X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=execute.h;h=5c2d15787eb1f084bff73b802c3439a6ede9ae25;hp=d2ac4a82e006cbc1cabab6d57f86c5bf375d6ac9;hb=afb757b1a8a416b3c692728330a266b3915eef41;hpb=80876c20f64f87765242bc35895977ab6a855729 diff --git a/execute.h b/execute.h index d2ac4a82e..5c2d15787 100644 --- a/execute.h +++ b/execute.h @@ -46,6 +46,7 @@ typedef enum ExecInput { EXEC_INPUT_TTY, EXEC_INPUT_TTY_FORCE, EXEC_INPUT_TTY_FAIL, + EXEC_INPUT_SOCKET, _EXEC_INPUT_MAX, _EXEC_INPUT_INVALID = -1 } ExecInput; @@ -56,14 +57,15 @@ typedef enum ExecOutput { EXEC_OUTPUT_TTY, EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_KERNEL, + EXEC_OUTPUT_SOCKET, _EXEC_OUTPUT_MAX, _EXEC_OUTPUT_INVALID = -1 } ExecOutput; struct ExecStatus { - pid_t pid; usec_t start_timestamp; usec_t exit_timestamp; + pid_t pid; int code; /* as in siginfo_t::si_code */ int status; /* as in sigingo_t::si_status */ }; @@ -77,39 +79,27 @@ struct ExecCommand { struct ExecContext { char **environment; - mode_t umask; struct rlimit *rlimit[RLIMIT_NLIMITS]; char *working_directory, *root_directory; + + mode_t umask; int oom_adjust; int nice; int ioprio; int cpu_sched_policy; int cpu_sched_priority; + cpu_set_t cpu_affinity; unsigned long timer_slack_ns; - bool oom_adjust_set:1; - bool nice_set:1; - bool ioprio_set:1; - bool cpu_sched_set:1; - bool cpu_affinity_set:1; - bool timer_slack_ns_set:1; - - bool cpu_sched_reset_on_fork; - bool non_blocking; - ExecInput std_input; ExecOutput std_output; ExecOutput std_error; - char *tty_path; - int syslog_priority; char *syslog_identifier; - cap_t capabilities; - int secure_bits; - uint64_t capability_bounding_set_drop; + char *tty_path; /* Since resolving these names might might involve socket * connections and we don't want to deadlock ourselves these @@ -118,6 +108,32 @@ struct ExecContext { char *user; char *group; char **supplementary_groups; + + char **read_write_dirs, **read_only_dirs, **inaccessible_dirs; + unsigned long mount_flags; + + uint64_t capability_bounding_set_drop; + + cap_t capabilities; + int secure_bits; + + bool cpu_sched_reset_on_fork; + bool non_blocking; + bool private_tmp; + + bool oom_adjust_set:1; + bool nice_set:1; + bool ioprio_set:1; + bool cpu_sched_set:1; + bool cpu_affinity_set:1; + bool timer_slack_ns_set:1; + + /* This is not exposed to the user but available + * internally. We need it to make sure that whenever we spawn + * /bin/mount it is run in the same process group as us so + * that the autofs logic detects that it belongs to us and we + * don't enter a trigger loop. */ + bool no_setsid:1; }; typedef enum ExitStatus { @@ -163,8 +179,10 @@ typedef enum ExitStatus { } ExitStatus; int exec_spawn(ExecCommand *command, + char **argv, const ExecContext *context, - int *fds, unsigned n_fds, + int fds[], unsigned n_fds, + char **environment, bool apply_permissions, bool apply_chroot, bool confirm_spawn, @@ -177,7 +195,8 @@ void exec_command_done_array(ExecCommand *c, unsigned n); void exec_command_free_list(ExecCommand *c); void exec_command_free_array(ExecCommand **c, unsigned n); -char *exec_command_line(ExecCommand *c); +char *exec_command_line(char **argv); + void exec_command_dump(ExecCommand *c, FILE *f, const char *prefix); void exec_command_dump_list(ExecCommand *c, FILE *f, const char *prefix); void exec_command_append_list(ExecCommand **l, ExecCommand *e);