static void launch_client_init(void) { struct sockaddr_un sun; char *where = getenv(LAUNCHD_SOCKET_ENV); char *_launchd_fd = getenv("__LAUNCHD_FD"); int lfd; _lc = calloc(1, sizeof(struct _launch_client)); if (!_lc) return; pthread_mutex_init(&_lc->mtx, NULL); if (_launchd_fd) { lfd = strtol(_launchd_fd, NULL, 10); } else { if (!where) where = "/var/run/launchd.socket"; memset(&sun, 0, sizeof(sun)); sun.sun_family = AF_UNIX; strncpy(sun.sun_path, where, sizeof(sun.sun_path)); if ((lfd = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) goto out_bad; if (connect(lfd, (struct sockaddr *)&sun, sizeof(sun)) == -1) { close(lfd); goto out_bad; } } if (!(_lc->l = launchd_fdopen(lfd))) { close(lfd); goto out_bad; } if (!(_lc->async_resp = launch_data_alloc(LAUNCH_DATA_ARRAY))) goto out_bad; return; out_bad: if (_lc->l) launchd_close(_lc->l); if (_lc) free(_lc); _lc = NULL; }
void launch_client_init(void) { struct sockaddr_un sun; char *where = getenv(LAUNCHD_SOCKET_ENV); char *_launchd_fd = getenv(LAUNCHD_TRUSTED_FD_ENV); int dfd, lfd = -1, cifd = -1; kern_return_t kr; name_t spath; if (_launchd_fd) { cifd = strtol(_launchd_fd, NULL, 10); if ((dfd = dup(cifd)) >= 0) { close(dfd); _fd(cifd); } else { cifd = -1; } unsetenv(LAUNCHD_TRUSTED_FD_ENV); } memset(&sun, 0, sizeof(sun)); sun.sun_family = AF_UNIX; /* The rules are as follows. * - All users (including root) talk to their per-user launchd's by default. * - If we have been invoked under sudo, talk to the system launchd. * - If we're the root user and the __USE_SYSTEM_LAUNCHD environment variable is set, then * talk to the system launchd. */ if (where && where[0] != '\0') { strncpy(sun.sun_path, where, sizeof(sun.sun_path)); } else { kr = _vprocmgr_getsocket(spath); if (kr == 0) { if ((getenv("SUDO_COMMAND") || getenv("__USE_SYSTEM_LAUNCHD")) && geteuid() == 0) { /* Talk to the system launchd. */ strncpy(sun.sun_path, LAUNCHD_SOCK_PREFIX "/sock", sizeof(sun.sun_path)); } else { /* Talk to our per-user launchd. */ size_t min_len; min_len = sizeof(sun.sun_path) < sizeof(spath) ? sizeof(sun.sun_path) : sizeof(spath); strncpy(sun.sun_path, spath, min_len); } } else fprintf(stderr, "_vprocmgr_getsocket(): 0x%x\n", kr); } launch_globals_t globals = _launch_globals(); if ((lfd = _fd(socket(AF_UNIX, SOCK_STREAM, 0))) == -1) { goto out_bad; } #if TARGET_OS_EMBEDDED (void)vproc_swap_integer(NULL, VPROC_GSK_EMBEDDEDROOTEQUIVALENT, NULL, &globals->s_am_embedded_god); #endif if (-1 == connect(lfd, (struct sockaddr *)&sun, sizeof(sun))) { if (cifd != -1 || globals->s_am_embedded_god) { /* There is NO security enforced by this check. This is just a hint to our * library that we shouldn't error out due to failing to open this socket. If * we inherited a trusted file descriptor, we shouldn't fail. This should be * adequate for clients' expectations. */ close(lfd); lfd = -1; } else { goto out_bad; } } if (!(globals->l = launchd_fdopen(lfd, cifd))) { goto out_bad; } if (!(globals->async_resp = launch_data_alloc(LAUNCH_DATA_ARRAY))) { goto out_bad; } return; out_bad: if (globals->l) { launchd_close(globals->l, close); globals->l = NULL; } else if (lfd != -1) { close(lfd); } if (cifd != -1) { close(cifd); } }