int
VanillaProc::StartJob()
{
dprintf(D_FULLDEBUG,"in VanillaProc::StartJob()\n");
// vanilla jobs, unlike standard jobs, are allowed to run
// shell scripts (or as is the case on NT, batch files). so
// edit the ad so we start up a shell, pass the executable as
// an argument to the shell, if we are asked to run a .bat file.
#ifdef WIN32
CHAR interpreter[MAX_PATH+1],
systemshell[MAX_PATH+1];
const char* jobtmp = Starter->jic->origJobName();
int joblen = strlen(jobtmp);
const char *extension = joblen > 0 ? &(jobtmp[joblen-4]) : NULL;
bool binary_executable = ( extension &&
( MATCH == strcasecmp ( ".exe", extension ) ||
MATCH == strcasecmp ( ".com", extension ) ) ),
java_universe = ( CONDOR_UNIVERSE_JAVA == job_universe );
ArgList arguments;
MyString filename,
jobname,
error;
if ( extension && !java_universe && !binary_executable ) {
/** since we do not actually know how long the extension of
the file is, we'll need to hunt down the '.' in the path,
if it exists */
extension = strrchr ( jobtmp, '.' );
if ( !extension ) {
dprintf (
D_ALWAYS,
"VanillaProc::StartJob(): Failed to extract "
"the file's extension.\n" );
/** don't fail here, since we want executables to run
as usual. That is, some condor jobs submit
executables that do not have the '.exe' extension,
but are, nonetheless, executable binaries. For
instance, a submit script may contain:
executable = executable$(OPSYS) */
} else {
/** pull out the path to the executable */
if ( !JobAd->LookupString (
ATTR_JOB_CMD,
jobname ) ) {
/** fall back on Starter->jic->origJobName() */
jobname = jobtmp;
}
/** If we transferred the job, it may have been
renamed to condor_exec.exe even though it is
not an executable. Here we rename it back to
a the correct extension before it will run. */
if ( MATCH == strcasecmp (
CONDOR_EXEC,
condor_basename ( jobname.Value () ) ) ) {
filename.formatstr ( "condor_exec%s", extension );
if (rename(CONDOR_EXEC, filename.Value()) != 0) {
dprintf (D_ALWAYS, "VanillaProc::StartJob(): ERROR: "
"failed to rename executable from %s to %s\n",
CONDOR_EXEC, filename.Value() );
}
} else {
filename = jobname;
}
/** Since we've renamed our executable, we need to
update the job ad to reflect this change. */
if ( !JobAd->Assign (
ATTR_JOB_CMD,
filename ) ) {
dprintf (
D_ALWAYS,
"VanillaProc::StartJob(): ERROR: failed to "
"set new executable name.\n" );
return FALSE;
}
/** We've moved the script to argv[1], so we need to
add the remaining arguments to positions argv[2]..
argv[/n/]. */
if ( !arguments.AppendArgsFromClassAd ( JobAd, &error ) ||
!arguments.InsertArgsIntoClassAd ( JobAd, NULL,
&error ) ) {
dprintf (
D_ALWAYS,
"VanillaProc::StartJob(): ERROR: failed to "
"get arguments from job ad: %s\n",
error.Value () );
return FALSE;
}
/** Since we know already we don't want this file returned
to us, we explicitly add it to an exception list which
will stop the file transfer mechanism from considering
it for transfer back to its submitter */
Starter->jic->removeFromOutputFiles (
filename.Value () );
}
}
#endif
// set up a FamilyInfo structure to tell OsProc to register a family
// with the ProcD in its call to DaemonCore::Create_Process
//
FamilyInfo fi;
// take snapshots at no more than 15 seconds in between, by default
//
fi.max_snapshot_interval = param_integer("PID_SNAPSHOT_INTERVAL", 15);
m_dedicated_account = Starter->jic->getExecuteAccountIsDedicated();
if( ThisProcRunsAlongsideMainProc() ) {
// If we track a secondary proc's family tree (such as
// sshd) using the same dedicated account as the job's
// family tree, we could end up killing the job when we
// clean up the secondary family.
m_dedicated_account = NULL;
}
if (m_dedicated_account) {
// using login-based family tracking
fi.login = m_dedicated_account;
// The following message is documented in the manual as the
// way to tell whether the dedicated execution account
// configuration is being used.
dprintf(D_ALWAYS,
"Tracking process family by login \"%s\"\n",
fi.login);
}
FilesystemRemap * fs_remap = NULL;
#if defined(LINUX)
// on Linux, we also have the ability to track processes via
// a phony supplementary group ID
//
gid_t tracking_gid = 0;
if (param_boolean("USE_GID_PROCESS_TRACKING", false)) {
if (!can_switch_ids() &&
(Starter->condorPrivSepHelper() == NULL))
{
EXCEPT("USE_GID_PROCESS_TRACKING enabled, but can't modify "
"the group list of our children unless running as "
"root or using PrivSep");
}
fi.group_ptr = &tracking_gid;
}
#endif
#if defined(HAVE_EXT_LIBCGROUP)
// Determine the cgroup
std::string cgroup_base;
param(cgroup_base, "BASE_CGROUP", "");
MyString cgroup_str;
const char *cgroup = NULL;
if (cgroup_base.length()) {
MyString cgroup_uniq;
std::string starter_name, execute_str;
param(execute_str, "EXECUTE", "EXECUTE_UNKNOWN");
// Note: Starter is a global variable from os_proc.cpp
Starter->jic->machClassAd()->EvalString(ATTR_NAME, NULL, starter_name);
ASSERT (starter_name.size());
cgroup_uniq.formatstr("%s_%s", execute_str.c_str(), starter_name.c_str());
const char dir_delim[2] = {DIR_DELIM_CHAR, '\0'};
cgroup_uniq.replaceString(dir_delim, "_");
cgroup_str.formatstr("%s%ccondor%s", cgroup_base.c_str(), DIR_DELIM_CHAR,
cgroup_uniq.Value());
cgroup = cgroup_str.Value();
ASSERT (cgroup != NULL);
fi.cgroup = cgroup;
dprintf(D_FULLDEBUG, "Requesting cgroup %s for job.\n", cgroup);
}
#endif
// The chroot stuff really only works on linux
#ifdef LINUX
{
// Have Condor manage a chroot
std::string requested_chroot_name;
JobAd->EvalString("RequestedChroot", NULL, requested_chroot_name);
const char * allowed_root_dirs = param("NAMED_CHROOT");
if (requested_chroot_name.size()) {
dprintf(D_FULLDEBUG, "Checking for chroot: %s\n", requested_chroot_name.c_str());
StringList chroot_list(allowed_root_dirs);
chroot_list.rewind();
const char * next_chroot;
bool acceptable_chroot = false;
std::string requested_chroot;
while ( (next_chroot=chroot_list.next()) ) {
MyString chroot_spec(next_chroot);
chroot_spec.Tokenize();
const char * chroot_name = chroot_spec.GetNextToken("=", false);
if (chroot_name == NULL) {
dprintf(D_ALWAYS, "Invalid named chroot: %s\n", chroot_spec.Value());
}
const char * next_dir = chroot_spec.GetNextToken("=", false);
if (chroot_name == NULL) {
dprintf(D_ALWAYS, "Invalid named chroot: %s\n", chroot_spec.Value());
}
dprintf(D_FULLDEBUG, "Considering directory %s for chroot %s.\n", next_dir, chroot_spec.Value());
if (IsDirectory(next_dir) && chroot_name && (strcmp(requested_chroot_name.c_str(), chroot_name) == 0)) {
acceptable_chroot = true;
requested_chroot = next_dir;
}
}
// TODO: path to chroot MUST be all root-owned, or we have a nice security exploit.
// Is this the responsibility of Condor to check, or the sysadmin who set it up?
if (!acceptable_chroot) {
return FALSE;
}
dprintf(D_FULLDEBUG, "Will attempt to set the chroot to %s.\n", requested_chroot.c_str());
std::stringstream ss;
std::stringstream ss2;
ss2 << Starter->GetExecuteDir() << DIR_DELIM_CHAR << "dir_" << getpid();
std::string execute_dir = ss2.str();
ss << requested_chroot << DIR_DELIM_CHAR << ss2.str();
std::string full_dir_str = ss.str();
if (is_trivial_rootdir(requested_chroot)) {
dprintf(D_FULLDEBUG, "Requested a trivial chroot %s; this is a no-op.\n", requested_chroot.c_str());
} else if (IsDirectory(execute_dir.c_str())) {
{
TemporaryPrivSentry sentry(PRIV_ROOT);
if( mkdir(full_dir_str.c_str(), S_IRWXU) < 0 ) {
dprintf( D_FAILURE|D_ALWAYS,
"Failed to create sandbox directory in chroot (%s): %s\n",
full_dir_str.c_str(),
strerror(errno) );
return FALSE;
}
if (chown(full_dir_str.c_str(),
get_user_uid(),
get_user_gid()) == -1)
{
EXCEPT("chown error on %s: %s",
full_dir_str.c_str(),
strerror(errno));
}
}
if (!fs_remap) {
fs_remap = new FilesystemRemap();
}
dprintf(D_FULLDEBUG, "Adding mapping: %s -> %s.\n", execute_dir.c_str(), full_dir_str.c_str());
if (fs_remap->AddMapping(execute_dir, full_dir_str)) {
// FilesystemRemap object prints out an error message for us.
return FALSE;
}
dprintf(D_FULLDEBUG, "Adding mapping %s -> %s.\n", requested_chroot.c_str(), "/");
std::string root_str("/");
if (fs_remap->AddMapping(requested_chroot, root_str)) {
return FALSE;
}
} else {
dprintf(D_ALWAYS, "Unable to do chroot because working dir %s does not exist.\n", execute_dir.c_str());
}
} else {
dprintf(D_FULLDEBUG, "Value of RequestedChroot is unset.\n");
}
}
// End of chroot
#endif
// On Linux kernel 2.4.19 and later, we can give each job its
// own FS mounts.
char * mount_under_scratch = param("MOUNT_UNDER_SCRATCH");
if (mount_under_scratch) {
std::string working_dir = Starter->GetWorkingDir();
if (IsDirectory(working_dir.c_str())) {
StringList mount_list(mount_under_scratch);
free(mount_under_scratch);
mount_list.rewind();
if (!fs_remap) {
fs_remap = new FilesystemRemap();
}
char * next_dir;
while ( (next_dir=mount_list.next()) ) {
if (!*next_dir) {
// empty string?
mount_list.deleteCurrent();
continue;
}
std::string next_dir_str(next_dir);
// Gah, I wish I could throw an exception to clean up these nested if statements.
if (IsDirectory(next_dir)) {
char * full_dir = dirscat(working_dir, next_dir_str);
if (full_dir) {
std::string full_dir_str(full_dir);
delete [] full_dir; full_dir = NULL;
if (!mkdir_and_parents_if_needed( full_dir_str.c_str(), S_IRWXU, PRIV_USER )) {
dprintf(D_ALWAYS, "Failed to create scratch directory %s\n", full_dir_str.c_str());
return FALSE;
}
dprintf(D_FULLDEBUG, "Adding mapping: %s -> %s.\n", full_dir_str.c_str(), next_dir_str.c_str());
if (fs_remap->AddMapping(full_dir_str, next_dir_str)) {
// FilesystemRemap object prints out an error message for us.
return FALSE;
}
} else {
dprintf(D_ALWAYS, "Unable to concatenate %s and %s.\n", working_dir.c_str(), next_dir_str.c_str());
return FALSE;
}
} else {
dprintf(D_ALWAYS, "Unable to add mapping %s -> %s because %s doesn't exist.\n", working_dir.c_str(), next_dir, next_dir);
}
}
} else {
dprintf(D_ALWAYS, "Unable to perform mappings because %s doesn't exist.\n", working_dir.c_str());
return FALSE;
}
}
// have OsProc start the job
//
int retval = OsProc::StartJob(&fi, fs_remap);
if (fs_remap != NULL) {
delete fs_remap;
}
#if defined(HAVE_EXT_LIBCGROUP)
// Set fairshare limits. Note that retval == 1 indicates success, 0 is failure.
if (cgroup && retval) {
std::string mem_limit;
param(mem_limit, "MEMORY_LIMIT", "soft");
bool mem_is_soft = mem_limit == "soft";
std::string cgroup_string = cgroup;
CgroupLimits climits(cgroup_string);
if (mem_is_soft || (mem_limit == "hard")) {
ClassAd * MachineAd = Starter->jic->machClassAd();
int MemMb;
if (MachineAd->LookupInteger(ATTR_MEMORY, MemMb)) {
uint64_t MemMb_big = MemMb;
climits.set_memory_limit_bytes(1024*1024*MemMb_big, mem_is_soft);
} else {
dprintf(D_ALWAYS, "Not setting memory soft limit in cgroup because "
"Memory attribute missing in machine ad.\n");
}
} else if (mem_limit == "none") {
dprintf(D_FULLDEBUG, "Not enforcing memory soft limit.\n");
} else {
dprintf(D_ALWAYS, "Invalid value of MEMORY_LIMIT: %s. Ignoring.\n", mem_limit.c_str());
}
// Now, set the CPU shares
ClassAd * MachineAd = Starter->jic->machClassAd();
int slotWeight;
if (MachineAd->LookupInteger(ATTR_SLOT_WEIGHT, slotWeight)) {
climits.set_cpu_shares(slotWeight*100);
} else {
dprintf(D_FULLDEBUG, "Invalid value of SlotWeight in machine ClassAd; ignoring.\n");
}
}
#endif
return retval;
}
int
VanillaProc::StartJob()
{
dprintf(D_FULLDEBUG,"in VanillaProc::StartJob()\n");
// vanilla jobs, unlike standard jobs, are allowed to run
// shell scripts (or as is the case on NT, batch files). so
// edit the ad so we start up a shell, pass the executable as
// an argument to the shell, if we are asked to run a .bat file.
#ifdef WIN32
CHAR interpreter[MAX_PATH+1],
systemshell[MAX_PATH+1];
const char* jobtmp = Starter->jic->origJobName();
int joblen = strlen(jobtmp);
const char *extension = joblen > 0 ? &(jobtmp[joblen-4]) : NULL;
bool binary_executable = ( extension &&
( MATCH == strcasecmp ( ".exe", extension ) ||
MATCH == strcasecmp ( ".com", extension ) ) ),
java_universe = ( CONDOR_UNIVERSE_JAVA == job_universe );
ArgList arguments;
MyString filename,
jobname,
error;
if ( extension && !java_universe && !binary_executable ) {
/** since we do not actually know how long the extension of
the file is, we'll need to hunt down the '.' in the path,
if it exists */
extension = strrchr ( jobtmp, '.' );
if ( !extension ) {
dprintf (
D_ALWAYS,
"VanillaProc::StartJob(): Failed to extract "
"the file's extension.\n" );
/** don't fail here, since we want executables to run
as usual. That is, some condor jobs submit
executables that do not have the '.exe' extension,
but are, nonetheless, executable binaries. For
instance, a submit script may contain:
executable = executable$(OPSYS) */
} else {
/** pull out the path to the executable */
if ( !JobAd->LookupString (
ATTR_JOB_CMD,
jobname ) ) {
/** fall back on Starter->jic->origJobName() */
jobname = jobtmp;
}
/** If we transferred the job, it may have been
renamed to condor_exec.exe even though it is
not an executable. Here we rename it back to
a the correct extension before it will run. */
if ( MATCH == strcasecmp (
CONDOR_EXEC,
condor_basename ( jobname.Value () ) ) ) {
filename.formatstr ( "condor_exec%s", extension );
if (rename(CONDOR_EXEC, filename.Value()) != 0) {
dprintf (D_ALWAYS, "VanillaProc::StartJob(): ERROR: "
"failed to rename executable from %s to %s\n",
CONDOR_EXEC, filename.Value() );
}
} else {
filename = jobname;
}
/** Since we've renamed our executable, we need to
update the job ad to reflect this change. */
if ( !JobAd->Assign (
ATTR_JOB_CMD,
filename ) ) {
dprintf (
D_ALWAYS,
"VanillaProc::StartJob(): ERROR: failed to "
"set new executable name.\n" );
return FALSE;
}
/** We've moved the script to argv[1], so we need to
add the remaining arguments to positions argv[2]..
argv[/n/]. */
if ( !arguments.AppendArgsFromClassAd ( JobAd, &error ) ||
!arguments.InsertArgsIntoClassAd ( JobAd, NULL,
&error ) ) {
dprintf (
D_ALWAYS,
"VanillaProc::StartJob(): ERROR: failed to "
"get arguments from job ad: %s\n",
error.Value () );
return FALSE;
}
/** Since we know already we don't want this file returned
to us, we explicitly add it to an exception list which
will stop the file transfer mechanism from considering
it for transfer back to its submitter */
Starter->jic->removeFromOutputFiles (
filename.Value () );
}
}
#endif
// set up a FamilyInfo structure to tell OsProc to register a family
// with the ProcD in its call to DaemonCore::Create_Process
//
FamilyInfo fi;
// take snapshots at no more than 15 seconds in between, by default
//
fi.max_snapshot_interval = param_integer("PID_SNAPSHOT_INTERVAL", 15);
m_dedicated_account = Starter->jic->getExecuteAccountIsDedicated();
if( ThisProcRunsAlongsideMainProc() ) {
// If we track a secondary proc's family tree (such as
// sshd) using the same dedicated account as the job's
// family tree, we could end up killing the job when we
// clean up the secondary family.
m_dedicated_account = NULL;
}
if (m_dedicated_account) {
// using login-based family tracking
fi.login = m_dedicated_account;
// The following message is documented in the manual as the
// way to tell whether the dedicated execution account
// configuration is being used.
dprintf(D_ALWAYS,
"Tracking process family by login \"%s\"\n",
fi.login);
}
FilesystemRemap * fs_remap = NULL;
#if defined(LINUX)
// on Linux, we also have the ability to track processes via
// a phony supplementary group ID
//
gid_t tracking_gid = 0;
if (param_boolean("USE_GID_PROCESS_TRACKING", false)) {
if (!can_switch_ids() &&
(Starter->condorPrivSepHelper() == NULL))
{
EXCEPT("USE_GID_PROCESS_TRACKING enabled, but can't modify "
"the group list of our children unless running as "
"root or using PrivSep");
}
fi.group_ptr = &tracking_gid;
}
// Increase the OOM score of this process; the child will inherit it.
// This way, the job will be heavily preferred to be killed over a normal process.
// OOM score is currently exponential - a score of 4 is a factor-16 increase in
// the OOM score.
setupOOMScore(4,800);
#endif
#if defined(HAVE_EXT_LIBCGROUP)
// Determine the cgroup
std::string cgroup_base;
param(cgroup_base, "BASE_CGROUP", "");
MyString cgroup_str;
const char *cgroup = NULL;
/* Note on CONDOR_UNIVERSE_LOCAL - The cgroup setup code below
* requires a unique name for the cgroup. It relies on
* uniqueness of the MachineAd's Name
* attribute. Unfortunately, in the local universe the
* MachineAd (mach_ad elsewhere) is never populated, because
* there is no machine. As a result the ASSERT on
* starter_name fails. This means that the local universe
* will not work on any machine that has BASE_CGROUP
* configured. A potential workaround is to set
* STARTER.BASE_CGROUP on any machine that is also running a
* schedd, but that disables cgroup support from a
* co-resident startd. Instead, I'm disabling cgroup support
* from within the local universe until the intraction of
* local universe and cgroups can be properly worked
* out. -matt 7 nov '12
*/
if (CONDOR_UNIVERSE_LOCAL != job_universe && cgroup_base.length()) {
MyString cgroup_uniq;
std::string starter_name, execute_str;
param(execute_str, "EXECUTE", "EXECUTE_UNKNOWN");
// Note: Starter is a global variable from os_proc.cpp
Starter->jic->machClassAd()->EvalString(ATTR_NAME, NULL, starter_name);
if (starter_name.size() == 0) {
char buf[16];
sprintf(buf, "%d", getpid());
starter_name = buf;
}
//ASSERT (starter_name.size());
cgroup_uniq.formatstr("%s_%s", execute_str.c_str(), starter_name.c_str());
const char dir_delim[2] = {DIR_DELIM_CHAR, '\0'};
cgroup_uniq.replaceString(dir_delim, "_");
cgroup_str.formatstr("%s%ccondor%s", cgroup_base.c_str(), DIR_DELIM_CHAR,
cgroup_uniq.Value());
cgroup_str += this->CgroupSuffix();
cgroup = cgroup_str.Value();
ASSERT (cgroup != NULL);
fi.cgroup = cgroup;
dprintf(D_FULLDEBUG, "Requesting cgroup %s for job.\n", cgroup);
}
#endif
// The chroot stuff really only works on linux
#ifdef LINUX
{
// Have Condor manage a chroot
std::string requested_chroot_name;
JobAd->EvalString("RequestedChroot", NULL, requested_chroot_name);
const char * allowed_root_dirs = param("NAMED_CHROOT");
if (requested_chroot_name.size()) {
dprintf(D_FULLDEBUG, "Checking for chroot: %s\n", requested_chroot_name.c_str());
StringList chroot_list(allowed_root_dirs);
chroot_list.rewind();
const char * next_chroot;
bool acceptable_chroot = false;
std::string requested_chroot;
while ( (next_chroot=chroot_list.next()) ) {
MyString chroot_spec(next_chroot);
chroot_spec.Tokenize();
const char * chroot_name = chroot_spec.GetNextToken("=", false);
if (chroot_name == NULL) {
dprintf(D_ALWAYS, "Invalid named chroot: %s\n", chroot_spec.Value());
}
const char * next_dir = chroot_spec.GetNextToken("=", false);
if (chroot_name == NULL) {
dprintf(D_ALWAYS, "Invalid named chroot: %s\n", chroot_spec.Value());
}
dprintf(D_FULLDEBUG, "Considering directory %s for chroot %s.\n", next_dir, chroot_spec.Value());
if (IsDirectory(next_dir) && chroot_name && (strcmp(requested_chroot_name.c_str(), chroot_name) == 0)) {
acceptable_chroot = true;
requested_chroot = next_dir;
}
}
// TODO: path to chroot MUST be all root-owned, or we have a nice security exploit.
// Is this the responsibility of Condor to check, or the sysadmin who set it up?
if (!acceptable_chroot) {
return FALSE;
}
dprintf(D_FULLDEBUG, "Will attempt to set the chroot to %s.\n", requested_chroot.c_str());
std::stringstream ss;
std::stringstream ss2;
ss2 << Starter->GetExecuteDir() << DIR_DELIM_CHAR << "dir_" << getpid();
std::string execute_dir = ss2.str();
ss << requested_chroot << DIR_DELIM_CHAR << ss2.str();
std::string full_dir_str = ss.str();
if (is_trivial_rootdir(requested_chroot)) {
dprintf(D_FULLDEBUG, "Requested a trivial chroot %s; this is a no-op.\n", requested_chroot.c_str());
} else if (IsDirectory(execute_dir.c_str())) {
{
TemporaryPrivSentry sentry(PRIV_ROOT);
if( mkdir(full_dir_str.c_str(), S_IRWXU) < 0 ) {
dprintf( D_FAILURE|D_ALWAYS,
"Failed to create sandbox directory in chroot (%s): %s\n",
full_dir_str.c_str(),
strerror(errno) );
return FALSE;
}
if (chown(full_dir_str.c_str(),
get_user_uid(),
get_user_gid()) == -1)
{
EXCEPT("chown error on %s: %s",
full_dir_str.c_str(),
strerror(errno));
}
}
if (!fs_remap) {
fs_remap = new FilesystemRemap();
}
dprintf(D_FULLDEBUG, "Adding mapping: %s -> %s.\n", execute_dir.c_str(), full_dir_str.c_str());
if (fs_remap->AddMapping(execute_dir, full_dir_str)) {
// FilesystemRemap object prints out an error message for us.
return FALSE;
}
dprintf(D_FULLDEBUG, "Adding mapping %s -> %s.\n", requested_chroot.c_str(), "/");
std::string root_str("/");
if (fs_remap->AddMapping(requested_chroot, root_str)) {
return FALSE;
}
} else {
dprintf(D_ALWAYS, "Unable to do chroot because working dir %s does not exist.\n", execute_dir.c_str());
}
} else {
dprintf(D_FULLDEBUG, "Value of RequestedChroot is unset.\n");
}
}
// End of chroot
#endif
// On Linux kernel 2.4.19 and later, we can give each job its
// own FS mounts.
auto_free_ptr mount_under_scratch(param("MOUNT_UNDER_SCRATCH"));
if (mount_under_scratch) {
// try evaluating mount_under_scratch as a classad expression, if it is
// an expression it must return a string. if it's not an expression, just
// use it as a string (as we did before 8.3.6)
classad::Value value;
if (JobAd->EvaluateExpr(mount_under_scratch.ptr(), value)) {
const char * pval = NULL;
if (value.IsStringValue(pval)) {
mount_under_scratch.set(strdup(pval));
} else {
// was an expression, but not a string, so report and error and fail.
dprintf(D_ALWAYS | D_ERROR,
"ERROR: MOUNT_UNDER_SCRATCH does not evaluate to a string, it is : %s\n",
ClassAdValueToString(value));
return FALSE;
}
}
}
// if execute dir is encrypted, add /tmp and /var/tmp to mount_under_scratch
bool encrypt_execdir = false;
JobAd->LookupBool(ATTR_ENCRYPT_EXECUTE_DIRECTORY,encrypt_execdir);
if (encrypt_execdir || param_boolean_crufty("ENCRYPT_EXECUTE_DIRECTORY",false)) {
// prepend /tmp, /var/tmp to whatever admin wanted. don't worry
// if admin already listed /tmp etc - subdirs can appear twice
// in this list because AddMapping() ok w/ duplicate entries
MyString buf("/tmp,/var/tmp,");
buf += mount_under_scratch.ptr();
mount_under_scratch.set(buf.StrDup());
}
if (mount_under_scratch) {
std::string working_dir = Starter->GetWorkingDir();
if (IsDirectory(working_dir.c_str())) {
StringList mount_list(mount_under_scratch);
mount_list.rewind();
if (!fs_remap) {
fs_remap = new FilesystemRemap();
}
char * next_dir;
while ( (next_dir=mount_list.next()) ) {
if (!*next_dir) {
// empty string?
mount_list.deleteCurrent();
continue;
}
std::string next_dir_str(next_dir);
// Gah, I wish I could throw an exception to clean up these nested if statements.
if (IsDirectory(next_dir)) {
char * full_dir = dirscat(working_dir, next_dir_str);
if (full_dir) {
std::string full_dir_str(full_dir);
delete [] full_dir; full_dir = NULL;
if (!mkdir_and_parents_if_needed( full_dir_str.c_str(), S_IRWXU, PRIV_USER )) {
dprintf(D_ALWAYS, "Failed to create scratch directory %s\n", full_dir_str.c_str());
delete fs_remap;
return FALSE;
}
dprintf(D_FULLDEBUG, "Adding mapping: %s -> %s.\n", full_dir_str.c_str(), next_dir_str.c_str());
if (fs_remap->AddMapping(full_dir_str, next_dir_str)) {
// FilesystemRemap object prints out an error message for us.
delete fs_remap;
return FALSE;
}
} else {
dprintf(D_ALWAYS, "Unable to concatenate %s and %s.\n", working_dir.c_str(), next_dir_str.c_str());
delete fs_remap;
return FALSE;
}
} else {
dprintf(D_ALWAYS, "Unable to add mapping %s -> %s because %s doesn't exist.\n", working_dir.c_str(), next_dir, next_dir);
}
}
} else {
dprintf(D_ALWAYS, "Unable to perform mappings because %s doesn't exist.\n", working_dir.c_str());
delete fs_remap;
return FALSE;
}
mount_under_scratch.clear();
}
#if defined(LINUX)
// On Linux kernel 2.6.24 and later, we can give each
// job its own PID namespace
if (param_boolean("USE_PID_NAMESPACES", false)) {
if (!can_switch_ids()) {
EXCEPT("USE_PID_NAMESPACES enabled, but can't perform this "
"call in Linux unless running as root.");
}
fi.want_pid_namespace = this->SupportsPIDNamespace();
if (fi.want_pid_namespace) {
if (!fs_remap) {
fs_remap = new FilesystemRemap();
}
fs_remap->RemapProc();
}
// When PID Namespaces are enabled, need to run the job
// under the condor_pid_ns_init program, so that signals
// propagate through to the child.
// First tell the program where to log output status
// via an environment variable
if (param_boolean("USE_PID_NAMESPACE_INIT", true)) {
Env env;
MyString env_errors;
MyString arg_errors;
std::string filename;
filename = Starter->GetWorkingDir();
filename += "/.condor_pid_ns_status";
env.MergeFrom(JobAd, &env_errors);
env.SetEnv("_CONDOR_PID_NS_INIT_STATUS_FILENAME", filename);
env.InsertEnvIntoClassAd(JobAd, &env_errors);
Starter->jic->removeFromOutputFiles(condor_basename(filename.c_str()));
this->m_pid_ns_status_filename = filename;
// Now, set the job's CMD to the wrapper, and shift
// over the arguments by one
ArgList args;
std::string cmd;
JobAd->LookupString(ATTR_JOB_CMD, cmd);
args.AppendArg(cmd);
args.AppendArgsFromClassAd(JobAd, &arg_errors);
args.InsertArgsIntoClassAd(JobAd, NULL, & arg_errors);
std::string libexec;
if( !param(libexec,"LIBEXEC") ) {
dprintf(D_ALWAYS, "Cannot find LIBEXEC so can not run condor_pid_ns_init\n");
return 0;
}
std::string c_p_n_i = libexec + "/condor_pid_ns_init";
JobAd->Assign(ATTR_JOB_CMD, c_p_n_i);
}
}
dprintf(D_FULLDEBUG, "PID namespace option: %s\n", fi.want_pid_namespace ? "true" : "false");
#endif
// have OsProc start the job
//
int retval = OsProc::StartJob(&fi, fs_remap);
if (fs_remap != NULL) {
delete fs_remap;
}
#if defined(HAVE_EXT_LIBCGROUP)
// Set fairshare limits. Note that retval == 1 indicates success, 0 is failure.
// See Note near setup of param(BASE_CGROUP)
if (CONDOR_UNIVERSE_LOCAL != job_universe && cgroup && retval) {
std::string mem_limit;
param(mem_limit, "CGROUP_MEMORY_LIMIT_POLICY", "soft");
bool mem_is_soft = mem_limit == "soft";
std::string cgroup_string = cgroup;
CgroupLimits climits(cgroup_string);
if (mem_is_soft || (mem_limit == "hard")) {
ClassAd * MachineAd = Starter->jic->machClassAd();
int MemMb;
if (MachineAd->LookupInteger(ATTR_MEMORY, MemMb)) {
uint64_t MemMb_big = MemMb;
m_memory_limit = MemMb_big;
climits.set_memory_limit_bytes(1024*1024*MemMb_big, mem_is_soft);
// Note that ATTR_VIRTUAL_MEMORY on Linux
// is sum of memory and swap, in Kilobytes
int VMemKb;
if (MachineAd->LookupInteger(ATTR_VIRTUAL_MEMORY, VMemKb)) {
uint64_t memsw_limit = ((uint64_t)1024) * VMemKb;
if (VMemKb > 0) {
// we're not allowed to set memsw limit <
// the hard memory limit. If we haven't set the hard
// memory limit, the default may be infinity.
// So, if we've set soft, set hard limit to memsw - one page
if (mem_is_soft) {
uint64_t hard_limit = memsw_limit - 4096;
climits.set_memory_limit_bytes(hard_limit, false);
}
climits.set_memsw_limit_bytes(memsw_limit);
}
} else {
dprintf(D_ALWAYS, "Not setting virtual memory limit in cgroup because "
"Virtual Memory attribute missing in machine ad.\n");
}
} else {
dprintf(D_ALWAYS, "Not setting memory limit in cgroup because "
"Memory attribute missing in machine ad.\n");
}
} else if (mem_limit == "none") {
dprintf(D_FULLDEBUG, "Not enforcing memory limit.\n");
} else {
dprintf(D_ALWAYS, "Invalid value of CGROUP_MEMORY_LIMIT_POLICY: %s. Ignoring.\n", mem_limit.c_str());
}
// Now, set the CPU shares
ClassAd * MachineAd = Starter->jic->machClassAd();
int numCores = 1;
if (MachineAd->LookupInteger(ATTR_CPUS, numCores)) {
climits.set_cpu_shares(numCores*100);
} else {
dprintf(D_FULLDEBUG, "Invalid value of Cpus in machine ClassAd; ignoring.\n");
}
setupOOMEvent(cgroup);
}
m_statistics.Reconfig();
// Now that the job is started, decrease the likelihood that the starter
// is killed instead of the job itself.
if (retval)
{
setupOOMScore(0,0);
}
#endif
return retval;
}
int
OsProc::StartJob(FamilyInfo* family_info, FilesystemRemap* fs_remap=NULL)
{
int nice_inc = 0;
bool has_wrapper = false;
dprintf(D_FULLDEBUG,"in OsProc::StartJob()\n");
if ( !JobAd ) {
dprintf ( D_ALWAYS, "No JobAd in OsProc::StartJob()!\n" );
return 0;
}
MyString JobName;
if ( JobAd->LookupString( ATTR_JOB_CMD, JobName ) != 1 ) {
dprintf( D_ALWAYS, "%s not found in JobAd. Aborting StartJob.\n",
ATTR_JOB_CMD );
return 0;
}
const char* job_iwd = Starter->jic->jobRemoteIWD();
dprintf( D_ALWAYS, "IWD: %s\n", job_iwd );
// some operations below will require a PrivSepHelper if
// PrivSep is enabled (if it's not, privsep_helper will be
// NULL)
PrivSepHelper* privsep_helper = Starter->privSepHelper();
// // // // // //
// Arguments
// // // // // //
// prepend the full path to this name so that we
// don't have to rely on the PATH inside the
// USER_JOB_WRAPPER or for exec().
bool transfer_exe = false;
if (!JobAd->LookupBool(ATTR_TRANSFER_EXECUTABLE, transfer_exe)) {
transfer_exe = false;
}
bool preserve_rel = false;
if (!JobAd->LookupBool(ATTR_PRESERVE_RELATIVE_EXECUTABLE, preserve_rel)) {
preserve_rel = false;
}
bool relative_exe = is_relative_to_cwd(JobName.Value());
if (relative_exe && preserve_rel && !transfer_exe) {
dprintf(D_ALWAYS, "Preserving relative executable path: %s\n", JobName.Value());
}
else if ( strcmp(CONDOR_EXEC,JobName.Value()) == 0 ) {
JobName.formatstr( "%s%c%s",
Starter->GetWorkingDir(),
DIR_DELIM_CHAR,
CONDOR_EXEC );
}
else if (relative_exe && job_iwd && *job_iwd) {
MyString full_name;
full_name.formatstr("%s%c%s",
job_iwd,
DIR_DELIM_CHAR,
JobName.Value());
JobName = full_name;
}
if( Starter->isGridshell() ) {
// if we're a gridshell, just try to chmod our job, since
// globus probably transfered it for us and left it with
// bad permissions...
priv_state old_priv = set_user_priv();
int retval = chmod( JobName.Value(), S_IRWXU | S_IRWXO | S_IRWXG );
set_priv( old_priv );
if( retval < 0 ) {
dprintf ( D_ALWAYS, "Failed to chmod %s!\n", JobName.Value() );
return 0;
}
}
ArgList args;
// Since we may be adding to the argument list, we may need to deal
// with platform-specific arg syntax in the user's args in order
// to successfully merge them with the additional wrapper args.
args.SetArgV1SyntaxToCurrentPlatform();
// First, put "condor_exec" or whatever at the front of Args,
// since that will become argv[0] of what we exec(), either
// the wrapper or the actual job.
if( !getArgv0() ) {
args.AppendArg(JobName.Value());
} else {
args.AppendArg(getArgv0());
}
// Support USER_JOB_WRAPPER parameter...
char *wrapper = NULL;
if( (wrapper=param("USER_JOB_WRAPPER")) ) {
// make certain this wrapper program exists and is executable
if( access(wrapper,X_OK) < 0 ) {
dprintf( D_ALWAYS,
"Cannot find/execute USER_JOB_WRAPPER file %s\n",
wrapper );
free( wrapper );
return 0;
}
has_wrapper = true;
// Now, we've got a valid wrapper. We want that to become
// "JobName" so we exec it directly, and we want to put
// what was the JobName (with the full path) as the first
// argument to the wrapper
args.AppendArg(JobName.Value());
JobName = wrapper;
free(wrapper);
}
// Support USE_PARROT
bool use_parrot = false;
if( JobAd->LookupBool( ATTR_USE_PARROT, use_parrot) ) {
// Check for parrot executable
char *parrot = NULL;
if( (parrot=param("PARROT")) ) {
if( access(parrot,X_OK) < 0 ) {
dprintf( D_ALWAYS, "Unable to use parrot(Cannot find/execute "
"at %s(%s)).\n", parrot, strerror(errno) );
free( parrot );
return 0;
} else {
args.AppendArg(JobName.Value());
JobName = parrot;
free( parrot );
}
} else {
dprintf( D_ALWAYS, "Unable to use parrot(Undefined path in config"
" file)" );
return 0;
}
}
// Either way, we now have to add the user-specified args as
// the rest of the Args string.
MyString args_error;
if(!args.AppendArgsFromClassAd(JobAd,&args_error)) {
dprintf(D_ALWAYS, "Failed to read job arguments from JobAd. "
"Aborting OsProc::StartJob: %s\n",args_error.Value());
return 0;
}
// // // // // //
// Environment
// // // // // //
// Now, instantiate an Env object so we can manipulate the
// environment as needed.
Env job_env;
MyString env_errors;
if( !Starter->GetJobEnv(JobAd,&job_env,&env_errors) ) {
dprintf( D_ALWAYS, "Aborting OSProc::StartJob: %s\n",
env_errors.Value());
return 0;
}
// // // // // //
// Standard Files
// // // // // //
// handle stdin, stdout, and stderr redirection
int fds[3];
// initialize these to -2 to mean they're not specified.
// -1 will be treated as an error.
fds[0] = -2; fds[1] = -2; fds[2] = -2;
// in order to open these files we must have the user's privs:
priv_state priv;
priv = set_user_priv();
// if we're in PrivSep mode, we won't necessarily be able to
// open the files for the job. getStdFile will return us an
// open FD in some situations, but otherwise will give us
// a filename that we'll pass to the PrivSep Switchboard
//
bool stdin_ok;
bool stdout_ok;
bool stderr_ok;
MyString privsep_stdin_name;
MyString privsep_stdout_name;
MyString privsep_stderr_name;
if (privsep_helper != NULL) {
stdin_ok = getStdFile(SFT_IN,
NULL,
true,
"Input file",
&fds[0],
&privsep_stdin_name);
stdout_ok = getStdFile(SFT_OUT,
NULL,
true,
"Output file",
&fds[1],
&privsep_stdout_name);
stderr_ok = getStdFile(SFT_ERR,
NULL,
true,
"Error file",
&fds[2],
&privsep_stderr_name);
}
else {
fds[0] = openStdFile( SFT_IN,
NULL,
true,
"Input file");
stdin_ok = (fds[0] != -1);
fds[1] = openStdFile( SFT_OUT,
NULL,
true,
"Output file");
stdout_ok = (fds[1] != -1);
fds[2] = openStdFile( SFT_ERR,
NULL,
true,
"Error file");
stderr_ok = (fds[2] != -1);
}
/* Bail out if we couldn't open the std files correctly */
if( !stdin_ok || !stdout_ok || !stderr_ok ) {
/* only close ones that had been opened correctly */
for ( int i = 0; i <= 2; i++ ) {
if ( fds[i] >= 0 ) {
daemonCore->Close_FD ( fds[i] );
}
}
dprintf(D_ALWAYS, "Failed to open some/all of the std files...\n");
dprintf(D_ALWAYS, "Aborting OsProc::StartJob.\n");
set_priv(priv); /* go back to original priv state before leaving */
return 0;
}
// // // // // //
// Misc + Exec
// // // // // //
if( !ThisProcRunsAlongsideMainProc() ) {
Starter->jic->notifyJobPreSpawn();
}
// compute job's renice value by evaluating the machine's
// JOB_RENICE_INCREMENT in the context of the job ad...
char* ptmp = param( "JOB_RENICE_INCREMENT" );
if( ptmp ) {
// insert renice expr into our copy of the job ad
MyString reniceAttr = "Renice = ";
reniceAttr += ptmp;
if( !JobAd->Insert( reniceAttr.Value() ) ) {
dprintf( D_ALWAYS, "ERROR: failed to insert JOB_RENICE_INCREMENT "
"into job ad, Aborting OsProc::StartJob...\n" );
free( ptmp );
return 0;
}
// evaluate
if( JobAd->EvalInteger( "Renice", NULL, nice_inc ) ) {
dprintf( D_ALWAYS, "Renice expr \"%s\" evaluated to %d\n",
ptmp, nice_inc );
} else {
dprintf( D_ALWAYS, "WARNING: job renice expr (\"%s\") doesn't "
"eval to int! Using default of 10...\n", ptmp );
nice_inc = 10;
}
// enforce valid ranges for nice_inc
if( nice_inc < 0 ) {
dprintf( D_FULLDEBUG, "WARNING: job renice value (%d) is too "
"low: adjusted to 0\n", nice_inc );
nice_inc = 0;
}
else if( nice_inc > 19 ) {
dprintf( D_FULLDEBUG, "WARNING: job renice value (%d) is too "
"high: adjusted to 19\n", nice_inc );
nice_inc = 19;
}
ASSERT( ptmp );
free( ptmp );
ptmp = NULL;
} else {
// if JOB_RENICE_INCREMENT is undefined, default to 0
nice_inc = 0;
}
// in the below dprintfs, we want to skip past argv[0], which
// is sometimes condor_exec, in the Args string.
MyString args_string;
args.GetArgsStringForDisplay(&args_string, 1);
if( has_wrapper ) {
// print out exactly what we're doing so folks can debug
// it, if they need to.
dprintf( D_ALWAYS, "Using wrapper %s to exec %s\n", JobName.Value(),
args_string.Value() );
} else {
dprintf( D_ALWAYS, "About to exec %s %s\n", JobName.Value(),
args_string.Value() );
}
// Grab the full environment back out of the Env object
if(IsFulldebug(D_FULLDEBUG)) {
MyString env_string;
job_env.getDelimitedStringForDisplay(&env_string);
dprintf(D_FULLDEBUG, "Env = %s\n", env_string.Value());
}
// Check to see if we need to start this process paused, and if
// so, pass the right flag to DC::Create_Process().
int job_opt_mask = DCJOBOPT_NO_CONDOR_ENV_INHERIT;
if (!param_boolean("JOB_INHERITS_STARTER_ENVIRONMENT",false)) {
job_opt_mask |= DCJOBOPT_NO_ENV_INHERIT;
}
int suspend_job_at_exec = 0;
JobAd->LookupBool( ATTR_SUSPEND_JOB_AT_EXEC, suspend_job_at_exec);
if( suspend_job_at_exec ) {
dprintf( D_FULLDEBUG, "OsProc::StartJob(): "
"Job wants to be suspended at exec\n" );
job_opt_mask |= DCJOBOPT_SUSPEND_ON_EXEC;
}
// If there is a requested coresize for this job, enforce it.
// Convert negative and very large values to RLIM_INFINITY, meaning
// no size limit.
// RLIM_INFINITY is unsigned, but its value and type size vary.
long long core_size_ad;
size_t core_size;
size_t *core_size_ptr = NULL;
#if !defined(WIN32)
if ( JobAd->LookupInteger( ATTR_CORE_SIZE, core_size_ad ) ) {
if ( core_size_ad < 0 || (unsigned long long)core_size_ad > RLIM_INFINITY ) {
core_size = RLIM_INFINITY;
} else {
core_size = (size_t)core_size_ad;
}
core_size_ptr = &core_size;
}
#endif // !defined(WIN32)
long rlimit_as_hard_limit = 0;
char *rlimit_expr = param("STARTER_RLIMIT_AS");
if (rlimit_expr) {
classad::ClassAdParser parser;
classad::ExprTree *tree = parser.ParseExpression(rlimit_expr);
if (tree) {
classad::Value val;
long long result;
if (EvalExprTree(tree, Starter->jic->machClassAd(), JobAd, val) &&
val.IsIntegerValue(result)) {
result *= 1024 * 1024; // convert to megabytes
rlimit_as_hard_limit = (long)result; // truncate for Create_Process
if (result > rlimit_as_hard_limit) {
// if truncation to long results in a change in the value, then
// the requested limit must be > 2 GB and we are on a 32 bit platform
// in that case, the requested limit is > than what the process can get anyway
// so just don't set a limit.
rlimit_as_hard_limit = 0;
}
if (rlimit_as_hard_limit > 0) {
dprintf(D_ALWAYS, "Setting job's virtual memory rlimit to %ld megabytes\n", rlimit_as_hard_limit);
}
} else {
dprintf(D_ALWAYS, "Can't evaluate STARTER_RLIMIT_AS expression %s\n", rlimit_expr);
}
} else {
dprintf(D_ALWAYS, "Can't parse STARTER_RLIMIT_AS expression: %s\n", rlimit_expr);
}
}
int *affinity_mask = makeCpuAffinityMask(Starter->getMySlotNumber());
#if defined ( WIN32 )
owner_profile_.update ();
/*************************************************************
NOTE: We currently *ONLY* support loading slot-user profiles.
This limitation will be addressed shortly, by allowing regular
users to load their registry hive - Ben [2008-09-31]
**************************************************************/
bool load_profile = false,
run_as_owner = false;
JobAd->LookupBool ( ATTR_JOB_LOAD_PROFILE, load_profile );
JobAd->LookupBool ( ATTR_JOB_RUNAS_OWNER, run_as_owner );
if ( load_profile && !run_as_owner ) {
if ( owner_profile_.load () ) {
/* publish the users environment into that of the main
job's environment */
if ( !owner_profile_.environment ( job_env ) ) {
dprintf ( D_ALWAYS, "OsProc::StartJob(): Failed to "
"export owner's environment.\n" );
}
} else {
dprintf ( D_ALWAYS, "OsProc::StartJob(): Failed to load "
"owner's profile.\n" );
}
}
#endif
// While we are still in user priv, print out the username
#if defined(LINUX)
if( Starter->glexecPrivSepHelper() ) {
// TODO: if there is some way to figure out the final username,
// print it out here or after starting the job.
dprintf(D_ALWAYS,"Running job via glexec\n");
}
#else
if( false ) {
}
#endif
else {
char const *username = NULL;
char const *how = "";
CondorPrivSepHelper* cpsh = Starter->condorPrivSepHelper();
if( cpsh ) {
username = cpsh->get_user_name();
how = "via privsep switchboard ";
}
else {
username = get_user_loginname();
}
if( !username ) {
username = "******";
}
dprintf(D_ALWAYS,"Running job %sas user %s\n",how,username);
}
set_priv ( priv );
// use this to return more detailed and reliable error message info
// from create-process operation.
MyString create_process_err_msg;
if (privsep_helper != NULL) {
const char* std_file_names[3] = {
privsep_stdin_name.Value(),
privsep_stdout_name.Value(),
privsep_stderr_name.Value()
};
JobPid = privsep_helper->create_process(JobName.Value(),
args,
job_env,
job_iwd,
fds,
std_file_names,
nice_inc,
core_size_ptr,
1,
job_opt_mask,
family_info,
affinity_mask,
&create_process_err_msg);
}
else {
JobPid = daemonCore->Create_Process( JobName.Value(),
args,
PRIV_USER_FINAL,
1,
FALSE,
FALSE,
&job_env,
job_iwd,
family_info,
NULL,
fds,
NULL,
nice_inc,
NULL,
job_opt_mask,
core_size_ptr,
affinity_mask,
NULL,
&create_process_err_msg,
fs_remap,
rlimit_as_hard_limit);
}
// Create_Process() saves the errno for us if it is an "interesting" error.
int create_process_errno = errno;
// errno is 0 in the privsep case. This executes for the daemon core create-process logic
if ((FALSE == JobPid) && (0 != create_process_errno)) {
if (create_process_err_msg != "") create_process_err_msg += " ";
MyString errbuf;
errbuf.formatstr("(errno=%d: '%s')", create_process_errno, strerror(create_process_errno));
create_process_err_msg += errbuf;
}
// now close the descriptors in fds array. our child has inherited
// them already, so we should close them so we do not leak descriptors.
// NOTE, we want to use a special method to close the starter's
// versions, if that's what we're using, so we don't think we've
// still got those available in other parts of the code for any
// reason.
for ( int i = 0; i <= 2; i++ ) {
if ( fds[i] >= 0 ) {
daemonCore->Close_FD ( fds[i] );
}
}
if ( JobPid == FALSE ) {
JobPid = -1;
if(!create_process_err_msg.IsEmpty()) {
// if the reason Create_Process failed was that registering
// a family with the ProcD failed, it is indicative of a
// problem regarding this execute machine, not the job. in
// this case, we'll want to EXCEPT instead of telling the
// Shadow to put the job on hold. there are probably other
// error conditions where EXCEPTing would be more appropriate
// as well...
//
if (create_process_errno == DaemonCore::ERRNO_REGISTRATION_FAILED) {
EXCEPT("Create_Process failed to register the job with the ProcD");
}
MyString err_msg = "Failed to execute '";
err_msg += JobName;
err_msg += "'";
if(!args_string.IsEmpty()) {
err_msg += " with arguments ";
err_msg += args_string.Value();
}
err_msg += ": ";
err_msg += create_process_err_msg;
if( !ThisProcRunsAlongsideMainProc() ) {
Starter->jic->notifyStarterError( err_msg.Value(),
true,
CONDOR_HOLD_CODE_FailedToCreateProcess,
create_process_errno );
}
}
dprintf(D_ALWAYS,"Create_Process(%s,%s, ...) failed: %s\n",
JobName.Value(), args_string.Value(), create_process_err_msg.Value());
return 0;
}
num_pids++;
dprintf(D_ALWAYS,"Create_Process succeeded, pid=%d\n",JobPid);
job_start_time.getTime();
return 1;
}
