X-Git-Url: http://git.efficios.com/?p=lttng-tools.git;a=blobdiff_plain;f=src%2Fcommon%2Frunas.c;h=1105f207fb83d3b4ef1734159fbd7a7e0e0a3f04;hp=daba9937ce364d5113c2f6dfb61cbbb98f3b16e2;hb=5b5bb8c82d70cf65707d5561e0640bf2ae8c2e6e;hpb=7567352fb68f5c3f49f549c579f5bd27c883bed2

diff --git a/src/common/runas.c b/src/common/runas.c
index daba9937c..1105f207f 100644
--- a/src/common/runas.c
+++ b/src/common/runas.c
@@ -30,10 +30,13 @@
 #include <fcntl.h>
 #include <sched.h>
 #include <sys/signal.h>
+#include <assert.h>
+#include <signal.h>
 
 #include <common/common.h>
 #include <common/utils.h>
 #include <common/compat/getenv.h>
+#include <common/compat/prctl.h>
 #include <common/sessiond-comm/unix.h>
 
 #include "runas.h"
@@ -216,7 +219,9 @@ int do_recv_fd(struct run_as_worker *worker,
 		return 0;
 	}
 	len = lttcomm_recv_fds_unix_sock(worker->sockpair[0], fd, 1);
-	if (len < 0) {
+	if (!len) {
+		return -1;
+	} else if (len < 0) {
 		PERROR("lttcomm_recv_fds_unix_sock");
 		return -1;
 	}
@@ -319,12 +324,12 @@ int run_as_worker(struct run_as_worker *worker)
 	memset(worker->procname, 0, proc_orig_len);
 	strncpy(worker->procname, DEFAULT_RUN_AS_WORKER_NAME, proc_orig_len);
 
-	ret = pthread_setname_np(pthread_self(), DEFAULT_RUN_AS_WORKER_NAME);
-	if (ret) {
-		errno = ret;
-		ret = -1;
-		PERROR("pthread_setname_np");
-		return EXIT_FAILURE;
+	ret = lttng_prctl(PR_SET_NAME,
+			(unsigned long) DEFAULT_RUN_AS_WORKER_NAME, 0, 0, 0);
+	if (ret && ret != -ENOSYS) {
+		/* Don't fail as this is not essential. */
+		PERROR("prctl PR_SET_NAME");
+		ret = 0;
 	}
 
 	sendret.ret = 0;
@@ -362,7 +367,6 @@ int run_as_cmd(struct run_as_worker *worker,
 	ssize_t readlen, writelen;
 	struct run_as_ret recvret;
 
-	pthread_mutex_lock(&worker_lock);
 	/*
 	 * If we are non-root, we can only deal with our own uid.
 	 */
@@ -392,18 +396,22 @@ int run_as_cmd(struct run_as_worker *worker,
 	/* receive return value */
 	readlen = lttcomm_recv_unix_sock(worker->sockpair[0], &recvret,
 			sizeof(recvret));
-	if (readlen < sizeof(recvret)) {
+	if (!readlen) {
+		ERR("Run-as worker has hung-up during run_as_cmd");
+		recvret.ret = -1;
+		recvret._errno = EIO;
+		goto end;
+	} else if (readlen < sizeof(recvret)) {
 		PERROR("Error reading response from run_as");
 		recvret.ret = -1;
 		recvret._errno = errno;
 	}
 	if (do_recv_fd(worker, cmd, &recvret.ret)) {
 		recvret.ret = -1;
-		recvret._errno = -EIO;
+		recvret._errno = EIO;
 	}
 
 end:
-	pthread_mutex_unlock(&worker_lock);
 	errno = recvret._errno;
 	return recvret.ret;
 }
@@ -435,15 +443,17 @@ end:
 }
 
 static
-int run_as(struct run_as_worker *worker,
-		enum run_as_cmd cmd,
-		struct run_as_data *data, uid_t uid, gid_t gid)
+int run_as(enum run_as_cmd cmd, struct run_as_data *data, uid_t uid, gid_t gid)
 {
 	int ret;
 
-	if (worker) {
+	if (use_clone()) {
 		DBG("Using run_as worker");
-		ret = run_as_cmd(worker, cmd, data, uid, gid);
+		pthread_mutex_lock(&worker_lock);
+		assert(global_worker);
+		ret = run_as_cmd(global_worker, cmd, data, uid, gid);
+		pthread_mutex_unlock(&worker_lock);
+
 	} else {
 		DBG("Using run_as without worker");
 		ret = run_as_noworker(cmd, data, uid, gid);
@@ -454,7 +464,6 @@ int run_as(struct run_as_worker *worker,
 LTTNG_HIDDEN
 int run_as_mkdir_recursive(const char *path, mode_t mode, uid_t uid, gid_t gid)
 {
-	struct run_as_worker *worker = global_worker;
 	struct run_as_data data;
 
 	DBG3("mkdir() recursive %s with mode %d for uid %d and gid %d",
@@ -462,13 +471,12 @@ int run_as_mkdir_recursive(const char *path, mode_t mode, uid_t uid, gid_t gid)
 	strncpy(data.u.mkdir.path, path, PATH_MAX - 1);
 	data.u.mkdir.path[PATH_MAX - 1] = '\0';
 	data.u.mkdir.mode = mode;
-	return run_as(worker, RUN_AS_MKDIR_RECURSIVE, &data, uid, gid);
+	return run_as(RUN_AS_MKDIR_RECURSIVE, &data, uid, gid);
 }
 
 LTTNG_HIDDEN
 int run_as_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid)
 {
-	struct run_as_worker *worker = global_worker;
 	struct run_as_data data;
 
 	DBG3("mkdir() %s with mode %d for uid %d and gid %d",
@@ -476,7 +484,7 @@ int run_as_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid)
 	strncpy(data.u.mkdir.path, path, PATH_MAX - 1);
 	data.u.mkdir.path[PATH_MAX - 1] = '\0';
 	data.u.mkdir.mode = mode;
-	return run_as(worker, RUN_AS_MKDIR, &data, uid, gid);
+	return run_as(RUN_AS_MKDIR, &data, uid, gid);
 }
 
 /*
@@ -486,7 +494,6 @@ int run_as_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid)
 LTTNG_HIDDEN
 int run_as_open(const char *path, int flags, mode_t mode, uid_t uid, gid_t gid)
 {
-	struct run_as_worker *worker = global_worker;
 	struct run_as_data data;
 
 	DBG3("open() %s with flags %X mode %d for uid %d and gid %d",
@@ -495,33 +502,98 @@ int run_as_open(const char *path, int flags, mode_t mode, uid_t uid, gid_t gid)
 	data.u.open.path[PATH_MAX - 1] = '\0';
 	data.u.open.flags = flags;
 	data.u.open.mode = mode;
-	return run_as(worker, RUN_AS_OPEN, &data, uid, gid);
+	return run_as(RUN_AS_OPEN, &data, uid, gid);
 }
 
 LTTNG_HIDDEN
 int run_as_unlink(const char *path, uid_t uid, gid_t gid)
 {
-	struct run_as_worker *worker = global_worker;
 	struct run_as_data data;
 
 	DBG3("unlink() %s with for uid %d and gid %d",
 			path, uid, gid);
 	strncpy(data.u.unlink.path, path, PATH_MAX - 1);
 	data.u.unlink.path[PATH_MAX - 1] = '\0';
-	return run_as(worker, RUN_AS_UNLINK, &data, uid, gid);
+	return run_as(RUN_AS_UNLINK, &data, uid, gid);
 }
 
 LTTNG_HIDDEN
 int run_as_rmdir_recursive(const char *path, uid_t uid, gid_t gid)
 {
-	struct run_as_worker *worker = global_worker;
 	struct run_as_data data;
 
 	DBG3("rmdir_recursive() %s with for uid %d and gid %d",
 			path, uid, gid);
 	strncpy(data.u.rmdir_recursive.path, path, PATH_MAX - 1);
 	data.u.rmdir_recursive.path[PATH_MAX - 1] = '\0';
-	return run_as(worker, RUN_AS_RMDIR_RECURSIVE, &data, uid, gid);
+	return run_as(RUN_AS_RMDIR_RECURSIVE, &data, uid, gid);
+}
+
+static
+int reset_sighandler(void)
+{
+	int sig;
+
+	DBG("Resetting run_as worker signal handlers to default");
+	for (sig = 1; sig <= 31; sig++) {
+		(void) signal(sig, SIG_DFL);
+	}
+	return 0;
+}
+
+static
+void worker_sighandler(int sig)
+{
+	const char *signame;
+
+	/*
+	 * The worker will its parent's signals since they are part of the same
+	 * process group. However, in the case of SIGINT and SIGTERM, we want
+	 * to give the worker a chance to teardown gracefully when its parent
+	 * closes the command socket.
+	 */
+	switch (sig) {
+	case SIGINT:
+		signame = "SIGINT";
+		break;
+	case SIGTERM:
+		signame = "SIGTERM";
+		break;
+	default:
+		signame = "Unknown";
+	}
+
+	DBG("run_as worker received signal %s", signame);
+}
+
+static
+int set_worker_sighandlers(void)
+{
+	int ret = 0;
+	sigset_t sigset;
+	struct sigaction sa;
+
+	if ((ret = sigemptyset(&sigset)) < 0) {
+		PERROR("sigemptyset");
+		goto end;
+	}
+
+	sa.sa_handler = worker_sighandler;
+	sa.sa_mask = sigset;
+	sa.sa_flags = 0;
+	if ((ret = sigaction(SIGINT, &sa, NULL)) < 0) {
+		PERROR("sigaction SIGINT");
+		goto end;
+	}
+
+	if ((ret = sigaction(SIGTERM, &sa, NULL)) < 0) {
+		PERROR("sigaction SIGTERM");
+		goto end;
+	}
+
+	DBG("run_as signal handler set for SIGTERM and SIGINT");
+end:
+	return ret;
 }
 
 LTTNG_HIDDEN
@@ -533,7 +605,13 @@ int run_as_create_worker(char *procname)
 	struct run_as_ret recvret;
 	struct run_as_worker *worker;
 
+	pthread_mutex_lock(&worker_lock);
+	assert(!global_worker);
 	if (!use_clone()) {
+		/*
+		 * Don't initialize a worker, all run_as tasks will be performed
+		 * in the current process.
+		 */
 		ret = 0;
 		goto end;
 	}
@@ -557,6 +635,12 @@ int run_as_create_worker(char *procname)
 	} else if (pid == 0) {
 		/* Child */
 
+		reset_sighandler();
+
+		set_worker_sighandlers();
+
+		/* The child has no use for this lock. */
+		pthread_mutex_unlock(&worker_lock);
 		/* Just close, no shutdown. */
 		if (close(worker->sockpair[0])) {
 			PERROR("close");
@@ -569,6 +653,7 @@ int run_as_create_worker(char *procname)
 			ret = -1;
 		}
 		worker->sockpair[1] = -1;
+		LOG(ret ? PRINT_ERR : PRINT_DBG, "run_as worker exiting (ret = %d)", ret);
 		exit(ret ? EXIT_FAILURE : EXIT_SUCCESS);
 	} else {
 		/* Parent */
@@ -593,6 +678,7 @@ int run_as_create_worker(char *procname)
 		global_worker = worker;
 	}
 end:
+	pthread_mutex_unlock(&worker_lock);
 	return ret;
 
 	/* Error handling. */
@@ -608,6 +694,7 @@ error_fork:
 	}
 error_sock:
 	free(worker);
+	pthread_mutex_unlock(&worker_lock);
 	return ret;
 }
 
@@ -615,22 +702,45 @@ LTTNG_HIDDEN
 void run_as_destroy_worker(void)
 {
 	struct run_as_worker *worker = global_worker;
-	int status;
-	pid_t pid;
 
+	DBG("Destroying run_as worker");
+	pthread_mutex_lock(&worker_lock);
 	if (!worker) {
-		return;
+		goto end;
 	}
 	/* Close unix socket */
+	DBG("Closing run_as worker socket");
 	if (lttcomm_close_unix_sock(worker->sockpair[0])) {
 		PERROR("close");
 	}
 	worker->sockpair[0] = -1;
 	/* Wait for worker. */
-	pid = waitpid(worker->pid, &status, 0);
-	if (pid < 0 || !WIFEXITED(status) || WEXITSTATUS(status) != 0) {
-		PERROR("wait");
+	for (;;) {
+		int status;
+		pid_t wait_ret;
+
+		wait_ret = waitpid(worker->pid, &status, 0);
+		if (wait_ret < 0) {
+			if (errno == EINTR) {
+				continue;
+			}
+			PERROR("waitpid");
+			break;
+		}
+
+		if (WIFEXITED(status)) {
+			LOG(WEXITSTATUS(status) == 0 ? PRINT_DBG : PRINT_ERR,
+					DEFAULT_RUN_AS_WORKER_NAME " terminated with status code %d",
+				        WEXITSTATUS(status));
+			break;
+		} else if (WIFSIGNALED(status)) {
+			ERR(DEFAULT_RUN_AS_WORKER_NAME " was killed by signal %d",
+					WTERMSIG(status));
+			break;
+		}
 	}
 	free(worker);
 	global_worker = NULL;
+end:
+	pthread_mutex_unlock(&worker_lock);
 }