3 * daemon code which executes actual service (ie child process)
6 * Copyright 1996-2017 Ian Jackson <ian@davenant.greenend.org.uk>.
7 * Copyright 2000 Ben Harris <bjh21@cam.ac.uk>
8 * Copyright 2016-2017 Peter Benie <pjb1008@cam.ac.uk>
10 * This is free software; you can redistribute it and/or modify it
11 * under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 3 of the License, or
13 * (at your option) any later version.
15 * This program is distributed in the hope that it will be useful, but
16 * WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * General Public License for more details.
20 * You should have received a copy of the GNU General Public License
21 * along with userv; if not, see <http://www.gnu.org/licenses/>.
32 #include <sys/types.h>
43 static void NONRETURNING serv_syscallfail(const char *msg) {
44 fputs("uservd(service): ",stderr);
49 static void NONRETURNING serv_checkstdoutexit(void) {
50 if (ferror(stdout) || fclose(stdout)) serv_syscallfail("write stdout");
54 void bisexec_environment(const char *const *argv) {
55 execlp("env","env",(char*)0);
56 serv_syscallfail("execute `env'");
59 void bisexec_parameter(const char *const *argv) {
60 always_dumpparameter(execargs[0],execargs+1);
61 serv_checkstdoutexit();
64 void bisexec_help(const char *const *argv) {
65 const char *const *pp;
67 fputs("recognised builtin services:\n",stdout);
68 for (pp= builtinservicehelpstrings; *pp; pp++) printf(" %s\n",*pp);
69 serv_checkstdoutexit();
72 void bisexec_version(const char *const *argv) {
73 const unsigned char *p;
76 printf("uservd version " VERSION VEREXT "\n"
82 " - protocol magic number %08lx\n"
83 "maximums: fd %-10d general string %d\n"
84 " gids %-10d override length %d\n"
85 " args or variables %-10d error message %d\n"
86 " nested inclusion %-10d errno string reserve %d\n"
87 "protocol checksum: ",
89 MAX_ALLOW_FD, MAX_GENERAL_STRING,
90 MAX_GIDS, MAX_OVERRIDE_LEN,
91 MAX_ARGSDEFVAR, MAX_ERRMSG_LEN,
92 MAX_INCLUDE_NEST, ERRMSG_RESERVE_ERRNO);
93 for (i=0, p=protocolchecksumversion; i<sizeof(protocolchecksumversion); i++, p++)
96 "rendezvous socket: `" RENDEZVOUSPATH "'\n"
97 "system config dir: `" SYSTEMCONFIGDIR "'\n"
98 "pipe filename format: `%s' (max length %d)\n"
100 PIPEFORMAT, PIPEMAXLEN);
101 serv_checkstdoutexit();
104 static void NONRETURNING dumpconfig(const char *string) {
109 while ((c= *string++)) {
111 case ' ': nspaces++; break;
113 if (!lnl) putchar('\n');
117 while (nspaces>0) { putchar(' '); nspaces--; }
124 serv_checkstdoutexit();
127 void bisexec_toplevel(const char *const *argv) {
128 dumpconfig(TOPLEVEL_CONFIGURATION);
131 void bisexec_override(const char *const *argv) {
132 dumpconfig(TOPLEVEL_OVERRIDDEN_CONFIGURATION);
135 void bisexec_reset(const char *const *argv) {
136 dumpconfig(RESET_CONFIGURATION);
139 void bisexec_execute(const char *const *argv) {
140 always_dumpexecsettings();
141 serv_checkstdoutexit();
144 void bisexec_shutdown(const char *const *argv) {
145 /* This is only reached if the serviceuser_uid test in
146 * process.c:servicerequest() fails (we have to handle the
147 * shutdown request there, unfortunately).
149 fputs("uservd: builtin service shutdown: permission denied\n",stderr);
153 static void serv_resetsignal(int signo) {
154 struct sigaction sig;
156 sig.sa_handler= SIG_DFL;
157 sigemptyset(&sig.sa_mask);
159 if (sigaction(signo,&sig,0)) serv_syscallfail("reset signal handler");
162 static const char *see_loginname(void) { return serviceuser; }
163 static const char *see_home(void) { return serviceuser_dir; }
164 static const char *see_shell(void) { return serviceuser_shell; }
166 static const char *see_service(void) { return service; }
167 static const char *see_c_cwd(void) { return cwd; }
168 static const char *see_c_loginname(void) { return loginname; }
169 static const char *see_c_uid(void) {
170 static char buf[CHAR_BIT*sizeof(uid_t)/3+4];
171 snyprintf(buf,sizeof(buf),"%lu",(unsigned long)request_mbuf.callinguid);
175 static const char *see_c_list(int n, const char *(*fn)(int i)) {
179 for (i=0, l=1; i<n; i++) l+= strlen(fn(i))+1;
180 r= xmalloc(l); r[l-1]= '*';
181 for (i=0, *r=0; i<n; i++) snytprintfcat(r,l,"%s ",fn(i));
182 assert(!r[l-1] && r[l-2]==' ');
187 static const char *seei_group(int i) {
188 return calling_groups[i];
190 static const char *see_c_group(void) {
191 return see_c_list(request_mbuf.ngids,seei_group);
194 static const char *seei_gid(int i) {
195 static char buf[CHAR_BIT*sizeof(gid_t)/3+4];
197 snyprintf(buf,sizeof(buf),"%ld",(long)calling_gids[i]);
200 static const char *see_c_gid(void) {
201 return see_c_list(request_mbuf.ngids,seei_gid);
204 static const struct serv_envinfo {
206 const char *(*fn)(void);
208 { "USER", see_loginname },
209 { "LOGNAME", see_loginname },
210 { "HOME", see_home },
211 { "SHELL", see_shell },
212 { "PATH", defaultpath },
213 { "USERV_SERVICE", see_service },
214 { "USERV_CWD", see_c_cwd },
215 { "USERV_USER", see_c_loginname },
216 { "USERV_UID", see_c_uid },
217 { "USERV_GROUP", see_c_group },
218 { "USERV_GID", see_c_gid },
222 void execservice(const int synchsocket[], int clientfd) {
223 static const char *const setenvpfargs[]= {
226 ". " SETENVIRONMENTPATH "; exec \"$@\"",
230 int fd, realfd, holdfd, newfd, r, envvarbufsize=0, targ, nargs, i, l, fdflags;
233 const char **args, *const *cpp;
236 const struct serv_envinfo *sei;
238 if (dup2(fdarray[2].realfd,2)<0) {
239 static const char duperrmsg[]= "uservd(service): cannot dup2 for stderr\n";
240 unused= write(fdarray[2].realfd,duperrmsg,sizeof(duperrmsg)-1);
244 serv_resetsignal(SIGPIPE);
245 serv_resetsignal(SIGCHLD);
247 if (close(synchsocket[0])) serv_syscallfail("close parent synch socket");
249 if (setpgid(0,0)) serv_syscallfail("set process group");
251 r= write(synchsocket[1],&synchmsg,1);
252 if (r!=1) serv_syscallfail("write synch byte to parent");
253 r= synchread(synchsocket[1],'g');
254 if (r) serv_syscallfail("reach synch byte from parent");
255 if (close(synchsocket[1])) serv_syscallfail("close our synch socket");
257 if (close(clientfd)) serv_syscallfail("close client socket fd");
259 /* First we need to close the holding writing ends of the pipes
260 * inherited from our parent: */
261 for (fd=0; fd<fdarrayused; fd++) {
262 if (fdarray[fd].holdfd == -1) continue;
263 if (close(fdarray[fd].holdfd)) serv_syscallfail("close pipe hold fd");
264 fdarray[fd].holdfd= -1;
266 /* Now we can reuse the .holdfd member of the fdarray entries. */
268 /* We have to make all the fd's work. It's rather a complicated
269 * algorithm, unfortunately. We remember in holdfd[fd] whether fd
270 * is being used to hold a file descriptor we actually want for some
271 * other real fd in the service program; holdfd[fd] contains the fd
272 * we eventually want fd to be dup'd into, so that realfd[holdfd[fd]]==fd.
273 * After setting up the holdfds we go through the fds in order of
274 * eventual fd making sure that fd is the one we want it to be. If the
275 * holdfd tells us we're currently storing some other fd in there we
276 * move it out of the way with dup and record its new location.
278 for (fd=0; fd<fdarrayused; fd++) {
279 if (fdarray[fd].realfd < fdarrayused && fdarray[fd].realfd >= 0)
280 fdarray[fdarray[fd].realfd].holdfd= fd;
282 for (fd=0; fd<fdarrayused; fd++) {
283 realfd= fdarray[fd].realfd;
284 if (realfd == -1) continue;
285 holdfd= fdarray[fd].holdfd;
287 assert(realfd == fd);
288 fdarray[fd].holdfd= -1;
290 } else if (holdfd != -1) {
291 assert(fdarray[holdfd].realfd == fd);
292 newfd= dup(fd); if (newfd<0) serv_syscallfail("dup out of the way");
293 fdarray[holdfd].realfd= newfd;
294 if (newfd<fdarrayused) fdarray[newfd].holdfd= holdfd;
295 fdarray[fd].holdfd= -1;
297 if (dup2(fdarray[fd].realfd,fd)<0) serv_syscallfail("dup2 set up fd");
298 if (close(fdarray[fd].realfd)) serv_syscallfail("close old fd");
299 fdflags= fcntl(fd,F_GETFD); if (fdflags<0) serv_syscallfail("get fd flags");
300 if (fcntl(fd,F_SETFD,fdflags&~FD_CLOEXEC)==-1) serv_syscallfail("set no-close-on-exec on fd");
301 fdarray[fd].realfd= fd;
304 for (sei= serv_envinfos; sei->name; sei++)
305 if (setenv(sei->name,sei->fn(),1)) serv_syscallfail("setenv standard");
306 for (i=0; i<request_mbuf.nvars; i++) {
307 l= strlen(defvararray[i].key)+9;
308 if (l>envvarbufsize) { envvarbufsize= l; envvarbuf= xrealloc(envvarbuf,l); }
309 snyprintf(envvarbuf,l,"USERV_U_%s",defvararray[i].key);
310 if (setenv(envvarbuf,defvararray[i].value,1)) serv_syscallfail("setenv defvar");
314 if (setenvironment) for (cpp= setenvpfargs; *cpp; cpp++) nargs++;
316 if (execargs) for (pp= execargs; *pp; pp++) nargs++;
317 if (!suppressargs) nargs+= request_mbuf.nargs;
318 args= xmalloc(sizeof(char*)*(nargs+1));
320 if (setenvironment) for (cpp= setenvpfargs; *cpp; cpp++) args[targ++]= *cpp;
321 args[targ++]= execpath;
322 if (execargs) for (pp= execargs; *pp; pp++) args[targ++]= *pp;
323 if (!suppressargs) for (i=0; i<request_mbuf.nargs; i++) args[targ++]= argarray[i];
329 execv(args[0],(char* const*)args);
331 serv_syscallfail("exec service program");