X-Git-Url: https://git.lttng.org/?p=lttng-tools.git;a=blobdiff_plain;f=src%2Fcommon%2Frunas.c;h=2a71f586cdccf99546ca57dbf18691fb3da26348;hp=08979fb79c15bee3bfd9f60bd3d084a141e79d08;hb=62a7b8edf965b89d3ca57da120dcedfcf36dfe02;hpb=f8f66d38569fb800905759a1f706bc39e2d35669 diff --git a/src/common/runas.c b/src/common/runas.c index 08979fb79..2a71f586c 100644 --- a/src/common/runas.c +++ b/src/common/runas.c @@ -16,7 +16,6 @@ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. */ -#define _GNU_SOURCE #define _LGPL_SOURCE #include #include @@ -31,11 +30,14 @@ #include #include #include +#include #include #include #include -#include +#include +#include +#include #include "runas.h" @@ -169,7 +171,7 @@ run_as_fct run_as_enum_to_fct(enum run_as_cmd cmd) case RUN_AS_MKDIR_RECURSIVE: return _mkdir_recursive; default: - ERR("Unknown command %d", (int) cmd) + ERR("Unknown command %d", (int) cmd); return NULL; } } @@ -322,12 +324,12 @@ int run_as_worker(struct run_as_worker *worker) memset(worker->procname, 0, proc_orig_len); strncpy(worker->procname, DEFAULT_RUN_AS_WORKER_NAME, proc_orig_len); - ret = pthread_setname_np(pthread_self(), DEFAULT_RUN_AS_WORKER_NAME); - if (ret) { - errno = ret; - ret = -1; - PERROR("pthread_setname_np"); - return EXIT_FAILURE; + ret = lttng_prctl(PR_SET_NAME, + (unsigned long) DEFAULT_RUN_AS_WORKER_NAME, 0, 0, 0); + if (ret && ret != -ENOSYS) { + /* Don't fail as this is not essential. */ + PERROR("prctl PR_SET_NAME"); + ret = 0; } sendret.ret = 0; @@ -373,7 +375,7 @@ int run_as_cmd(struct run_as_worker *worker, recvret.ret = -1; recvret._errno = EPERM; ERR("Client (%d)/Server (%d) UID mismatch (and sessiond is not root)", - uid, geteuid()); + (int) uid, (int) geteuid()); goto end; } } @@ -465,7 +467,7 @@ int run_as_mkdir_recursive(const char *path, mode_t mode, uid_t uid, gid_t gid) struct run_as_data data; DBG3("mkdir() recursive %s with mode %d for uid %d and gid %d", - path, mode, uid, gid); + path, (int) mode, (int) uid, (int) gid); strncpy(data.u.mkdir.path, path, PATH_MAX - 1); data.u.mkdir.path[PATH_MAX - 1] = '\0'; data.u.mkdir.mode = mode; @@ -478,7 +480,7 @@ int run_as_mkdir(const char *path, mode_t mode, uid_t uid, gid_t gid) struct run_as_data data; DBG3("mkdir() %s with mode %d for uid %d and gid %d", - path, mode, uid, gid); + path, (int) mode, (int) uid, (int) gid); strncpy(data.u.mkdir.path, path, PATH_MAX - 1); data.u.mkdir.path[PATH_MAX - 1] = '\0'; data.u.mkdir.mode = mode; @@ -495,7 +497,7 @@ int run_as_open(const char *path, int flags, mode_t mode, uid_t uid, gid_t gid) struct run_as_data data; DBG3("open() %s with flags %X mode %d for uid %d and gid %d", - path, flags, mode, uid, gid); + path, flags, (int) mode, (int) uid, (int) gid); strncpy(data.u.open.path, path, PATH_MAX - 1); data.u.open.path[PATH_MAX - 1] = '\0'; data.u.open.flags = flags; @@ -509,7 +511,7 @@ int run_as_unlink(const char *path, uid_t uid, gid_t gid) struct run_as_data data; DBG3("unlink() %s with for uid %d and gid %d", - path, uid, gid); + path, (int) uid, (int) gid); strncpy(data.u.unlink.path, path, PATH_MAX - 1); data.u.unlink.path[PATH_MAX - 1] = '\0'; return run_as(RUN_AS_UNLINK, &data, uid, gid); @@ -521,26 +523,77 @@ int run_as_rmdir_recursive(const char *path, uid_t uid, gid_t gid) struct run_as_data data; DBG3("rmdir_recursive() %s with for uid %d and gid %d", - path, uid, gid); + path, (int) uid, (int) gid); strncpy(data.u.rmdir_recursive.path, path, PATH_MAX - 1); data.u.rmdir_recursive.path[PATH_MAX - 1] = '\0'; return run_as(RUN_AS_RMDIR_RECURSIVE, &data, uid, gid); } static -void reset_sighandler(void) +int reset_sighandler(void) { int sig; - for (sig = SIGHUP; sig <= SIGUNUSED; sig++) { - /* Skip unblockable signals. */ - if (sig == SIGKILL || sig == SIGSTOP) { - continue; - } - if (signal(sig, SIG_DFL) == SIG_ERR) { - PERROR("reset signal %d", sig); - } + DBG("Resetting run_as worker signal handlers to default"); + for (sig = 1; sig <= 31; sig++) { + (void) signal(sig, SIG_DFL); } + return 0; +} + +static +void worker_sighandler(int sig) +{ + const char *signame; + + /* + * The worker will its parent's signals since they are part of the same + * process group. However, in the case of SIGINT and SIGTERM, we want + * to give the worker a chance to teardown gracefully when its parent + * closes the command socket. + */ + switch (sig) { + case SIGINT: + signame = "SIGINT"; + break; + case SIGTERM: + signame = "SIGTERM"; + break; + default: + signame = "Unknown"; + } + + DBG("run_as worker received signal %s", signame); +} + +static +int set_worker_sighandlers(void) +{ + int ret = 0; + sigset_t sigset; + struct sigaction sa; + + if ((ret = sigemptyset(&sigset)) < 0) { + PERROR("sigemptyset"); + goto end; + } + + sa.sa_handler = worker_sighandler; + sa.sa_mask = sigset; + sa.sa_flags = 0; + if ((ret = sigaction(SIGINT, &sa, NULL)) < 0) { + PERROR("sigaction SIGINT"); + goto end; + } + + if ((ret = sigaction(SIGTERM, &sa, NULL)) < 0) { + PERROR("sigaction SIGTERM"); + goto end; + } + + DBG("run_as signal handler set for SIGTERM and SIGINT"); +end: + return ret; } LTTNG_HIDDEN @@ -584,6 +637,8 @@ int run_as_create_worker(char *procname) reset_sighandler(); + set_worker_sighandlers(); + /* The child has no use for this lock. */ pthread_mutex_unlock(&worker_lock); /* Just close, no shutdown. */ @@ -598,6 +653,7 @@ int run_as_create_worker(char *procname) ret = -1; } worker->sockpair[1] = -1; + LOG(ret ? PRINT_ERR : PRINT_DBG, "run_as worker exiting (ret = %d)", ret); exit(ret ? EXIT_FAILURE : EXIT_SUCCESS); } else { /* Parent */ @@ -647,11 +703,13 @@ void run_as_destroy_worker(void) { struct run_as_worker *worker = global_worker; + DBG("Destroying run_as worker"); pthread_mutex_lock(&worker_lock); if (!worker) { goto end; } /* Close unix socket */ + DBG("Closing run_as worker socket"); if (lttcomm_close_unix_sock(worker->sockpair[0])) { PERROR("close"); }