version 1.1.4.7, 2007/04/30 22:55:38
|
version 1.2, 2007/05/25 18:35:13
|
|
|
| |
#include <cstdio> | #include <cstdio> |
#include <cstdlib> | #include <cstdlib> |
#include <cstdlib> |
|
#include <cstring> | #include <cstring> |
| |
|
#include <Pegasus/Common/Config.h> |
|
|
#if defined(PEGASUS_OS_TYPE_WINDOWS) | #if defined(PEGASUS_OS_TYPE_WINDOWS) |
# include <windows.h> | # include <windows.h> |
#else | #else |
# include <Executor/Socket.h> |
|
# include <sys/types.h> |
|
# include <sys/socket.h> |
|
# include <unistd.h> |
|
# include <fcntl.h> |
|
# include <sys/wait.h> |
|
# include <unistd.h> | # include <unistd.h> |
|
# include <sys/types.h> |
# include <sys/time.h> | # include <sys/time.h> |
# include <sys/resource.h> | # include <sys/resource.h> |
#endif | #endif |
| |
#include "Constants.h" |
#if defined(PEGASUS_HAS_SIGNALS) |
#include "Executor.h" |
# include <sys/wait.h> |
#include "Mutex.h" |
#endif |
#include "FileSystem.h" |
|
#include "String.h" |
#include <Pegasus/Common/Constants.h> |
#include "Tracer.h" |
#include <Pegasus/Common/Mutex.h> |
|
#include <Pegasus/Common/FileSystem.h> |
|
#include <Pegasus/Common/String.h> |
|
#include <Pegasus/Common/Tracer.h> |
|
#include <Pegasus/Common/Executor.h> |
|
|
#include <Executor/Strlcpy.h> | #include <Executor/Strlcpy.h> |
#include <Executor/Strlcat.h> |
|
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
|
# include <Executor/Socket.h> |
# include <Executor/Messages.h> | # include <Executor/Messages.h> |
#endif | #endif |
| |
|
|
| |
virtual int startProviderAgent( | virtual int startProviderAgent( |
const char* module, | const char* module, |
|
const String& pegasusHome, |
|
const String& userName, |
int uid, | int uid, |
int gid, | int gid, |
int& pid, | int& pid, |
|
|
| |
virtual int startProviderAgent( | virtual int startProviderAgent( |
const char* module, | const char* module, |
|
const String& pegasusHome, |
|
const String& userName, |
int uid, | int uid, |
int gid, | int gid, |
int& pid, | int& pid, |
|
|
| |
// Create pipes. Export handles to string. | // Create pipes. Export handles to string. |
| |
AnonymousPipe* pipeFromAgent = new AnonymousPipe(); |
AutoPtr<AnonymousPipe> pipeFromAgent(new AnonymousPipe()); |
AnonymousPipe* pipeToAgent = new AnonymousPipe(); |
AutoPtr<AnonymousPipe> pipeToAgent(new AnonymousPipe()); |
| |
char readHandle[32]; | char readHandle[32]; |
char writeHandle[32]; | char writeHandle[32]; |
|
|
| |
// Build full path of "cimprovagt" program. | // Build full path of "cimprovagt" program. |
| |
String path; |
String path = FileSystem::getAbsolutePath( |
|
pegasusHome.getCString(), PEGASUS_PROVIDER_AGENT_PROC_NAME); |
if (_getProviderAgentPath(path) != 0) |
|
{ |
|
delete pipeToAgent; |
|
delete pipeFromAgent; |
|
return -1; |
|
} |
|
| |
// Format command line. | // Format command line. |
| |
|
|
&siStartInfo, // STARTUPINFO | &siStartInfo, // STARTUPINFO |
&piProcInfo)) // PROCESS_INFORMATION | &piProcInfo)) // PROCESS_INFORMATION |
{ | { |
delete pipeToAgent; |
|
delete pipeFromAgent; |
|
return -1; | return -1; |
} | } |
| |
|
|
pipeToAgent->closeReadHandle(); | pipeToAgent->closeReadHandle(); |
pipeFromAgent->closeWriteHandle(); | pipeFromAgent->closeWriteHandle(); |
| |
readPipe = pipeFromAgent; |
readPipe = pipeFromAgent.release(); |
writePipe = pipeToAgent; |
writePipe = pipeToAgent.release(); |
| |
return 0; | return 0; |
| |
|
|
{ | { |
// Resolve full path of "cimprovagt". | // Resolve full path of "cimprovagt". |
| |
String path; |
String path = FileSystem::getAbsolutePath( |
|
pegasusHome.getCString(), PEGASUS_PROVIDER_AGENT_PROC_NAME); |
if (_getProviderAgentPath(path) != 0) |
|
return -1; |
|
| |
// Create "to-agent" pipe: | // Create "to-agent" pipe: |
| |
|
|
| |
if (uid != -1 && gid != -1) | if (uid != -1 && gid != -1) |
{ | { |
if ((int)getgid() != gid) |
PEG_TRACE((TRC_OS_ABSTRACTION, Tracer::LEVEL4, |
|
"Changing user context to: userName=%s uid=%d, gid=%d", |
|
(const char*)userName.getCString(), uid, gid)); |
|
|
|
if (setgid(gid) != 0) |
{ | { |
// ATTN: log failure! |
PEG_TRACE_STRING(TRC_OS_ABSTRACTION, Tracer::LEVEL2, |
setgid(gid); |
String("setgid failed: ") + String(strerror(errno))); |
|
return -1; |
} | } |
| |
if ((int)getuid() != uid) |
if (setuid(uid) != 0) |
{ | { |
// ATTN: log failure! |
PEG_TRACE_STRING(TRC_OS_ABSTRACTION, Tracer::LEVEL2, |
setuid(uid); |
String("setuid failed: ") + String(strerror(errno))); |
|
return -1; |
} | } |
} | } |
| |
|
|
_exit(1); | _exit(1); |
} | } |
} | } |
|
|
// ATTN: log failure! |
|
} | } |
} | } |
while (0); | while (0); |
|
|
virtual int reapProviderAgent( | virtual int reapProviderAgent( |
int pid) | int pid) |
{ | { |
int status; |
int status = 0; |
| |
|
#if defined(PEGASUS_HAS_SIGNALS) |
while ((status = waitpid(pid, 0, 0)) == -1 && errno == EINTR) | while ((status = waitpid(pid, 0, 0)) == -1 && errno == EINTR) |
; | ; |
|
#endif |
| |
return status; | return status; |
} | } |
|
|
| |
private: | private: |
| |
static int _getProviderAgentPath(String& path) |
|
{ |
|
path = PEGASUS_PROVIDER_AGENT_PROC_NAME; |
|
|
|
if (path[0] != '/') |
|
{ |
|
const char* env = getenv("PEGASUS_HOME"); |
|
|
|
if (!env) |
|
return -1; |
|
|
|
path = String(env) + String("/") + path; |
|
} |
|
|
|
return 0; |
|
} |
|
|
|
Mutex _mutex; | Mutex _mutex; |
}; | }; |
| |
|
|
| |
virtual int startProviderAgent( | virtual int startProviderAgent( |
const char* module, | const char* module, |
|
const String& pegasusHome, |
|
const String& userName, |
int uid, | int uid, |
int gid, | int gid, |
int& pid, | int& pid, |
|
|
// | // |
//////////////////////////////////////////////////////////////////////////////// | //////////////////////////////////////////////////////////////////////////////// |
| |
static int _sock = -1; |
static int _executorSock = -1; |
static ExecutorImpl* _impl = 0; |
static ExecutorImpl* _executorImpl = 0; |
static Mutex _mutex; |
static Mutex _executorMutex; |
| |
static ExecutorImpl* _getImpl() | static ExecutorImpl* _getImpl() |
{ | { |
// Use the double-checked locking technique to avoid the overhead of a lock | // Use the double-checked locking technique to avoid the overhead of a lock |
// on every call. | // on every call. |
| |
if (_impl == 0) |
if (_executorImpl == 0) |
{ | { |
_mutex.lock(); |
AutoMutex autoMutex(_executorMutex); |
| |
if (_impl == 0) |
if (_executorImpl == 0) |
{ | { |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
if (_sock == -1) |
if (_executorSock == -1) |
_impl = new ExecutorLoopbackImpl(); |
_executorImpl = new ExecutorLoopbackImpl(); |
else | else |
_impl = new ExecutorSocketImpl(_sock); |
_executorImpl = new ExecutorSocketImpl(_executorSock); |
#else | #else |
_impl = new ExecutorLoopbackImpl(); |
_executorImpl = new ExecutorLoopbackImpl(); |
#endif | #endif |
} | } |
|
|
_mutex.unlock(); |
|
} | } |
| |
return _impl; |
return _executorImpl; |
} | } |
| |
void Executor::setSock(int sock) | void Executor::setSock(int sock) |
{ | { |
_mutex.lock(); |
AutoMutex autoMutex(_executorMutex); |
_sock = sock; |
_executorSock = sock; |
_mutex.unlock(); |
|
} | } |
| |
int Executor::detectExecutor() | int Executor::detectExecutor() |
|
|
| |
int Executor::startProviderAgent( | int Executor::startProviderAgent( |
const char* module, | const char* module, |
|
const String& pegasusHome, |
|
const String& userName, |
int uid, | int uid, |
int gid, | int gid, |
int& pid, | int& pid, |
AnonymousPipe*& readPipe, | AnonymousPipe*& readPipe, |
AnonymousPipe*& writePipe) | AnonymousPipe*& writePipe) |
{ | { |
return _getImpl()->startProviderAgent(module, |
return _getImpl()->startProviderAgent(module, pegasusHome, |
uid, gid, pid, readPipe, writePipe); |
userName, uid, gid, pid, readPipe, writePipe); |
} | } |
| |
int Executor::daemonizeExecutor() | int Executor::daemonizeExecutor() |