version 1.3, 2007/05/30 20:41:27
|
version 1.7, 2008/06/20 17:20:34
|
|
|
#include <stdio.h> | #include <stdio.h> |
#include <grp.h> | #include <grp.h> |
#include "Defines.h" | #include "Defines.h" |
|
#include "Globals.h" |
#include "Fatal.h" | #include "Fatal.h" |
#include "Path.h" | #include "Path.h" |
#include "Log.h" | #include "Log.h" |
|
|
int sock) | int sock) |
{ | { |
char sockStr[EXECUTOR_BUFFER_SIZE]; | char sockStr[EXECUTOR_BUFFER_SIZE]; |
char username[EXECUTOR_BUFFER_SIZE]; |
|
char** execArgv; | char** execArgv; |
| |
|
globals.isChildProcess = 1; |
|
|
/* Build argument list, adding "--executor-socket <sock>" option if | /* Build argument list, adding "--executor-socket <sock>" option if |
* sock non-negative. | * sock non-negative. |
*/ | */ |
| |
execArgv = (char**)malloc(sizeof(char*) * (argc + 3)); |
if ((execArgv = (char**)malloc(sizeof(char*) * (argc + 3))) == NULL) |
|
{ |
|
Fatal(FL, "Memory allocation failed"); |
|
} |
memcpy(execArgv + 3, argv + 1, sizeof(char*) * argc); | memcpy(execArgv + 3, argv + 1, sizeof(char*) * argc); |
| |
sprintf(sockStr, "%d", sock); | sprintf(sockStr, "%d", sock); |
|
|
| |
/* Log user info. */ | /* Log user info. */ |
| |
if (GetUserName(uid, username) != 0) |
|
Fatal(FL, "cannot resolve user from uid=%d", uid); |
|
|
|
Log(LL_TRACE, "%s running as %s (uid=%d, gid=%d)", CIMSERVERMAIN, | Log(LL_TRACE, "%s running as %s (uid=%d, gid=%d)", CIMSERVERMAIN, |
username, uid, gid); |
userName, uid, gid); |
|
|
/* |
|
* Precheck that cimxml.socket is owned by CIMSERVERMAIN process. If |
|
* not, then the bind would fail in the CIMSERVERMAIN process much |
|
* later and the cause of the error would be difficult to determine. |
|
*/ |
|
|
|
/* Flawfinder: ignore */ |
|
if (access(PEGASUS_LOCAL_DOMAIN_SOCKET_PATH, F_OK) == 0) |
|
{ |
|
struct stat st; |
|
|
|
if (stat(PEGASUS_LOCAL_DOMAIN_SOCKET_PATH, &st) != 0 || |
|
(int)st.st_uid != uid || |
|
(int)st.st_gid != gid) |
|
{ |
|
Fatal(FL, "%s process cannot stat or does not own %s", |
|
CIMSERVERMAIN, PEGASUS_LOCAL_DOMAIN_SOCKET_PATH); |
|
} |
|
} |
|
| |
/* Exec child process. */ | /* Exec child process. */ |
| |
/* Flawfinder: ignore */ | /* Flawfinder: ignore */ |
if (execv(path, execArgv) != 0) |
execv(path, execArgv); |
Fatal(FL, "failed to exec %s", path); |
|
| |
exit(0); |
/* If we are still here, the exec failed. */ |
|
Fatal(FL, "failed to exec %s", path); |
} | } |