static int linuxset_user_group(char *user, int uid, int gid){
if (set_caps(CAPS)!=0) __abort(-1,getuid()!= uid,"set_caps(CAPS) failed");
__abort(-1,(prctl(PR_SET_KEEPCAPS,1,0,0,0) < 0),"prctl failed in linuxset_user_group");
__abort(-1,(set_user_group(user,uid,gid)!=0),"set_user_group failed in linuxset_user_group");
if (set_caps(CAPSMIN)!=0) __abort(-1,(getuid()!= uid),"set_caps(CAPSMIN) failed");
return 0;
}
static int child( euca_opts *args, java_home_t *data, uid_t uid, gid_t gid ) {
int ret = 0;
jboolean r=0;
__write_pid( GETARG(args,pidfile) );
setpgrp( );
__die(java_init( args, data ) != 1, "Failed to initialize Eucalyptus.");
__die((r=(*env)->CallBooleanMethod(env,bootstrap.instance,bootstrap.init))==0,"Failed to init Eucalyptus.");
__abort(4, set_keys_ownership( GETARG( args, home ), uid, gid ) != 0,"Setting ownership of keyfile failed." );
__abort(4, linuxset_user_group( GETARG( args, user ), uid, gid ) != 0,"Setting the user failed." );
__abort(4, (set_caps(0)!=0), "set_caps (0) failed");
__die((r=(*env)->CallBooleanMethod(env,bootstrap.instance,bootstrap.load))==0,"Failed to load Eucalyptus.");
__die((r=(*env)->CallBooleanMethod(env,bootstrap.instance,bootstrap.start))==0,"Failed to start Eucalyptus.");
handle._hup = signal_set( SIGHUP, handler );
handle._term = signal_set( SIGTERM, handler );
handle._int = signal_set( SIGINT, handler );
child_pid = getpid( );
__debug( "Waiting for a signal to be delivered" );
while( !stopping ) sleep( 60 );
__debug( "Shutdown or reload requested: exiting" );
__die((r=(*env)->CallBooleanMethod(env,bootstrap.instance,bootstrap.stop))==0,"Failed to stop Eucalyptus.");
if( doreload == 1 ) ret = EUCA_RET_RELOAD;
else ret = 0;
__die((r=(*env)->CallBooleanMethod(env,bootstrap.instance,bootstrap.destroy))==0,"Failed to destroy Eucalyptus.");
__die((JVM_destroy( ret ) != 1), "Failed trying to destroy JVM... bailing out seems like the right thing to do" );
return ret;
}
static int linuxset_user_group(const char *user, int uid, int gid)
{
int caps_set = 0;
if (user == NULL)
return 0;
/* set capabilities enough for binding port 80 setuid/getuid */
if (getuid() == 0) {
if (set_caps(CAPS) != 0) {
if (getuid() != uid) {
log_error("set_caps(CAPS) failed for user '%s'", user);
return -1;
}
log_debug("set_caps(CAPS) failed for user '%s'", user);
}
/* make sure they are kept after setuid */
if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) {
log_error("prctl failed in for user '%s'", user);
return -1;
}
caps_set = 1;
}
/* set setuid/getuid */
if (set_user_group(user, uid, gid) != 0) {
log_error("set_user_group failed for user '%s'", user);
return -1;
}
if (caps_set) {
/* set capability to binding port 80 read conf */
if (set_caps(CAPSMIN) != 0) {
if (getuid() != uid) {
log_error("set_caps(CAPSMIN) failed for user '%s'", user);
return -1;
}
log_debug("set_caps(CAPSMIN) failed for user '%s'", user);
}
}
return 0;
}
int main(int argc, char *argv[])
{
parse_args(argc, argv);
#ifdef CAPS_SUPPORT
set_user();
set_caps();
#endif
create_thread();
create_jvm();
install_sighandler();
run();
return 0;
}
/*! \brief Function which negotiates an incoming media stream */
static int negotiate_incoming_sdp_stream(struct ast_sip_session *session, struct ast_sip_session_media *session_media,
const struct pjmedia_sdp_session *sdp, const struct pjmedia_sdp_media *stream)
{
char host[NI_MAXHOST];
RAII_VAR(struct ast_sockaddr *, addrs, NULL, ast_free_ptr);
enum ast_format_type media_type = stream_to_media_type(session_media->stream_type);
/* If no type formats have been configured reject this stream */
if (!ast_format_cap_has_type(session->endpoint->media.codecs, media_type)) {
return 0;
}
/* Ensure incoming transport is compatible with the endpoint's configuration */
if (!session->endpoint->media.rtp.use_received_transport &&
check_endpoint_media_transport(session->endpoint, stream) == AST_SIP_MEDIA_TRANSPORT_INVALID) {
return -1;
}
ast_copy_pj_str(host, stream->conn ? &stream->conn->addr : &sdp->conn->addr, sizeof(host));
/* Ensure that the address provided is valid */
if (ast_sockaddr_resolve(&addrs, host, PARSE_PORT_FORBID, AST_AF_UNSPEC) <= 0) {
/* The provided host was actually invalid so we error out this negotiation */
return -1;
}
/* Using the connection information create an appropriate RTP instance */
if (!session_media->rtp && create_rtp(session, session_media, ast_sockaddr_is_ipv6(addrs))) {
return -1;
}
if (session->endpoint->media.rtp.use_received_transport) {
pj_strdup(session->inv_session->pool, &session_media->transport, &stream->desc.transport);
}
if (setup_media_encryption(session, session_media, stream)) {
return -1;
}
if (set_caps(session, session_media, stream)) {
return -1;
}
if (media_type == AST_FORMAT_TYPE_AUDIO) {
apply_packetization(session, session_media, stream);
}
return 1;
}
static gboolean
gst_vaapi_decoder_init (GstVaapiDecoder * decoder, GstVaapiDisplay * display,
GstCaps * caps)
{
const GstVaapiDecoderClass *const klass =
GST_VAAPI_DECODER_GET_CLASS (decoder);
GstVideoCodecState *codec_state;
guint sub_size;
parser_state_init (&decoder->parser_state);
codec_state = g_slice_new0 (GstVideoCodecState);
codec_state->ref_count = 1;
gst_video_info_init (&codec_state->info);
decoder->user_data = NULL;
decoder->display = gst_vaapi_display_ref (display);
decoder->va_display = GST_VAAPI_DISPLAY_VADISPLAY (display);
decoder->context = NULL;
decoder->va_context = VA_INVALID_ID;
decoder->codec = 0;
decoder->codec_state = codec_state;
decoder->codec_state_changed_func = NULL;
decoder->codec_state_changed_data = NULL;
decoder->buffers = g_async_queue_new_full ((GDestroyNotify) gst_buffer_unref);
decoder->frames = g_async_queue_new_full ((GDestroyNotify)
gst_video_codec_frame_unref);
if (!set_caps (decoder, caps))
return FALSE;
sub_size = GST_VAAPI_MINI_OBJECT_CLASS (klass)->size - sizeof (*decoder);
if (sub_size > 0)
memset (((guchar *) decoder) + sizeof (*decoder), 0, sub_size);
if (klass->create && !klass->create (decoder))
return FALSE;
return TRUE;
}
/*! \brief Function which negotiates an incoming media stream */
static int negotiate_incoming_sdp_stream(struct ast_sip_session *session, struct ast_sip_session_media *session_media,
const struct pjmedia_sdp_session *sdp, const struct pjmedia_sdp_media *stream)
{
char host[NI_MAXHOST];
RAII_VAR(struct ast_sockaddr *, addrs, NULL, ast_free);
enum ast_media_type media_type = stream_to_media_type(session_media->stream_type);
enum ast_sip_session_media_encryption encryption = AST_SIP_MEDIA_ENCRYPT_NONE;
int res;
/* If port is 0, ignore this media stream */
if (!stream->desc.port) {
ast_debug(3, "Media stream '%s' is already declined\n", session_media->stream_type);
return 0;
}
/* If no type formats have been configured reject this stream */
if (!ast_format_cap_has_type(session->endpoint->media.codecs, media_type)) {
ast_debug(3, "Endpoint has no codecs for media type '%s', declining stream\n", session_media->stream_type);
return 0;
}
/* Ensure incoming transport is compatible with the endpoint's configuration */
if (!session->endpoint->media.rtp.use_received_transport) {
encryption = check_endpoint_media_transport(session->endpoint, stream);
if (encryption == AST_SIP_MEDIA_TRANSPORT_INVALID) {
return -1;
}
}
ast_copy_pj_str(host, stream->conn ? &stream->conn->addr : &sdp->conn->addr, sizeof(host));
/* Ensure that the address provided is valid */
if (ast_sockaddr_resolve(&addrs, host, PARSE_PORT_FORBID, AST_AF_UNSPEC) <= 0) {
/* The provided host was actually invalid so we error out this negotiation */
return -1;
}
/* Using the connection information create an appropriate RTP instance */
if (!session_media->rtp && create_rtp(session, session_media, ast_sockaddr_is_ipv6(addrs))) {
return -1;
}
res = setup_media_encryption(session, session_media, sdp, stream);
if (res) {
if (!session->endpoint->media.rtp.encryption_optimistic) {
/* If optimistic encryption is disabled and crypto should have been enabled
* but was not this session must fail.
*/
return -1;
}
/* There is no encryption, sad. */
session_media->encryption = AST_SIP_MEDIA_ENCRYPT_NONE;
}
/* If we've been explicitly configured to use the received transport OR if
* encryption is on and crypto is present use the received transport.
* This is done in case of optimistic because it may come in as RTP/AVP or RTP/SAVP depending
* on the configuration of the remote endpoint (optimistic themselves or mandatory).
*/
if ((session->endpoint->media.rtp.use_received_transport) ||
((encryption == AST_SIP_MEDIA_ENCRYPT_SDES) && !res)) {
pj_strdup(session->inv_session->pool, &session_media->transport, &stream->desc.transport);
}
if (set_caps(session, session_media, stream)) {
return 0;
}
return 1;
}
int sandbox(void* sandbox_arg) {
// Get rid of unused parameter warning
(void)sandbox_arg;
pid_t child_pid = getpid();
if (arg_debug)
printf("Initializing child process\n");
// close each end of the unused pipes
close(parent_to_child_fds[1]);
close(child_to_parent_fds[0]);
// wait for parent to do base setup
wait_for_other(parent_to_child_fds[0]);
if (arg_debug && child_pid == 1)
printf("PID namespace installed\n");
//****************************
// set hostname
//****************************
if (cfg.hostname) {
if (sethostname(cfg.hostname, strlen(cfg.hostname)) < 0)
errExit("sethostname");
}
//****************************
// mount namespace
//****************************
// mount events are not forwarded between the host the sandbox
if (mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL) < 0) {
chk_chroot();
}
//****************************
// log sandbox data
//****************************
if (cfg.name)
fs_logger2("sandbox name:", cfg.name);
fs_logger2int("sandbox pid:", (int) sandbox_pid);
if (cfg.chrootdir)
fs_logger("sandbox filesystem: chroot");
else if (arg_overlay)
fs_logger("sandbox filesystem: overlay");
else
fs_logger("sandbox filesystem: local");
fs_logger("install mount namespace");
//****************************
// netfilter etc.
//****************************
if (arg_netfilter && any_bridge_configured()) { // assuming by default the client filter
netfilter(arg_netfilter_file);
}
if (arg_netfilter6 && any_bridge_configured()) { // assuming by default the client filter
netfilter6(arg_netfilter6_file);
}
// load IBUS env variables
if (arg_nonetwork || any_bridge_configured() || any_interface_configured()) {
// do nothing - there are problems with ibus version 1.5.11
}
else
env_ibus_load();
// grab a copy of cp command
fs_build_cp_command();
// trace pre-install
if (arg_trace || arg_tracelog)
fs_trace_preload();
//****************************
// configure filesystem
//****************************
#ifdef HAVE_SECCOMP
int enforce_seccomp = 0;
#endif
#ifdef HAVE_CHROOT
if (cfg.chrootdir) {
fs_chroot(cfg.chrootdir);
// redo cp command
fs_build_cp_command();
// force caps and seccomp if not started as root
if (getuid() != 0) {
// force default seccomp inside the chroot, no keep or drop list
// the list build on top of the default drop list is kept intact
arg_seccomp = 1;
#ifdef HAVE_SECCOMP
enforce_seccomp = 1;
#endif
if (cfg.seccomp_list_drop) {
free(cfg.seccomp_list_drop);
cfg.seccomp_list_drop = NULL;
}
if (cfg.seccomp_list_keep) {
free(cfg.seccomp_list_keep);
cfg.seccomp_list_keep = NULL;
}
// disable all capabilities
if (arg_caps_default_filter || arg_caps_list)
fprintf(stderr, "Warning: all capabilities disabled for a regular user during chroot\n");
arg_caps_drop_all = 1;
// drop all supplementary groups; /etc/group file inside chroot
// is controlled by a regular usr
arg_nogroups = 1;
if (!arg_quiet)
printf("Dropping all Linux capabilities and enforcing default seccomp filter\n");
}
else
arg_seccomp = 1;
//****************************
// trace pre-install, this time inside chroot
//****************************
if (arg_trace || arg_tracelog)
fs_trace_preload();
}
else
#endif
if (arg_overlay)
fs_overlayfs();
else
fs_basic_fs();
//****************************
// set hostname in /etc/hostname
//****************************
if (cfg.hostname) {
fs_hostname(cfg.hostname);
}
//****************************
// private mode
//****************************
if (arg_private) {
if (cfg.home_private) // --private=
fs_private_homedir();
else // --private
fs_private();
}
if (arg_private_dev)
fs_private_dev();
if (arg_private_etc) {
fs_private_etc_list();
// create /etc/ld.so.preload file again
if (arg_trace || arg_tracelog)
fs_trace_preload();
}
if (arg_private_bin)
fs_private_bin_list();
if (arg_private_tmp)
fs_private_tmp();
//****************************
// apply the profile file
//****************************
if (cfg.profile) {
// apply all whitelist commands ...
fs_whitelist();
// ... followed by blacklist commands
fs_blacklist();
}
//****************************
// install trace
//****************************
if (arg_trace || arg_tracelog)
fs_trace();
//****************************
// update /proc, /dev, /boot directorymy
//****************************
fs_proc_sys_dev_boot();
//****************************
// --nosound and fix for pulseaudio 7.0
//****************************
if (arg_nosound)
pulseaudio_disable();
else
pulseaudio_init();
//****************************
// networking
//****************************
if (arg_nonetwork) {
net_if_up("lo");
if (arg_debug)
printf("Network namespace enabled, only loopback interface available\n");
}
else if (any_bridge_configured() || any_interface_configured()) {
// configure lo and eth0...eth3
net_if_up("lo");
if (mac_not_zero(cfg.bridge0.macsandbox))
net_config_mac(cfg.bridge0.devsandbox, cfg.bridge0.macsandbox);
sandbox_if_up(&cfg.bridge0);
if (mac_not_zero(cfg.bridge1.macsandbox))
net_config_mac(cfg.bridge1.devsandbox, cfg.bridge1.macsandbox);
sandbox_if_up(&cfg.bridge1);
if (mac_not_zero(cfg.bridge2.macsandbox))
net_config_mac(cfg.bridge2.devsandbox, cfg.bridge2.macsandbox);
sandbox_if_up(&cfg.bridge2);
if (mac_not_zero(cfg.bridge3.macsandbox))
net_config_mac(cfg.bridge3.devsandbox, cfg.bridge3.macsandbox);
sandbox_if_up(&cfg.bridge3);
// add a default route
if (cfg.defaultgw) {
// set the default route
if (net_add_route(0, 0, cfg.defaultgw))
fprintf(stderr, "Warning: cannot configure default route\n");
}
// enable interfaces
if (cfg.interface0.configured && cfg.interface0.ip) {
if (arg_debug)
printf("Configuring %d.%d.%d.%d address on interface %s\n", PRINT_IP(cfg.interface0.ip), cfg.interface0.dev);
net_if_ip(cfg.interface0.dev, cfg.interface0.ip, cfg.interface0.mask, cfg.interface0.mtu);
net_if_up(cfg.interface0.dev);
}
if (cfg.interface1.configured && cfg.interface1.ip) {
if (arg_debug)
printf("Configuring %d.%d.%d.%d address on interface %s\n", PRINT_IP(cfg.interface1.ip), cfg.interface1.dev);
net_if_ip(cfg.interface1.dev, cfg.interface1.ip, cfg.interface1.mask, cfg.interface1.mtu);
net_if_up(cfg.interface1.dev);
}
if (cfg.interface2.configured && cfg.interface2.ip) {
if (arg_debug)
printf("Configuring %d.%d.%d.%d address on interface %s\n", PRINT_IP(cfg.interface2.ip), cfg.interface2.dev);
net_if_ip(cfg.interface2.dev, cfg.interface2.ip, cfg.interface2.mask, cfg.interface2.mtu);
net_if_up(cfg.interface2.dev);
}
if (cfg.interface3.configured && cfg.interface3.ip) {
if (arg_debug)
printf("Configuring %d.%d.%d.%d address on interface %s\n", PRINT_IP(cfg.interface3.ip), cfg.interface3.dev);
net_if_ip(cfg.interface3.dev, cfg.interface3.ip, cfg.interface3.mask, cfg.interface3.mtu);
net_if_up(cfg.interface3.dev);
}
if (arg_debug)
printf("Network namespace enabled\n");
}
// if any dns server is configured, it is time to set it now
fs_resolvconf();
fs_logger_print();
fs_logger_change_owner();
// print network configuration
if (!arg_quiet) {
if (any_bridge_configured() || any_interface_configured() || cfg.defaultgw || cfg.dns1) {
printf("\n");
if (any_bridge_configured() || any_interface_configured())
net_ifprint();
if (cfg.defaultgw != 0)
printf("Default gateway %d.%d.%d.%d\n", PRINT_IP(cfg.defaultgw));
if (cfg.dns1 != 0)
printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns1));
if (cfg.dns2 != 0)
printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns2));
if (cfg.dns3 != 0)
printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns3));
printf("\n");
}
}
fs_delete_cp_command();
//****************************
// set application environment
//****************************
prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died
int cwd = 0;
if (cfg.cwd) {
if (chdir(cfg.cwd) == 0)
cwd = 1;
}
if (!cwd) {
if (chdir("/") < 0)
errExit("chdir");
if (cfg.homedir) {
struct stat s;
if (stat(cfg.homedir, &s) == 0) {
/* coverity[toctou] */
if (chdir(cfg.homedir) < 0)
errExit("chdir");
}
}
}
// set environment
env_defaults();
// set user-supplied environment variables
env_apply();
// set nice
if (arg_nice) {
errno = 0;
int rv = nice(cfg.nice);
(void) rv;
if (errno) {
fprintf(stderr, "Warning: cannot set nice value\n");
errno = 0;
}
}
// clean /tmp/.X11-unix sockets
fs_x11();
//****************************
// set security filters
//****************************
// set capabilities
if (!arg_noroot)
set_caps();
// set rlimits
set_rlimits();
// set seccomp
#ifdef HAVE_SECCOMP
// install protocol filter
if (cfg.protocol) {
protocol_filter(); // install filter
protocol_filter_save(); // save filter in PROTOCOL_CFG
}
// if a keep list is available, disregard the drop list
if (arg_seccomp == 1) {
if (cfg.seccomp_list_keep)
seccomp_filter_keep();
else if (cfg.seccomp_list_errno)
seccomp_filter_errno();
else
seccomp_filter_drop(enforce_seccomp);
}
#endif
// set cpu affinity
if (cfg.cpus) {
save_cpu(); // save cpu affinity mask to CPU_CFG file
set_cpu_affinity();
}
// save cgroup in CGROUP_CFG file
if (cfg.cgroup)
save_cgroup();
//****************************************
// drop privileges or create a new user namespace
//****************************************
save_nogroups();
if (arg_noroot) {
int rv = unshare(CLONE_NEWUSER);
if (rv == -1) {
fprintf(stderr, "Error: cannot mount a new user namespace\n");
perror("unshare");
drop_privs(arg_nogroups);
}
}
else
drop_privs(arg_nogroups);
// notify parent that new user namespace has been created so a proper
// UID/GID map can be setup
notify_other(child_to_parent_fds[1]);
close(child_to_parent_fds[1]);
// wait for parent to finish setting up a proper UID/GID map
wait_for_other(parent_to_child_fds[0]);
close(parent_to_child_fds[0]);
// somehow, the new user namespace resets capabilities;
// we need to do them again
if (arg_noroot) {
set_caps();
if (arg_debug)
printf("noroot user namespace installed\n");
}
//****************************************
// fork the application and monitor it
//****************************************
pid_t app_pid = fork();
if (app_pid == -1)
errExit("fork");
if (app_pid == 0) {
prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died
start_application(); // start app
}
monitor_application(app_pid); // monitor application
return 0;
}
int sandbox(void* sandbox_arg) {
// Get rid of unused parameter warning
(void)sandbox_arg;
pid_t child_pid = getpid();
if (arg_debug)
printf("Initializing child process\n");
// close each end of the unused pipes
close(parent_to_child_fds[1]);
close(child_to_parent_fds[0]);
// wait for parent to do base setup
wait_for_other(parent_to_child_fds[0]);
if (arg_debug && child_pid == 1)
printf("PID namespace installed\n");
//****************************
// set hostname
//****************************
if (cfg.hostname) {
if (sethostname(cfg.hostname, strlen(cfg.hostname)) < 0)
errExit("sethostname");
}
//****************************
// mount namespace
//****************************
// mount events are not forwarded between the host the sandbox
if (mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL) < 0) {
chk_chroot();
}
//****************************
// netfilter
//****************************
if (arg_netfilter && any_bridge_configured()) { // assuming by default the client filter
netfilter(arg_netfilter_file);
}
//****************************
// trace pre-install
//****************************
if (arg_trace)
fs_trace_preload();
//****************************
// configure filesystem
//****************************
#ifdef HAVE_CHROOT
if (cfg.chrootdir) {
fs_chroot(cfg.chrootdir);
// force caps and seccomp if not started as root
if (getuid() != 0) {
// force default seccomp inside the chroot, no keep or drop list
// the list build on top of the default drop list is kept intact
arg_seccomp = 1;
if (arg_seccomp_list_drop) {
free(arg_seccomp_list_drop);
arg_seccomp_list_drop = NULL;
}
if (arg_seccomp_list_keep) {
free(arg_seccomp_list_keep);
arg_seccomp_list_keep = NULL;
}
// disable all capabilities
if (arg_caps_default_filter || arg_caps_list)
fprintf(stderr, "Warning: all capabilities disabled for a regular user during chroot\n");
arg_caps_drop_all = 1;
// drop all supplementary groups; /etc/group file inside chroot
// is controlled by a regular usr
arg_nogroups = 1;
printf("Dropping all Linux capabilities and enforcing default seccomp filter\n");
}
//****************************
// trace pre-install, this time inside chroot
//****************************
if (arg_trace)
fs_trace_preload();
}
else
#endif
if (arg_overlay)
fs_overlayfs();
else
fs_basic_fs();
//****************************
// set hostname in /etc/hostname
//****************************
if (cfg.hostname) {
fs_hostname(cfg.hostname);
}
//****************************
// apply the profile file
//****************************
if (cfg.profile)
fs_blacklist(cfg.homedir);
//****************************
// private mode
//****************************
if (arg_private) {
if (cfg.home_private) // --private=
fs_private_homedir();
else if (cfg.home_private_keep) // --private-home=
fs_private_home_list();
else // --private
fs_private();
}
if (arg_private_dev)
fs_private_dev();
if (arg_private_etc)
fs_private_etc_list();
//****************************
// install trace
//****************************
if (arg_trace)
fs_trace();
//****************************
// update /proc, /dev, /boot directorymy
//****************************
fs_proc_sys_dev_boot();
//****************************
// networking
//****************************
if (arg_nonetwork) {
net_if_up("lo");
if (arg_debug)
printf("Network namespace enabled, only loopback interface available\n");
}
else if (any_bridge_configured()) {
// configure lo and eth0...eth3
net_if_up("lo");
if (mac_not_zero(cfg.bridge0.macsandbox))
net_config_mac(cfg.bridge0.devsandbox, cfg.bridge0.macsandbox);
sandbox_if_up(&cfg.bridge0);
if (mac_not_zero(cfg.bridge1.macsandbox))
net_config_mac(cfg.bridge1.devsandbox, cfg.bridge1.macsandbox);
sandbox_if_up(&cfg.bridge1);
if (mac_not_zero(cfg.bridge2.macsandbox))
net_config_mac(cfg.bridge2.devsandbox, cfg.bridge2.macsandbox);
sandbox_if_up(&cfg.bridge2);
if (mac_not_zero(cfg.bridge3.macsandbox))
net_config_mac(cfg.bridge3.devsandbox, cfg.bridge3.macsandbox);
sandbox_if_up(&cfg.bridge3);
// add a default route
if (cfg.defaultgw) {
// set the default route
if (net_add_route(0, 0, cfg.defaultgw))
fprintf(stderr, "Warning: cannot configure default route\n");
}
if (arg_debug)
printf("Network namespace enabled\n");
}
// if any dns server is configured, it is time to set it now
fs_resolvconf();
// print network configuration
if (any_bridge_configured() || cfg.defaultgw || cfg.dns1) {
printf("\n");
if (any_bridge_configured())
net_ifprint();
if (cfg.defaultgw != 0)
printf("Default gateway %d.%d.%d.%d\n", PRINT_IP(cfg.defaultgw));
if (cfg.dns1 != 0)
printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns1));
if (cfg.dns2 != 0)
printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns2));
if (cfg.dns3 != 0)
printf("DNS server %d.%d.%d.%d\n", PRINT_IP(cfg.dns3));
printf("\n");
}
//****************************
// start executable
//****************************
prctl(PR_SET_PDEATHSIG, SIGKILL, 0, 0, 0); // kill the child in case the parent died
int cwd = 0;
if (cfg.cwd) {
if (chdir(cfg.cwd) == 0)
cwd = 1;
}
if (!cwd) {
if (chdir("/") < 0)
errExit("chdir");
if (cfg.homedir) {
struct stat s;
if (stat(cfg.homedir, &s) == 0) {
/* coverity[toctou] */
if (chdir(cfg.homedir) < 0)
errExit("chdir");
}
}
}
// set environment
// fix qt 4.8
if (setenv("QT_X11_NO_MITSHM", "1", 1) < 0)
errExit("setenv");
if (setenv("container", "firejail", 1) < 0) // LXC sets container=lxc,
errExit("setenv");
if (arg_zsh && setenv("SHELL", "/usr/bin/zsh", 1) < 0)
errExit("setenv");
if (arg_csh && setenv("SHELL", "/bin/csh", 1) < 0)
errExit("setenv");
if (cfg.shell && setenv("SHELL", cfg.shell, 1) < 0)
errExit("setenv");
// set prompt color to green
//export PS1='\[\e[1;32m\][\u@\h \W]\$\[\e[0m\] '
if (setenv("PROMPT_COMMAND", "export PS1=\"\\[\\e[1;32m\\][\\u@\\h \\W]\\$\\[\\e[0m\\] \"", 1) < 0)
errExit("setenv");
// set user-supplied environment variables
env_apply();
// set capabilities
if (!arg_noroot)
set_caps();
// set rlimits
set_rlimits();
// set seccomp
#ifdef HAVE_SECCOMP
// if a keep list is available, disregard the drop list
if (arg_seccomp == 1) {
if (arg_seccomp_list_keep)
seccomp_filter_keep(); // this will also save the fmyilter to MNT_DIR/seccomp file
else
seccomp_filter_drop(); // this will also save the filter to MNT_DIR/seccomp file
}
#endif
// set cpu affinity
if (cfg.cpus) {
save_cpu(); // save cpu affinity mask to MNT_DIR/cpu file
set_cpu_affinity();
}
// save cgroup in MNT_DIR/cgroup file
if (cfg.cgroup)
save_cgroup();
//****************************************
// drop privileges or create a new user namespace
//****************************************
save_nogroups();
if (arg_noroot) {
int rv = unshare(CLONE_NEWUSER);
if (rv == -1) {
fprintf(stderr, "Error: cannot mount a new user namespace\n");
perror("unshare");
drop_privs(arg_nogroups);
}
}
else
drop_privs(arg_nogroups);
// notify parent that new user namespace has been created so a proper
// UID/GID map can be setup
notify_other(child_to_parent_fds[1]);
close(child_to_parent_fds[1]);
// wait for parent to finish setting up a proper UID/GID map
wait_for_other(parent_to_child_fds[0]);
close(parent_to_child_fds[0]);
// somehow, the new user namespace resets capabilities;
// we need to do them again
if (arg_noroot) {
set_caps();
if (arg_debug)
printf("User namespace (noroot) installed\n");
}
//****************************************
// start the program without using a shell
//****************************************
if (arg_shell_none) {
if (arg_debug) {
int i;
for (i = cfg.original_program_index; i < cfg.original_argc; i++) {
if (cfg.original_argv[i] == NULL)
break;
printf("execvp argument %d: %s\n", i - cfg.original_program_index, cfg.original_argv[i]);
}
}
if (!arg_command)
printf("Child process initialized\n");
execvp(cfg.original_argv[cfg.original_program_index], &cfg.original_argv[cfg.original_program_index]);
}
//****************************************
// start the program using a shell
//****************************************
else {
// choose the shell requested by the user, or use bash as default
char *sh;
if (cfg.shell)
sh = cfg.shell;
else if (arg_zsh)
sh = "/usr/bin/zsh";
else if (arg_csh)
sh = "/bin/csh";
else
sh = "/bin/bash";
char *arg[5];
int index = 0;
arg[index++] = sh;
arg[index++] = "-c";
assert(cfg.command_line);
if (arg_debug)
printf("Starting %s\n", cfg.command_line);
if (arg_doubledash)
arg[index++] = "--";
arg[index++] = cfg.command_line;
arg[index] = NULL;
assert(index < 5);
if (arg_debug) {
char *msg;
if (asprintf(&msg, "sandbox %d, execvp into %s", sandbox_pid, cfg.command_line) == -1)
errExit("asprintf");
logmsg(msg);
free(msg);
}
if (arg_debug) {
int i;
for (i = 0; i < 5; i++) {
if (arg[i] == NULL)
break;
printf("execvp argument %d: %s\n", i, arg[i]);
}
}
if (!arg_command)
printf("Child process initialized\n");
execvp(sh, arg);
}
perror("execvp");
return 0;
}
static int child(arg_data *args, home_data *data, uid_t uid, gid_t gid)
{
int ret = 0;
/* check the pid file */
ret = check_pid(args);
if (args->vers != true && args->chck != true) {
if (ret == 122)
return ret;
if (ret < 0)
return ret;
}
#ifdef OS_LINUX
/* setuid()/setgid() only apply the current thread so we must do it now */
if (linuxset_user_group(args->user, uid, gid) != 0)
return 4;
#endif
/* Initialize the Java VM */
if (java_init(args, data) != true) {
log_debug("java_init failed");
return 1;
}
else
log_debug("java_init done");
/* Check wether we need to dump the VM version */
if (args->vers == true) {
log_error("jsvc (Apache Commons Daemon) " JSVC_VERSION_STRING);
log_error("Copyright (c) 1999-2011 Apache Software Foundation.");
if (java_version() != true) {
return -1;
}
else
return 0;
}
/* Check wether we need to dump the VM version */
else if (args->vershow == true) {
if (java_version() != true) {
return 7;
}
}
/* Do we have to do a "check-only" initialization? */
if (args->chck == true) {
if (java_check(args) != true)
return 2;
printf("Service \"%s\" checked successfully\n", args->clas);
return 0;
}
/* Load the service */
if (java_load(args) != true) {
log_debug("java_load failed");
return 3;
}
else
log_debug("java_load done");
/* Downgrade user */
#ifdef OS_LINUX
if (args->user && set_caps(0) != 0) {
log_debug("set_caps (0) failed");
return 4;
}
#else
if (set_user_group(args->user, uid, gid) != 0)
return 4;
#endif
/* Start the service */
umask(envmask);
if (java_start() != true) {
log_debug("java_start failed");
return 5;
}
else
log_debug("java_start done");
/* Install signal handlers */
handler_hup = signal_set(SIGHUP, handler);
handler_usr1 = signal_set(SIGUSR1, handler);
handler_usr2 = signal_set(SIGUSR2, handler);
handler_trm = signal_set(SIGTERM, handler);
handler_int = signal_set(SIGINT, handler);
controlled = getpid();
log_debug("Waiting for a signal to be delivered");
create_tmp_file(args);
while (!stopping) {
#if defined(OSD_POSIX)
java_sleep(60);
/* pause(); */
#else
/* pause() is not threadsafe */
sleep(60);
#endif
if(doreopen) {
doreopen = false;
set_output(args->outfile, args->errfile, args->redirectstdin, args->procname);
}
if(dosignal) {
dosignal = false;
java_signal();
}
}
remove_tmp_file(args);
log_debug("Shutdown or reload requested: exiting");
/* Stop the service */
if (java_stop() != true)
return 6;
if (doreload == true)
ret = 123;
else
ret = 0;
/* Destroy the service */
java_destroy();
/* Destroy the Java VM */
if (JVM_destroy(ret) != true)
return 7;
return ret;
}
/**
* Set up the Gstreamer pipeline. The playbin element is used to decode
* all kinds of different formats. The capsfilter is used to deliver the
* audio in a fixed format (X Hz, 1-2 channels, 16 bit signed)
*
* The pipeline looks like this:
*
* <pre>
* .--------------. .------------------------------------------.
* | playbin | |mybin .------------. .------------. |
* |----. .----| |-----. | capsfilter | | fakesink | |
* |sink| |src |--->|ghost| |----. .---| |----. .---| | handoff
* |----' '----| |pad |-->|sink| |src|-->|sink| |src|--+--> handler
* | | |-----' '------------' '------------' |
* '--------------' '------------------------------------------'
* </pre>
*
* @param st Audio source state
*
* @return 0 if success, otherwise errorcode
*/
static int gst_setup(struct ausrc_st *st)
{
GstBus *bus;
GstPad *pad;
st->loop = g_main_loop_new(NULL, FALSE);
st->pipeline = gst_pipeline_new("pipeline");
if (!st->pipeline) {
warning("gst: failed to create pipeline element\n");
return ENOMEM;
}
/********************* Player BIN **************************/
st->source = gst_element_factory_make("playbin", "source");
if (!st->source) {
warning("gst: failed to create playbin source element\n");
return ENOMEM;
}
/********************* My BIN **************************/
st->bin = gst_bin_new("mybin");
st->capsfilt = gst_element_factory_make("capsfilter", NULL);
if (!st->capsfilt) {
warning("gst: failed to create capsfilter element\n");
return ENOMEM;
}
set_caps(st);
st->sink = gst_element_factory_make("fakesink", "sink");
if (!st->sink) {
warning("gst: failed to create sink element\n");
return ENOMEM;
}
gst_bin_add_many(GST_BIN(st->bin), st->capsfilt, st->sink, NULL);
gst_element_link_many(st->capsfilt, st->sink, NULL);
/* add ghostpad */
pad = gst_element_get_static_pad(st->capsfilt, "sink");
gst_element_add_pad(st->bin, gst_ghost_pad_new("sink", pad));
gst_object_unref(GST_OBJECT(pad));
/* put all elements in a bin */
gst_bin_add_many(GST_BIN(st->pipeline), st->source, NULL);
/* Override audio-sink handoff handler */
g_object_set(G_OBJECT(st->sink), "signal-handoffs", TRUE, NULL);
g_signal_connect(st->sink, "handoff", G_CALLBACK(handoff_handler), st);
g_object_set(G_OBJECT(st->source), "audio-sink", st->bin, NULL);
/********************* Misc **************************/
/* Bus watch */
bus = gst_pipeline_get_bus(GST_PIPELINE(st->pipeline));
gst_bus_add_watch(bus, bus_watch_handler, st);
gst_object_unref(bus);
/* Set URI */
g_object_set(G_OBJECT(st->source), "uri", st->uri, NULL);
return 0;
}
