--- embedtools/src/cfexec.c	2011/06/13 20:23:35	1.2.2.2
+++ embedtools/src/cfexec.c	2018/01/01 23:52:54	1.5.20.7
@@ -3,7 +3,7 @@
  *  by Michael Pounov <misho@aitbg.com>
  *
  * $Author: misho $
- * $Id: cfexec.c,v 1.2.2.2 2011/06/13 20:23:35 misho Exp $
+ * $Id: cfexec.c,v 1.5.20.7 2018/01/01 23:52:54 misho Exp $
  *
  *************************************************************************
 The ELWIX and AITNET software is distributed under the following
@@ -12,7 +12,7 @@ terms:
 All of the documentation and software included in the ELWIX and AITNET
 Releases is copyrighted by ELWIX - Sofia/Bulgaria <info@elwix.org>
 
-Copyright 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011
+Copyright 2004 - 2018
 	by Michael Pounov <misho@elwix.org>.  All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
@@ -46,14 +46,15 @@ SUCH DAMAGE.
 #include "global.h"
 
 
-sl_config cfg;
+cfg_root_t cfg;
 int Verbose, Timeout, kq;
-char szUser[MAX_STR], szMount[MAXPATHLEN], szDev[MAXPATHLEN], 
-     szChroot[MAXPATHLEN], szSess[MAXPATHLEN], szConfig[MAXPATHLEN];
+ait_val_t User, Mount, Chroot;
+char szSess[MAXPATHLEN], szSLCK[MAXPATHLEN], szConfig[MAXPATHLEN];
 extern char compiled[], compiledby[], compilehost[];
 
 
-static void Usage()
+static void
+Usage()
 {
 
 	printf(	"CFExec is tool for managment R/W operation with CompactFlash\n"
@@ -62,140 +63,225 @@ static void Usage()
 		"\t-v\t\tVerbose ...\n"
 		"\t-c <dir>\tAfter execute chroot to dir [default=/]\n"
 		"\t-u <user>\tAfter execute suid to user [default=root]\n"
-		"\t-d <dev>\tOther device [default=/dev/ufs/elwix]\n"
-		"\t-m <mnt>\tOther mount dir [default=/cf]\n"
+		"\t-m <mnt>\tOther mount dir [default=/]\n"
 		"\t-t <sec>\tTimeout for autolock mount dir after seconds [default=300]\n"
+		"\t-L <reason>\tService lock and set RW state of device with reason\n"
+		"\t-U \t\tService unlock and set RO state of device\n"
 		"\n", compiled, compiledby, compilehost);
 }
 
-static int update(int flags)
+struct statfs *
+getmntpt(const char *name)
 {
+	struct statfs *mntbuf;
+	int i, mntsize;
+
+	mntsize = getmntinfo(&mntbuf, MNT_NOWAIT);
+	for (i = mntsize - 1; i >= 0; i--) {
+		if (!strcmp(mntbuf[i].f_mntfromname, name) ||
+		    !strcmp(mntbuf[i].f_mntonname, name))
+			return &mntbuf[i];
+	}
+
+	return NULL;
+}
+
+static int
+update(int flags)
+{
 	struct ufs_args mnt;
+	struct statfs *mntfs = getmntpt(AIT_GET_STR(&Mount));
 
 	memset(&mnt, 0, sizeof mnt);
-	mnt.fspec = szDev;
+	mnt.fspec = mntfs->f_mntfromname;
 #ifdef __NetBSD__
-	if (mount("ufs", szMount, flags, &mnt, sizeof mnt) == -1) {
+	if (mount(mntfs->f_fstypename, mntfs->f_mntonname, flags, &mnt, sizeof mnt) == -1) {
 #else
-	if (mount("ufs", szMount, flags, &mnt) == -1) {
+	if (mount(mntfs->f_fstypename, mntfs->f_mntonname, flags, &mnt) == -1) {
 #endif
-		printf("Error:: can`t update mount %s #%d - %s\n", szMount, errno, strerror(errno));
+		printf("Error:: can`t update mount %s #%d - %s\n", AIT_GET_STR(&Mount), 
+				errno, strerror(errno));
 		return -1;
 	}
 
-	VERB(5) printf("Info(5):: safe mount for device %s to %s operation (%s)\n", 
-			szDev, szMount, (flags & MNT_RDONLY) ? "ro" : "rw");
+	VERB(5) printf("Info(5):: safe mount %s for device %s to %s operation (%s)\n", 
+			mntfs->f_fstypename, mntfs->f_mntfromname, mntfs->f_mntonname, 
+			(flags & MNT_RDONLY) ? "ro" : "rw");
 	return 0;
 }
 
-static void setuser()
+static void
+setuser()
 {
 	struct passwd *pw;
 
-	pw = getpwnam(szUser);
+	pw = getpwnam(AIT_GET_LIKE(&User, char*));
 	if (pw) {
 		setuid(pw->pw_uid);
 		setgid(pw->pw_gid);
 		endpwent();
 
-		VERB(5) printf("Info(5):: Suid to user %s.\n", szUser);
+		VERB(5) printf("Info(5):: Suid to user %s.\n", AIT_GET_STR(&User));
 	} else
-		VERB(5) printf("Info(5):: Can`t suid to user %s !\n", szUser);
+		VERB(5) printf("Info(5):: Can`t suid to user %s !\n", AIT_GET_STR(&User));
 }
 
-static int mkevent(struct kevent *chg, struct kevent *evt)
+static int
+mkevent(struct kevent *chg, struct kevent *evt)
 {
 	int f;
-	char szStr[MAX_STR];
+	char szStr[STRSIZ];
 
 	f = open(szSess, O_CREAT | O_WRONLY | O_TRUNC, 0644);
 	if (f == -1) {
 		printf("Error:: can`t lock session #%d - %s\n", errno, strerror(errno));
 		return -1;
 	} else {
-		memset(szStr, 0, MAX_STR);
-		snprintf(szStr, MAX_STR, "%d", getpid());
+		memset(szStr, 0, sizeof szStr);
+		snprintf(szStr, sizeof szStr, "%d", getpid());
 		write(f, szStr, strlen(szStr));
 	}
 	VERB(3) printf("Created lock file %s\n", szSess);
 
-	kq = kqueue();
-	if (kq == -1) {
-		printf("Error:: can`t execute safe mount #%d - %s\n", errno, strerror(errno));
-		close(f);
-		unlink(szSess);
-		return -1;
-	} else {
-		memset(chg, 0, sizeof(struct kevent));
-		memset(evt, 0, sizeof(struct kevent));
+	if (chg && evt) {
+		kq = kqueue();
+		if (kq == -1) {
+			printf("Error:: can`t execute safe mount #%d - %s\n", errno, strerror(errno));
+			close(f);
+			unlink(szSess);
+			return -1;
+		} else {
+			memset(chg, 0, sizeof(struct kevent));
+			memset(evt, 0, sizeof(struct kevent));
 
-		EV_SET(chg, f, EVFILT_VNODE, EV_ADD, NOTE_DELETE | NOTE_RENAME | NOTE_REVOKE, 0, (intptr_t) NULL);
+			EV_SET(chg, f, EVFILT_VNODE, EV_ADD, NOTE_DELETE | NOTE_RENAME | NOTE_REVOKE, 
+					0, NULL);
+		}
 	}
 
 	return f;
 }
 
-// ---------------------------------
+static void
+cleanexit()
+{
+	AIT_FREE_VAL(&User);
+	AIT_FREE_VAL(&Mount);
+	AIT_FREE_VAL(&Chroot);
 
-int main(int argc, char **argv)
+	cfgUnloadConfig(&cfg);
+}
+
+static int
+s_unlck()
 {
-	char ch;
+	if (access(szSLCK, F_OK))
+		return 2;
+
+	if (access(szSess, F_OK) && update(MNT_UPDATE | MNT_RDONLY) == -1)
+		return 8;
+
+	unlink(szSLCK);
+	VERB(3) printf("Unlock & deleted service lock file %s\n", szSLCK);
+	return 0;
+}
+
+static int
+s_lck(const char *reason)
+{
+	int f;
+	char szStr[STRSIZ];
+
+	if (!access(szSLCK, F_OK)) {
+		printf("cfexec already held service lock ...\n");
+		return 127;
+	}
+
+	f = open(szSLCK, O_CREAT | O_WRONLY | O_TRUNC, 0644);
+	if (f == -1) {
+		printf("Error:: can`t service lock session #%d - %s\n", errno, strerror(errno));
+		return 4;
+	} else {
+		memset(szStr, 0, sizeof szStr);
+		snprintf(szStr, sizeof szStr, "[%d] - %s", getpid(), reason);
+		write(f, szStr, strlen(szStr));
+	}
+	close(f);
+
+	if (update(MNT_UPDATE) == -1) {
+		unlink(szSLCK);
+		return 5;
+	}
+
+	VERB(3) printf("Lock & created service lock file %s\n", szSLCK);
+	return 0;
+}
+
+
+int
+main(int argc, char **argv)
+{
+	char ch, mod = 0, reason[STRSIZ];
 	const char *err = NULL;
 	struct kevent chg, evt;
 	struct timespec ts;
 	pid_t pid;
-	int f, stat = 0;
-//	sigset_t sig, oldsig;
+	int f, ret = 0, stat = 0;
 
 	strlcpy(szConfig, DEFAULT_CONFIG, MAXPATHLEN);
-	// Load variables from config if exists
-	if (!LoadConfig(szConfig, &cfg)) {
-		cfg_LoadAttribute(&cfg, CFG("cfexec"), CFG("timeout"), CFG(szUser), MAX_STR, DEFAULT_TIMEOUT);
+	/* Load variables from config if exists */
+	if (!cfgLoadConfig(szConfig, &cfg)) {
+		cfg_loadAttribute(&cfg, "cfexec", "timeout", &User, DEFAULT_TIMEOUT);
 #ifndef HAVE_STRTONUM
 		Timeout = (int) strtol(szUser, NULL, 0);
 #else
-		Timeout = strtonum(szUser, 0, 3600, &err);
+		Timeout = strtonum(AIT_GET_STR(&User), 0, 3600, &err);
 #endif
+		AIT_FREE_VAL(&User);
 		if (!Timeout && err) {
 			printf("Error:: in seconds for timeout %s - %s\n", optarg, err);
-			UnloadConfig(&cfg);
+			cfgUnloadConfig(&cfg);
 			return 1;
 		}
-		cfg_LoadAttribute(&cfg, CFG("cfexec"), CFG("suid"), CFG(szUser), MAX_STR, DEFAULT_USER);
-		cfg_LoadAttribute(&cfg, CFG("cfexec"), CFG("mount"), CFG(szMount), MAXPATHLEN, DEFAULT_MOUNT);
-		cfg_LoadAttribute(&cfg, CFG("cfexec"), CFG("device"), CFG(szDev), MAXPATHLEN, DEFAULT_DEVICE);
-		cfg_LoadAttribute(&cfg, CFG("cfexec"), CFG("chroot"), CFG(szChroot), MAXPATHLEN, DEFAULT_CHROOT);
+		cfg_loadAttribute(&cfg, "cfexec", "suid", &User, DEFAULT_USER);
+		cfg_loadAttribute(&cfg, "cfexec", "mount", &Mount, DEFAULT_MOUNT);
+		cfg_loadAttribute(&cfg, "cfexec", "chroot", &Chroot, DEFAULT_CHROOT);
 
-		UnloadConfig(&cfg);
+		cfgUnloadConfig(&cfg);
 	} else {
 		Timeout = atoi(DEFAULT_TIMEOUT);
-		strlcpy(szUser, DEFAULT_USER, MAX_STR);
-		strlcpy(szMount, DEFAULT_MOUNT, MAXPATHLEN);
-		strlcpy(szDev, DEFAULT_DEVICE, MAXPATHLEN);
-		strlcpy(szChroot, DEFAULT_CHROOT, MAXPATHLEN);
+		AIT_SET_STR(&User, DEFAULT_USER);
+		AIT_SET_STR(&Mount, DEFAULT_MOUNT);
+		AIT_SET_STR(&Chroot, DEFAULT_CHROOT);
 	}
 
-	// Load variables from arguments if exists
-	while ((ch = getopt(argc, argv, "hvu:c:d:m:t:")) != -1)
+	atexit(cleanexit);
+
+	/* Load variables from arguments if exists */
+	while ((ch = getopt(argc, argv, "hvUu:c:m:t:L:")) != -1)
 		switch (ch) {
 			case 'v':
 				Verbose++;
 				break;
 			case 'u':
-				strlcpy(szUser, optarg, MAX_STR);
+				AIT_SET_STR(&User, optarg);
 				break;
 			case 'c':
-				strlcpy(szChroot, optarg, MAXPATHLEN);
+				AIT_SET_STR(&Chroot, optarg);
 				break;
-			case 'd':
-				strlcpy(szDev, optarg, MAXPATHLEN);
-				break;
 			case 'm':
-				strlcpy(szMount, optarg, MAXPATHLEN);
+				AIT_SET_STR(&Mount, optarg);
 				break;
+			case 'L':
+				strlcpy(reason, optarg, sizeof reason);
+				mod = 1;
+				break;
+			case 'U':
+				mod = -1;
+				break;
 			case 't':
 #ifndef HAVE_STRTONUM
-				Timeout = (int) strtol(szUser, NULL, 0);
+				Timeout = (int) strtol(optarg, NULL, 0);
 #else
 				Timeout = strtonum(optarg, 0, 3600, &err);
 #endif
@@ -214,11 +300,24 @@ int main(int argc, char **argv)
 	argv += optind;
 
 	memset(szSess, 0, MAXPATHLEN);
-	snprintf(szSess, MAXPATHLEN, "%s%s-cfexec.LCK", DEFAULT_TMP, szMount);
+	snprintf(szSess, MAXPATHLEN, "%s%s-cfexec.LCK", DEFAULT_TMP, AIT_GET_STR(&Mount));
+	memset(szSLCK, 0, MAXPATHLEN);
+	snprintf(szSLCK, MAXPATHLEN, CFEXEC_SLOCK, DEFAULT_TMP);
 
-	VERB(3) printf("Info(3):: Chroot=%s SUID=%s Device=%s Mount=%s Timeout=%d Session=%s\n", 
-			szChroot, szUser, szDev, szMount, Timeout, szSess);
+	/* we have request for service lock! */
+	if (mod) {
+		VERB(3) printf("Info(3):: mode=%hhd\n", mod);
+		if (mod == -1)
+			ret = s_unlck();
+		else
+			ret = s_lck(reason);
+		return ret;
+	}
 
+	VERB(3) printf("Info(3):: Chroot=%s SUID=%s Mount=%s Timeout=%d Session=%s\n", 
+			AIT_GET_STR(&Chroot), AIT_GET_STR(&User), 
+			AIT_GET_STR(&Mount), Timeout, szSess);
+
 	if (!access(szSess, F_OK)) {
 		printf("cfexec already running ...\n");
 		return 127;
@@ -234,11 +333,13 @@ int main(int argc, char **argv)
 				VERB(5) printf("Info(5):: Go safe mount.\n");
 				setsid();
 
-				if (update(MNT_UPDATE) == -1)
+				if ((f = mkevent(&chg, &evt)) == -1)
 					return 4;
 
-				if ((f = mkevent(&chg, &evt)) == -1)
-					return 5;
+				if (update(MNT_UPDATE) == -1) {
+					stat = 5;
+					goto skip;
+				}
 
 				if (Timeout) {
 					memset(&ts, 0, sizeof ts);
@@ -251,13 +352,17 @@ int main(int argc, char **argv)
 						stat = 7;
 						break;
 					case 0:
+						if (!access(szSLCK, F_OK)) {
+							VERB(1) printf("Timeout reached - service locked\n");
+							break;
+						}
 						VERB(1) printf("Timeout reached - secure mount\n");
 					default:
 						VERB(1) printf("Lock file is deleted - secure mount\n");
-						if (update(MNT_UPDATE | MNT_RDONLY) == -1)
+						if (access(szSLCK, F_OK) && update(MNT_UPDATE | MNT_RDONLY) == -1)
 							stat = 8;
 				}
-
+skip:
 				close(kq);
 				close(f);
 				unlink(szSess);
@@ -271,21 +376,29 @@ int main(int argc, char **argv)
 		sigprocmask(SIG_BLOCK, &sig, &oldsig);
 		*/
 
-		if (update(MNT_UPDATE) == -1)
+		if ((f = mkevent(NULL, NULL)) == -1)
 			return 4;
+		else
+			close(f);
 
+		if (update(MNT_UPDATE) == -1) {
+			unlink(szSess);
+			return 5;
+		}
+
 		switch ((pid = vfork())) {
 			case -1:
 				printf("Error:: can`t execute safe mount #%d - %s\n", 
 						errno, strerror(errno));
-				return 5;
+				stat = 3;
+				break;
 			case 0:
 				VERB(5) printf("Go to running process %s\n", *argv);
-				if (chroot(szChroot) == -1) {
+				if (chroot(AIT_GET_STR(&Chroot)) == -1) {
 					printf("Error:: can`t chroot to dir %s #%d - %s\n", 
-							szChroot, errno, strerror(errno));
+							AIT_GET_STR(&Chroot), errno, strerror(errno));
 				} else {
-					if (strncmp(szUser, "root", 5))
+					if (strncmp(AIT_GET_STR(&User), "root", 5))
 						setuser();
 
 					/* chdir("/"); */
@@ -295,15 +408,15 @@ int main(int argc, char **argv)
 				break;
 			default:
 				waitpid(pid, &stat, 0);
+				stat = WEXITSTATUS(stat);
 				VERB(3) printf("Return code: %d\n", stat);
-				if (stat == 32512) 
-					stat = 127;
 
-				if (update(MNT_UPDATE | MNT_RDONLY) == -1)
-					return 8;
+				if (access(szSLCK, F_OK) && update(MNT_UPDATE | MNT_RDONLY) == -1)
+					stat = 8;
+				break;
 		}
 
-//		sigprocmask(SIG_SETMASK, &oldsig, NULL);
+		unlink(szSess);
 	}
 
 	return stat;