* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
-#define _GNU_SOURCE
#define _LGPL_SOURCE
#include <errno.h>
#include <limits.h>
#include <unistd.h>
#include <fcntl.h>
#include <sched.h>
-#include <sys/signal.h>
+#include <signal.h>
#include <assert.h>
+#include <signal.h>
#include <common/common.h>
#include <common/utils.h>
#include <common/compat/getenv.h>
-#include <common/sessiond-comm/unix.h>
+#include <common/compat/prctl.h>
+#include <common/unix.h>
+#include <common/defaults.h>
#include "runas.h"
case RUN_AS_MKDIR_RECURSIVE:
return _mkdir_recursive;
default:
- ERR("Unknown command %d", (int) cmd)
+ ERR("Unknown command %d", (int) cmd);
return NULL;
}
}
memset(worker->procname, 0, proc_orig_len);
strncpy(worker->procname, DEFAULT_RUN_AS_WORKER_NAME, proc_orig_len);
- ret = pthread_setname_np(pthread_self(), DEFAULT_RUN_AS_WORKER_NAME);
- if (ret) {
- errno = ret;
- ret = -1;
- PERROR("pthread_setname_np");
- return EXIT_FAILURE;
+ ret = lttng_prctl(PR_SET_NAME,
+ (unsigned long) DEFAULT_RUN_AS_WORKER_NAME, 0, 0, 0);
+ if (ret && ret != -ENOSYS) {
+ /* Don't fail as this is not essential. */
+ PERROR("prctl PR_SET_NAME");
+ ret = 0;
}
sendret.ret = 0;
recvret.ret = -1;
recvret._errno = EPERM;
ERR("Client (%d)/Server (%d) UID mismatch (and sessiond is not root)",
- uid, geteuid());
+ (int) uid, (int) geteuid());
goto end;
}
}
{
struct run_as_data data;
+ memset(&data, 0, sizeof(data));
DBG3("mkdir() recursive %s with mode %d for uid %d and gid %d",
- path, mode, uid, gid);
+ path, (int) mode, (int) uid, (int) gid);
strncpy(data.u.mkdir.path, path, PATH_MAX - 1);
data.u.mkdir.path[PATH_MAX - 1] = '\0';
data.u.mkdir.mode = mode;
{
struct run_as_data data;
+ memset(&data, 0, sizeof(data));
DBG3("mkdir() %s with mode %d for uid %d and gid %d",
- path, mode, uid, gid);
+ path, (int) mode, (int) uid, (int) gid);
strncpy(data.u.mkdir.path, path, PATH_MAX - 1);
data.u.mkdir.path[PATH_MAX - 1] = '\0';
data.u.mkdir.mode = mode;
return run_as(RUN_AS_MKDIR, &data, uid, gid);
}
-/*
- * Note: open_run_as is currently not working. We'd need to pass the fd
- * opened in the child to the parent.
- */
LTTNG_HIDDEN
int run_as_open(const char *path, int flags, mode_t mode, uid_t uid, gid_t gid)
{
struct run_as_data data;
+ memset(&data, 0, sizeof(data));
DBG3("open() %s with flags %X mode %d for uid %d and gid %d",
- path, flags, mode, uid, gid);
+ path, flags, (int) mode, (int) uid, (int) gid);
strncpy(data.u.open.path, path, PATH_MAX - 1);
data.u.open.path[PATH_MAX - 1] = '\0';
data.u.open.flags = flags;
{
struct run_as_data data;
+ memset(&data, 0, sizeof(data));
DBG3("unlink() %s with for uid %d and gid %d",
- path, uid, gid);
+ path, (int) uid, (int) gid);
strncpy(data.u.unlink.path, path, PATH_MAX - 1);
data.u.unlink.path[PATH_MAX - 1] = '\0';
return run_as(RUN_AS_UNLINK, &data, uid, gid);
struct run_as_data data;
DBG3("rmdir_recursive() %s with for uid %d and gid %d",
- path, uid, gid);
+ path, (int) uid, (int) gid);
strncpy(data.u.rmdir_recursive.path, path, PATH_MAX - 1);
data.u.rmdir_recursive.path[PATH_MAX - 1] = '\0';
return run_as(RUN_AS_RMDIR_RECURSIVE, &data, uid, gid);
}
static
-void reset_sighandler(void)
+int reset_sighandler(void)
{
int sig;
DBG("Resetting run_as worker signal handlers to default");
- for (sig = SIGHUP; sig <= SIGUNUSED; sig++) {
- /* Skip unblockable signals. */
- if (sig == SIGKILL || sig == SIGSTOP) {
- continue;
- }
- if (signal(sig, SIG_DFL) == SIG_ERR) {
- PERROR("reset signal %d", sig);
- }
+ for (sig = 1; sig <= 31; sig++) {
+ (void) signal(sig, SIG_DFL);
}
+ return 0;
+}
+
+static
+void worker_sighandler(int sig)
+{
+ const char *signame;
+
+ /*
+ * The worker will inherit its parent's signals since they are part of
+ * the same process group. However, in the case of SIGINT and SIGTERM,
+ * we want to give the worker a chance to teardown gracefully when its
+ * parent closes the command socket.
+ */
+ switch (sig) {
+ case SIGINT:
+ signame = "SIGINT";
+ break;
+ case SIGTERM:
+ signame = "SIGTERM";
+ break;
+ default:
+ signame = NULL;
+ }
+
+ if (signame) {
+ DBG("run_as worker received signal %s", signame);
+ } else {
+ DBG("run_as_worker received signal %d", sig);
+ }
+}
+
+static
+int set_worker_sighandlers(void)
+{
+ int ret = 0;
+ sigset_t sigset;
+ struct sigaction sa;
+
+ if ((ret = sigemptyset(&sigset)) < 0) {
+ PERROR("sigemptyset");
+ goto end;
+ }
+
+ sa.sa_handler = worker_sighandler;
+ sa.sa_mask = sigset;
+ sa.sa_flags = 0;
+ if ((ret = sigaction(SIGINT, &sa, NULL)) < 0) {
+ PERROR("sigaction SIGINT");
+ goto end;
+ }
+
+ if ((ret = sigaction(SIGTERM, &sa, NULL)) < 0) {
+ PERROR("sigaction SIGTERM");
+ goto end;
+ }
+
+ DBG("run_as signal handler set for SIGTERM and SIGINT");
+end:
+ return ret;
}
LTTNG_HIDDEN
reset_sighandler();
+ set_worker_sighandlers();
+
/* The child has no use for this lock. */
pthread_mutex_unlock(&worker_lock);
/* Just close, no shutdown. */