|
version 1.4, 2013/01/18 12:58:13
|
version 1.5.20.4, 2017/10/08 22:31:25
|
|
Line 12 terms:
|
Line 12 terms:
|
| All of the documentation and software included in the ELWIX and AITNET |
All of the documentation and software included in the ELWIX and AITNET |
| Releases is copyrighted by ELWIX - Sofia/Bulgaria <info@elwix.org> |
Releases is copyrighted by ELWIX - Sofia/Bulgaria <info@elwix.org> |
| |
|
| Copyright 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 | Copyright 2004 - 2017 |
| by Michael Pounov <misho@elwix.org>. All rights reserved. |
by Michael Pounov <misho@elwix.org>. All rights reserved. |
| |
|
| Redistribution and use in source and binary forms, with or without |
Redistribution and use in source and binary forms, with or without |
|
Line 49 SUCH DAMAGE.
|
Line 49 SUCH DAMAGE.
|
| cfg_root_t cfg; |
cfg_root_t cfg; |
| int Verbose, Timeout, kq; |
int Verbose, Timeout, kq; |
| ait_val_t User, Mount, Dev, Chroot; |
ait_val_t User, Mount, Dev, Chroot; |
| char szSess[MAXPATHLEN], szConfig[MAXPATHLEN]; | char szSess[MAXPATHLEN], szSLCK[MAXPATHLEN], szConfig[MAXPATHLEN]; |
| extern char compiled[], compiledby[], compilehost[]; |
extern char compiled[], compiledby[], compilehost[]; |
| |
|
| |
|
|
Line 64 Usage()
|
Line 64 Usage()
|
| "\t-c <dir>\tAfter execute chroot to dir [default=/]\n" |
"\t-c <dir>\tAfter execute chroot to dir [default=/]\n" |
| "\t-u <user>\tAfter execute suid to user [default=root]\n" |
"\t-u <user>\tAfter execute suid to user [default=root]\n" |
| "\t-d <dev>\tOther device [default=/dev/ufs/elwix]\n" |
"\t-d <dev>\tOther device [default=/dev/ufs/elwix]\n" |
| "\t-m <mnt>\tOther mount dir [default=/cf]\n" | "\t-m <mnt>\tOther mount dir [default=/]\n" |
| "\t-t <sec>\tTimeout for autolock mount dir after seconds [default=300]\n" |
"\t-t <sec>\tTimeout for autolock mount dir after seconds [default=300]\n" |
| |
"\t-L <reason>\tService lock and set RW state of device with reason\n" |
| |
"\t-U \t\tService unlock and set RO state of device\n" |
| "\n", compiled, compiledby, compilehost); |
"\n", compiled, compiledby, compilehost); |
| } |
} |
| |
|
|
Line 124 mkevent(struct kevent *chg, struct kevent *evt)
|
Line 126 mkevent(struct kevent *chg, struct kevent *evt)
|
| } |
} |
| VERB(3) printf("Created lock file %s\n", szSess); |
VERB(3) printf("Created lock file %s\n", szSess); |
| |
|
| kq = kqueue(); | if (chg && evt) { |
| if (kq == -1) { | kq = kqueue(); |
| printf("Error:: can`t execute safe mount #%d - %s\n", errno, strerror(errno)); | if (kq == -1) { |
| close(f); | printf("Error:: can`t execute safe mount #%d - %s\n", errno, strerror(errno)); |
| unlink(szSess); | close(f); |
| return -1; | unlink(szSess); |
| } else { | return -1; |
| memset(chg, 0, sizeof(struct kevent)); | } else { |
| memset(evt, 0, sizeof(struct kevent)); | memset(chg, 0, sizeof(struct kevent)); |
| | memset(evt, 0, sizeof(struct kevent)); |
| |
|
| EV_SET(chg, f, EVFILT_VNODE, EV_ADD, NOTE_DELETE | NOTE_RENAME | NOTE_REVOKE, | EV_SET(chg, f, EVFILT_VNODE, EV_ADD, NOTE_DELETE | NOTE_RENAME | NOTE_REVOKE, |
| 0, (intptr_t) NULL); | 0, NULL); |
| | } |
| } |
} |
| |
|
| return f; |
return f; |
|
Line 152 cleanexit()
|
Line 156 cleanexit()
|
| cfgUnloadConfig(&cfg); |
cfgUnloadConfig(&cfg); |
| } |
} |
| |
|
| |
static int |
| |
s_unlck() |
| |
{ |
| |
if (access(szSLCK, F_OK)) |
| |
return 1; |
| |
|
| |
if (access(szSess, F_OK) && update(MNT_UPDATE | MNT_RDONLY) == -1) |
| |
return 8; |
| |
|
| |
unlink(szSLCK); |
| |
VERB(3) printf("Unlock & deleted service lock file %s\n", szSLCK); |
| |
return 0; |
| |
} |
| |
|
| |
static int |
| |
s_lck(const char *reason) |
| |
{ |
| |
int f; |
| |
char szStr[STRSIZ]; |
| |
|
| |
if (!access(szSLCK, F_OK)) { |
| |
printf("cfexec already held service lock ...\n"); |
| |
return 127; |
| |
} |
| |
|
| |
f = open(szSLCK, O_CREAT | O_WRONLY | O_TRUNC, 0644); |
| |
if (f == -1) { |
| |
printf("Error:: can`t service lock session #%d - %s\n", errno, strerror(errno)); |
| |
return 5; |
| |
} else { |
| |
memset(szStr, 0, sizeof szStr); |
| |
snprintf(szStr, sizeof szStr, "[%d] - %s", getpid(), reason); |
| |
write(f, szStr, strlen(szStr)); |
| |
} |
| |
close(f); |
| |
|
| |
if (update(MNT_UPDATE) == -1) { |
| |
unlink(szSLCK); |
| |
return 4; |
| |
} |
| |
|
| |
VERB(3) printf("Lock & created service lock file %s\n", szSLCK); |
| |
return 0; |
| |
} |
| |
|
| |
|
| int |
int |
| main(int argc, char **argv) |
main(int argc, char **argv) |
| { |
{ |
| char ch; | char ch, mod = 0, reason[STRSIZ]; |
| const char *err = NULL; |
const char *err = NULL; |
| struct kevent chg, evt; |
struct kevent chg, evt; |
| struct timespec ts; |
struct timespec ts; |
| pid_t pid; |
pid_t pid; |
| int f, stat = 0; | int f, ret = 0, stat = 0; |
| |
|
| strlcpy(szConfig, DEFAULT_CONFIG, MAXPATHLEN); |
strlcpy(szConfig, DEFAULT_CONFIG, MAXPATHLEN); |
| /* Load variables from config if exists */ |
/* Load variables from config if exists */ |
|
Line 195 main(int argc, char **argv)
|
Line 244 main(int argc, char **argv)
|
| atexit(cleanexit); |
atexit(cleanexit); |
| |
|
| /* Load variables from arguments if exists */ |
/* Load variables from arguments if exists */ |
| while ((ch = getopt(argc, argv, "hvu:c:d:m:t:")) != -1) | while ((ch = getopt(argc, argv, "hvUu:c:d:m:t:L:")) != -1) |
| switch (ch) { |
switch (ch) { |
| case 'v': |
case 'v': |
| Verbose++; |
Verbose++; |
|
Line 212 main(int argc, char **argv)
|
Line 261 main(int argc, char **argv)
|
| case 'm': |
case 'm': |
| AIT_SET_STR(&Mount, optarg); |
AIT_SET_STR(&Mount, optarg); |
| break; |
break; |
| |
case 'L': |
| |
strlcpy(reason, optarg, sizeof reason); |
| |
mod = 1; |
| |
break; |
| |
case 'U': |
| |
mod = -1; |
| |
break; |
| case 't': |
case 't': |
| #ifndef HAVE_STRTONUM |
#ifndef HAVE_STRTONUM |
| Timeout = (int) strtol(optarg, NULL, 0); |
Timeout = (int) strtol(optarg, NULL, 0); |
|
Line 234 main(int argc, char **argv)
|
Line 290 main(int argc, char **argv)
|
| |
|
| memset(szSess, 0, MAXPATHLEN); |
memset(szSess, 0, MAXPATHLEN); |
| snprintf(szSess, MAXPATHLEN, "%s%s-cfexec.LCK", DEFAULT_TMP, AIT_GET_STR(&Mount)); |
snprintf(szSess, MAXPATHLEN, "%s%s-cfexec.LCK", DEFAULT_TMP, AIT_GET_STR(&Mount)); |
| |
memset(szSLCK, 0, MAXPATHLEN); |
| |
snprintf(szSLCK, MAXPATHLEN, CFEXEC_SLOCK, DEFAULT_TMP); |
| |
|
| |
/* we have request for service lock! */ |
| |
if (mod) { |
| |
VERB(3) printf("Info(3):: mode=%hhd\n", mod); |
| |
if (mod == -1) |
| |
ret = s_unlck(); |
| |
else |
| |
ret = s_lck(reason); |
| |
return ret; |
| |
} |
| |
|
| VERB(3) printf("Info(3):: Chroot=%s SUID=%s Device=%s Mount=%s Timeout=%d Session=%s\n", |
VERB(3) printf("Info(3):: Chroot=%s SUID=%s Device=%s Mount=%s Timeout=%d Session=%s\n", |
| AIT_GET_STR(&Chroot), AIT_GET_STR(&User), AIT_GET_STR(&Dev), |
AIT_GET_STR(&Chroot), AIT_GET_STR(&User), AIT_GET_STR(&Dev), |
| AIT_GET_STR(&Mount), Timeout, szSess); |
AIT_GET_STR(&Mount), Timeout, szSess); |
|
Line 254 main(int argc, char **argv)
|
Line 322 main(int argc, char **argv)
|
| VERB(5) printf("Info(5):: Go safe mount.\n"); |
VERB(5) printf("Info(5):: Go safe mount.\n"); |
| setsid(); |
setsid(); |
| |
|
| if (update(MNT_UPDATE) == -1) | if ((f = mkevent(&chg, &evt)) == -1) |
| return 4; |
return 4; |
| |
|
| if ((f = mkevent(&chg, &evt)) == -1) | if (update(MNT_UPDATE) == -1) |
| return 5; |
return 5; |
| |
|
| if (Timeout) { |
if (Timeout) { |
|
Line 271 main(int argc, char **argv)
|
Line 339 main(int argc, char **argv)
|
| stat = 7; |
stat = 7; |
| break; |
break; |
| case 0: |
case 0: |
| |
if (!access(szSLCK, F_OK)) { |
| |
VERB(1) printf("Timeout reached - service locked\n"); |
| |
break; |
| |
} |
| VERB(1) printf("Timeout reached - secure mount\n"); |
VERB(1) printf("Timeout reached - secure mount\n"); |
| default: |
default: |
| VERB(1) printf("Lock file is deleted - secure mount\n"); |
VERB(1) printf("Lock file is deleted - secure mount\n"); |
| if (update(MNT_UPDATE | MNT_RDONLY) == -1) | if (access(szSLCK, F_OK) && update(MNT_UPDATE | MNT_RDONLY) == -1) |
| stat = 8; |
stat = 8; |
| } |
} |
| |
|
|
Line 291 main(int argc, char **argv)
|
Line 363 main(int argc, char **argv)
|
| sigprocmask(SIG_BLOCK, &sig, &oldsig); |
sigprocmask(SIG_BLOCK, &sig, &oldsig); |
| */ |
*/ |
| |
|
| if (update(MNT_UPDATE) == -1) | if ((f = mkevent(NULL, NULL)) == -1) |
| return 4; |
return 4; |
| |
else |
| |
close(f); |
| |
|
| |
if (update(MNT_UPDATE) == -1) |
| |
return 5; |
| |
|
| switch ((pid = vfork())) { |
switch ((pid = vfork())) { |
| case -1: |
case -1: |
| printf("Error:: can`t execute safe mount #%d - %s\n", |
printf("Error:: can`t execute safe mount #%d - %s\n", |
| errno, strerror(errno)); |
errno, strerror(errno)); |
| return 5; | stat = 3; |
| | break; |
| case 0: |
case 0: |
| VERB(5) printf("Go to running process %s\n", *argv); |
VERB(5) printf("Go to running process %s\n", *argv); |
| if (chroot(AIT_GET_STR(&Chroot)) == -1) { |
if (chroot(AIT_GET_STR(&Chroot)) == -1) { |
|
Line 311 main(int argc, char **argv)
|
Line 389 main(int argc, char **argv)
|
| /* chdir("/"); */ |
/* chdir("/"); */ |
| execvp(*argv, argv); |
execvp(*argv, argv); |
| } |
} |
| exit(127); | _exit(127); |
| break; |
break; |
| default: |
default: |
| waitpid(pid, &stat, 0); |
waitpid(pid, &stat, 0); |
| |
stat = WEXITSTATUS(stat); |
| VERB(3) printf("Return code: %d\n", stat); |
VERB(3) printf("Return code: %d\n", stat); |
| if (stat == 32512) |
|
| stat = 127; |
|
| |
|
| if (update(MNT_UPDATE | MNT_RDONLY) == -1) | if (access(szSLCK, F_OK) && update(MNT_UPDATE | MNT_RDONLY) == -1) |
| return 8; | stat = 8; |
| | break; |
| } |
} |
| |
|
| |
unlink(szSess); |
| } |
} |
| |
|
| return stat; |
return stat; |
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to cfexec.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedtools / src