1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
6 This file is part of systemd.
8 Copyright 2010 Lennart Poettering
10 systemd is free software; you can redistribute it and/or modify it
11 under the terms of the GNU Lesser General Public License as published by
12 the Free Software Foundation; either version 2.1 of the License, or
13 (at your option) any later version.
15 systemd is distributed in the hope that it will be useful, but
16 WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
20 You should have received a copy of the GNU Lesser General Public License
21 along with systemd; If not, see <http://www.gnu.org/licenses/>.
24 typedef struct ExecStatus ExecStatus
;
25 typedef struct ExecCommand ExecCommand
;
26 typedef struct ExecContext ExecContext
;
27 typedef struct ExecRuntime ExecRuntime
;
28 typedef struct ExecParameters ExecParameters
;
33 #include <sys/capability.h>
35 #include "bus-endpoint.h"
39 #include "namespace.h"
41 typedef enum ExecUtmpMode
{
46 _EXEC_UTMP_MODE_INVALID
= -1
49 typedef enum ExecInput
{
56 _EXEC_INPUT_INVALID
= -1
59 typedef enum ExecOutput
{
64 EXEC_OUTPUT_SYSLOG_AND_CONSOLE
,
66 EXEC_OUTPUT_KMSG_AND_CONSOLE
,
68 EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
71 _EXEC_OUTPUT_INVALID
= -1
75 dual_timestamp start_timestamp
;
76 dual_timestamp exit_timestamp
;
78 int code
; /* as in siginfo_t::si_code */
79 int status
; /* as in sigingo_t::si_status */
85 ExecStatus exec_status
;
86 LIST_FIELDS(ExecCommand
, command
); /* useful for chaining commands */
96 int netns_storage_socket
[2];
101 char **environment_files
;
102 char **pass_environment
;
104 struct rlimit
*rlimit
[_RLIMIT_MAX
];
105 char *working_directory
, *root_directory
;
106 bool working_directory_missing_ok
;
107 bool working_directory_home
;
110 int oom_score_adjust
;
113 int cpu_sched_policy
;
114 int cpu_sched_priority
;
117 unsigned cpuset_ncpus
;
120 ExecOutput std_output
;
121 ExecOutput std_error
;
123 nsec_t timer_slack_nsec
;
131 bool tty_vt_disallocate
;
135 /* Since resolving these names might might involve socket
136 * connections and we don't want to deadlock ourselves these
137 * names are resolved on execution only and in the child
141 char **supplementary_groups
;
146 ExecUtmpMode utmp_mode
;
148 bool selinux_context_ignore
;
149 char *selinux_context
;
151 bool apparmor_profile_ignore
;
152 char *apparmor_profile
;
154 bool smack_process_label_ignore
;
155 char *smack_process_label
;
157 char **read_write_dirs
, **read_only_dirs
, **inaccessible_dirs
;
158 unsigned long mount_flags
;
160 uint64_t capability_bounding_set
;
162 uint64_t capability_ambient_set
;
168 char *syslog_identifier
;
169 bool syslog_level_prefix
;
171 bool cpu_sched_reset_on_fork
;
174 bool private_network
;
175 bool private_devices
;
176 ProtectSystem protect_system
;
177 ProtectHome protect_home
;
179 bool no_new_privileges
;
181 /* This is not exposed to the user but available
182 * internally. We need it to make sure that whenever we spawn
183 * /usr/bin/mount it is run in the same process group as us so
184 * that the autofs logic detects that it belongs to us and we
185 * don't enter a trigger loop. */
188 unsigned long personality
;
193 bool syscall_whitelist
:1;
195 Set
*address_families
;
196 bool address_families_whitelist
:1;
198 char **runtime_directory
;
199 mode_t runtime_directory_mode
;
201 bool oom_score_adjust_set
:1;
204 bool cpu_sched_set
:1;
205 bool no_new_privileges_set
:1;
207 /* custom dbus enpoint */
208 BusEndpoint
*bus_endpoint
;
211 #include "cgroup-util.h"
214 struct ExecParameters
{
222 bool apply_permissions
:1;
224 bool apply_tty_stdin
:1;
226 bool confirm_spawn
:1;
227 bool selinux_context_net
:1;
229 bool cgroup_delegate
:1;
230 CGroupMask cgroup_supported
;
231 const char *cgroup_path
;
233 const char *runtime_prefix
;
235 usec_t watchdog_usec
;
239 char *bus_endpoint_path
;
247 int exec_spawn(Unit
*unit
,
248 ExecCommand
*command
,
249 const ExecContext
*context
,
250 const ExecParameters
*exec_params
,
251 ExecRuntime
*runtime
,
254 void exec_command_done(ExecCommand
*c
);
255 void exec_command_done_array(ExecCommand
*c
, unsigned n
);
257 ExecCommand
* exec_command_free_list(ExecCommand
*c
);
258 void exec_command_free_array(ExecCommand
**c
, unsigned n
);
260 char *exec_command_line(char **argv
);
262 void exec_command_dump(ExecCommand
*c
, FILE *f
, const char *prefix
);
263 void exec_command_dump_list(ExecCommand
*c
, FILE *f
, const char *prefix
);
264 void exec_command_append_list(ExecCommand
**l
, ExecCommand
*e
);
265 int exec_command_set(ExecCommand
*c
, const char *path
, ...);
266 int exec_command_append(ExecCommand
*c
, const char *path
, ...);
268 void exec_context_init(ExecContext
*c
);
269 void exec_context_done(ExecContext
*c
);
270 void exec_context_dump(ExecContext
*c
, FILE* f
, const char *prefix
);
272 int exec_context_destroy_runtime_directory(ExecContext
*c
, const char *runtime_root
);
274 int exec_context_load_environment(Unit
*unit
, const ExecContext
*c
, char ***l
);
276 bool exec_context_may_touch_console(ExecContext
*c
);
277 bool exec_context_maintains_privileges(ExecContext
*c
);
279 void exec_status_start(ExecStatus
*s
, pid_t pid
);
280 void exec_status_exit(ExecStatus
*s
, ExecContext
*context
, pid_t pid
, int code
, int status
);
281 void exec_status_dump(ExecStatus
*s
, FILE *f
, const char *prefix
);
283 int exec_runtime_make(ExecRuntime
**rt
, ExecContext
*c
, const char *id
);
284 ExecRuntime
*exec_runtime_ref(ExecRuntime
*r
);
285 ExecRuntime
*exec_runtime_unref(ExecRuntime
*r
);
287 int exec_runtime_serialize(Unit
*unit
, ExecRuntime
*rt
, FILE *f
, FDSet
*fds
);
288 int exec_runtime_deserialize_item(Unit
*unit
, ExecRuntime
**rt
, const char *key
, const char *value
, FDSet
*fds
);
290 void exec_runtime_destroy(ExecRuntime
*rt
);
292 const char* exec_output_to_string(ExecOutput i
) _const_
;
293 ExecOutput
exec_output_from_string(const char *s
) _pure_
;
295 const char* exec_input_to_string(ExecInput i
) _const_
;
296 ExecInput
exec_input_from_string(const char *s
) _pure_
;
298 const char* exec_utmp_mode_to_string(ExecUtmpMode i
) _const_
;
299 ExecUtmpMode
exec_utmp_mode_from_string(const char *s
) _pure_
;