TQString TESession::getCwd()
{
#ifdef HAVE_PROC_CWD
if (cwd.isEmpty()) {
TQFileInfo Cwd(TQString("/proc/%1/cwd").arg(sh->pid()));
if(Cwd.isSymLink())
return Cwd.readLink();
}
#endif /* HAVE_PROC_CWD */
return cwd;
}
void execv_in_app(const char* username, const char* appname, const char* arg0, char** argv) {
if(username)
switch_to_user(username);
const char* kinko_root = getenv("KINKO_ROOT");
if(!kinko_root) {
kinko_root = Cwd();
fprintf(stderr, "KINKO_ROOT environment setting missing; falling back to current dir: %s\n", kinko_root);
}
/*
* Fetch system settings to build environment for new process.
*/
const char* pw_shell = "/bin/false";
/*
* The homedir is the root dir of the requested app.
* If the username is "kinko-<name>", then the homedir is "<kinko_root>/apps/<name>"
*/
const char* homedir = vstrcat(kinko_root, "/apps/", appname, 0);
/*
* Clear environment. This implements a simple variant of sudo's env_reset
* function.
*
* Note: while sudo falls back to setting TERM, PATH, HOME, MAIL, SHELL,
* LOGNAME, USER, USERNAME we skp TERM and MAIL.
*/
static const int MAX_ENV_ENTRIES = 128;
char* env[MAX_ENV_ENTRIES];
char** envp = env;
/*
* get initial path.
*
* Note that /usr/local/bin is in the path, because that allows for a
* system-wide installation of various interpreters even when they are
* not packaged by the system's package manager.
*/
const char* path = "/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin";
/*
* set ruby environment.
*
* The following code should make --no-print-directory sure that the new user will have gems
* installed in a private location. Note that a proper ruby installation
* must be installed system-wide; if nothing else works then in
* /usr/local/bin.
*/
path = vstrcat(homedir, "/bin" ":", path, 0);
path = vstrcat(homedir, "/var/bin" ":", path, 0);
path = vstrcat(homedir, "/var/gems/bin" ":", path, 0);
*envp++ = vstrcat("GEM_HOME=", homedir, "/var/gems", 0);
*envp++ = vstrcat("GEM_PATH=", homedir, "/var/gems", 0);
/*
* If there is a Gemfile in $homedir/Gemfile, we remember that in the
* environment. This make --no-print-directorys sure that bundler finds its Gemfile even
* when in the wrong directory; but it also prevents to run multiple
* ruby-based apps with different gemsets.
*/
/*
{
const char* gemfile = vstrcat(homedir, "/Gemfile", 0);
struct stat stat_buf;
if(!stat(gemfile, &stat_buf)) {
(void)0;
*envp++ = vstrcat("BUNDLE_GEMFILE=", gemfile, 0);
}
}
*/
*envp = 0;
/*
* set KINKO environment entries
*/
*envp++ = vstrcat("KINKO_ROOT=", kinko_root, 0);
path = vstrcat(kinko_root, "/sbin:", path, 0);
path = vstrcat(kinko_root, "/bin:", path, 0);
*envp++ = vstrcat("JIT_HOME=", kinko_root, "/var/jit", 0);
/*
* set base entries
*/
*envp++ = "TMPDIR=/tmp";
*envp++ = vstrcat("PATH=", path, 0);
*envp++ = vstrcat("HOME=", homedir, 0);
*envp++ = vstrcat("SHELL=", pw_shell, 0);
#if STRICT_MODE
*envp++ = vstrcat("LOGNAME=", username, 0);
*envp++ = vstrcat("USER="******"USERNAME="******"Cannot chdir into homedir %s\n", homedir);
perror(homedir);
}
/*
* set umask. By default an application should not create files writeable
* by others.
*/
umask(S_IWGRP | S_IWOTH);
/*
* start program.
*/
execve(arg0, argv, env);
die(arg0);
}
void Cdup(char *param)
{
Cwd("..");
};
