7 #ifndef __STDC_FORMAT_MACROS
9 #define __STDC_FORMAT_MACROS
15 #include <arpa/inet.h>
20 #include <netinet/in.h>
25 #include <sys/resource.h>
26 #include <sys/socket.h>
29 #include <sys/mount.h>
31 #include <sys/statfs.h>
34 #include <sys/types.h>
36 #include <sys/utsname.h>
41 #ifdef HAS_VALGRIND_HEADERS
42 #include <valgrind/valgrind.h>
72 #define CVMFS_HAS_STATFS_F_FLAGS
74 #ifdef __GLIBC_MINOR__
75 #if __GLIBC_MINOR__ < 12
76 #undef CVMFS_HAS_STATFS_F_FLAGS
84 extern char **environ;
88 #ifdef CVMFS_NAMESPACE_GUARD
89 namespace CVMFS_NAMESPACE_GUARD {
99 if (path.length() == 0)
102 if (path[path.length() - 1] ==
'/') {
103 return path.substr(0, path.length() - 1);
115 std::string *dirname,
116 std::string *filename) {
117 size_t dir_sep = path.rfind(
'/');
118 if (dir_sep != std::string::npos) {
119 *dirname = path.substr(0, dir_sep);
120 *filename = path.substr(dir_sep + 1);
132 const std::string::size_type idx = path.find_last_of(
'/');
133 if (idx != std::string::npos) {
134 return path.substr(0, idx);
145 const std::string::size_type idx = path.find_last_of(
'/');
146 if (idx != std::string::npos) {
147 return path.substr(idx + 1);
155 return (!path.empty() && path[0] ==
'/');
168 if (path.length() < 7) {
172 std::string prefix = path.substr(0, 8);
173 std::transform(prefix.begin(), prefix.end(), prefix.begin(), ::tolower);
175 return prefix.substr(0, 7) ==
"http://" || prefix ==
"https://";
183 int retval = statfs(path.c_str(), &info);
187 switch (info.f_type) {
207 #ifdef CVMFS_HAS_STATFS_F_FLAGS
212 retval = access(path.c_str(), W_OK);
223 char buf[PATH_MAX + 1];
224 ssize_t nchars = readlink(path.c_str(), buf, PATH_MAX);
227 return std::string(buf);
238 if (path.empty() || (path ==
"/"))
241 std::string result = name;
245 result = parent + (parent ==
"/" ?
"" :
"/") + name;
247 char *real_result = realpath(result.c_str(), NULL);
249 result = real_result;
253 char buf[PATH_MAX + 1];
254 ssize_t nchars = readlink(result.c_str(), buf, PATH_MAX);
267 for (
unsigned i = 0; i < mount_list.size(); ++i) {
268 if (mount_list[i] == resolved_path)
280 const bool ignore_failure) {
281 int fd = open(path.c_str(), O_CREAT, mode);
296 struct sockaddr_un sock_addr;
297 unsigned max_length =
sizeof(sock_addr.sun_path);
301 if (tmp_path.empty())
303 std::string link = tmp_path +
"/l";
305 if (result.length() >= max_length) {
306 rmdir(tmp_path.c_str());
311 rmdir(tmp_path.c_str());
319 unlink(link.c_str());
328 std::string short_path(path);
329 struct sockaddr_un sock_addr;
330 if (path.length() >=
sizeof(sock_addr.sun_path)) {
334 if (short_path.empty())
337 sock_addr.sun_family = AF_UNIX;
338 strncpy(sock_addr.sun_path, short_path.c_str(),
sizeof(sock_addr.sun_path));
340 const int socket_fd = socket(AF_UNIX, SOCK_STREAM, 0);
346 if (fchmod(socket_fd, mode) != 0)
347 goto make_socket_failure;
350 if (bind(socket_fd, reinterpret_cast<struct sockaddr *>(&sock_addr),
351 sizeof(sock_addr.sun_family) +
sizeof(sock_addr.sun_path))
353 if ((errno == EADDRINUSE) && (unlink(path.c_str()) == 0)) {
355 if (bind(socket_fd, reinterpret_cast<struct sockaddr *>(&sock_addr),
356 sizeof(sock_addr.sun_family) +
sizeof(sock_addr.sun_path))
359 goto make_socket_failure;
363 goto make_socket_failure;
367 if (short_path != path)
374 if (short_path != path)
385 const int socket_fd = socket(AF_INET, SOCK_STREAM, 0);
388 int retval = setsockopt(socket_fd, SOL_SOCKET, SO_REUSEADDR, &on,
sizeof(on));
391 struct sockaddr_in endpoint_addr;
392 memset(&endpoint_addr, 0,
sizeof(endpoint_addr));
393 endpoint_addr.sin_family = AF_INET;
394 if (ipv4_address.empty()) {
395 endpoint_addr.sin_addr.s_addr = INADDR_ANY;
397 retval = inet_aton(ipv4_address.c_str(), &(endpoint_addr.sin_addr));
404 endpoint_addr.sin_port = htons(portno);
406 retval = bind(socket_fd, reinterpret_cast<struct sockaddr *>(&endpoint_addr),
407 sizeof(endpoint_addr));
423 std::string short_path(path);
424 struct sockaddr_un sock_addr;
425 if (path.length() >=
sizeof(sock_addr.sun_path)) {
429 if (short_path.empty())
432 sock_addr.sun_family = AF_UNIX;
433 strncpy(sock_addr.sun_path, short_path.c_str(),
sizeof(sock_addr.sun_path));
435 const int socket_fd = socket(AF_UNIX, SOCK_STREAM, 0);
438 int retval = connect(
439 socket_fd, reinterpret_cast<struct sockaddr *>(&sock_addr),
440 sizeof(sock_addr.sun_family) +
sizeof(sock_addr.sun_path));
441 if (short_path != path)
457 const int socket_fd = socket(AF_INET, SOCK_STREAM, 0);
460 struct sockaddr_in endpoint_addr;
461 memset(&endpoint_addr, 0,
sizeof(endpoint_addr));
462 endpoint_addr.sin_family = AF_INET;
463 int retval = inet_aton(ipv4_address.c_str(), &(endpoint_addr.sin_addr));
469 endpoint_addr.sin_port = htons(portno);
471 retval = connect(socket_fd,
472 reinterpret_cast<struct sockaddr *>(&endpoint_addr),
473 sizeof(endpoint_addr));
488 int retval = pipe(pipe_fd);
499 num_bytes = write(fd, buf, nbyte);
500 }
while ((num_bytes < 0) && (errno == EINTR));
501 assert((num_bytes >= 0) && (static_cast<size_t>(num_bytes) == nbyte));
511 num_bytes = read(fd, buf, nbyte);
512 }
while ((num_bytes < 0) && (errno == EINTR));
513 assert((num_bytes >= 0) && (static_cast<size_t>(num_bytes) == nbyte));
520 bool ReadHalfPipe(
int fd,
void *buf,
size_t nbyte,
unsigned timeout_ms) {
523 unsigned backoff_ms = 1;
524 uint64_t duration_ms = 0;
525 uint64_t timestamp = 0;
529 const unsigned max_backoff_ms = 256;
533 num_bytes = read(fd, buf, nbyte);
534 if ((num_bytes < 0) && (errno == EINTR))
538 if ((i > 3000) && (num_bytes == 0)) {
541 if (backoff_ms < max_backoff_ms)
544 if ((timeout_ms != 0) && (num_bytes == 0)) {
547 if (duration_ms > timeout_ms)
550 }
while (num_bytes == 0);
551 assert((num_bytes >= 0) && (static_cast<size_t>(num_bytes) == nbyte));
569 bool DiffTree(
const std::string &path_a,
const std::string &path_b) {
571 std::vector<std::string> ls_a;
572 std::vector<std::string> ls_b;
573 std::vector<std::string> subdirs;
575 DIR *dirp_a = opendir(path_a.c_str());
578 DIR *dirp_b = opendir(path_b.c_str());
579 if (dirp_b == NULL) {
586 const std::string name(dirent->d_name);
587 if ((name ==
".") || (name ==
".."))
589 const std::string path = path_a +
"/" + name;
590 ls_a.push_back(path);
599 if (S_ISDIR(info.st_mode))
600 subdirs.push_back(name);
603 const std::string name(dirent->d_name);
604 if ((name ==
".") || (name ==
".."))
606 const std::string path = path_b +
"/" + name;
607 ls_b.push_back(path);
612 sort(ls_a.begin(), ls_a.end());
613 sort(ls_b.begin(), ls_b.end());
614 if (ls_a.size() != ls_b.size())
616 for (
unsigned i = 0; i < ls_a.size(); ++i) {
627 if ((info_a.st_mode != info_b.st_mode) || (info_a.st_uid != info_b.st_uid)
628 || (info_a.st_gid != info_b.st_gid)
629 || ((info_a.st_size != info_b.st_size) && !S_ISDIR(info_a.st_mode))) {
634 for (
unsigned i = 0; i < subdirs.size(); ++i) {
635 bool retval_subtree =
DiffTree(path_a +
"/" + subdirs[i],
636 path_b +
"/" + subdirs[i]);
649 int flags = fcntl(filedes, F_GETFL);
651 int retval = fcntl(filedes, F_SETFL, flags & ~O_NONBLOCK);
660 int flags = fcntl(filedes, F_GETFL);
662 int retval = fcntl(filedes, F_SETFL, flags | O_NONBLOCK);
683 struct cmsghdr align;
685 unsigned char buf[CMSG_SPACE(
sizeof(
int))];
688 memset(ctrl_msg.buf, 0,
sizeof(ctrl_msg.buf));
691 msgh.msg_name = NULL;
692 msgh.msg_namelen = 0;
694 unsigned char dummy = 0;
696 iov.iov_base = &dummy;
701 msgh.msg_control = ctrl_msg.buf;
702 msgh.msg_controllen =
sizeof(ctrl_msg.buf);
703 struct cmsghdr *cmsgp = CMSG_FIRSTHDR(&msgh);
704 cmsgp->cmsg_len = CMSG_LEN(
sizeof(
int));
705 cmsgp->cmsg_level = SOL_SOCKET;
706 cmsgp->cmsg_type = SCM_RIGHTS;
707 memcpy(CMSG_DATA(cmsgp), &passing_fd,
sizeof(
int));
709 ssize_t retval = sendmsg(socket_fd, &msgh, 0);
710 return (retval != -1);
723 struct cmsghdr align;
725 unsigned char buf[CMSG_SPACE(
sizeof(
int))];
728 memset(ctrl_msg.buf, 0,
sizeof(ctrl_msg.buf));
731 msgh.msg_name = NULL;
732 msgh.msg_namelen = 0;
736 iov.iov_base = &dummy;
741 msgh.msg_control = ctrl_msg.buf;
742 msgh.msg_controllen =
sizeof(ctrl_msg.buf);
744 ssize_t retval = recvmsg(msg_fd, &msgh, 0);
748 struct cmsghdr *cmsgp = CMSG_FIRSTHDR(&msgh);
750 if (cmsgp->cmsg_len != CMSG_LEN(
sizeof(
int)))
752 assert(cmsgp->cmsg_level == SOL_SOCKET);
753 assert(cmsgp->cmsg_type == SCM_RIGHTS);
756 memcpy(&passing_fd, CMSG_DATA(cmsgp),
sizeof(
int));
774 const bool temporarily) {
776 "current credentials uid %d gid %d "
777 "euid %d egid %d, switching to %d %d (temp: %d)",
778 getuid(), getgid(), geteuid(), getegid(), uid, gid, temporarily);
781 if (gid != getegid())
782 retval = setegid(gid);
783 if ((retval == 0) && (uid != geteuid()))
784 retval = seteuid(uid);
787 if ((getuid() == 0) && (getuid() != geteuid())) {
792 retval = setgid(gid) || setuid(uid);
805 return ((
platform_lstat(path.c_str(), &info) == 0) && S_ISREG(info.st_mode));
826 return ((
platform_lstat(path.c_str(), &info) == 0) && S_ISDIR(info.st_mode));
835 return ((
platform_lstat(path.c_str(), &info) == 0) && S_ISLNK(info.st_mode));
843 int retval = unlink(dest.c_str());
844 if ((retval != 0) && (errno != ENOENT))
846 retval = symlink(src.c_str(), dest.c_str());
857 bool verify_writable) {
861 int retval = mkdir(path.c_str(), mode);
865 if ((errno == ENOENT)
867 return MkdirDeep(path, mode, verify_writable);
870 if (errno == EEXIST) {
872 if ((
platform_stat(path.c_str(), &info) == 0) && S_ISDIR(info.st_mode)) {
873 if (verify_writable) {
874 retval = utimes(path.c_str(), NULL);
893 std::string this_path = canonical_path +
"/quarantaine";
897 this_path = canonical_path +
"/ff";
901 this_path = canonical_path +
"/txn";
904 for (
int i = 0; i <= 0xff; i++) {
906 snprintf(hex,
sizeof(hex),
"%02x", i);
907 this_path = canonical_path +
"/" + std::string(hex);
923 const int fd_lockfile = open(path.c_str(), O_RDONLY | O_CREAT, 0600);
927 if (flock(fd_lockfile, LOCK_EX | LOCK_NB) != 0) {
929 if (errno != EWOULDBLOCK)
945 const int fd = open(path.c_str(), O_CREAT | O_RDWR, 0600);
948 if (flock(fd, LOCK_EX | LOCK_NB) != 0) {
950 if (errno != EWOULDBLOCK)
956 int flags = fcntl(fd, F_GETFD);
959 flags = fcntl(fd, F_SETFD, flags);
964 snprintf(buf,
sizeof(buf),
"%" PRId64
"\n", static_cast<uint64_t>(getpid()));
965 bool retval = (ftruncate(fd, 0) == 0) &&
SafeWrite(fd, buf, strlen(buf));
980 const int fd_lockfile = open(path.c_str(), O_RDONLY | O_CREAT, 0600);
985 if (flock(fd_lockfile, LOCK_EX | LOCK_NB) != 0) {
986 if (errno != EWOULDBLOCK) {
992 if (flock(fd_lockfile, LOCK_EX) != 0) {
1004 int retval = flock(filedes, LOCK_UN);
1014 const char *open_flags, std::string *final_path) {
1015 *final_path = path_prefix +
".XXXXXX";
1016 char *tmp_file =
strdupa(final_path->c_str());
1017 int tmp_fd = mkstemp(tmp_file);
1021 if (fchmod(tmp_fd, mode) != 0) {
1026 *final_path = tmp_file;
1027 FILE *tmp_fp = fdopen(tmp_fd, open_flags);
1055 std::string dir = path_prefix +
".XXXXXX";
1056 char *tmp_dir =
strdupa(dir.c_str());
1057 tmp_dir = mkdtemp(tmp_dir);
1058 if (tmp_dir == NULL)
1060 return std::string(tmp_dir);
1069 return (getcwd(cwd,
sizeof(cwd)) != NULL) ? std::string(cwd) : std::string();
1080 void RemoveFile(
const std::string &parent_path,
const std::string &name) {
1081 int retval = unlink((parent_path +
"/" + name).c_str());
1085 void RemoveDir(
const std::string &parent_path,
const std::string &name) {
1086 int retval = rmdir((parent_path +
"/" + name).c_str());
1090 bool TryRemoveDir(
const std::string &parent_path,
const std::string &name) {
1091 int retval = rmdir((parent_path +
"/" + name).c_str());
1092 return (retval != 0);
1104 return errno == ENOENT;
1105 if (!S_ISDIR(info.st_mode))
1118 bool result = remove_tree_helper->
success;
1119 delete remove_tree_helper;
1129 const std::string &suffix) {
1130 std::vector<std::string> result;
1131 DIR *dirp = opendir(dir.c_str());
1137 const std::string name(dirent->d_name);
1138 if ((name.length() >= suffix.length())
1139 && (name.substr(name.length() - suffix.length()) == suffix)) {
1140 result.push_back(dir +
"/" + name);
1144 std::sort(result.begin(), result.end());
1153 const std::string &prefix) {
1154 std::vector<std::string> result;
1155 DIR *dirp = opendir(dir.c_str());
1161 const std::string name(dirent->d_name);
1162 if ((name.length() >= prefix.length())
1163 && (name.substr(0, prefix.length()) == prefix)) {
1164 result.push_back(dir +
"/" + name);
1168 std::sort(result.begin(), result.end());
1178 std::vector<std::string> result;
1179 DIR *dirp = opendir(parent_dir.c_str());
1185 const std::string name(dirent->d_name);
1186 if ((name ==
".") || (name ==
".."))
1188 const std::string path = parent_dir +
"/" + name;
1194 if (S_ISDIR(info.st_mode))
1195 result.push_back(path);
1198 sort(result.begin(), result.end());
1207 std::vector<std::string> *names,
1208 std::vector<mode_t> *modes) {
1209 DIR *dirp = opendir(directory.c_str());
1215 const std::string name(dirent->d_name);
1216 if ((name ==
".") || (name ==
".."))
1218 const std::string path = directory +
"/" + name;
1227 names->push_back(name);
1228 modes->push_back(info.st_mode);
1245 std::vector<std::string> search_paths;
1246 if (exe[0] ==
'/') {
1249 char *path_env = getenv(
"PATH");
1255 for (
unsigned i = 0; i < search_paths.size(); ++i) {
1256 if (search_paths[i].empty())
1258 if (search_paths[i][0] !=
'/')
1261 std::string path = search_paths[i] +
"/" +
GetFileName(exe);
1266 if (!S_ISREG(info.st_mode))
1268 retval = access(path.c_str(), X_OK);
1281 struct passwd *result = NULL;
1282 int bufsize = 16 * 1024;
1283 char *buf =
static_cast<char *
>(smalloc(bufsize));
1284 while (getpwuid_r(geteuid(), &pwd, buf, bufsize, &result) == ERANGE) {
1286 buf =
static_cast<char *
>(srealloc(buf, bufsize));
1288 if (result == NULL) {
1292 std::string user_name = pwd.pw_name;
1299 struct passwd *result = NULL;
1300 int bufsize = 16 * 1024;
1301 char *buf =
static_cast<char *
>(smalloc(bufsize));
1302 while (getpwuid_r(geteuid(), &pwd, buf, bufsize, &result) == ERANGE) {
1304 buf =
static_cast<char *
>(srealloc(buf, bufsize));
1306 if (result == NULL) {
1310 std::string shell = pwd.pw_shell;
1320 struct passwd *result = NULL;
1321 int bufsize = 16 * 1024;
1322 char *buf =
static_cast<char *
>(smalloc(bufsize));
1323 while (getpwuid_r(uid, &pwd, buf, bufsize, &result) == ERANGE) {
1325 buf =
static_cast<char *
>(srealloc(buf, bufsize));
1327 if (result == NULL) {
1332 *username = result->pw_name;
1341 bool GetUidOf(
const std::string &username, uid_t *uid, gid_t *main_gid) {
1343 struct passwd *result = NULL;
1344 int bufsize = 16 * 1024;
1345 char *buf =
static_cast<char *
>(smalloc(bufsize));
1346 while (getpwnam_r(username.c_str(), &pwd, buf, bufsize, &result) == ERANGE) {
1348 buf =
static_cast<char *
>(srealloc(buf, bufsize));
1350 if (result == NULL) {
1354 *uid = result->pw_uid;
1355 *main_gid = result->pw_gid;
1364 bool GetGidOf(
const std::string &groupname, gid_t *gid) {
1366 struct group *result = NULL;
1367 int bufsize = 16 * 1024;
1368 char *buf =
static_cast<char *
>(smalloc(bufsize));
1369 while (getgrnam_r(groupname.c_str(), &grp, buf, bufsize, &result) == ERANGE) {
1371 buf =
static_cast<char *
>(srealloc(buf, bufsize));
1373 if (result == NULL) {
1377 *gid = result->gr_gid;
1389 const mode_t my_umask = umask(0);
1399 int ngroups = getgroups(0, NULL);
1402 gid_t *groups =
static_cast<gid_t *
>(smalloc((ngroups + 1) *
sizeof(gid_t)));
1403 int retval = getgroups(ngroups, groups);
1408 for (
int i = 0; i < ngroups; ++i) {
1409 if (groups[i] == gid) {
1414 groups[ngroups] = gid;
1415 retval = setgroups(ngroups + 1, groups);
1422 uid_t uid = getuid();
1424 struct passwd *result = NULL;
1425 int bufsize = 16 * 1024;
1426 char *buf =
static_cast<char *
>(smalloc(bufsize));
1427 while (getpwuid_r(uid, &pwd, buf, bufsize, &result) == ERANGE) {
1429 buf =
static_cast<char *
>(srealloc(buf, bufsize));
1431 if (result == NULL) {
1435 std::string home_dir = result->pw_dir;
1444 struct utsname info;
1445 int retval = uname(&info);
1447 return info.machine;
1457 memset(&rpl, 0,
sizeof(rpl));
1458 getrlimit(RLIMIT_NOFILE, &rpl);
1459 if (rpl.rlim_max < limit_nofile)
1460 rpl.rlim_max = limit_nofile;
1461 rpl.rlim_cur = limit_nofile;
1462 int retval = setrlimit(RLIMIT_NOFILE, &rpl);
1466 #ifdef HAS_VALGRIND_HEADERS
1467 return RUNNING_ON_VALGRIND ? -2 : -1;
1482 memset(&rpl, 0,
sizeof(rpl));
1483 getrlimit(RLIMIT_NOFILE, &rpl);
1484 *soft_limit = rpl.rlim_cur;
1487 int value = sysconf(_SC_OPEN_MAX);
1489 *hard_limit = value;
1491 *hard_limit = rpl.rlim_max;
1496 std::vector<LsofEntry>
Lsof(
const std::string &path) {
1497 std::vector<LsofEntry> result;
1499 std::vector<std::string> proc_names;
1500 std::vector<mode_t> proc_modes;
1503 for (
unsigned i = 0; i < proc_names.size(); ++i) {
1504 if (!S_ISDIR(proc_modes[i]))
1506 if (proc_names[i].find_first_not_of(
"1234567890") != std::string::npos)
1509 std::vector<std::string> fd_names;
1510 std::vector<mode_t> fd_modes;
1511 std::string proc_dir =
"/proc/" + proc_names[i];
1512 std::string fd_dir = proc_dir +
"/fd";
1520 proc_uid = info.st_uid;
1523 if (
HasPrefix(cwd +
"/", path +
"/",
false )) {
1526 entry.
owner = proc_uid;
1530 result.push_back(entry);
1534 for (
unsigned j = 0; j < fd_names.size(); ++j) {
1535 if (!S_ISLNK(fd_modes[j]))
1537 if (fd_names[j].find_first_not_of(
"1234567890") != std::string::npos)
1540 std::string target =
ReadSymlink(fd_dir +
"/" + fd_names[j]);
1541 if (!
HasPrefix(target +
"/", path +
"/",
false ))
1546 entry.
owner = proc_uid;
1547 entry.
read_only = !((fd_modes[j] & S_IWUSR) == S_IWUSR);
1549 entry.
path = target;
1550 result.push_back(entry);
1560 int retval = kill(pid, 0);
1563 return (errno != ESRCH);
1572 int retval = sigemptyset(&sigset);
1574 retval = sigaddset(&sigset, signum);
1576 retval = pthread_sigmask(SIG_BLOCK, &sigset, NULL);
1589 }
while ((retval != signum) && (errno == EINTR));
1590 assert(retval == signum);
1604 pid_t retval = waitpid(pid, &statloc, 0);
1613 if (WIFEXITED(statloc))
1614 return WEXITSTATUS(statloc);
1615 if (WIFSIGNALED(statloc)
1616 && (std::find(sig_ok.begin(), sig_ok.end(), WTERMSIG(statloc))
1628 assert(command_line.size() >= 1);
1634 pid_t pid_grand_child;
1636 const char *argv[command_line.size() + 1];
1637 for (
unsigned i = 0; i < command_line.size(); ++i)
1638 argv[i] = command_line[i].c_str();
1639 argv[command_line.size()] = NULL;
1640 int retval = setsid();
1643 pid_grand_child = fork();
1644 assert(pid_grand_child >= 0);
1646 if (pid_grand_child != 0) {
1647 pipe_fork.Write<pid_t>(pid_grand_child);
1650 int null_read = open(
"/dev/null", O_RDONLY);
1651 int null_write = open(
"/dev/null", O_WRONLY);
1652 assert((null_read >= 0) && (null_write >= 0));
1653 retval = dup2(null_read, 0);
1655 retval = dup2(null_write, 1);
1657 retval = dup2(null_write, 2);
1662 execvp(command_line[0].c_str(), const_cast<char **>(argv));
1664 pipe_fork.CloseWriteFd();
1668 waitpid(pid, &statloc, 0);
1669 pid_t buf_child_pid = 0;
1670 pipe_fork.Read(&buf_child_pid);
1671 if (child_pid != NULL)
1672 *child_pid = buf_child_pid;
1673 pipe_fork.CloseReadFd();
1676 command_line[0].c_str(), static_cast<int>(*child_pid));
1687 if ((pid = fork()) == 0) {
1688 int retval = setsid();
1690 if ((pid = fork()) == 0) {
1691 int null_read = open(
"/dev/null", O_RDONLY);
1692 int null_write = open(
"/dev/null", O_WRONLY);
1693 assert((null_read >= 0) && (null_write >= 0));
1694 retval = dup2(null_read, 0);
1696 retval = dup2(null_write, 1);
1698 retval = dup2(null_write, 2);
1709 waitpid(pid, &statloc, 0);
1718 const std::string &binary_path,
1719 const std::vector<std::string> &argv,
1720 const bool double_fork,
1729 std::set<int> preserve_fildes;
1730 preserve_fildes.insert(0);
1731 preserve_fildes.insert(1);
1732 preserve_fildes.insert(2);
1733 std::map<int, int> map_fildes;
1734 map_fildes[pipe_stdin[0]] = 0;
1735 map_fildes[pipe_stdout[1]] = 1;
1736 map_fildes[pipe_stderr[1]] = 2;
1737 std::vector<std::string> cmd_line;
1738 cmd_line.push_back(binary_path);
1739 cmd_line.insert(cmd_line.end(), argv.begin(), argv.end());
1754 close(pipe_stdin[0]);
1755 close(pipe_stdout[1]);
1756 close(pipe_stderr[1]);
1757 *fd_stdin = pipe_stdin[1];
1758 *fd_stdout = pipe_stdout[0];
1759 *fd_stderr = pipe_stderr[0];
1768 bool Shell(
int *fd_stdin,
int *fd_stdout,
int *fd_stderr) {
1769 const bool double_fork =
true;
1770 return ExecuteBinary(fd_stdin, fd_stdout, fd_stderr,
"/bin/sh",
1771 std::vector<std::string>(), double_fork);
1789 return "Sending PID";
1793 return "Unknown Status";
1795 return "Duplicate File Descriptor";
1797 return "Close File Descriptors";
1798 case kFailGetFdFlags:
1799 return "Read File Descriptor Flags";
1800 case kFailSetFdFlags:
1801 return "Set File Descriptor Flags";
1802 case kFailDropCredentials:
1803 return "Lower User Permissions";
1805 return "Invoking execvp()";
1815 for (
int fd = 0; fd < max_fd; fd++) {
1816 if (preserve_fildes.count(fd) == 0) {
1830 DIR *dirp = opendir(
"/proc/self/fd");
1837 const std::string name(dirent->d_name);
1838 uint64_t name_uint64;
1845 int fd =
static_cast<int>(name_uint64);
1846 if (preserve_fildes.count(fd)) {
1864 int max_fd =
static_cast<int>(sysconf(_SC_OPEN_MAX));
1871 #else // ifdef __APPLE__
1872 if (max_fd > 100000) {
1879 #endif // #ifdef __APPLE__
1896 const std::set<int> &preserve_fildes,
1897 const std::map<int, int> &map_fildes,
1898 const bool drop_credentials,
1899 const bool clear_env,
1900 const bool double_fork,
1902 assert(command_line.size() >= 1);
1908 pid_t pid_grand_child;
1912 std::set<int> skip_fds = preserve_fildes;
1913 skip_fds.insert(pipe_fork.GetWriteFd());
1919 int retval = clearenv();
1924 const char *argv[command_line.size() + 1];
1925 for (
unsigned i = 0; i < command_line.size(); ++i)
1926 argv[i] = command_line[i].c_str();
1927 argv[command_line.size()] = NULL;
1930 for (std::map<int, int>::const_iterator i = map_fildes.begin(),
1931 iEnd = map_fildes.end();
1934 int retval = dup2(i->first, i->second);
1949 pid_grand_child = fork();
1950 assert(pid_grand_child >= 0);
1951 if (pid_grand_child != 0)
1955 fd_flags = fcntl(pipe_fork.GetWriteFd(), F_GETFD);
1960 fd_flags |= FD_CLOEXEC;
1961 if (fcntl(pipe_fork.GetWriteFd(), F_SETFD, fd_flags) < 0) {
1967 assert(setenv(
"__CVMFS_DEBUG_MODE__",
"yes", 1) == 0);
1976 pid_grand_child = getpid();
1979 pipe_fork.Write<pid_t>(pid_grand_child);
1981 execvp(command_line[0].c_str(), const_cast<char **>(argv));
1991 waitpid(pid, &statloc, 0);
1994 pipe_fork.CloseWriteFd();
2001 pipe_fork.CloseReadFd();
2009 pid_t buf_child_pid = 0;
2010 pipe_fork.Read(&buf_child_pid);
2011 if (child_pid != NULL)
2012 *child_pid = buf_child_pid;
2013 pipe_fork.CloseReadFd();
2015 command_line[0].c_str(), static_cast<int>(buf_child_pid));
2025 struct timeval wait_for;
2026 wait_for.tv_sec = ms / 1000;
2027 wait_for.tv_usec = (ms % 1000) * 1000;
2028 select(0, NULL, NULL, NULL, &wait_for);
2037 ssize_t retval = write(fd, buf, nbyte);
2043 assert(static_cast<size_t>(retval) <= nbyte);
2044 buf =
reinterpret_cast<const char *
>(buf) + retval;
2054 unsigned nbytes = 0;
2055 for (
unsigned i = 0; i < iovcnt; ++i)
2056 nbytes += iov[i].iov_len;
2057 unsigned iov_idx = 0;
2060 ssize_t retval = writev(fd, &iov[iov_idx],
2061 static_cast<int>(iovcnt - iov_idx));
2067 assert(static_cast<size_t>(retval) <= nbytes);
2070 unsigned sum_written_blocks = 0;
2071 while ((sum_written_blocks + iov[iov_idx].iov_len)
2072 <= static_cast<size_t>(retval)) {
2073 sum_written_blocks += iov[iov_idx].iov_len;
2075 if (iov_idx == iovcnt) {
2076 assert(sum_written_blocks == static_cast<size_t>(retval));
2080 unsigned offset = retval - sum_written_blocks;
2081 iov[iov_idx].iov_len -= offset;
2082 iov[iov_idx].iov_base =
reinterpret_cast<char *
>(iov[iov_idx].iov_base)
2094 ssize_t total_bytes = 0;
2096 ssize_t retval = read(fd, buf, nbyte);
2101 }
else if (retval == 0) {
2104 assert(static_cast<size_t>(retval) <= nbyte);
2105 buf =
reinterpret_cast<char *
>(buf) + retval;
2107 total_bytes += retval;
2117 if (!final_result) {
2121 std::string tmp_result;
2122 static const int buf_size = 4096;
2124 ssize_t total_bytes = -1;
2126 total_bytes =
SafeRead(fd, buf, buf_size);
2127 if (total_bytes < 0) {
2130 tmp_result.append(buf, total_bytes);
2131 }
while (total_bytes == buf_size);
2132 final_result->swap(tmp_result);
2137 const std::string &path,
2139 int fd = open(path.c_str(), O_WRONLY | O_CREAT | O_TRUNC, mode);
2142 bool retval =
SafeWrite(fd, content.data(), content.size());
2148 #ifdef CVMFS_NAMESPACE_GUARD
bool MakeCacheDirectories(const std::string &path, const mode_t mode)
static bool CloseAllFildesInProcSelfFd(const std::set< int > &preserve_fildes)
void RemoveFile(const std::string &parent_path, const std::string &name)
int MakeSocket(const std::string &path, const int mode)
bool SymlinkForced(const std::string &src, const std::string &dest)
NameString GetFileName(const PathString &path)
int MakeTcpEndpoint(const std::string &ipv4_address, int portno)
std::string GetUserName()
VoidCallback fn_new_symlink
VoidCallback fn_new_character_dev
void Recurse(const std::string &dir_path) const
void CreateFile(const std::string &path, const int mode, const bool ignore_failure)
bool GetUserNameOf(uid_t uid, std::string *username)
FILE * CreateTempFile(const std::string &path_prefix, const int mode, const char *open_flags, std::string *final_path)
int ConnectTcpEndpoint(const std::string &ipv4_address, int portno)
void RemoveDir(const std::string &parent_path, const std::string &name)
bool Shell(int *fd_stdin, int *fd_stdout, int *fd_stderr)
bool IsHttpUrl(const std::string &path)
bool ManagedExec(const std::vector< std::string > &command_line, const std::set< int > &preserve_fildes, const std::map< int, int > &map_fildes, const bool drop_credentials, const bool clear_env, const bool double_fork, pid_t *child_pid)
static void RemoveShortSocketLink(const std::string &short_path)
static pthread_mutex_t getumask_mutex
std::string CreateTempPath(const std::string &path_prefix, const int mode)
A simple recursion engine to abstract the recursion of directories. It provides several callback hook...
bool SafeWrite(int fd, const void *buf, size_t nbyte)
void SendMsg2Socket(const int fd, const std::string &msg)
assert((mem||(size==0))&&"Out Of Memory")
bool SafeWriteToFile(const std::string &content, const std::string &path, int mode)
std::string FindExecutable(const std::string &exe)
bool SendFd2Socket(int socket_fd, int passing_fd)
VoidCallback fn_leave_dir
int WaitForChild(pid_t pid, const std::vector< int > &sig_ok)
bool TryRemoveDir(const std::string &parent_path, const std::string &name)
bool AddGroup2Persona(const gid_t gid)
void MakePipe(int pipe_fd[2])
std::vector< std::string > FindDirectories(const std::string &parent_dir)
bool String2Uint64Parse(const std::string &value, uint64_t *result)
int SetLimitNoFile(unsigned limit_nofile)
bool SymlinkExists(const std::string &path)
static bool CloseAllFildesUntilMaxFD(const std::set< int > &preserve_fildes, int max_fd)
bool FileExists(const std::string &path)
std::string GetAbsolutePath(const std::string &path)
void SplitPath(const std::string &path, std::string *dirname, std::string *filename)
std::string GetHostname()
void GetLimitNoFile(unsigned *soft_limit, unsigned *hard_limit)
bool ReadHalfPipe(int fd, void *buf, size_t nbyte, unsigned timeout_ms)
ssize_t SafeRead(int fd, void *buf, size_t nbyte)
vector< string > SplitString(const string &str, char delim)
FileSystemInfo GetFileSystemInfo(const std::string &path)
void Nonblock2Block(int filedes)
static std::string MakeShortSocketLink(const std::string &path)
int TryLockFile(const std::string &path)
bool MkdirDeep(const std::string &path, const mode_t mode, bool verify_writable)
int LockFile(const std::string &path)
string ResolvePath(const std::string &path)
std::string GetHomeDirectory()
void WaitForSignal(int signum)
bool GetGidOf(const std::string &groupname, gid_t *gid)
std::string CreateTempDir(const std::string &path_prefix)
bool HasPrefix(const string &str, const string &prefix, const bool ignore_case)
bool DirectoryExists(const std::string &path)
bool ExecuteBinary(int *fd_stdin, int *fd_stdout, int *fd_stderr, const std::string &binary_path, const std::vector< std::string > &argv, const bool double_fork, pid_t *child_pid)
bool RemoveTree(const std::string &path)
bool SafeReadToString(int fd, std::string *final_result)
bool CloseAllFildes(const std::set< int > &preserve_fildes)
int WritePidFile(const std::string &path)
int ConnectSocket(const std::string &path)
uint64_t String2Uint64(const string &value)
VoidCallback fn_new_socket
bool GetUidOf(const std::string &username, uid_t *uid, gid_t *main_gid)
std::vector< std::string > FindFilesByPrefix(const std::string &dir, const std::string &prefix)
bool SwitchCredentials(const uid_t uid, const gid_t gid, const bool temporarily)
bool ExecAsDaemon(const std::vector< std::string > &command_line, pid_t *child_pid)
std::string ReadSymlink(const std::string &path)
PathString GetParentPath(const PathString &path)
std::vector< LsofEntry > Lsof(const std::string &path)
BoolCallback fn_new_dir_prefix
bool ListDirectory(const std::string &directory, std::vector< std::string > *names, std::vector< mode_t > *modes)
int64_t GetFileSize(const std::string &path)
void SafeSleepMs(const unsigned ms)
bool DiffTree(const std::string &path_a, const std::string &path_b)
void SortTeam(std::vector< T > *tractor, std::vector< U > *towed)
static std::string ToString(const Names name)
void Block2Nonblock(int filedes)
bool IsAbsolutePath(const std::string &path)
bool ProcessExists(pid_t pid)
std::string MakeCanonicalPath(const std::string &path)
const char * c_str() const
void WritePipe(int fd, const void *buf, size_t nbyte)
std::string GetCurrentWorkingDirectory()
void ReadPipe(int fd, void *buf, size_t nbyte)
std::vector< std::string > FindFilesBySuffix(const std::string &dir, const std::string &suffix)
void ClosePipe(int pipe_fd[2])
bool IsMountPoint(const std::string &path)
int RecvFdFromSocket(int msg_fd)
bool SafeWriteV(int fd, struct iovec *iov, unsigned iovcnt)
void UnlockFile(const int filedes)
void BlockSignal(int signum)
CVMFS_EXPORT void LogCvmfs(const LogSource source, const int mask, const char *format,...)