[thirdparty/systemd.git] / src / core / execute.h

/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/

#pragma once

/***
  This file is part of systemd.

  Copyright 2010 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

typedef struct ExecStatus ExecStatus;
typedef struct ExecCommand ExecCommand;
typedef struct ExecContext ExecContext;
typedef struct ExecRuntime ExecRuntime;
typedef struct ExecParameters ExecParameters;

#include <sched.h>
#include <stdbool.h>
#include <stdio.h>
#include <sys/capability.h>

#include "bus-endpoint.h"
#include "fdset.h"
#include "list.h"
#include "missing.h"
#include "namespace.h"

typedef enum ExecUtmpMode {
        EXEC_UTMP_INIT,
        EXEC_UTMP_LOGIN,
        EXEC_UTMP_USER,
        _EXEC_UTMP_MODE_MAX,
        _EXEC_UTMP_MODE_INVALID = -1
} ExecUtmpMode;

typedef enum ExecInput {
        EXEC_INPUT_NULL,
        EXEC_INPUT_TTY,
        EXEC_INPUT_TTY_FORCE,
        EXEC_INPUT_TTY_FAIL,
        EXEC_INPUT_SOCKET,
        _EXEC_INPUT_MAX,
        _EXEC_INPUT_INVALID = -1
} ExecInput;

typedef enum ExecOutput {
        EXEC_OUTPUT_INHERIT,
        EXEC_OUTPUT_NULL,
        EXEC_OUTPUT_TTY,
        EXEC_OUTPUT_SYSLOG,
        EXEC_OUTPUT_SYSLOG_AND_CONSOLE,
        EXEC_OUTPUT_KMSG,
        EXEC_OUTPUT_KMSG_AND_CONSOLE,
        EXEC_OUTPUT_JOURNAL,
        EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
        EXEC_OUTPUT_SOCKET,
        _EXEC_OUTPUT_MAX,
        _EXEC_OUTPUT_INVALID = -1
} ExecOutput;

struct ExecStatus {
        dual_timestamp start_timestamp;
        dual_timestamp exit_timestamp;
        pid_t pid;
        int code;     /* as in siginfo_t::si_code */
        int status;   /* as in sigingo_t::si_status */
};

struct ExecCommand {
        char *path;
        char **argv;
        ExecStatus exec_status;
        LIST_FIELDS(ExecCommand, command); /* useful for chaining commands */
        bool ignore;
};

struct ExecRuntime {
        int n_ref;

        char *tmp_dir;
        char *var_tmp_dir;

        int netns_storage_socket[2];
};

struct ExecContext {
        char **environment;
        char **environment_files;
        char **pass_environment;

        struct rlimit *rlimit[_RLIMIT_MAX];
        char *working_directory, *root_directory;
        bool working_directory_missing_ok;
        bool working_directory_home;

        mode_t umask;
        int oom_score_adjust;
        int nice;
        int ioprio;
        int cpu_sched_policy;
        int cpu_sched_priority;

        cpu_set_t *cpuset;
        unsigned cpuset_ncpus;

        ExecInput std_input;
        ExecOutput std_output;
        ExecOutput std_error;

        nsec_t timer_slack_nsec;

        char *tty_path;

        bool tty_reset;
        bool tty_vhangup;
        bool tty_vt_disallocate;

        bool ignore_sigpipe;

        /* Since resolving these names might might involve socket
         * connections and we don't want to deadlock ourselves these
         * names are resolved on execution only and in the child
         * process. */
        char *user;
        char *group;
        char **supplementary_groups;

        char *pam_name;

        char *utmp_id;
        ExecUtmpMode utmp_mode;

        bool selinux_context_ignore;
        char *selinux_context;

        bool apparmor_profile_ignore;
        char *apparmor_profile;

        bool smack_process_label_ignore;
        char *smack_process_label;

        char **read_write_dirs, **read_only_dirs, **inaccessible_dirs;
        unsigned long mount_flags;

        uint64_t capability_bounding_set;

        uint64_t capability_ambient_set;

        cap_t capabilities;
        int secure_bits;

        int syslog_priority;
        char *syslog_identifier;
        bool syslog_level_prefix;

        bool cpu_sched_reset_on_fork;
        bool non_blocking;
        bool private_tmp;
        bool private_network;
        bool private_devices;
        ProtectSystem protect_system;
        ProtectHome protect_home;

        bool no_new_privileges;

        /* This is not exposed to the user but available
         * internally. We need it to make sure that whenever we spawn
         * /usr/bin/mount it is run in the same process group as us so
         * that the autofs logic detects that it belongs to us and we
         * don't enter a trigger loop. */
        bool same_pgrp;

        unsigned long personality;

        Set *syscall_filter;
        Set *syscall_archs;
        int syscall_errno;
        bool syscall_whitelist:1;

        Set *address_families;
        bool address_families_whitelist:1;

        char **runtime_directory;
        mode_t runtime_directory_mode;

        bool oom_score_adjust_set:1;
        bool nice_set:1;
        bool ioprio_set:1;
        bool cpu_sched_set:1;
        bool no_new_privileges_set:1;

        /* custom dbus enpoint */
        BusEndpoint *bus_endpoint;
};

#include "cgroup-util.h"
#include "cgroup.h"

struct ExecParameters {
        char **argv;
        char **environment;

        int *fds;
        char **fd_names;
        unsigned n_fds;

        bool apply_permissions:1;
        bool apply_chroot:1;
        bool apply_tty_stdin:1;

        bool confirm_spawn:1;
        bool selinux_context_net:1;

        bool cgroup_delegate:1;
        CGroupMask cgroup_supported;
        const char *cgroup_path;

        const char *runtime_prefix;

        usec_t watchdog_usec;

        int *idle_pipe;

        char *bus_endpoint_path;
        int bus_endpoint_fd;

        int stdin_fd;
        int stdout_fd;
        int stderr_fd;
};

int exec_spawn(Unit *unit,
               ExecCommand *command,
               const ExecContext *context,
               const ExecParameters *exec_params,
               ExecRuntime *runtime,
               pid_t *ret);

void exec_command_done(ExecCommand *c);
void exec_command_done_array(ExecCommand *c, unsigned n);

ExecCommand* exec_command_free_list(ExecCommand *c);
void exec_command_free_array(ExecCommand **c, unsigned n);

char *exec_command_line(char **argv);

void exec_command_dump(ExecCommand *c, FILE *f, const char *prefix);
void exec_command_dump_list(ExecCommand *c, FILE *f, const char *prefix);
void exec_command_append_list(ExecCommand **l, ExecCommand *e);
int exec_command_set(ExecCommand *c, const char *path, ...);
int exec_command_append(ExecCommand *c, const char *path, ...);

void exec_context_init(ExecContext *c);
void exec_context_done(ExecContext *c);
void exec_context_dump(ExecContext *c, FILE* f, const char *prefix);

int exec_context_destroy_runtime_directory(ExecContext *c, const char *runtime_root);

int exec_context_load_environment(Unit *unit, const ExecContext *c, char ***l);

bool exec_context_may_touch_console(ExecContext *c);
bool exec_context_maintains_privileges(ExecContext *c);

void exec_status_start(ExecStatus *s, pid_t pid);
void exec_status_exit(ExecStatus *s, ExecContext *context, pid_t pid, int code, int status);
void exec_status_dump(ExecStatus *s, FILE *f, const char *prefix);

int exec_runtime_make(ExecRuntime **rt, ExecContext *c, const char *id);
ExecRuntime *exec_runtime_ref(ExecRuntime *r);
ExecRuntime *exec_runtime_unref(ExecRuntime *r);

int exec_runtime_serialize(Unit *unit, ExecRuntime *rt, FILE *f, FDSet *fds);
int exec_runtime_deserialize_item(Unit *unit, ExecRuntime **rt, const char *key, const char *value, FDSet *fds);

void exec_runtime_destroy(ExecRuntime *rt);

const char* exec_output_to_string(ExecOutput i) _const_;
ExecOutput exec_output_from_string(const char *s) _pure_;

const char* exec_input_to_string(ExecInput i) _const_;
ExecInput exec_input_from_string(const char *s) _pure_;

const char* exec_utmp_mode_to_string(ExecUtmpMode i) _const_;
ExecUtmpMode exec_utmp_mode_from_string(const char *s) _pure_;
Commit	Line	Data
03467c88	1	/-- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil --/
5cb5a6ff	2
c2f1db8f	3	#pragma once
5cb5a6ff	4
a7334b09 LP	5	/***
	6	This file is part of systemd.
	7
	8	Copyright 2010 Lennart Poettering
	9
	10	systemd is free software; you can redistribute it and/or modify it
5430f7f2 LP	11	under the terms of the GNU Lesser General Public License as published by
5430f7f2 LP	12	the Free Software Foundation; either version 2.1 of the License, or
a7334b09 LP	13	(at your option) any later version.
	14
	15	systemd is distributed in the hope that it will be useful, but
	16	WITHOUT ANY WARRANTY; without even the implied warranty of
	17	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2	18	Lesser General Public License for more details.
a7334b09	19
5430f7f2	20	You should have received a copy of the GNU Lesser General Public License
a7334b09 LP	21	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	22	***/
	23
5cb5a6ff LP	24	typedef struct ExecStatus ExecStatus;
	25	typedef struct ExecCommand ExecCommand;
	26	typedef struct ExecContext ExecContext;
613b411c	27	typedef struct ExecRuntime ExecRuntime;
9fa95f85	28	typedef struct ExecParameters ExecParameters;
5cb5a6ff	29
71d35b6b	30	#include <sched.h>
5cb5a6ff LP	31	#include <stdbool.h>
5cb5a6ff LP	32	#include <stdio.h>
71d35b6b	33	#include <sys/capability.h>
5cb5a6ff	34
71d35b6b	35	#include "bus-endpoint.h"
613b411c	36	#include "fdset.h"
71d35b6b	37	#include "list.h"
517d56b1	38	#include "missing.h"
417116f2	39	#include "namespace.h"
5cb5a6ff	40
023a4f67 LP	41	typedef enum ExecUtmpMode {
	42	EXEC_UTMP_INIT,
	43	EXEC_UTMP_LOGIN,
	44	EXEC_UTMP_USER,
	45	_EXEC_UTMP_MODE_MAX,
2307f37e	46	_EXEC_UTMP_MODE_INVALID = -1
023a4f67 LP	47	} ExecUtmpMode;
023a4f67 LP	48
80876c20 LP	49	typedef enum ExecInput {
	50	EXEC_INPUT_NULL,
	51	EXEC_INPUT_TTY,
	52	EXEC_INPUT_TTY_FORCE,
	53	EXEC_INPUT_TTY_FAIL,
4f2d528d	54	EXEC_INPUT_SOCKET,
80876c20 LP	55	_EXEC_INPUT_MAX,
	56	_EXEC_INPUT_INVALID = -1
	57	} ExecInput;
	58
071830ff	59	typedef enum ExecOutput {
80876c20	60	EXEC_OUTPUT_INHERIT,
94f04347	61	EXEC_OUTPUT_NULL,
80876c20	62	EXEC_OUTPUT_TTY,
94f04347	63	EXEC_OUTPUT_SYSLOG,
28dbc1e8	64	EXEC_OUTPUT_SYSLOG_AND_CONSOLE,
9a6bca7a	65	EXEC_OUTPUT_KMSG,
28dbc1e8	66	EXEC_OUTPUT_KMSG_AND_CONSOLE,
706343f4 LP	67	EXEC_OUTPUT_JOURNAL,
706343f4 LP	68	EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
4f2d528d	69	EXEC_OUTPUT_SOCKET,
94f04347 LP	70	_EXEC_OUTPUT_MAX,
94f04347 LP	71	_EXEC_OUTPUT_INVALID = -1
071830ff LP	72	} ExecOutput;
071830ff LP	73
5cb5a6ff	74	struct ExecStatus {
63983207 LP	75	dual_timestamp start_timestamp;
63983207 LP	76	dual_timestamp exit_timestamp;
9d58f1db	77	pid_t pid;
9152c765 LP	78	int code; /* as in siginfo_t::si_code */
9152c765 LP	79	int status; /* as in sigingo_t::si_status */
5cb5a6ff LP	80	};
	81
	82	struct ExecCommand {
	83	char *path;
	84	char **argv;
034c6ed7 LP	85	ExecStatus exec_status;
034c6ed7 LP	86	LIST_FIELDS(ExecCommand, command); /* useful for chaining commands */
7fab9d01	87	bool ignore;
5cb5a6ff LP	88	};
5cb5a6ff LP	89
613b411c LP	90	struct ExecRuntime {
	91	int n_ref;
	92
	93	char *tmp_dir;
	94	char *var_tmp_dir;
	95
	96	int netns_storage_socket[2];
	97	};
	98
5cb5a6ff LP	99	struct ExecContext {
5cb5a6ff LP	100	char **environment;
8c7be95e	101	char **environment_files;
b4c14404	102	char **pass_environment;
8c7be95e	103
517d56b1	104	struct rlimit *rlimit[_RLIMIT_MAX];
9eba9da4	105	char working_directory, root_directory;
4c08c824	106	bool working_directory_missing_ok;
5f5d8eab	107	bool working_directory_home;
9d58f1db LP	108
9d58f1db LP	109	mode_t umask;
dd6c17b1	110	int oom_score_adjust;
5cb5a6ff	111	int nice;
9eba9da4	112	int ioprio;
94f04347 LP	113	int cpu_sched_policy;
94f04347 LP	114	int cpu_sched_priority;
9d58f1db	115
82c121a4 LP	116	cpu_set_t *cpuset;
82c121a4 LP	117	unsigned cpuset_ncpus;
fb33a393	118
80876c20 LP	119	ExecInput std_input;
	120	ExecOutput std_output;
	121	ExecOutput std_error;
	122
d88a251b	123	nsec_t timer_slack_nsec;
071830ff	124
9d58f1db	125	char *tty_path;
5cb5a6ff	126
6ea832a2 LP	127	bool tty_reset;
	128	bool tty_vhangup;
	129	bool tty_vt_disallocate;
	130
353e12c2 LP	131	bool ignore_sigpipe;
353e12c2 LP	132
94f04347	133	/* Since resolving these names might might involve socket
5cb5a6ff	134	* connections and we don't want to deadlock ourselves these
94f04347 LP	135	* names are resolved on execution only and in the child
94f04347 LP	136	* process. */
5cb5a6ff LP	137	char *user;
	138	char *group;
	139	char **supplementary_groups;
9d58f1db	140
5b6319dc LP	141	char *pam_name;
5b6319dc LP	142
169c1bda	143	char *utmp_id;
023a4f67	144	ExecUtmpMode utmp_mode;
169c1bda	145
5f8640fb	146	bool selinux_context_ignore;
7b52a628 MS	147	char *selinux_context;
7b52a628 MS	148
eef65bf3 MS	149	bool apparmor_profile_ignore;
	150	char *apparmor_profile;
	151
2ca620c4 WC	152	bool smack_process_label_ignore;
	153	char *smack_process_label;
	154
15ae422b LP	155	char read_write_dirs, read_only_dirs, **inaccessible_dirs;
	156	unsigned long mount_flags;
	157
a103496c	158	uint64_t capability_bounding_set;
9d58f1db	159
755d4b67 IP	160	uint64_t capability_ambient_set;
755d4b67 IP	161
9d58f1db LP	162	cap_t capabilities;
	163	int secure_bits;
	164
7fab9d01 LP	165	int syslog_priority;
	166	char *syslog_identifier;
	167	bool syslog_level_prefix;
	168
9d58f1db LP	169	bool cpu_sched_reset_on_fork;
9d58f1db LP	170	bool non_blocking;
15ae422b	171	bool private_tmp;
ff01d048	172	bool private_network;
7f112f50	173	bool private_devices;
1b8689f9 LP	174	ProtectSystem protect_system;
1b8689f9 LP	175	ProtectHome protect_home;
9d58f1db	176
8351ceae LP	177	bool no_new_privileges;
8351ceae LP	178
9d58f1db LP	179	/* This is not exposed to the user but available
9d58f1db LP	180	* internally. We need it to make sure that whenever we spawn
f00929ad	181	* /usr/bin/mount it is run in the same process group as us so
9d58f1db LP	182	* that the autofs logic detects that it belongs to us and we
9d58f1db LP	183	* don't enter a trigger loop. */
74922904	184	bool same_pgrp;
2e22afe9	185
ac45f971 LP	186	unsigned long personality;
ac45f971 LP	187
17df7223	188	Set *syscall_filter;
57183d11	189	Set *syscall_archs;
17df7223 LP	190	int syscall_errno;
17df7223 LP	191	bool syscall_whitelist:1;
8351ceae	192
4298d0b5 LP	193	Set *address_families;
	194	bool address_families_whitelist:1;
	195
e66cf1a3 LP	196	char **runtime_directory;
	197	mode_t runtime_directory_mode;
	198
dd6c17b1	199	bool oom_score_adjust_set:1;
7fab9d01 LP	200	bool nice_set:1;
	201	bool ioprio_set:1;
	202	bool cpu_sched_set:1;
760b9d7c	203	bool no_new_privileges_set:1;
bb7dd0b0 DM	204
	205	/* custom dbus enpoint */
	206	BusEndpoint *bus_endpoint;
5cb5a6ff LP	207	};
5cb5a6ff LP	208
c1ff5570	209	#include "cgroup-util.h"
71d35b6b	210	#include "cgroup.h"
4ad49000	211
9fa95f85 DM	212	struct ExecParameters {
9fa95f85 DM	213	char **argv;
a34ceba6	214	char **environment;
8dd4c05b LP	215
	216	int *fds;
	217	char **fd_names;
	218	unsigned n_fds;
	219
a34ceba6 LP	220	bool apply_permissions:1;
	221	bool apply_chroot:1;
	222	bool apply_tty_stdin:1;
8dd4c05b	223
a34ceba6 LP	224	bool confirm_spawn:1;
a34ceba6 LP	225	bool selinux_context_net:1;
8dd4c05b	226
a34ceba6	227	bool cgroup_delegate:1;
efdb0237	228	CGroupMask cgroup_supported;
9fa95f85	229	const char *cgroup_path;
8dd4c05b	230
9fa95f85	231	const char *runtime_prefix;
8dd4c05b	232
9fa95f85	233	usec_t watchdog_usec;
8dd4c05b	234
9fa95f85	235	int *idle_pipe;
8dd4c05b	236
e44da745 DM	237	char *bus_endpoint_path;
e44da745 DM	238	int bus_endpoint_fd;
a34ceba6 LP	239
	240	int stdin_fd;
	241	int stdout_fd;
	242	int stderr_fd;
9fa95f85 DM	243	};
9fa95f85 DM	244
f2341e0a LP	245	int exec_spawn(Unit *unit,
f2341e0a LP	246	ExecCommand *command,
9fa95f85 DM	247	const ExecContext *context,
9fa95f85 DM	248	const ExecParameters *exec_params,
613b411c	249	ExecRuntime *runtime,
81a2b7ce	250	pid_t *ret);
5cb5a6ff	251
43d0fcbd LP	252	void exec_command_done(ExecCommand *c);
	253	void exec_command_done_array(ExecCommand *c, unsigned n);
	254
f1acf85a	255	ExecCommand* exec_command_free_list(ExecCommand *c);
034c6ed7	256	void exec_command_free_array(ExecCommand **c, unsigned n);
5cb5a6ff	257
9e2f7c11 LP	258	char exec_command_line(char *argv);
9e2f7c11 LP	259
44d8db9e LP	260	void exec_command_dump(ExecCommand c, FILE f, const char *prefix);
44d8db9e LP	261	void exec_command_dump_list(ExecCommand c, FILE f, const char *prefix);
a6a80b4f	262	void exec_command_append_list(ExecCommand *l, ExecCommand e);
26fd040d	263	int exec_command_set(ExecCommand c, const char path, ...);
86b23b07	264	int exec_command_append(ExecCommand c, const char path, ...);
44d8db9e	265
034c6ed7	266	void exec_context_init(ExecContext *c);
613b411c	267	void exec_context_done(ExecContext *c);
5cb5a6ff LP	268	void exec_context_dump(ExecContext c, FILE f, const char *prefix);
5cb5a6ff LP	269
e66cf1a3 LP	270	int exec_context_destroy_runtime_directory(ExecContext c, const char runtime_root);
e66cf1a3 LP	271
f2341e0a	272	int exec_context_load_environment(Unit unit, const ExecContext c, char ***l);
8c7be95e	273
6ac8fdc9	274	bool exec_context_may_touch_console(ExecContext *c);
a931ad47	275	bool exec_context_maintains_privileges(ExecContext *c);
6ac8fdc9	276
b58b4116	277	void exec_status_start(ExecStatus *s, pid_t pid);
6ea832a2	278	void exec_status_exit(ExecStatus s, ExecContext context, pid_t pid, int code, int status);
9fb86720	279	void exec_status_dump(ExecStatus s, FILE f, const char *prefix);
5cb5a6ff	280
613b411c LP	281	int exec_runtime_make(ExecRuntime *rt, ExecContext c, const char *id);
	282	ExecRuntime exec_runtime_ref(ExecRuntime r);
	283	ExecRuntime exec_runtime_unref(ExecRuntime r);
	284
f2341e0a LP	285	int exec_runtime_serialize(Unit unit, ExecRuntime rt, FILE f, FDSet fds);
f2341e0a LP	286	int exec_runtime_deserialize_item(Unit unit, ExecRuntime rt, const char key, const char value, FDSet fds);
613b411c LP	287
	288	void exec_runtime_destroy(ExecRuntime *rt);
	289
44a6b1b6 ZJS	290	const char* exec_output_to_string(ExecOutput i) _const_;
44a6b1b6 ZJS	291	ExecOutput exec_output_from_string(const char *s) _pure_;
94f04347	292
44a6b1b6 ZJS	293	const char* exec_input_to_string(ExecInput i) _const_;
44a6b1b6 ZJS	294	ExecInput exec_input_from_string(const char *s) _pure_;
023a4f67 LP	295
	296	const char* exec_utmp_mode_to_string(ExecUtmpMode i) _const_;
	297	ExecUtmpMode exec_utmp_mode_from_string(const char *s) _pure_;