X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ian/git?a=blobdiff_plain;f=servexec.c;h=5fa8e1f3787babb29de15abf783a495cfbb4f450;hb=e5294e9e174ea671d2e8f3454d3fbf25fd106c36;hp=48a6e294db691bef6fcb228279c66850367369ee;hpb=9f56f874416db295bdb50d448bd99cdd34db969d;p=userv.git

diff --git a/servexec.c b/servexec.c
index 48a6e29..5fa8e1f 100644
--- a/servexec.c
+++ b/servexec.c
@@ -2,11 +2,14 @@
  * userv - execserv.c
  * daemon code which executes actual service (ie child process)
  *
- * Copyright (C)1996-1997 Ian Jackson
+ * userv is
+ * Copyright 1996-2017 Ian Jackson <ian@davenant.greenend.org.uk>.
+ * Copyright 2000      Ben Harris <bjh21@cam.ac.uk>
+ * Copyright 2016-2017 Peter Benie <pjb1008@cam.ac.uk>
  *
  * This is free software; you can redistribute it and/or modify it
  * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
+ * the Free Software Foundation; either version 3 of the License, or
  * (at your option) any later version.
  *
  * This program is distributed in the hope that it will be useful, but
@@ -15,14 +18,14 @@
  * General Public License for more details.
  *
  * You should have received a copy of the GNU General Public License
- * along with userv; if not, write to the Free Software
- * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * along with userv; if not, see <http://www.gnu.org/licenses/>.
  */
 
 #include <stdio.h>
 #include <limits.h>
 #include <errno.h>
 #include <assert.h>
+#include <string.h>
 #include <unistd.h>
 #include <stdarg.h>
 #include <stdlib.h>
@@ -34,6 +37,8 @@
 #include "common.h"
 #include "daemon.h"
 #include "lib.h"
+#include "both.h"
+#include "version.h"
 
 static void NONRETURNING serv_syscallfail(const char *msg) {
   fputs("uservd(service): ",stderr);
@@ -41,6 +46,110 @@ static void NONRETURNING serv_syscallfail(const char *msg) {
   _exit(-1);
 }
 
+static void NONRETURNING serv_checkstdoutexit(void) {
+  if (ferror(stdout) || fclose(stdout)) serv_syscallfail("write stdout");
+  _exit(0);
+}
+
+void bisexec_environment(const char *const *argv) {
+  execlp("env","env",(char*)0);
+  serv_syscallfail("execute `env'");
+}
+
+void bisexec_parameter(const char *const *argv) {
+  always_dumpparameter(execargs[0],execargs+1);
+  serv_checkstdoutexit();
+}
+  
+void bisexec_help(const char *const *argv) {
+  const char *const *pp;
+  
+  fputs("recognised builtin services:\n",stdout);
+  for (pp= builtinservicehelpstrings; *pp; pp++) printf("  %s\n",*pp);
+  serv_checkstdoutexit();
+}
+  
+void bisexec_version(const char *const *argv) {
+  const unsigned char *p;
+  int i;
+  
+  printf("uservd version " VERSION VEREXT "\n"
+#ifdef DEBUG
+	 "DEBUGGING VERSION"
+#else
+	 "production version"
+#endif
+	 " - protocol magic number %08lx\n"
+	 "maximums:    fd %-10d                general string %d\n"
+	 "             gids %-10d              override length %d\n"
+	 "             args or variables %-10d error message %d\n"
+	 "             nested inclusion %-10d  errno string reserve %d\n"
+	 "protocol checksum: ",
+	 BASE_MAGIC,
+	 MAX_ALLOW_FD, MAX_GENERAL_STRING,
+	 MAX_GIDS, MAX_OVERRIDE_LEN,
+	 MAX_ARGSDEFVAR, MAX_ERRMSG_LEN,
+	 MAX_INCLUDE_NEST, ERRMSG_RESERVE_ERRNO);
+  for (i=0, p=protocolchecksumversion; i<sizeof(protocolchecksumversion); i++, p++)
+    printf("%02x",*p);
+  printf("\n"
+	 "rendezvous socket: `" RENDEZVOUSPATH "'\n"
+	 "system config dir: `" SYSTEMCONFIGDIR "'\n"
+	 "pipe filename format: `%s' (max length %d)\n"
+	 COPYRIGHT("","\n"),
+	 PIPEFORMAT, PIPEMAXLEN);
+  serv_checkstdoutexit();
+}
+
+static void NONRETURNING dumpconfig(const char *string) {
+  int nspaces, c, lnl;
+  
+  nspaces= 0;
+  lnl= 1;
+  while ((c= *string++)) {
+    switch (c) {
+    case ' ': nspaces++; break;
+    case '\n':
+      if (!lnl) putchar('\n');
+      nspaces= 0; lnl= 1;
+      break;
+    default:
+      while (nspaces>0) { putchar(' '); nspaces--; }
+      putchar(c);
+      lnl= 0;
+      break;
+    }
+  }
+  assert(lnl);
+  serv_checkstdoutexit();
+}
+
+void bisexec_toplevel(const char *const *argv) {
+  dumpconfig(TOPLEVEL_CONFIGURATION);
+}
+
+void bisexec_override(const char *const *argv) {
+  dumpconfig(TOPLEVEL_OVERRIDDEN_CONFIGURATION);
+}
+
+void bisexec_reset(const char *const *argv) {
+  dumpconfig(RESET_CONFIGURATION);
+}
+
+void bisexec_execute(const char *const *argv) {
+  always_dumpexecsettings();
+  serv_checkstdoutexit();
+}
+
+void bisexec_shutdown(const char *const *argv) {
+  /* This is only reached if the serviceuser_uid test in
+   * process.c:servicerequest() fails (we have to handle the
+   * shutdown request there, unfortunately).
+   */
+  fputs("uservd: builtin service shutdown: permission denied\n",stderr);
+  _exit(-1);
+}
+
 static void serv_resetsignal(int signo) {
   struct sigaction sig;
   
@@ -50,17 +159,13 @@ static void serv_resetsignal(int signo) {
   if (sigaction(signo,&sig,0)) serv_syscallfail("reset signal handler");
 }
 
-static const char *see_logname(void) { return serviceuser; }
+static const char *see_loginname(void) { return serviceuser; }
 static const char *see_home(void) { return serviceuser_dir; }
 static const char *see_shell(void) { return serviceuser_shell; }
 
-static const char *see_path(void) {
-  return serviceuser_uid ? DEFAULTPATH_USER : DEFAULTPATH_ROOT;
-}
-
 static const char *see_service(void) { return service; }
 static const char *see_c_cwd(void) { return cwd; }
-static const char *see_c_logname(void) { return logname; }
+static const char *see_c_loginname(void) { return loginname; }
 static const char *see_c_uid(void) {
   static char buf[CHAR_BIT*sizeof(uid_t)/3+4];
   snyprintf(buf,sizeof(buf),"%lu",(unsigned long)request_mbuf.callinguid);
@@ -89,7 +194,7 @@ static const char *see_c_group(void) {
 static const char *seei_gid(int i) {
   static char buf[CHAR_BIT*sizeof(gid_t)/3+4];
   
-  snyprintf(buf,sizeof(buf),"%d",calling_gids[i]);
+  snyprintf(buf,sizeof(buf),"%ld",(long)calling_gids[i]);
   return buf;
 }
 static const char *see_c_gid(void) {
@@ -100,18 +205,18 @@ static const struct serv_envinfo {
   const char *name;
   const char *(*fn)(void);
 } serv_envinfos[]= {
-  { "USER",           see_logname    },
-  { "LOGNAME",        see_logname    },
-  { "HOME",           see_home       },
-  { "SHELL",          see_shell      },
-  { "PATH",           see_path       },
-  { "USERV_SERVICE",  see_service    },
-  { "USERV_CWD",      see_c_cwd      },
-  { "USERV_USER",     see_c_logname  },
-  { "USERV_UID",      see_c_uid      },
-  { "USERV_GROUP",    see_c_group    },
-  { "USERV_GID",      see_c_gid      },
-  {  0                               }
+  { "USER",           see_loginname   },
+  { "LOGNAME",        see_loginname   },
+  { "HOME",           see_home        },
+  { "SHELL",          see_shell       },
+  { "PATH",           defaultpath     },
+  { "USERV_SERVICE",  see_service     },
+  { "USERV_CWD",      see_c_cwd       },
+  { "USERV_USER",     see_c_loginname },
+  { "USERV_UID",      see_c_uid       },
+  { "USERV_GROUP",    see_c_group     },
+  { "USERV_GID",      see_c_gid       },
+  {  0                                }
 };
 
 void execservice(const int synchsocket[], int clientfd) {
@@ -122,7 +227,7 @@ void execservice(const int synchsocket[], int clientfd) {
     "-",
     0
   };
-  int fd, realfd, holdfd, newfd, r, envvarbufsize=0, targ, nargs, i, l;
+  int fd, realfd, holdfd, newfd, r, envvarbufsize=0, targ, nargs, i, l, fdflags;
   char *envvarbuf=0;
   const char **args, *const *cpp;
   char *const *pp;
@@ -148,7 +253,16 @@ void execservice(const int synchsocket[], int clientfd) {
 
   if (close(clientfd)) serv_syscallfail("close client socket fd");
 
-  /* Now we have to make all the fd's work.  It's rather a complicated
+  /* First we need to close the holding writing ends of the pipes
+   * inherited from our parent: */
+  for (fd=0; fd<fdarrayused; fd++) {
+    if (fdarray[fd].holdfd == -1) continue;
+    if (close(fdarray[fd].holdfd)) serv_syscallfail("close pipe hold fd");
+    fdarray[fd].holdfd= -1;
+  }
+  /* Now we can reuse the .holdfd member of the fdarray entries. */
+
+  /* We have to make all the fd's work.  It's rather a complicated
    * algorithm, unfortunately.  We remember in holdfd[fd] whether fd
    * is being used to hold a file descriptor we actually want for some
    * other real fd in the service program; holdfd[fd] contains the fd
@@ -159,12 +273,8 @@ void execservice(const int synchsocket[], int clientfd) {
    * move it out of the way with dup and record its new location.
    */
   for (fd=0; fd<fdarrayused; fd++) {
-    if (fdarray[fd].holdfd == -1) continue;
-    if (close(fdarray[fd].holdfd)) serv_syscallfail("close pipe hold fd");
-    fdarray[fd].holdfd= -1;
-  }
-  for (fd=0; fd<fdarrayused; fd++) {
-    if (fdarray[fd].realfd < fdarrayused) fdarray[fdarray[fd].realfd].holdfd= fd;
+    if (fdarray[fd].realfd < fdarrayused && fdarray[fd].realfd >= 0)
+      fdarray[fdarray[fd].realfd].holdfd= fd;
   }
   for (fd=0; fd<fdarrayused; fd++) {
     realfd= fdarray[fd].realfd;
@@ -183,17 +293,18 @@ void execservice(const int synchsocket[], int clientfd) {
     }
     if (dup2(fdarray[fd].realfd,fd)<0) serv_syscallfail("dup2 set up fd");
     if (close(fdarray[fd].realfd)) serv_syscallfail("close old fd");
-    if (fcntl(fd,F_SETFD,0)<0) serv_syscallfail("set no-close-on-exec on fd");
+    fdflags= fcntl(fd,F_GETFD); if (fdflags<0) serv_syscallfail("get fd flags");
+    if (fcntl(fd,F_SETFD,fdflags&~FD_CLOEXEC)==-1) serv_syscallfail("set no-close-on-exec on fd");
     fdarray[fd].realfd= fd;
   }
 
   for (sei= serv_envinfos; sei->name; sei++)
     if (setenv(sei->name,sei->fn(),1)) serv_syscallfail("setenv standard");
   for (i=0; i<request_mbuf.nvars; i++) {
-    l= strlen(defvararray[i][0])+9;
+    l= strlen(defvararray[i].key)+9;
     if (l>envvarbufsize) { envvarbufsize= l; envvarbuf= xrealloc(envvarbuf,l); }
-    snyprintf(envvarbuf,l,"USERV_U_%s",defvararray[i][0]);
-    if (setenv(envvarbuf,defvararray[i][1],1)) serv_syscallfail("setenv defvar");
+    snyprintf(envvarbuf,l,"USERV_U_%s",defvararray[i].key);
+    if (setenv(envvarbuf,defvararray[i].value,1)) serv_syscallfail("setenv defvar");
   }
 
   nargs= 0;
@@ -209,7 +320,10 @@ void execservice(const int synchsocket[], int clientfd) {
   if (!suppressargs) for (i=0; i<request_mbuf.nargs; i++) args[targ++]= argarray[i];
   args[targ]= 0;
 
-  execv(args[0],(char* const*)args);
+  if (execbuiltin)
+    execbuiltin(args);
+  else
+    execv(args[0],(char* const*)args);
 
   serv_syscallfail("exec service program");
   _exit(-1);