int SaveCredentialList() { priv_state priv = set_root_priv(); FILE * fp = safe_fopen_wrapper(cred_index_file, "w"); if (!fp) { set_priv (priv); dprintf (D_ALWAYS, "Unable to open credential index file %s!\n", cred_index_file); return FALSE; } classad::ClassAdXMLUnParser unparser; CredentialWrapper * pCred = NULL; // Clear the old list credentials.Rewind(); while (credentials.Next(pCred)) { const classad::ClassAd * pclassad = pCred->cred->GetMetadata(); classad::ClassAd temp_classad(*pclassad); // lame std::string buff; unparser.Unparse (buff, &temp_classad); fprintf (fp, "%s\n", buff.c_str()); } fclose (fp); set_priv (priv); return TRUE; }
int set_backup_privs(int on) { int r; r = set_priv(SE_BACKUP_NAME,on); r &= set_priv(SE_RESTORE_NAME,on); return r; }
int LoadData (const char * file_name, void *& data, int & data_size) { priv_state priv = set_root_priv(); int fd = safe_open_wrapper_follow(file_name, O_RDONLY); if (fd == -1) { fprintf (stderr, "Can't open %s\n", file_name); set_priv (priv); return FALSE; } char buff [MAX_CRED_DATA_SIZE+1]; data_size = read (fd, buff, MAX_CRED_DATA_SIZE); close (fd); if (data_size <= 0) { set_priv (priv); return FALSE; } data = malloc (data_size); memcpy (data, buff, data_size); set_priv (priv); return TRUE; }
bool LocalUserLog::init( const std::vector<const char*>& filename, bool is_xml, int cluster, int proc, int subproc ) { if( ! jic->userPrivInitialized() ) { EXCEPT( "LocalUserLog::init() " "called before user priv is initialized!" ); } priv_state priv; priv = set_user_priv(); bool ret = u_log.initialize(filename, cluster, proc, subproc, NULL); if( ! ret ) { dprintf( D_ALWAYS, "Failed to initialize Starter's UserLog, aborting\n" ); set_priv( priv ); return false; } set_priv( priv ); u_log.setUseXML( is_xml ); for(std::vector<const char*>::const_iterator p = filename.begin(); p != filename.end(); ++p) { dprintf( D_FULLDEBUG, "Starter's UserLog: %s\n", *p ); } is_initialized = true; should_log = true; return true; }
bool VirshType::ResumeFromSoftSuspend(void) { vmprintf(D_FULLDEBUG, "Inside VirshType::ResumeFromSoftSuspend\n"); if( (m_configfile.Length() == 0)) { return false; } if( m_is_soft_suspended ) { priv_state priv = set_root_priv(); virDomainPtr dom = virDomainLookupByName(m_libvirt_connection, m_vm_name.Value()); set_priv(priv); if(dom == NULL) { virErrorPtr err = virConnGetLastError(m_libvirt_connection); vmprintf(D_ALWAYS, "Error finding domain %s: %s\n", m_vm_name.Value(), (err ? err->message : "No reason found")); return false; } priv = set_root_priv(); int result = virDomainResume(dom); virDomainFree(dom); set_priv(priv); if( result != 0 ) { // unpause failed. vmprintf(D_ALWAYS, "Unpausing VM failed in " "VirshType::ResumeFromSoftSuspend\n"); return false; } m_is_soft_suspended = false; } return true; }
bool VirshType::killVMFast(const char* vmname, virConnectPtr libvirt_con) { vmprintf(D_FULLDEBUG, "Inside VirshType::killVMFast\n"); if( !vmname || (vmname[0] == '\0') ) { return false; } priv_state priv = set_root_priv(); virDomainPtr dom = virDomainLookupByName(libvirt_con, vmname); set_priv(priv); if(dom == NULL) { virErrorPtr err = virConnGetLastError(libvirt_con); if (err && err->code != VIR_ERR_NO_DOMAIN) { vmprintf(D_ALWAYS, "Error finding domain %s: %s\n", vmname, (err ? err->message : "No reason found")); return false; } else { return true; } } priv = set_root_priv(); bool ret = (virDomainDestroy(dom) == 0); virDomainFree(dom); set_priv(priv); return ret; }
void UserProc::store_core() { int core_size; char *virtual_working_dir = NULL; MyString new_name; int free_disk; priv_state priv; if( !core_created ) { dprintf( D_FAILURE|D_ALWAYS, "No core file to send - probably ran out of disk\n"); return; } if ( core_name == NULL ) { EXCEPT( "UserProc::store_core() asked to store unnamed core file that we knew existed!" ); } priv = set_root_priv(); core_size = physical_file_size( core_name ); set_priv(priv); if( coredump_limit_exists ) { if( core_size > coredump_limit ) { dprintf( D_ALWAYS, "Core file size exceeds user defined limit\n" ); dprintf( D_ALWAYS, "*NOT* sending core file.\n" ); return; } } if( REMOTE_CONDOR_getwd_special(virtual_working_dir) < 0 ) { EXCEPT( "REMOTE_CONDOR_getwd_special(virtual_working_dir = %s)", (virtual_working_dir != NULL)?virtual_working_dir:"(null)"); } free_disk = REMOTE_CONDOR_free_fs_blocks( virtual_working_dir); if( free_disk < 0 ) { EXCEPT( "REMOTE_CONDOR_free_fs_blocks(virtual_working_dir = %s)", (virtual_working_dir != NULL)?virtual_working_dir:"(null)"); } dprintf( D_ALWAYS, "Core file size is %d kbytes\n", core_size ); dprintf( D_ALWAYS, "Free disk on submitting machine is %d kbytes\n", free_disk ); if( free_disk > core_size ) { new_name.formatstr( "%s/core.%d.%d", virtual_working_dir, cluster, proc); dprintf( D_ALWAYS, "Transferring core file to \"%s\"\n", new_name.Value() ); priv = set_root_priv(); send_a_file( core_name, new_name.Value(), REGULAR_FILE_MODE ); set_priv(priv); core_transferred = TRUE; } else { dprintf( D_ALWAYS, "*NOT* Transferring core file\n" ); core_transferred = FALSE; } free( virtual_working_dir ); }
int LoadCredentialList () { CredentialWrapper * pCred; // Clear the old list if (!credentials.IsEmpty()) { credentials.Rewind(); while (credentials.Next(pCred)) { credentials.DeleteCurrent(); delete pCred; } } credentials.Rewind(); classad::ClassAdXMLParser parser; char buff[50000]; priv_state priv = set_root_priv(); FILE * fp = safe_fopen_wrapper(cred_index_file, "r"); if (!fp) { dprintf (D_FULLDEBUG, "Credential database %s does not exist!\n", cred_index_file); set_priv (priv); return TRUE; } while (fgets(buff, 50000, fp)) { if ((buff[0] == '\n') || (buff[0] == '\r')) { continue; } classad::ClassAd * classad = parser.ParseClassAd (buff); int type=0; if ((!classad) || (!classad->EvaluateAttrInt ("Type", type))) { dprintf (D_ALWAYS, "Invalid classad %s\n", buff); set_priv (priv); fclose (fp); return FALSE; } if (type == X509_CREDENTIAL_TYPE) { pCred = new X509CredentialWrapper (*classad); credentials.Append (pCred); } else { dprintf (D_ALWAYS, "Invalid type %d\n",type); } } fclose (fp); set_priv (priv); return TRUE; }
void VMGahp::killAllProcess() { if( !m_jobAd ) { // Virtual machine is absolutely not created. return; } #if defined (HAVE_EXT_LIBVIRT) && !defined(VMWARE_ONLY) if( strcasecmp(m_gahp_config->m_vm_type.Value(), CONDOR_VM_UNIVERSE_XEN ) == 0 ) { priv_state priv = set_root_priv(); if( m_jobAd && XenType::checkXenParams(m_gahp_config) ) { MyString vmname; if( VMType::createVMName(m_jobAd, vmname) ) { XenType::killVMFast(vmname.Value()); vmprintf( D_FULLDEBUG, "killVMFast is called\n"); } } set_priv(priv); } else if(strcasecmp(m_gahp_config->m_vm_type.Value(), CONDOR_VM_UNIVERSE_KVM ) == 0 ) { priv_state priv = set_root_priv(); if( m_jobAd && KVMType::checkXenParams(m_gahp_config) ) { MyString vmname; if( VMType::createVMName(m_jobAd, vmname) ) { KVMType::killVMFast(vmname.Value()); vmprintf( D_FULLDEBUG, "killVMFast is called\n"); } } set_priv(priv); } else #endif if( strcasecmp(m_gahp_config->m_vm_type.Value(), CONDOR_VM_UNIVERSE_VMWARE ) == 0 ) { priv_state priv = set_user_priv(); if( VMwareType::checkVMwareParams(m_gahp_config) ) { VMwareType::killVMFast(m_gahp_config->m_prog_for_script.Value(), m_gahp_config->m_vm_script.Value(), m_workingdir.Value()); vmprintf( D_FULLDEBUG, "killVMFast is called\n"); } set_priv(priv); } // [PRAGMA] Kill Rocks VM Process else if( strcasecmp(m_gahp_config->m_vm_type.Value(), CONDOR_VM_UNIVERSE_VMWARE ) == 0 ) { priv_state priv = set_user_priv(); if( RocksType::checkRocksParams(m_gahp_config) ) { RocksType::killVMFast(m_gahp_config->m_prog_for_script.Value(), m_gahp_config->m_vm_script.Value(), m_workingdir.Value()); vmprintf( D_FULLDEBUG, "killVMFast is called\n"); } set_priv(priv); } }
void UserProc::send_sig_no_privsep( int sig ) { priv_state priv; // We don't want to be root going around killing things or we // might do something we'll regret in the morning. -Derek 8/29/97 priv = set_user_priv(); // removed some vanilla-specific code here // ASSERT(job_class != CONDOR_UNIVERSE_VANILLA); if ( job_class != CONDOR_UNIVERSE_VANILLA ) { // Make sure the process can receive the signal. So let's send it a // SIGCONT first if applicable. if( sig != SIGCONT ) { if( kill(pid,SIGCONT) < 0 ) { set_priv(priv); if( errno == ESRCH ) { // User proc already exited dprintf( D_ALWAYS, "UserProc::send_sig_no_privsep(): " "Tried to send signal SIGCONT to user " "job %d, but that process doesn't exist.\n", pid); return; } perror("kill"); EXCEPT( "kill(%d,SIGCONT)", pid ); } /* standard jobs can't fork, so.... */ pids_suspended = 1; dprintf( D_ALWAYS, "UserProc::send_sig_no_privsep(): " "Sent signal SIGCONT to user job %d\n", pid); } if( kill(pid,sig) < 0 ) { set_priv(priv); if( errno == ESRCH ) { // User proc already exited dprintf( D_ALWAYS, "UserProc::send_sig_no_privsep(): " "Tried to send signal %d to user job " "%d, but that process doesn't exist.\n", sig, pid); return; } perror("kill"); EXCEPT( "kill(%d,%d)", pid, sig ); } } set_priv(priv); }
void Partition::back(char *script) { FILE *fin = NULL; ArgList args; MyString line; priv_state priv; dprintf(D_ALWAYS, "\t%s %s %ld %s\n", script, get_name().Value(), get_size(), pkind_xlate(get_pkind()).Value()); args.AppendArg(script); args.AppendArg(get_name()); args.AppendArg(get_size()); args.AppendArg(pkind_xlate(get_pkind()).Value()); priv = set_root_priv(); fin = my_popen(args, "r", MY_POPEN_OPT_WANT_STDERR); line.readLine(fin); // read back OK or NOT_OK, XXX ignore my_pclose(fin); set_priv(priv); // we don't know it is backed until the // STARTD_FACTORY_SCRIPT_AVAILABLE_PARTITIONS // tells us it is actually backed. This prevents overcommit of a // partition to multiple startds. set_pstate(ASSIGNED); }
// This is a blocking call and must provide a fully booted partition when it // returns. Otherwise, this partition could be overcommitted given the // nature of the use of this call. // script partition_name size kind void Partition::boot(char *script, PKind pkind) { FILE *fin = NULL; ArgList args; MyString line; priv_state priv; // we're told what kind of partition this is going to be set_pkind(pkind); dprintf(D_ALWAYS, "\t%s %s %ld %s\n", script, get_name().Value(), get_size(), pkind_xlate(get_pkind()).Value()); args.AppendArg(script); args.AppendArg(get_name()); args.AppendArg(get_size()); args.AppendArg(pkind_xlate(get_pkind()).Value()); priv = set_root_priv(); fin = my_popen(args, "r", MY_POPEN_OPT_WANT_STDERR); line.readLine(fin); // read back OK or NOT_OK, XXX ignore my_pclose(fin); set_priv(priv); // Now that the script is done, mark it booted. set_pstate(BOOTED); }
void JobInfoCommunicator::writeExecutionVisa( ClassAd& visa_ad ) { int value; if (!job_ad->EvalBool(ATTR_WANT_STARTER_EXECUTION_VISA, NULL, value) || !value) { return; } MyString iwd; if (!job_ad->LookupString(ATTR_JOB_IWD, iwd)) { dprintf(D_ALWAYS, "writeExecutionVisa error: no IWD in job ad!\n"); return; } priv_state priv = set_user_priv(); MyString filename; bool ok = classad_visa_write(&visa_ad, get_mySubSystem()->getName(), daemonCore->InfoCommandSinfulString(), iwd.Value(), &filename); set_priv(priv); if (ok) { addToOutputFiles(filename.Value()); } }
void PartitionManager::query_available_partitions(char *script) { FILE *fin = NULL; ArgList args; priv_state priv; /* load a description of the available partitions which could be backed, booted, or generatable. */ dprintf(D_ALWAYS, "Finding available partitions with: %s\n", script); args.AppendArg(script); priv = set_root_priv(); fin = my_popen(args, "r", TRUE); if (fin == NULL) { EXCEPT("Can't execute %s", script); } read_partitions(fin); my_pclose(fin); set_priv(priv); }
int BaseShadow::cdToIwd() { int iRet =0; #if ! defined(WIN32) priv_state p = PRIV_UNKNOWN; if (m_RunAsNobody) p = set_root_priv(); #endif if (chdir(iwd.Value()) < 0) { int chdir_errno = errno; dprintf(D_ALWAYS, "\n\nPath does not exist.\n" "He who travels without bounds\n" "Can't locate data.\n\n" ); MyString hold_reason; hold_reason.formatstr("Cannot access initial working directory %s: %s", iwd.Value(), strerror(chdir_errno)); dprintf( D_ALWAYS, "%s\n",hold_reason.Value()); holdJobAndExit(hold_reason.Value(),CONDOR_HOLD_CODE_IwdError,chdir_errno); iRet = -1; } #if ! defined(WIN32) if ( m_RunAsNobody ) set_priv(p); #endif return iRet; }
bool BaseLinuxHibernator::writeSysFile ( const char *file, const char *str ) const { // Write to the "/sys or /proc" file(s) dprintf( D_FULLDEBUG, "LinuxHibernator: Writing '%s' to '%s'\n", str, file ); priv_state p = set_root_priv( ); int fd = safe_open_wrapper_follow( file, O_WRONLY ); set_priv( p ); if ( fd < 0 ) { dprintf( D_ALWAYS, "LinuxHibernator: Error writing '%s' to '%s': %s\n", str, file, strerror(errno) ); return false; } int len = strlen(str); if ( write( fd, str, len ) != len ) { close( fd ); dprintf( D_ALWAYS, "LinuxHibernator: Error writing '%s' to '%s': %s\n", str, file, strerror(errno) ); return false; } close( fd ); return true; }
void VMGahp::executeCommand(VMRequest *req) { char *command = req->m_args.argv[0]; priv_state priv = set_user_priv(); if(strcasecmp(command, VMGAHP_COMMAND_VM_START) == 0 ) { executeStart(req); } else if(strcasecmp(command, VMGAHP_COMMAND_VM_STOP) == 0 ) { executeStop(req); } else if(strcasecmp(command, VMGAHP_COMMAND_VM_SUSPEND) == 0 ) { executeSuspend(req); } else if(strcasecmp(command, VMGAHP_COMMAND_VM_SOFT_SUSPEND) == 0 ) { executeSoftSuspend(req); } else if(strcasecmp(command, VMGAHP_COMMAND_VM_RESUME) == 0 ) { executeResume(req); } else if(strcasecmp(command, VMGAHP_COMMAND_VM_CHECKPOINT) == 0 ) { executeCheckpoint(req); } else if(strcasecmp(command, VMGAHP_COMMAND_VM_STATUS) == 0 ) { executeStatus(req); } else if(strcasecmp(command, VMGAHP_COMMAND_VM_GETPID) == 0 ) { executeGetpid(req); } else { vmprintf(D_ALWAYS, "Unknown command(%s)\n", command); } set_priv(priv); }
int InitJobAd(int cluster, int proc) { if (!JobAd) { // just get the job ad from the schedd once if ( IpcFile ) { // get the jobad file a file priv_state priv = set_condor_priv(); bool is_stdin = false; FILE* ipc_fp = NULL; if( IpcFile[0] == '-' && IpcFile[1] == '\0' ) { ipc_fp = stdin; is_stdin = true; } else { ipc_fp = safe_fopen_wrapper(IpcFile,"r"); } dprintf( D_FULLDEBUG, "Reading job ClassAd from %s\n", is_stdin ? "STDIN" : IpcFile ); int isEOF = 0; int isError = 0; int isEmpty = 0; if ( ipc_fp ) { JobAd = new ClassAd(ipc_fp,"***",isEOF,isError,isEmpty); if( ! is_stdin ) { fclose( ipc_fp ); unlink( IpcFile ); } } set_priv(priv); // if constructor failed, remove the JobAd, and // fallback on getting it via sockets. if (isError != 0 ) { if (JobAd) delete JobAd; JobAd = NULL; } if (JobAd) { // we're done checkForDebugging( JobAd ); return 0; } // if we made it here, we wanted to get the job ad // via the file, but failed dprintf(D_FULLDEBUG, "Failed to read job ad file %s, using socket\n", IpcFile); } if (!ConnectQ(schedd, SHADOW_QMGMT_TIMEOUT, true)) { EXCEPT("Failed to connect to schedd!"); } JobAd = GetJobAd( cluster, proc ); DisconnectQ(NULL); checkForDebugging( JobAd ); } if (!JobAd) { EXCEPT( "failed to get job ad" ); } return 0; }
/* proxy_valid_right_now() this function is used in this object to determine if glexec should actually be invoked. glexec will always fail with an expired proxy, and there is overhead in invoking it. */ int GLExecPrivSepHelper::proxy_valid_right_now() { int result = TRUE; /* Note that set_user_priv is a no-op if condor is running as non-root (the "usual" mode for invoking glexec) */ priv_state priv_saved = set_user_priv(); if (!m_proxy) { dprintf(D_FULLDEBUG, "GLExecPrivSepHelper::proxy_valid_right_now: no proxy defined\n"); result = FALSE; } else { time_t expiration_time = x509_proxy_expiration_time(m_proxy); time_t now = time(NULL); if (expiration_time == -1) { dprintf(D_FULLDEBUG, "GLExecPrivSepHelper::proxy_valid_right_now: Globus error when getting proxy %s expiration: %s.\n", m_proxy, x509_error_string()); result = FALSE; } else if (expiration_time < now) { dprintf(D_FULLDEBUG, "GLExecPrivSepHelper::proxy_valid_right_now: proxy %s expired %ld seconds ago!\n", m_proxy, now - expiration_time); result = FALSE; } } set_priv(priv_saved); return result; }
FILE * email_open_implementation(char *Mailer, const char * final_args[]) { priv_state priv; int prev_umask; FILE *mailerstream; /* Want the letter to come from "condor" if possible */ priv = set_condor_priv(); /* there are some oddities with how popen can open a pipe. In some arches, popen will create temp files for locking and they need to be of the correct perms in order to be deleted. So the umask is set to something useable for the open operation. -pete 9/11/99 */ prev_umask = umask(022); mailerstream = my_popenv(final_args,EMAIL_POPEN_FLAGS,FALSE); umask(prev_umask); /* Set priv state back */ set_priv(priv); if ( mailerstream == NULL ) { dprintf(D_ALWAYS,"Failed to access email program \"%s\"\n", Mailer); } return mailerstream; }
void SharedPortEndpoint::SocketCheck() { if( !m_listening || m_full_name.IsEmpty() || !m_is_file_socket) { return; } priv_state orig_priv = set_condor_priv(); int rc = utime(m_full_name.Value(), NULL); int utime_errno = errno; set_priv(orig_priv); if( rc < 0 ) { dprintf(D_ALWAYS,"SharedPortEndpoint: failed to touch %s: %s\n", m_full_name.Value(), strerror(utime_errno)); if( utime_errno == ENOENT ) { dprintf(D_ALWAYS,"SharedPortEndpoint: attempting to recreate vanished socket!\n"); StopListener(); if( !StartListener() ) { EXCEPT("SharedPortEndpoint: failed to recreate socket"); } } } }
int GLExecPrivSepHelper::run_script(ArgList& args,MyString &error_desc) { if (!proxy_valid_right_now()) { dprintf(D_ALWAYS, "GLExecPrivSepHelper::run_script: not invoking glexec since the proxy is not valid!\n"); error_desc += "The job proxy is not valid."; return INVALID_PROXY_RC; } /* Note that set_user_priv is a no-op if condor is running as non-root (the "usual" mode for invoking glexec) */ priv_state priv_saved = set_user_priv(); FILE* fp = my_popen(args, "r", TRUE); set_priv(priv_saved); if (fp == NULL) { dprintf(D_ALWAYS, "GLExecPrivSepHelper::run_script: " "my_popen failure on %s: errno=%d (%s)\n", args.GetArg(0), errno, strerror(errno)); return -1; } MyString str; while (str.readLine(fp, true)); priv_saved = set_user_priv(); int ret = my_pclose(fp); set_priv(priv_saved); if (ret != 0) { str.trim(); dprintf(D_ALWAYS, "GLExecPrivSepHelper::run_script: %s exited " "with status %d and following output:\n%s\n", args.GetArg(0), ret, str.Value()); error_desc.formatstr_cat("%s exited with status %d and the following output: %s", condor_basename(args.GetArg(0)), ret, str.Value()); error_desc.replaceString("\n","; "); } return ret; }
bool XenType::killVMFast(const char* vmname) { vmprintf(D_FULLDEBUG, "Inside XenType::killVMFast\n"); priv_state priv = set_root_priv(); virConnectPtr libvirt_connection = virConnectOpen("xen:///"); set_priv(priv); return VirshType::killVMFast(vmname, libvirt_connection); }
/* returns TRUE if the user profile was unloaded; otherwise, FALSE. Also ensures the profile information is cleaned out. */ BOOL OwnerProfile::unloadProfile () { dprintf ( D_FULLDEBUG, "In OwnerProfile::unloadProfile()\n" ); priv_state priv; BOOL profile_unloaded = FALSE, ok = FALSE; __try { /* we must do the following as */ priv = set_condor_priv (); /* unload the current profile */ profile_unloaded = UnloadUserProfile ( user_token_, user_profile_.hProfile ); dprintf ( D_FULLDEBUG, "OwnerProfile::unloadProfile: Unloading %s's " "profile %s. (last-error = %u)\n", user_name_, profile_unloaded ? "succeeded" : "failed", profile_unloaded ? 0 : GetLastError () ); if ( !profile_unloaded ) { __leave; } /* if we got here then all is well in the universe */ ok = TRUE; } __finally { /* we use SecureZeroMemory() here because it has a very desirable property: it will never be optimized away, as its cousin ZeroMemory() might be. This is of great interest to us, as the state of the profile structure greatly influences the behaviour of this class. */ if ( ok ) { SecureZeroMemory ( &user_profile_, sizeof ( PROFILEINFO ) ); } /* return to previous privilege level */ set_priv ( priv ); } return ok; }
bool SharedPortEndpoint::RemoveSocket( char const *fname ) { priv_state orig_state = set_root_priv(); int unlink_rc = remove( fname ); set_priv( orig_state ); return unlink_rc == 0; }
bool SharedPortEndpoint::MakeDaemonSocketDir() { priv_state orig_state = set_condor_priv(); int mkdir_rc = mkdir(m_socket_dir.Value(),0755); set_priv( orig_state ); return mkdir_rc == 0; }
// helper method to determine whether the given execute directory // is root-squashed. this function assumes that the given directory // is owned and writable by condor, and that our real UID is 0. it // returns true if we can verify that root squash is NOT in effect, // false if not (i.e. false is returned if we detemine root squash // is in effect or we hit an error) // static bool not_root_squashed( char const *exec_path ) { MyString test_dir; test_dir.formatstr("%s/.root_squash_test", exec_path); if (rmdir(test_dir.Value()) == -1) { if (errno != ENOENT) { dprintf(D_FULLDEBUG, "not_root_squashed: rmdir of %s failed: %s\n", test_dir.Value(), strerror(errno)); return false; } } priv_state priv = set_root_priv(); int rv = mkdir(test_dir.Value(), 0755); set_priv(priv); if (rv == -1) { if (errno == EACCES) { dprintf(D_FULLDEBUG, "execute directory %s root-squashed\n", exec_path); } else { dprintf(D_FULLDEBUG, "not_root_squashed: mkdir of %s failed: %s\n", test_dir.Value(), strerror(errno)); } return false; } struct stat st; if (stat(test_dir.Value(), &st) == -1) { dprintf(D_FULLDEBUG, "not_root_squashed: stat of %s failed: %s\n", test_dir.Value(), strerror(errno)); return false; } if (rmdir(test_dir.Value()) == -1) { dprintf(D_FULLDEBUG, "rmdir of %s failed: %s\n", test_dir.Value(), strerror(errno)); return false; } bool not_squashed = (st.st_uid == 0); dprintf(D_FULLDEBUG, "execute directory %s %s root-squashed\n", exec_path, not_squashed ? "not" : ""); return not_squashed; }
int StoreData (const char * file_name, const void * data, const int data_size) { if (!data) { return FALSE; } priv_state priv = set_root_priv(); dprintf (D_FULLDEBUG, "in StoreData(), euid=%d\n", geteuid()); int fd = safe_open_wrapper_follow(file_name, O_WRONLY | O_CREAT | O_TRUNC, 0600 ); if (fd == -1) { dprintf (D_ALWAYS, "Unable to store in %s\n", file_name); set_priv(priv); return FALSE; } // Change to user owning the cred (assume init_user_ids() has been called) if (fchmod (fd, S_IRUSR | S_IWUSR)) { dprintf(D_ALWAYS, "Failed to fchmod %s to S_IRUSR | S_IWUSR: %s\n", file_name, strerror(errno)); } if (fchown (fd, get_user_uid(), get_user_gid())) { dprintf(D_ALWAYS, "Failed to fchown %s to %d.%d: %s\n", file_name, get_user_uid(), get_user_gid(), strerror(errno)); } int written = write (fd, data, data_size); if (written < data_size) { dprintf (D_ALWAYS, "Can't write to %s: (%d) \n", file_name, errno); set_priv(priv); close(fd); return FALSE; } close (fd); set_priv(priv); return TRUE; }
void VMUniverseMgr::killVM(const char *matchstring) { if ( !matchstring ) { return; } if( !m_vm_type.Length() || !m_vmgahp_server.Length() ) { return; } // vmgahp is daemonCore, so we need to add -f -t options of daemonCore. // Then, try to execute vmgahp with // vmtype <vmtype> match <string>" ArgList systemcmd; systemcmd.AppendArg(m_vmgahp_server); systemcmd.AppendArg("-f"); char *gahp_log_file = param("VM_GAHP_LOG"); if( gahp_log_file ) { free(gahp_log_file); }else { systemcmd.AppendArg("-t"); } systemcmd.AppendArg("-M"); systemcmd.AppendArg(VMGAHP_KILL_MODE); systemcmd.AppendArg("vmtype"); systemcmd.AppendArg(m_vm_type); systemcmd.AppendArg("match"); systemcmd.AppendArg(matchstring); #if !defined(WIN32) if( can_switch_ids() ) { MyString tmp_str; tmp_str.formatstr("%d", (int)get_condor_uid()); SetEnv("VMGAHP_USER_UID", tmp_str.Value()); } #endif // execute vmgahp with root privilege priv_state priv = set_root_priv(); int ret = my_system(systemcmd); // restore privilege set_priv(priv); if( ret == 0 ) { dprintf( D_ALWAYS, "VMUniverseMgr::killVM() is called with " "'%s'\n", matchstring ); }else { dprintf( D_ALWAYS, "VMUniverseMgr::killVM() failed!\n"); } return; }
bool SharedPortEndpoint::ChownSocket(priv_state priv) { #ifndef HAVE_SHARED_PORT return false; #elif WIN32 return false; #elif HAVE_SCM_RIGHTS_PASSFD if( !can_switch_ids() ) { return true; } switch( priv ) { case PRIV_ROOT: case PRIV_CONDOR: case PRIV_CONDOR_FINAL: case PRIV_UNKNOWN: // Nothing needs to be done in this case, because the named // socket was created with condor ownership (we assume). return true; case PRIV_FILE_OWNER: case _priv_state_threshold: // these don't really make sense, but include them so // the compiler can warn about priv states not covered return true; case PRIV_USER: case PRIV_USER_FINAL: { priv_state orig_priv = set_root_priv(); int rc = fchown( m_listener_sock.get_file_desc(),get_user_uid(),get_user_gid() ); if( rc != 0 ) { dprintf(D_ALWAYS,"SharedPortEndpoint: failed to chown %s to %d:%d: %s.\n", m_full_name.Value(), get_user_uid(), get_user_gid(), strerror(errno)); } set_priv( orig_priv ); return rc == 0; } } EXCEPT("Unexpected priv state in SharedPortEndpoint(%d)",(int)priv); return false; #else #error HAVE_SHARED_PORT is defined, but no method for passing fds is enabled. #endif }