]>
Commit | Line | Data |
---|---|---|
c2f1db8f | 1 | #pragma once |
5cb5a6ff | 2 | |
a7334b09 LP |
3 | /*** |
4 | This file is part of systemd. | |
5 | ||
6 | Copyright 2010 Lennart Poettering | |
7 | ||
8 | systemd is free software; you can redistribute it and/or modify it | |
5430f7f2 LP |
9 | under the terms of the GNU Lesser General Public License as published by |
10 | the Free Software Foundation; either version 2.1 of the License, or | |
a7334b09 LP |
11 | (at your option) any later version. |
12 | ||
13 | systemd is distributed in the hope that it will be useful, but | |
14 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
5430f7f2 | 16 | Lesser General Public License for more details. |
a7334b09 | 17 | |
5430f7f2 | 18 | You should have received a copy of the GNU Lesser General Public License |
a7334b09 LP |
19 | along with systemd; If not, see <http://www.gnu.org/licenses/>. |
20 | ***/ | |
21 | ||
5cb5a6ff LP |
22 | typedef struct ExecStatus ExecStatus; |
23 | typedef struct ExecCommand ExecCommand; | |
24 | typedef struct ExecContext ExecContext; | |
613b411c | 25 | typedef struct ExecRuntime ExecRuntime; |
9fa95f85 | 26 | typedef struct ExecParameters ExecParameters; |
5cb5a6ff | 27 | |
71d35b6b | 28 | #include <sched.h> |
5cb5a6ff LP |
29 | #include <stdbool.h> |
30 | #include <stdio.h> | |
71d35b6b | 31 | #include <sys/capability.h> |
5cb5a6ff | 32 | |
9ce93478 | 33 | #include "cgroup-util.h" |
613b411c | 34 | #include "fdset.h" |
71d35b6b | 35 | #include "list.h" |
517d56b1 | 36 | #include "missing.h" |
417116f2 | 37 | #include "namespace.h" |
5cb5a6ff | 38 | |
023a4f67 LP |
39 | typedef enum ExecUtmpMode { |
40 | EXEC_UTMP_INIT, | |
41 | EXEC_UTMP_LOGIN, | |
42 | EXEC_UTMP_USER, | |
43 | _EXEC_UTMP_MODE_MAX, | |
2307f37e | 44 | _EXEC_UTMP_MODE_INVALID = -1 |
023a4f67 LP |
45 | } ExecUtmpMode; |
46 | ||
80876c20 LP |
47 | typedef enum ExecInput { |
48 | EXEC_INPUT_NULL, | |
49 | EXEC_INPUT_TTY, | |
50 | EXEC_INPUT_TTY_FORCE, | |
51 | EXEC_INPUT_TTY_FAIL, | |
4f2d528d | 52 | EXEC_INPUT_SOCKET, |
80876c20 LP |
53 | _EXEC_INPUT_MAX, |
54 | _EXEC_INPUT_INVALID = -1 | |
55 | } ExecInput; | |
56 | ||
071830ff | 57 | typedef enum ExecOutput { |
80876c20 | 58 | EXEC_OUTPUT_INHERIT, |
94f04347 | 59 | EXEC_OUTPUT_NULL, |
80876c20 | 60 | EXEC_OUTPUT_TTY, |
94f04347 | 61 | EXEC_OUTPUT_SYSLOG, |
28dbc1e8 | 62 | EXEC_OUTPUT_SYSLOG_AND_CONSOLE, |
9a6bca7a | 63 | EXEC_OUTPUT_KMSG, |
28dbc1e8 | 64 | EXEC_OUTPUT_KMSG_AND_CONSOLE, |
706343f4 LP |
65 | EXEC_OUTPUT_JOURNAL, |
66 | EXEC_OUTPUT_JOURNAL_AND_CONSOLE, | |
4f2d528d | 67 | EXEC_OUTPUT_SOCKET, |
94f04347 LP |
68 | _EXEC_OUTPUT_MAX, |
69 | _EXEC_OUTPUT_INVALID = -1 | |
071830ff LP |
70 | } ExecOutput; |
71 | ||
5cb5a6ff | 72 | struct ExecStatus { |
63983207 LP |
73 | dual_timestamp start_timestamp; |
74 | dual_timestamp exit_timestamp; | |
9d58f1db | 75 | pid_t pid; |
9152c765 LP |
76 | int code; /* as in siginfo_t::si_code */ |
77 | int status; /* as in sigingo_t::si_status */ | |
5cb5a6ff LP |
78 | }; |
79 | ||
80 | struct ExecCommand { | |
81 | char *path; | |
82 | char **argv; | |
034c6ed7 LP |
83 | ExecStatus exec_status; |
84 | LIST_FIELDS(ExecCommand, command); /* useful for chaining commands */ | |
cf677fe6 AP |
85 | bool ignore:1; |
86 | bool privileged:1; | |
5cb5a6ff LP |
87 | }; |
88 | ||
613b411c LP |
89 | struct ExecRuntime { |
90 | int n_ref; | |
91 | ||
92 | char *tmp_dir; | |
93 | char *var_tmp_dir; | |
94 | ||
29206d46 LP |
95 | /* An AF_UNIX socket pair, that contains a datagram containing a file descriptor referring to the network |
96 | * namespace. */ | |
613b411c LP |
97 | int netns_storage_socket[2]; |
98 | }; | |
99 | ||
5cb5a6ff LP |
100 | struct ExecContext { |
101 | char **environment; | |
8c7be95e | 102 | char **environment_files; |
b4c14404 | 103 | char **pass_environment; |
8c7be95e | 104 | |
517d56b1 | 105 | struct rlimit *rlimit[_RLIMIT_MAX]; |
9eba9da4 | 106 | char *working_directory, *root_directory; |
4c08c824 | 107 | bool working_directory_missing_ok; |
5f5d8eab | 108 | bool working_directory_home; |
9d58f1db LP |
109 | |
110 | mode_t umask; | |
dd6c17b1 | 111 | int oom_score_adjust; |
5cb5a6ff | 112 | int nice; |
9eba9da4 | 113 | int ioprio; |
94f04347 LP |
114 | int cpu_sched_policy; |
115 | int cpu_sched_priority; | |
9d58f1db | 116 | |
82c121a4 LP |
117 | cpu_set_t *cpuset; |
118 | unsigned cpuset_ncpus; | |
fb33a393 | 119 | |
80876c20 LP |
120 | ExecInput std_input; |
121 | ExecOutput std_output; | |
122 | ExecOutput std_error; | |
123 | ||
d88a251b | 124 | nsec_t timer_slack_nsec; |
071830ff | 125 | |
1e22b5cd LP |
126 | bool stdio_as_fds; |
127 | ||
9d58f1db | 128 | char *tty_path; |
5cb5a6ff | 129 | |
6ea832a2 LP |
130 | bool tty_reset; |
131 | bool tty_vhangup; | |
132 | bool tty_vt_disallocate; | |
133 | ||
353e12c2 LP |
134 | bool ignore_sigpipe; |
135 | ||
61233823 | 136 | /* Since resolving these names might involve socket |
5cb5a6ff | 137 | * connections and we don't want to deadlock ourselves these |
94f04347 LP |
138 | * names are resolved on execution only and in the child |
139 | * process. */ | |
5cb5a6ff LP |
140 | char *user; |
141 | char *group; | |
142 | char **supplementary_groups; | |
9d58f1db | 143 | |
5b6319dc LP |
144 | char *pam_name; |
145 | ||
169c1bda | 146 | char *utmp_id; |
023a4f67 | 147 | ExecUtmpMode utmp_mode; |
169c1bda | 148 | |
5f8640fb | 149 | bool selinux_context_ignore; |
7b52a628 MS |
150 | char *selinux_context; |
151 | ||
eef65bf3 MS |
152 | bool apparmor_profile_ignore; |
153 | char *apparmor_profile; | |
154 | ||
2ca620c4 WC |
155 | bool smack_process_label_ignore; |
156 | char *smack_process_label; | |
157 | ||
2a624c36 | 158 | char **read_write_paths, **read_only_paths, **inaccessible_paths; |
15ae422b LP |
159 | unsigned long mount_flags; |
160 | ||
a103496c | 161 | uint64_t capability_bounding_set; |
755d4b67 | 162 | uint64_t capability_ambient_set; |
9d58f1db LP |
163 | int secure_bits; |
164 | ||
7fab9d01 LP |
165 | int syslog_priority; |
166 | char *syslog_identifier; | |
167 | bool syslog_level_prefix; | |
168 | ||
9d58f1db LP |
169 | bool cpu_sched_reset_on_fork; |
170 | bool non_blocking; | |
15ae422b | 171 | bool private_tmp; |
ff01d048 | 172 | bool private_network; |
7f112f50 | 173 | bool private_devices; |
d251207d | 174 | bool private_users; |
1b8689f9 LP |
175 | ProtectSystem protect_system; |
176 | ProtectHome protect_home; | |
59eeb84b LP |
177 | bool protect_kernel_tunables; |
178 | bool protect_control_groups; | |
9d58f1db | 179 | |
8351ceae LP |
180 | bool no_new_privileges; |
181 | ||
29206d46 | 182 | bool dynamic_user; |
00d9ef85 | 183 | bool remove_ipc; |
29206d46 | 184 | |
9d58f1db LP |
185 | /* This is not exposed to the user but available |
186 | * internally. We need it to make sure that whenever we spawn | |
f00929ad | 187 | * /usr/bin/mount it is run in the same process group as us so |
9d58f1db LP |
188 | * that the autofs logic detects that it belongs to us and we |
189 | * don't enter a trigger loop. */ | |
74922904 | 190 | bool same_pgrp; |
2e22afe9 | 191 | |
ac45f971 LP |
192 | unsigned long personality; |
193 | ||
17df7223 | 194 | Set *syscall_filter; |
57183d11 | 195 | Set *syscall_archs; |
17df7223 LP |
196 | int syscall_errno; |
197 | bool syscall_whitelist:1; | |
8351ceae | 198 | |
4298d0b5 LP |
199 | Set *address_families; |
200 | bool address_families_whitelist:1; | |
201 | ||
e66cf1a3 LP |
202 | char **runtime_directory; |
203 | mode_t runtime_directory_mode; | |
204 | ||
f4170c67 LP |
205 | bool memory_deny_write_execute; |
206 | bool restrict_realtime; | |
207 | ||
dd6c17b1 | 208 | bool oom_score_adjust_set:1; |
7fab9d01 LP |
209 | bool nice_set:1; |
210 | bool ioprio_set:1; | |
211 | bool cpu_sched_set:1; | |
760b9d7c | 212 | bool no_new_privileges_set:1; |
5cb5a6ff LP |
213 | }; |
214 | ||
c39f1ce2 LP |
215 | typedef enum ExecFlags { |
216 | EXEC_CONFIRM_SPAWN = 1U << 0, | |
217 | EXEC_APPLY_PERMISSIONS = 1U << 1, | |
218 | EXEC_APPLY_CHROOT = 1U << 2, | |
219 | EXEC_APPLY_TTY_STDIN = 1U << 3, | |
220 | ||
9c1a61ad | 221 | /* The following are not used by execute.c, but by consumers internally */ |
c39f1ce2 LP |
222 | EXEC_PASS_FDS = 1U << 4, |
223 | EXEC_IS_CONTROL = 1U << 5, | |
136dc4c4 | 224 | EXEC_SETENV_RESULT = 1U << 6, |
b08af3b1 | 225 | EXEC_SET_WATCHDOG = 1U << 7, |
c39f1ce2 LP |
226 | } ExecFlags; |
227 | ||
9fa95f85 DM |
228 | struct ExecParameters { |
229 | char **argv; | |
a34ceba6 | 230 | char **environment; |
8dd4c05b LP |
231 | |
232 | int *fds; | |
233 | char **fd_names; | |
234 | unsigned n_fds; | |
235 | ||
c39f1ce2 | 236 | ExecFlags flags; |
a34ceba6 | 237 | bool selinux_context_net:1; |
8dd4c05b | 238 | |
a34ceba6 | 239 | bool cgroup_delegate:1; |
efdb0237 | 240 | CGroupMask cgroup_supported; |
9fa95f85 | 241 | const char *cgroup_path; |
8dd4c05b | 242 | |
9fa95f85 | 243 | const char *runtime_prefix; |
8dd4c05b | 244 | |
9fa95f85 | 245 | usec_t watchdog_usec; |
8dd4c05b | 246 | |
9fa95f85 | 247 | int *idle_pipe; |
8dd4c05b | 248 | |
a34ceba6 LP |
249 | int stdin_fd; |
250 | int stdout_fd; | |
251 | int stderr_fd; | |
9fa95f85 DM |
252 | }; |
253 | ||
9ce93478 | 254 | #include "unit.h" |
29206d46 | 255 | #include "dynamic-user.h" |
9ce93478 | 256 | |
f2341e0a LP |
257 | int exec_spawn(Unit *unit, |
258 | ExecCommand *command, | |
9fa95f85 DM |
259 | const ExecContext *context, |
260 | const ExecParameters *exec_params, | |
613b411c | 261 | ExecRuntime *runtime, |
29206d46 | 262 | DynamicCreds *dynamic_creds, |
81a2b7ce | 263 | pid_t *ret); |
5cb5a6ff | 264 | |
43d0fcbd LP |
265 | void exec_command_done(ExecCommand *c); |
266 | void exec_command_done_array(ExecCommand *c, unsigned n); | |
267 | ||
f1acf85a | 268 | ExecCommand* exec_command_free_list(ExecCommand *c); |
034c6ed7 | 269 | void exec_command_free_array(ExecCommand **c, unsigned n); |
5cb5a6ff | 270 | |
9e2f7c11 LP |
271 | char *exec_command_line(char **argv); |
272 | ||
44d8db9e LP |
273 | void exec_command_dump(ExecCommand *c, FILE *f, const char *prefix); |
274 | void exec_command_dump_list(ExecCommand *c, FILE *f, const char *prefix); | |
a6a80b4f | 275 | void exec_command_append_list(ExecCommand **l, ExecCommand *e); |
26fd040d | 276 | int exec_command_set(ExecCommand *c, const char *path, ...); |
86b23b07 | 277 | int exec_command_append(ExecCommand *c, const char *path, ...); |
44d8db9e | 278 | |
034c6ed7 | 279 | void exec_context_init(ExecContext *c); |
613b411c | 280 | void exec_context_done(ExecContext *c); |
5cb5a6ff LP |
281 | void exec_context_dump(ExecContext *c, FILE* f, const char *prefix); |
282 | ||
e66cf1a3 LP |
283 | int exec_context_destroy_runtime_directory(ExecContext *c, const char *runtime_root); |
284 | ||
f2341e0a | 285 | int exec_context_load_environment(Unit *unit, const ExecContext *c, char ***l); |
8c7be95e | 286 | |
6ac8fdc9 | 287 | bool exec_context_may_touch_console(ExecContext *c); |
a931ad47 | 288 | bool exec_context_maintains_privileges(ExecContext *c); |
6ac8fdc9 | 289 | |
b58b4116 | 290 | void exec_status_start(ExecStatus *s, pid_t pid); |
6ea832a2 | 291 | void exec_status_exit(ExecStatus *s, ExecContext *context, pid_t pid, int code, int status); |
9fb86720 | 292 | void exec_status_dump(ExecStatus *s, FILE *f, const char *prefix); |
5cb5a6ff | 293 | |
613b411c LP |
294 | int exec_runtime_make(ExecRuntime **rt, ExecContext *c, const char *id); |
295 | ExecRuntime *exec_runtime_ref(ExecRuntime *r); | |
296 | ExecRuntime *exec_runtime_unref(ExecRuntime *r); | |
297 | ||
f2341e0a LP |
298 | int exec_runtime_serialize(Unit *unit, ExecRuntime *rt, FILE *f, FDSet *fds); |
299 | int exec_runtime_deserialize_item(Unit *unit, ExecRuntime **rt, const char *key, const char *value, FDSet *fds); | |
613b411c LP |
300 | |
301 | void exec_runtime_destroy(ExecRuntime *rt); | |
302 | ||
44a6b1b6 ZJS |
303 | const char* exec_output_to_string(ExecOutput i) _const_; |
304 | ExecOutput exec_output_from_string(const char *s) _pure_; | |
94f04347 | 305 | |
44a6b1b6 ZJS |
306 | const char* exec_input_to_string(ExecInput i) _const_; |
307 | ExecInput exec_input_from_string(const char *s) _pure_; | |
023a4f67 LP |
308 | |
309 | const char* exec_utmp_mode_to_string(ExecUtmpMode i) _const_; | |
310 | ExecUtmpMode exec_utmp_mode_from_string(const char *s) _pure_; |