static void Apoptosis(void) { char promiser_buf[CF_SMALLBUF]; snprintf(promiser_buf, sizeof(promiser_buf), "%s/bin/cf-execd", CFWORKDIR); if (LoadProcessTable(&PROCESSTABLE)) { char myuid[32]; snprintf(myuid, 32, "%d", (int)getuid()); Rlist *owners = NULL; RlistPrepend(&owners, myuid, RVAL_TYPE_SCALAR); ProcessSelect process_select = { .owner = owners, .process_result = "process_owner", }; Item *killlist = SelectProcesses(PROCESSTABLE, promiser_buf, process_select, true); RlistDestroy(owners); for (Item *ip = killlist; ip != NULL; ip = ip->next) { pid_t pid = ip->counter; if (pid != getpid() && kill(pid, SIGTERM) < 0) { if (errno == ESRCH) { /* That's ok, process exited voluntarily */ } else { Log(LOG_LEVEL_ERR, "Unable to kill stale cf-execd process pid=%d. (kill: %s)", (int)pid, GetErrorStr()); } } } } DeleteItemList(PROCESSTABLE); Log(LOG_LEVEL_VERBOSE, "Pruning complete"); }
static int NewTypeContext(enum typesequence type) { // get maxconnections switch (type) { case kp_environments: NewEnvironmentsContext(); break; case kp_files: ConnectionsInit(); break; case kp_processes: if (!LoadProcessTable(&PROCESSTABLE)) { CfOut(cf_error, "", "Unable to read the process table - cannot keep process promises\n"); return false; } break; case kp_storage: #ifndef __MINGW32__ // TODO: Run if implemented on Windows if (MOUNTEDFSLIST != NULL) { DeleteMountInfo(MOUNTEDFSLIST); MOUNTEDFSLIST = NULL; } #endif /* !__MINGW32__ */ break; default: /* Initialization is not required */ ; } return true; }
static int NewTypeContext(TypeSequence type) { // get maxconnections switch (type) { case TYPE_SEQUENCE_ENVIRONMENTS: NewEnvironmentsContext(); break; case TYPE_SEQUENCE_FILES: ConnectionsInit(); break; case TYPE_SEQUENCE_PROCESSES: if (!LoadProcessTable(&PROCESSTABLE)) { CfOut(OUTPUT_LEVEL_ERROR, "", "Unable to read the process table - cannot keep process promises\n"); return false; } break; case TYPE_SEQUENCE_STORAGE: #ifndef __MINGW32__ // TODO: Run if implemented on Windows if (MOUNTEDFSLIST != NULL) { DeleteMountInfo(MOUNTEDFSLIST); MOUNTEDFSLIST = NULL; } #endif /* !__MINGW32__ */ break; default: /* Initialization is not required */ ; } return true; }
static void Apoptosis(void) { static char promiser_buf[CF_SMALLBUF]; snprintf(promiser_buf, sizeof(promiser_buf), "%s/bin/cf-execd", CFWORKDIR); if (LoadProcessTable(&PROCESSTABLE)) { char myuid[32]; snprintf(myuid, 32, "%d", (int)getuid()); Rlist *owners = NULL; RlistPrependScalar(&owners, myuid); ProcessSelect process_select = { .owner = owners, .process_result = "process_owner", }; Item *killlist = SelectProcesses(PROCESSTABLE, promiser_buf, process_select, true); for (Item *ip = killlist; ip != NULL; ip = ip->next) { pid_t pid = ip->counter; if (pid != getpid() && kill(pid, SIGTERM) < 0) { if (errno == ESRCH) { /* That's ok, process exited voluntarily */ } else { CfOut(OUTPUT_LEVEL_ERROR, "kill", "Unable to kill stale cf-execd process (pid=%d)", (int)pid); } } } } DeleteItemList(PROCESSTABLE); CfOut(OUTPUT_LEVEL_VERBOSE, "", " !! Pruning complete"); }
static bool VerifyBootstrap(void) { struct stat sb; char filePath[CF_MAXVARSIZE]; if (NULL_OR_EMPTY(POLICY_SERVER)) { CfOut(cf_error, "", "!! Bootstrapping failed, no policy server is specified"); return false; } // we should at least have gotten promises.cf from the policy hub snprintf(filePath, sizeof(filePath), "%s/inputs/promises.cf", CFWORKDIR); MapName(filePath); if (cfstat(filePath, &sb) == -1) { CfOut(cf_error, "", "!! Bootstrapping failed, no input file at %s after bootstrap", filePath); return false; } // embedded failsafe.cf (bootstrap.c) contains a promise to start cf-execd (executed while running this cf-agent) DeleteItemList(PROCESSTABLE); PROCESSTABLE = NULL; LoadProcessTable(&PROCESSTABLE); if (!IsProcessNameRunning(".*cf-execd.*")) { CfOut(cf_error, "", "!! Bootstrapping failed, cf-execd is not running"); return false; } CfOut(cf_cmdout, "", "-> Bootstrap to %s completed successfully", POLICY_SERVER); return true; }
static void Apoptosis() { Promise pp = { 0 }; Rlist *signals = NULL, *owners = NULL; char mypid[32]; static char promiser_buf[CF_SMALLBUF]; #if defined(_WIN32) return; #endif CfOut(OUTPUT_LEVEL_VERBOSE, "", " !! Programmed pruning of the scheduler cluster"); #ifdef __MINGW32__ snprintf(promiser_buf, sizeof(promiser_buf), "cf-execd"); // using '\' causes regexp problems #else snprintf(promiser_buf, sizeof(promiser_buf), "%s/bin/cf-execd", CFWORKDIR); #endif pp.promiser = promiser_buf; pp.promisee = (Rval) {"cfengine", RVAL_TYPE_SCALAR}; pp.classes = "any"; pp.offset.line = 0; pp.audit = NULL; pp.conlist = SeqNew(100, ConstraintDestroy); pp.bundletype = "agent"; pp.bundle = "exec_apoptosis"; pp.ref = "Programmed death"; pp.agentsubtype = "processes"; pp.done = false; pp.cache = NULL; pp.inode_cache = NULL; pp.this_server = NULL; pp.donep = &(pp.done); pp.conn = NULL; GetCurrentUserName(mypid, 31); RlistPrepend(&signals, "term", RVAL_TYPE_SCALAR); RlistPrepend(&owners, mypid, RVAL_TYPE_SCALAR); PromiseAppendConstraint(&pp, "signals", (Rval) {signals, RVAL_TYPE_LIST }, "any", false); PromiseAppendConstraint(&pp, "process_select", (Rval) {xstrdup("true"), RVAL_TYPE_SCALAR}, "any", false); PromiseAppendConstraint(&pp, "process_owner", (Rval) {owners, RVAL_TYPE_LIST }, "any", false); PromiseAppendConstraint(&pp, "ifelapsed", (Rval) {xstrdup("0"), RVAL_TYPE_SCALAR}, "any", false); PromiseAppendConstraint(&pp, "process_count", (Rval) {xstrdup("true"), RVAL_TYPE_SCALAR}, "any", false); PromiseAppendConstraint(&pp, "match_range", (Rval) {xstrdup("0,2"), RVAL_TYPE_SCALAR}, "any", false); PromiseAppendConstraint(&pp, "process_result", (Rval) {xstrdup("process_owner.process_count"), RVAL_TYPE_SCALAR}, "any", false); CfOut(OUTPUT_LEVEL_VERBOSE, "", " -> Looking for cf-execd processes owned by %s", mypid); if (LoadProcessTable(&PROCESSTABLE)) { VerifyProcessesPromise(&pp); } DeleteItemList(PROCESSTABLE); SeqDestroy(pp.conlist); CfOut(OUTPUT_LEVEL_VERBOSE, "", " !! Pruning complete"); }