|
version 1.21, 2008/12/01 17:49:51
|
version 1.27, 2013/02/22 00:17:18
|
|
|
|
| const char* path) = 0; | const char* path) = 0; |
| | |
| virtual int startProviderAgent( | virtual int startProviderAgent( |
| |
unsigned short bitness, |
| const char* module, | const char* module, |
| const String& pegasusHome, | const String& pegasusHome, |
| const String& userName, | const String& userName, |
|
|
|
| | |
| | |
| virtual int startProviderAgent( | virtual int startProviderAgent( |
| |
unsigned short bitness, |
| const char* module, | const char* module, |
| const String& pegasusHome, | const String& pegasusHome, |
| const String& userName, | const String& userName, |
|
|
|
| // Resolve full path of "cimprovagt" program. | // Resolve full path of "cimprovagt" program. |
| | |
| String path = FileSystem::getAbsolutePath( | String path = FileSystem::getAbsolutePath( |
| pegasusHome.getCString(), PEGASUS_PROVIDER_AGENT_PROC_NAME); |
pegasusHome.getCString(), |
| |
bitness == PG_PROVMODULE_BITNESS_32 ? |
| |
PEGASUS_PROVIDER_AGENT32_PROC_NAME : |
| |
PEGASUS_PROVIDER_AGENT_PROC_NAME); |
| | |
| // Create CString handles for cimprovagt arguments | // Create CString handles for cimprovagt arguments |
| | |
| CString agentProgramPath = path.getCString(); | CString agentProgramPath = path.getCString(); |
| CString userNameCString = userName.getCString(); | CString userNameCString = userName.getCString(); |
| | |
| # if defined(PEGASUS_DISABLE_PROV_USERCTXT) |
# if defined(PEGASUS_DISABLE_PROV_USERCTXT) || defined(PEGASUS_OS_ZOS) |
| const char* setUserContextFlag = "0"; // False | const char* setUserContextFlag = "0"; // False |
| # else | # else |
| const char* setUserContextFlag = "1"; // True | const char* setUserContextFlag = "1"; // True |
|
|
|
| readPipe = new AnonymousPipe(readFdStr, 0); | readPipe = new AnonymousPipe(readFdStr, 0); |
| writePipe = new AnonymousPipe(0, writeFdStr); | writePipe = new AnonymousPipe(0, writeFdStr); |
| | |
| # if defined(PEGASUS_HAS_SIGNALS) |
# if defined(PEGASUS_HAS_SIGNALS) && \ |
| # if !defined(PEGASUS_DISABLE_PROV_USERCTXT) && !defined(PEGASUS_OS_ZOS) |
!(defined(PEGASUS_DISABLE_PROV_USERCTXT) || defined(PEGASUS_OS_ZOS)) |
| // The cimprovagt forks and returns right away. Clean up the zombie | // The cimprovagt forks and returns right away. Clean up the zombie |
| // process now instead of in reapProviderAgent(). | // process now instead of in reapProviderAgent(). |
| int status = 0; | int status = 0; |
| while ((status = waitpid(pid, 0, 0)) == -1 && errno == EINTR) | while ((status = waitpid(pid, 0, 0)) == -1 && errno == EINTR) |
| ; | ; |
| # endif | # endif |
| # endif |
|
| | |
| PEG_METHOD_EXIT(); | PEG_METHOD_EXIT(); |
| return 0; | return 0; |
|
|
|
| return -1; | return -1; |
| } | } |
| | |
| virtual int reapProviderAgent( |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
| int pid) |
virtual int reapProviderAgent(int) |
| |
{ |
| |
// Out-of-Process providers are never started by the cimserver process |
| |
// when Privilege Separation is enabled. |
| |
return -1; |
| |
} |
| |
#else /* PEGASUS_ENABLE_PRIVILEGE_SEPARATION is NOT defined */ |
| |
# if defined(PEGASUS_HAS_SIGNALS) && \ |
| |
(defined(PEGASUS_DISABLE_PROV_USERCTXT) || defined(PEGASUS_OS_ZOS)) |
| |
virtual int reapProviderAgent(int pid) |
| { | { |
| #if !defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
|
| |
|
| int status = 0; | int status = 0; |
| |
|
| # if defined(PEGASUS_HAS_SIGNALS) |
|
| # if defined(PEGASUS_DISABLE_PROV_USERCTXT) || defined(PEGASUS_OS_ZOS) |
|
| // When provider user context is enabled, this is done in | // When provider user context is enabled, this is done in |
| // startProviderAgent(). | // startProviderAgent(). |
| while ((status = waitpid(pid, 0, 0)) == -1 && errno == EINTR) | while ((status = waitpid(pid, 0, 0)) == -1 && errno == EINTR) |
| ; |
{ |
| |
}; |
| |
return status; |
| |
} |
| |
# else |
| |
virtual int reapProviderAgent(int) |
| |
{ |
| |
return 0; |
| |
} |
| # endif | # endif |
| # endif | # endif |
| | |
| return status; |
|
| |
|
| #else /* PEGASUS_ENABLE_PRIVILEGE_SEPARATION is defined */ |
|
| |
|
| // Out-of-Process providers are never started by the cimserver process |
|
| // when Privilege Separation is enabled. |
|
| return -1; |
|
| |
|
| #endif |
|
| } |
|
| | |
| |
#if defined(PEGASUS_PAM_AUTHENTICATION) |
| virtual int authenticatePassword( | virtual int authenticatePassword( |
| const char* username, | const char* username, |
| const char* password) | const char* password) |
| { | { |
| #if defined(PEGASUS_PAM_AUTHENTICATION) |
|
| return PAMAuthenticate(username, password); | return PAMAuthenticate(username, password); |
| #else |
|
| // ATTN: not handled so don't call in this case. |
|
| return -1; |
|
| #endif |
|
| } | } |
| | |
| virtual int validateUser( | virtual int validateUser( |
| const char* username) | const char* username) |
| { | { |
| #if defined(PEGASUS_PAM_AUTHENTICATION) |
|
| return PAMValidateUser(username); | return PAMValidateUser(username); |
| |
} |
| #else | #else |
| |
virtual int authenticatePassword( |
| |
const char*, |
| |
const char*) |
| |
{ |
| |
// ATTN: not handled so don't call in this case. |
| |
return -1; |
| |
} |
| |
|
| |
virtual int validateUser( |
| |
const char*) |
| |
{ |
| // ATTN: not handled so don't call in this case. | // ATTN: not handled so don't call in this case. |
| return -1; | return -1; |
| #endif |
|
| } | } |
| |
#endif |
| | |
| virtual int challengeLocal( | virtual int challengeLocal( |
| const char* username, |
const char*, |
| char challengeFilePath[EXECUTOR_BUFFER_SIZE]) |
char[EXECUTOR_BUFFER_SIZE]) |
| { | { |
| // ATTN: not handled so don't call in this case. | // ATTN: not handled so don't call in this case. |
| return -1; | return -1; |
| } | } |
| | |
| virtual int authenticateLocal( | virtual int authenticateLocal( |
| const char* challengeFilePath, |
const char*, |
| const char* response) |
const char*) |
| { | { |
| // ATTN: not handled so don't call in this case. | // ATTN: not handled so don't call in this case. |
| return -1; | return -1; |
| } | } |
| | |
| virtual int updateLogLevel( | virtual int updateLogLevel( |
| const char* logLevel) |
const char*) |
| { | { |
| // If Privilege Separation is not enabled, we don't need to update | // If Privilege Separation is not enabled, we don't need to update |
| // the log level in the Executor. | // the log level in the Executor. |
|
|
|
| } | } |
| | |
| virtual int startProviderAgent( | virtual int startProviderAgent( |
| |
unsigned short bitness, |
| const char* module, | const char* module, |
| const String& pegasusHome, | const String& pegasusHome, |
| const String& userName, | const String& userName, |
|
|
|
| memset(&request, 0, sizeof(request)); | memset(&request, 0, sizeof(request)); |
| memcpy(request.module, module, moduleNameLength); | memcpy(request.module, module, moduleNameLength); |
| memcpy(request.userName, userNameCString, userNameLength); | memcpy(request.userName, userNameCString, userNameLength); |
| |
request.moduleBitness = bitness; |
| | |
| if (SendBlock(_sock, &request, sizeof(request)) != sizeof(request)) | if (SendBlock(_sock, &request, sizeof(request)) != sizeof(request)) |
| return -1; | return -1; |
|
|
|
| } | } |
| | |
| int Executor::startProviderAgent( | int Executor::startProviderAgent( |
| |
unsigned short bitness, |
| const char* module, | const char* module, |
| const String& pegasusHome, | const String& pegasusHome, |
| const String& userName, | const String& userName, |
|
|
|
| AnonymousPipe*& writePipe) | AnonymousPipe*& writePipe) |
| { | { |
| once(&_executorImplOnce, _initExecutorImpl); | once(&_executorImplOnce, _initExecutorImpl); |
| return _executorImpl->startProviderAgent( |
return _executorImpl->startProviderAgent(bitness, |
| module, pegasusHome, userName, pid, readPipe, writePipe); | module, pegasusHome, userName, pid, readPipe, writePipe); |
| } | } |
| | |
Return to
Executor.cpp
CVS log
Up to [Pegasus] / pegasus / src / Pegasus / Common