
140 | "))\n", | |
141 | request); | |
a4924f6c MS |
142 | cupsFilePrintf(fp, |
143 | "(allow file-write* file-read-data file-read-metadata\n" | |
5a6b583a MS |
144 | " (regex" |
145 | " #\"^%s$\"" /* TempDir */ | |
146 | " #\"^%s/\"" /* TempDir/... */ | |
147 | " #\"^%s$\"" /* CacheDir */ | |
148 | " #\"^%s/\"" /* CacheDir/... */ | |
149 | " #\"^%s/Library$\"" /* RequestRoot/Library */ | |
150 | " #\"^%s/Library/\"" /* RequestRoot/Library/... */ | |
ed6e7faf MS |
151 | " #\"^/Library/Application Support/\"" |
152 | " #\"^/Library/Caches/\"" | |
153 | " #\"^/Library/Preferences/\"" | |
5a6b583a MS |
154 | " #\"^/Library/Printers/.*/\"" |
155 | " #\"^/Users/Shared/\"" | |
ed6e7faf | 156 | "))\n", |
5a6b583a | 157 | temp, temp, cache, cache, request, request); |
88f9aafc MS |
158 | cupsFilePrintf(fp, |
159 | "(deny file-write*\n" | |
160 | " (regex" | |
161 | " #\"^/Library/Printers/PPDs$\"" | |
162 | " #\"^/Library/Printers/PPDs/\"" | |
163 | " #\"^/Library/Printers/PPD Plugins$\"" | |
164 | " #\"^/Library/Printers/PPD Plugins/\"" | |
165 | ")%s)\n", nodebug); | |
a4924f6c | 166 | if (job_id) |
e60ec91f MS |
167 | { |
168 | /* | |
169 | * Allow job filters to read the spool file(s)... | |
170 | */ | |
171 | ||
a4924f6c MS |
172 | cupsFilePrintf(fp, |
173 | "(allow file-read-data file-read-metadata\n" | |
174 | " (regex #\"^%s/([ac]%05d|d%05d-[0-9][0-9][0-9])$\"))\n", | |
5bd77a73 | 175 | request, job_id, job_id); |
e60ec91f MS |
176 | } |
177 | else | |
178 | { | |
179 | /* | |
180 | * Allow email notifications from notifiers... | |
181 | */ | |
182 | ||
183 | cupsFilePuts(fp, | |
184 | "(allow process-exec\n" | |
185 | " (literal \"/usr/sbin/sendmail\")\n" | |
186 | " (with no-sandbox)\n" | |
187 | ")\n"); | |
188 | } | |
a4924f6c MS |
189 | |
190 | cupsFileClose(fp); | |
191 | ||
5bd77a73 MS |
192 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = \"%s\"", |
193 | job_id, profile); | |
a4924f6c | 194 | return ((void *)strdup(profile)); |
b9faaae1 | 195 | |
a4924f6c | 196 | #else |
b9faaae1 MS |
197 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdCreateProfile(job_id=%d) = NULL", |
198 | job_id); | |
a4924f6c MS |
199 | |
200 | return (NULL); | |
201 | #endif /* HAVE_SANDBOX_H */ | |
202 | } | |
203 | ||
204 | ||
205 | /* | |
206 | * 'cupsdDestroyProfile()' - Delete an execution profile. | |
207 | */ | |
208 | ||
209 | void | |
210 | cupsdDestroyProfile(void *profile) /* I - Profile */ | |
211 | { | |
b9faaae1 MS |
212 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdDeleteProfile(profile=\"%s\")", |
213 | profile ? (char *)profile : "(null)"); | |
214 | ||
a4924f6c MS |
215 | #ifdef HAVE_SANDBOX_H |
216 | if (profile) | |
217 | { | |
218 | unlink((char *)profile); | |
219 | free(profile); | |
220 | } | |
221 | #endif /* HAVE_SANDBOX_H */ | |
222 | } | |
e00b005a | 223 | |
224 | ||
ef416fc2 | 225 | /* |
226 | * 'cupsdEndProcess()' - End a process. | |
227 | */ | |
228 | ||
229 | int /* O - 0 on success, -1 on failure */ | |
230 | cupsdEndProcess(int pid, /* I - Process ID */ | |
231 | int force) /* I - Force child to die */ | |
232 | { | |
b9faaae1 MS |
233 | cupsdLogMessage(CUPSD_LOG_DEBUG2, "cupsdEndProcess(pid=%d, force=%d)", pid, |
234 | force); | |
235 | ||
ef55b745 MS |
236 | if (!pid) |
237 | return (0); | |
88f9aafc MS |
238 | |
239 | if (!RunUser) | |
240 | { | |
241 | /* | |
242 | * When running as root, cupsd puts child processes in their own process | |
243 | * group. Using "-pid" sends a signal to all processes in the group. | |
244 | */ | |
245 | ||
246 | pid = -pid; | |
247 | } | |
248 | ||
249 | if (force) | |
ef416fc2 | 250 | return (kill(pid, SIGKILL)); |
251 | else | |
252 | return (kill(pid, SIGTERM)); | |
253 | } | |
254 | ||
255 | ||
e00b005a | 256 | /* |
257 | * 'cupsdFinishProcess()' - Finish a process and get its name. | |
258 | */ | |
259 | ||
260 | const char * /* O - Process name */ | |
261 | cupsdFinishProcess(int pid, /* I - Process ID */ | |
262 | char *name, /* I - Name buffer */ | |
b9faaae1 MS |
263 | int namelen, /* I - Size of name buffer */ |
264 | int *job_id) /* O - Job ID pointer or NULL */ | |
e00b005a | 265 | { |
266 | cupsd_proc_t key, /* Search key */ | |
267 | *proc; /* Matching process */ | |
268 | ||
269 | ||
270 | key.pid = pid; | |
271 | ||
272 | if ((proc = (cupsd_proc_t *)cupsArrayFind(process_array, &key)) != NULL) | |
273 | { | |
b9faaae1 MS |
274 | if (job_id) |
275 | *job_id = proc->job_id; | |
276 | ||
e00b005a | 277 | strlcpy(name, proc->name, namelen); |
278 | cupsArrayRemove(process_array, proc); | |
279 | free(proc); | |
e00b005a | 280 | } |
281 | else | |
b9faaae1 MS |
282 | { |
283 | if (job_id) | |
284 | *job_id = 0; | |
285 | ||
286 | strlcpy(name, "unknown", namelen); | |
287 | } | |
288 | ||
289 | cupsdLogMessage(CUPSD_LOG_DEBUG2, | |
290 | "cupsdFinishProcess(pid=%d, name=%p, namelen=%d, " | |
291 | "job_id=%p(%d)) = \"%s\"", pid, name, namelen, job_id, | |
292 | job_id ? *job_id : 0, name); | |
293 | ||
294 | return (name); | |
e00b005a | 295 | } |
296 | ||
297 | ||
ef416fc2 | 298 | /* |
299 | * 'cupsdStartProcess()' - Start a process. | |
300 | */ | |
301 | ||
302 | int /* O - Process ID or 0 */ | |
303 | cupsdStartProcess( | |
b9faaae1 MS |
304 | const char *command, /* I - Full path to command */ |
305 | char *argv[], /* I - Command-line arguments */ | |
306 | char *envp[], /* I - Environment */ | |
307 | int infd, /* I - Standard input file descriptor */ | |
308 | int outfd, /* I - Standard output file descriptor */ | |
309 | int errfd, /* I - Standard error file descriptor */ | |
310 | int backfd, /* I - Backchannel file descriptor */ | |
311 | int sidefd, /* I - Sidechannel file descriptor */ | |
312 | int root, /* I - Run as root? */ | |
313 | void *profile, /* I - Security profile to use */ | |
38e73f87 | 314 | cupsd_job_t *job, /* I - Job associated with process */ |
b9faaae1 | 315 | int *pid) /* O - Process ID */ |
ef416fc2 | 316 | { |
0268488e | 317 | int i; /* Looping var */ |
e60ec91f | 318 | const char *exec_path = command; /* Command to be exec'd */ |
0268488e MS |
319 | char *real_argv[103], /* Real command-line arguments */ |
320 | cups_exec[1024]; /* Path to "cups-exec" program */ | |
7e86f2f6 | 321 | uid_t user; /* Command UID */ |
e00b005a | 322 | cupsd_proc_t *proc; /* New process record */ |
ef416fc2 | 323 | #if defined(HAVE_SIGACTION) && !defined(HAVE_SIGSET) |
e00b005a | 324 | struct sigaction action; /* POSIX signal handler */ |
ef416fc2 | 325 | #endif /* HAVE_SIGACTION && !HAVE_SIGSET */ |
e53920b9 | 326 | #if defined(__APPLE__) |
e00b005a | 327 | char processPath[1024], /* CFProcessPath environment variable */ |
328 | linkpath[1024]; /* Link path for symlinks... */ | |
329 | int linkbytes; /* Bytes for link path */ | |
e53920b9 | 330 | #endif /* __APPLE__ */ |
ef416fc2 | 331 | |
332 | ||
22c9029b MS |
333 | *pid = 0; |
334 | ||
0268488e MS |
335 | /* |
336 | * Figure out the UID for the child process... | |
337 | */ | |
338 | ||
bf3816c7 MS |
339 | if (RunUser) |
340 | user = RunUser; | |
341 | else if (root) | |
342 | user = 0; | |
343 | else | |
344 | user = User; | |
345 | ||
0268488e MS |
346 | /* |
347 | * Check the permissions of the command we are running... | |
348 | */ | |
349 | ||
22c9029b MS |
350 | if (_cupsFileCheck(command, _CUPS_FILE_CHECK_PROGRAM, !RunUser, |
351 | cupsdLogFCMessage, job ? job->printer : NULL)) | |
bf3816c7 | 352 | return (0); |
76cd9e37 | 353 | |
e53920b9 | 354 | #if defined(__APPLE__) |
355 | if (envp) | |
e00b005a | 356 | { |
357 | /* | |
f3c17241 MS |
358 | * Add special voodoo magic for OS X - this allows OS X programs to access |
359 | * their bundle resources properly... | |
e00b005a | 360 | */ |
361 | ||
e53920b9 | 362 | if ((linkbytes = readlink(command, linkpath, sizeof(linkpath) - 1)) > 0) |
363 | { | |
364 | /* | |
365 | * Yes, this is a symlink to the actual program, nul-terminate and | |
366 | * use it... | |
367 | */ | |
368 | ||
369 | linkpath[linkbytes] = '\0'; | |
e00b005a | 370 | |
e53920b9 | 371 | if (linkpath[0] == '/') |
372 | snprintf(processPath, sizeof(processPath), "CFProcessPath=%s", | |
373 | linkpath); | |
374 | else | |
375 | snprintf(processPath, sizeof(processPath), "CFProcessPath=%s/%s", | |
f7deaa1a | 376 | dirname((char *)command), linkpath); |
e53920b9 | 377 | } |
e00b005a | 378 | else |
e53920b9 | 379 | snprintf(processPath, sizeof(processPath), "CFProcessPath=%s", command); |
bd7854cb | 380 | |
e53920b9 | 381 | envp[0] = processPath; /* Replace <CFProcessPath> string */ |
382 | } | |
383 | #endif /* __APPLE__ */ | |
e00b005a | 384 | |
0268488e MS |
385 | /* |
386 | * Use helper program when we have a sandbox profile... | |
387 | */ | |
388 | ||
389 | if (profile) | |
390 | { | |
391 | snprintf(cups_exec, sizeof(cups_exec), "%s/daemon/cups-exec", ServerBin); | |
392 | ||
393 | real_argv[0] = cups_exec; | |
394 | real_argv[1] = profile; | |
395 | real_argv[2] = (char *)command; | |
396 | ||
397 | for (i = 0; | |
398 | i < (int)(sizeof(real_argv) / sizeof(real_argv[0]) - 4) && argv[i]; | |
399 | i ++) | |
400 | real_argv[i + 3] = argv[i]; | |
401 | ||
402 | real_argv[i + 3] = NULL; | |
403 | ||
e60ec91f MS |
404 | argv = real_argv; |
405 | exec_path = cups_exec; | |
0268488e MS |
406 | } |
407 | ||
ef416fc2 | 408 | /* |
409 | * Block signals before forking... | |
410 | */ | |
411 | ||
412 | cupsdHoldSignals(); | |
413 | ||
414 | if ((*pid = fork()) == 0) | |
415 | { | |
416 | /* | |
88f9aafc MS |
417 | * Child process goes here; update stderr as needed... |
418 | */ | |
419 | ||
420 | if (errfd != 2) | |
421 | { | |
422 | if (errfd < 0) | |
423 | errfd = open("/dev/null", O_WRONLY); | |
424 | ||
425 | if (errfd != 2) | |
426 | { | |
427 | dup2(errfd, 2); | |
428 | close(errfd); | |
429 | } | |
430 | } | |
431 | ||
432 | /* | |
433 | * Put this process in its own process group so that we can kill any child | |
434 | * processes it creates. | |
435 | */ | |
436 | ||
437 | #ifdef HAVE_SETPGID | |
438 | if (!RunUser && setpgid(0, 0)) | |
439 | exit(errno + 100); | |
440 | #else | |
441 | if (!RunUser && setpgrp()) | |
442 | exit(errno + 100); | |
443 | #endif /* HAVE_SETPGID */ | |
444 | ||
445 | /* | |
446 | * Update the remaining file descriptors as needed... | |
ef416fc2 | 447 | */ |
448 | ||
449 | if (infd != 0) | |
450 | { | |
68b10830 MS |
451 | if (infd < 0) |
452 | infd = open("/dev/null", O_RDONLY); | |
453 | ||
454 | if (infd != 0) | |
455 | { | |
456 | dup2(infd, 0); | |
457 | close(infd); | |
458 | } | |
ef416fc2 | 459 | } |
68b10830 | 460 | |
ef416fc2 | 461 | if (outfd != 1) |
462 | { | |
68b10830 MS |
463 | if (outfd < 0) |
464 | outfd = open("/dev/null", O_WRONLY); | |
465 | ||
466 | if (outfd != 1) | |
467 | { | |
468 | dup2(outfd, 1); | |
469 | close(outfd); | |
470 | } | |
ef416fc2 | 471 | } |
68b10830 | 472 | |
68b10830 | 473 | if (backfd != 3 && backfd >= 0) |
ef416fc2 | 474 | { |
68b10830 MS |
475 | dup2(backfd, 3); |
476 | close(backfd); | |
ef416fc2 | 477 | fcntl(3, F_SETFL, O_NDELAY); |
478 | } | |
68b10830 MS |
479 | |
480 | if (sidefd != 4 && sidefd >= 0) | |
f7deaa1a | 481 | { |
68b10830 MS |
482 | dup2(sidefd, 4); |
483 | close(sidefd); | |
f7deaa1a | 484 | fcntl(4, F_SETFL, O_NDELAY); |
485 | } | |
ef416fc2 | 486 | |
487 | /* | |
488 | * Change the priority of the process based on the FilterNice setting. | |
5bd77a73 | 489 | * (this is not done for root processes...) |
ef416fc2 | 490 | */ |
491 | ||
492 | if (!root) | |
493 | nice(FilterNice); | |
494 | ||
495 | /* | |
88f9aafc | 496 | * Reset group membership to just the main one we belong to. |
ef416fc2 | 497 | */ |
498 | ||
88f9aafc MS |
499 | if (!RunUser && setgid(Group)) |
500 | exit(errno + 100); | |
ef416fc2 | 501 | |
88f9aafc MS |
502 | if (!RunUser && setgroups(1, &Group)) |
503 | exit(errno + 100); | |
ef416fc2 | 504 | |
88f9aafc MS |
505 | /* |
506 | * Change user to something "safe"... | |
507 | */ | |
41681883 | 508 | |
88f9aafc MS |
509 | if (!RunUser && user && setuid(user)) |
510 | exit(errno + 100); | |
ef416fc2 | 511 | |
512 | /* | |
513 | * Change umask to restrict permissions on created files... | |
514 | */ | |
515 | ||
516 | umask(077); | |
517 | ||
518 | /* | |
519 | * Unblock signals before doing the exec... | |
520 | */ | |
521 | ||
522 | #ifdef HAVE_SIGSET | |
523 | sigset(SIGTERM, SIG_DFL); | |
524 | sigset(SIGCHLD, SIG_DFL); | |
ef55b745 | 525 | sigset(SIGPIPE, SIG_DFL); |
ef416fc2 | 526 | #elif defined(HAVE_SIGACTION) |
527 | memset(&action, 0, sizeof(action)); | |
528 | ||
529 | sigemptyset(&action.sa_mask); | |
530 | action.sa_handler = SIG_DFL; | |
531 | ||
532 | sigaction(SIGTERM, &action, NULL); | |
533 | sigaction(SIGCHLD, &action, NULL); | |
ef55b745 | 534 | sigaction(SIGPIPE, &action, NULL); |
ef416fc2 | 535 | #else |
536 | signal(SIGTERM, SIG_DFL); | |
537 | signal(SIGCHLD, SIG_DFL); | |
ef55b745 | 538 | signal(SIGPIPE, SIG_DFL); |
ef416fc2 | 539 | #endif /* HAVE_SIGSET */ |
540 | ||
541 | cupsdReleaseSignals(); | |
542 | ||
543 | /* | |
0268488e MS |
544 | * Execute the command; if for some reason this doesn't work, log an error |
545 | * exit with a non-zero value... | |
ef416fc2 | 546 | */ |
547 | ||
548 | if (envp) | |
e60ec91f | 549 | execve(exec_path, argv, envp); |
ef416fc2 | 550 | else |
e60ec91f | 551 | execv(exec_path, argv); |
ef416fc2 | 552 | |
88f9aafc | 553 | exit(errno + 100); |
ef416fc2 | 554 | } |
555 | else if (*pid < 0) | |
556 | { | |
557 | /* | |
558 | * Error - couldn't fork a new process! | |
559 | */ | |
560 | ||
561 | cupsdLogMessage(CUPSD_LOG_ERROR, "Unable to fork %s - %s.", command, | |
562 | strerror(errno)); | |
563 | ||
564 | *pid = 0; | |
565 | } | |
e00b005a | 566 | else |
567 | { | |
568 | if (!process_array) | |
569 | process_array = cupsArrayNew((cups_array_func_t)compare_procs, NULL); | |
f3c17241 | 570 | |
e00b005a | 571 | if (process_array) |
572 | { | |
573 | if ((proc = calloc(1, sizeof(cupsd_proc_t) + strlen(command))) != NULL) | |
574 | { | |
b9faaae1 | 575 | proc->pid = *pid; |
38e73f87 | 576 | proc->job_id = job ? job->id : 0; |
e60ec91f | 577 | _cups_strcpy(proc->name, command); |
e00b005a | 578 | |
579 | cupsArrayAdd(process_array, proc); | |
580 | } | |
581 | } | |
582 | } | |
ef416fc2 | 583 | |
584 | cupsdReleaseSignals(); | |
585 | ||
b9faaae1 MS |
586 | cupsdLogMessage(CUPSD_LOG_DEBUG2, |
587 | "cupsdStartProcess(command=\"%s\", argv=%p, envp=%p, " | |
588 | "infd=%d, outfd=%d, errfd=%d, backfd=%d, sidefd=%d, root=%d, " | |
38e73f87 | 589 | "profile=%p, job=%p(%d), pid=%p) = %d", |
b9faaae1 | 590 | command, argv, envp, infd, outfd, errfd, backfd, sidefd, |
38e73f87 | 591 | root, profile, job, job ? job->id : 0, pid, *pid); |
b9faaae1 | 592 | |
ef416fc2 | 593 | return (*pid); |
594 | } | |
595 | ||
596 | ||
597 | /* | |
e00b005a | 598 | * 'compare_procs()' - Compare two processes. |
599 | */ | |
600 | ||
601 | static int /* O - Result of comparison */ | |
602 | compare_procs(cupsd_proc_t *a, /* I - First process */ | |
603 | cupsd_proc_t *b) /* I - Second process */ | |
604 | { | |
605 | return (a->pid - b->pid); | |
606 | } | |
607 | ||
608 | ||
a4924f6c MS |
609 | #ifdef HAVE_SANDBOX_H |
610 | /* | |
611 | * 'cupsd_requote()' - Make a regular-expression version of a string. | |
612 | */ | |
613 | ||
614 | static char * /* O - Quoted string */ | |
615 | cupsd_requote(char *dst, /* I - Destination buffer */ | |
616 | const char *src, /* I - Source string */ | |
617 | size_t dstsize) /* I - Size of destination buffer */ | |
618 | { | |
619 | int ch; /* Current character */ | |
620 | char *dstptr, /* Current position in buffer */ | |
621 | *dstend; /* End of destination buffer */ | |
622 | ||
623 | ||
624 | dstptr = dst; | |
625 | dstend = dst + dstsize - 2; | |
626 | ||
627 | while (*src && dstptr < dstend) | |
628 | { | |
629 | ch = *src++; | |
630 | ||
cb7f98ee MS |
631 | if (ch == '/' && !*src) |
632 | break; /* Don't add trailing slash */ | |
633 | ||
a4924f6c MS |
634 | if (strchr(".?*()[]^$\\", ch)) |
635 | *dstptr++ = '\\'; | |
636 | ||
7e86f2f6 | 637 | *dstptr++ = (char)ch; |
a4924f6c MS |
638 | } |
639 | ||
640 | *dstptr = '\0'; | |
641 | ||
642 | return (dst); | |
643 | } | |
644 | #endif /* HAVE_SANDBOX_H */ | |
645 | ||
646 | ||
e00b005a | 647 | /* |
f2d18633 | 648 | * End of "$Id$". |
ef416fc2 | 649 | */ |