static void assert_valid_setup(char *current_executable) { char *executable_file = get_executable(); char *orig_conf_file = HADOOP_CONF_DIR "/" CONF_FILENAME; char *conf_file = resolve_config_path(orig_conf_file, current_executable); if (conf_file == NULL) { fprintf(ERRORFILE, "Configuration file %s not found.\n", orig_conf_file); flush_and_close_log_files(); exit(INVALID_CONFIG_FILE); } if (check_configuration_permissions(conf_file) != 0) { flush_and_close_log_files(); exit(INVALID_CONFIG_FILE); } read_executor_config(conf_file); free(conf_file); // look up the node manager group in the config file char *nm_group = get_nodemanager_group(); if (nm_group == NULL) { fprintf(ERRORFILE, "Can't get configured value for %s.\n", NM_GROUP_KEY); flush_and_close_log_files(); exit(INVALID_CONFIG_FILE); } struct group *group_info = getgrnam(nm_group); if (group_info == NULL) { fprintf(ERRORFILE, "Can't get group information for %s - %s.\n", nm_group, strerror(errno)); flush_and_close_log_files(); exit(INVALID_CONFIG_FILE); } set_nm_uid(getuid(), group_info->gr_gid); // if we are running from a setuid executable, make the real uid root setuid(0); // set the real and effective group id to the node manager group setgid(group_info->gr_gid); if (check_executor_permissions(executable_file) != 0) { fprintf(ERRORFILE, "Invalid permissions on container-executor binary.\n"); flush_and_close_log_files(); exit(INVALID_CONTAINER_EXEC_PERMISSIONS); } }
int main(int argc, char **argv) { int invalid_args = 0; int do_check_setup = 0; int do_mount_cgroups = 0; LOGFILE = stdout; ERRORFILE = stderr; if (argc > 1) { if (strcmp("--mount-cgroups", argv[1]) == 0) { do_mount_cgroups = 1; } } // Minimum number of arguments required to run // the std. container-executor commands is 4 // 4 args not needed for checksetup option if (argc < 4 && !do_mount_cgroups) { invalid_args = 1; if (argc == 2) { const char *arg1 = argv[1]; if (strcmp("--checksetup", arg1) == 0) { invalid_args = 0; do_check_setup = 1; } } } if (invalid_args != 0) { display_usage(stdout); return INVALID_ARGUMENT_NUMBER; } int command; const char * app_id = NULL; const char * container_id = NULL; const char * cred_file = NULL; const char * script_file = NULL; const char * current_dir = NULL; const char * pid_file = NULL; int exit_code = 0; char * dir_to_be_deleted = NULL; char *executable_file = get_executable(); char *orig_conf_file = HADOOP_CONF_DIR "/" CONF_FILENAME; char *conf_file = resolve_config_path(orig_conf_file, argv[0]); char *local_dirs, *log_dirs; char *resources, *resources_key, *resources_value; if (conf_file == NULL) { fprintf(ERRORFILE, "Configuration file %s not found.\n", orig_conf_file); exit(INVALID_CONFIG_FILE); } if (check_configuration_permissions(conf_file) != 0) { exit(INVALID_CONFIG_FILE); } read_config(conf_file); free(conf_file); // look up the node manager group in the config file char *nm_group = get_value(NM_GROUP_KEY); if (nm_group == NULL) { fprintf(ERRORFILE, "Can't get configured value for %s.\n", NM_GROUP_KEY); exit(INVALID_CONFIG_FILE); } struct group *group_info = getgrnam(nm_group); if (group_info == NULL) { fprintf(ERRORFILE, "Can't get group information for %s - %s.\n", nm_group, strerror(errno)); fflush(LOGFILE); exit(INVALID_CONFIG_FILE); } set_nm_uid(getuid(), group_info->gr_gid); // if we are running from a setuid executable, make the real uid root setuid(0); // set the real and effective group id to the node manager group setgid(group_info->gr_gid); if (check_executor_permissions(executable_file) != 0) { fprintf(ERRORFILE, "Invalid permissions on container-executor binary.\n"); return INVALID_CONTAINER_EXEC_PERMISSIONS; } if (do_check_setup != 0) { // basic setup checks done // verified configs available and valid // verified executor permissions return 0; } if (do_mount_cgroups) { optind++; char *hierarchy = argv[optind++]; int result = 0; while (optind < argc && result == 0) { result = mount_cgroup(argv[optind++], hierarchy); } return result; } //checks done for user name if (argv[optind] == NULL) { fprintf(ERRORFILE, "Invalid user name.\n"); return INVALID_USER_NAME; } int ret = set_user(argv[optind]); if (ret != 0) { return ret; } // this string is used for building pathnames, the // process management is done based on the 'user_detail' // global, which was set by 'set_user()' above optind = optind + 1; char *yarn_user_name = argv[optind]; if (yarn_user_name == NULL) { fprintf(ERRORFILE, "Invalid yarn user name.\n"); return INVALID_USER_NAME; } optind = optind + 1; command = atoi(argv[optind++]); fprintf(LOGFILE, "main : command provided %d\n",command); fprintf(LOGFILE, "main : user is %s\n", user_detail->pw_name); fprintf(LOGFILE, "main : requested yarn user is %s\n", yarn_user_name); fflush(LOGFILE); switch (command) { case INITIALIZE_CONTAINER: if (argc < 9) { fprintf(ERRORFILE, "Too few arguments (%d vs 9) for initialize container\n", argc); fflush(ERRORFILE); return INVALID_ARGUMENT_NUMBER; } app_id = argv[optind++]; cred_file = argv[optind++]; local_dirs = argv[optind++];// good local dirs as a comma separated list log_dirs = argv[optind++];// good log dirs as a comma separated list exit_code = initialize_app(yarn_user_name, app_id, cred_file, extract_values(local_dirs), extract_values(log_dirs), argv + optind); break; case LAUNCH_CONTAINER: if (argc != 13) { fprintf(ERRORFILE, "Wrong number of arguments (%d vs 13) for launch container\n", argc); fflush(ERRORFILE); return INVALID_ARGUMENT_NUMBER; } app_id = argv[optind++]; container_id = argv[optind++]; current_dir = argv[optind++]; script_file = argv[optind++]; cred_file = argv[optind++]; pid_file = argv[optind++]; local_dirs = argv[optind++];// good local dirs as a comma separated list log_dirs = argv[optind++];// good log dirs as a comma separated list resources = argv[optind++];// key,value pair describing resources char *resources_key = malloc(strlen(resources)); char *resources_value = malloc(strlen(resources)); if (get_kv_key(resources, resources_key, strlen(resources)) < 0 || get_kv_value(resources, resources_value, strlen(resources)) < 0) { fprintf(ERRORFILE, "Invalid arguments for cgroups resources: %s", resources); fflush(ERRORFILE); free(resources_key); free(resources_value); return INVALID_ARGUMENT_NUMBER; } char** resources_values = extract_values(resources_value); exit_code = launch_container_as_user(yarn_user_name, app_id, container_id, current_dir, script_file, cred_file, pid_file, extract_values(local_dirs), extract_values(log_dirs), resources_key, resources_values); free(resources_key); free(resources_value); break; case SIGNAL_CONTAINER: if (argc != 6) { fprintf(ERRORFILE, "Wrong number of arguments (%d vs 6) for " \ "signal container\n", argc); fflush(ERRORFILE); return INVALID_ARGUMENT_NUMBER; } else { char* end_ptr = NULL; char* option = argv[optind++]; int container_pid = strtol(option, &end_ptr, 10); if (option == end_ptr || *end_ptr != '\0') { fprintf(ERRORFILE, "Illegal argument for container pid %s\n", option); fflush(ERRORFILE); return INVALID_ARGUMENT_NUMBER; } option = argv[optind++]; int signal = strtol(option, &end_ptr, 10); if (option == end_ptr || *end_ptr != '\0') { fprintf(ERRORFILE, "Illegal argument for signal %s\n", option); fflush(ERRORFILE); return INVALID_ARGUMENT_NUMBER; } exit_code = signal_container_as_user(yarn_user_name, container_pid, signal); } break; case DELETE_AS_USER: dir_to_be_deleted = argv[optind++]; exit_code= delete_as_user(yarn_user_name, dir_to_be_deleted, argv + optind); break; default: fprintf(ERRORFILE, "Invalid command %d not supported.",command); fflush(ERRORFILE); exit_code = INVALID_COMMAND_PROVIDED; } fclose(LOGFILE); fclose(ERRORFILE); return exit_code; }
int main(int argc, char **argv) { int invalid_args = 0; int do_check_setup = 0; LOGFILE = stdout; ERRORFILE = stderr; // Minimum number of arguments required to run // the std. container-executor commands is 4 // 4 args not needed for checksetup option if (argc < 4) { invalid_args = 1; if (argc == 2) { const char *arg1 = argv[1]; if (strcmp("--checksetup", arg1) == 0) { invalid_args = 0; do_check_setup = 1; } } } if (invalid_args != 0) { display_usage(stdout); return INVALID_ARGUMENT_NUMBER; } int command; const char * app_id = NULL; const char * container_id = NULL; const char * cred_file = NULL; const char * script_file = NULL; const char * current_dir = NULL; const char * pid_file = NULL; int exit_code = 0; char * dir_to_be_deleted = NULL; char *executable_file = get_executable(); char *orig_conf_file = STRINGIFY(HADOOP_CONF_DIR) "/" CONF_FILENAME; char *conf_file = realpath(orig_conf_file, NULL); if (conf_file == NULL) { fprintf(ERRORFILE, "Configuration file %s not found.\n", orig_conf_file); exit(INVALID_CONFIG_FILE); } if (check_configuration_permissions(conf_file) != 0) { exit(INVALID_CONFIG_FILE); } read_config(conf_file); free(conf_file); // look up the node manager group in the config file char *nm_group = get_value(NM_GROUP_KEY); if (nm_group == NULL) { fprintf(ERRORFILE, "Can't get configured value for %s.\n", NM_GROUP_KEY); exit(INVALID_CONFIG_FILE); } struct group *group_info = getgrnam(nm_group); if (group_info == NULL) { fprintf(ERRORFILE, "Can't get group information for %s - %s.\n", nm_group, strerror(errno)); fflush(LOGFILE); exit(INVALID_CONFIG_FILE); } set_nm_uid(getuid(), group_info->gr_gid); // if we are running from a setuid executable, make the real uid root setuid(0); // set the real and effective group id to the node manager group setgid(group_info->gr_gid); if (check_executor_permissions(executable_file) != 0) { fprintf(ERRORFILE, "Invalid permissions on container-executor binary.\n"); return INVALID_CONTAINER_EXEC_PERMISSIONS; } if (do_check_setup != 0) { // basic setup checks done // verified configs available and valid // verified executor permissions return 0; } //checks done for user name if (argv[optind] == NULL) { fprintf(ERRORFILE, "Invalid user name.\n"); return INVALID_USER_NAME; } int ret = set_user(argv[optind]); if (ret != 0) { return ret; } optind = optind + 1; command = atoi(argv[optind++]); fprintf(LOGFILE, "main : command provided %d\n",command); fprintf(LOGFILE, "main : user is %s\n", user_detail->pw_name); fflush(LOGFILE); switch (command) { case INITIALIZE_CONTAINER: if (argc < 6) { fprintf(ERRORFILE, "Too few arguments (%d vs 6) for initialize container\n", argc); fflush(ERRORFILE); return INVALID_ARGUMENT_NUMBER; } app_id = argv[optind++]; cred_file = argv[optind++]; exit_code = initialize_app(user_detail->pw_name, app_id, cred_file, argv + optind); break; case LAUNCH_CONTAINER: if (argc < 9) { fprintf(ERRORFILE, "Too few arguments (%d vs 9) for launch container\n", argc); fflush(ERRORFILE); return INVALID_ARGUMENT_NUMBER; } app_id = argv[optind++]; container_id = argv[optind++]; current_dir = argv[optind++]; script_file = argv[optind++]; cred_file = argv[optind++]; pid_file = argv[optind++]; exit_code = launch_container_as_user(user_detail->pw_name, app_id, container_id, current_dir, script_file, cred_file, pid_file); break; case SIGNAL_CONTAINER: if (argc < 5) { fprintf(ERRORFILE, "Too few arguments (%d vs 5) for signal container\n", argc); fflush(ERRORFILE); return INVALID_ARGUMENT_NUMBER; } else { char* end_ptr = NULL; char* option = argv[optind++]; int container_pid = strtol(option, &end_ptr, 10); if (option == end_ptr || *end_ptr != '\0') { fprintf(ERRORFILE, "Illegal argument for container pid %s\n", option); fflush(ERRORFILE); return INVALID_ARGUMENT_NUMBER; } option = argv[optind++]; int signal = strtol(option, &end_ptr, 10); if (option == end_ptr || *end_ptr != '\0') { fprintf(ERRORFILE, "Illegal argument for signal %s\n", option); fflush(ERRORFILE); return INVALID_ARGUMENT_NUMBER; } exit_code = signal_container_as_user(user_detail->pw_name, container_pid, signal); } break; case DELETE_AS_USER: dir_to_be_deleted = argv[optind++]; exit_code= delete_as_user(user_detail->pw_name, dir_to_be_deleted, argv + optind); break; default: fprintf(ERRORFILE, "Invalid command %d not supported.",command); fflush(ERRORFILE); exit_code = INVALID_COMMAND_PROVIDED; } fclose(LOGFILE); fclose(ERRORFILE); return exit_code; }
// This test is expected to be executed either by a regular // user or by root. If executed by a regular user it doesn't // test all the functions that would depend on changing the // effective user id. If executed by a super-user everything // gets tested. Here are different ways of execing the test binary: // 1. regular user assuming user == yarn user // $ test-container-executor // 2. regular user with a given yarn user // $ test-container-executor yarn_user // 3. super user with a given user and assuming user == yarn user // # test-container-executor user // 4. super user with a given user and a given yarn user // # test-container-executor user yarn_user int main(int argc, char **argv) { LOGFILE = stdout; ERRORFILE = stderr; // clean up any junk from previous run if (system("chmod -R u=rwx " TEST_ROOT "; rm -fr " TEST_ROOT)) { exit(1); } if (mkdirs(TEST_ROOT "/logs/userlogs", 0755) != 0) { exit(1); } if (write_config_file(TEST_ROOT "/test.cfg", 1) != 0) { exit(1); } read_config(TEST_ROOT "/test.cfg"); local_dirs = extract_values(strdup(NM_LOCAL_DIRS)); log_dirs = extract_values(strdup(NM_LOG_DIRS)); create_nm_roots(local_dirs); // See the description above of various ways this test // can be executed in order to understand the following logic char* current_username = strdup(getpwuid(getuid())->pw_name); if (getuid() == 0 && (argc == 2 || argc == 3)) { username = argv[1]; yarn_username = (argc == 3) ? argv[2] : argv[1]; } else { username = current_username; yarn_username = (argc == 2) ? argv[1] : current_username; } set_nm_uid(geteuid(), getegid()); if (set_user(username)) { exit(1); } printf("\nStarting tests\n"); printf("\nTesting resolve_config_path()\n"); test_resolve_config_path(); printf("\nTesting get_user_directory()\n"); test_get_user_directory(); printf("\nTesting get_app_directory()\n"); test_get_app_directory(); printf("\nTesting get_container_directory()\n"); test_get_container_directory(); printf("\nTesting get_container_launcher_file()\n"); test_get_container_launcher_file(); printf("\nTesting get_app_log_dir()\n"); test_get_app_log_dir(); test_check_configuration_permissions(); printf("\nTesting delete_container()\n"); test_delete_container(); printf("\nTesting delete_app()\n"); test_delete_app(); test_check_user(0); // the tests that change user need to be run in a subshell, so that // when they change user they don't give up our privs run_test_in_child("test_signal_container", test_signal_container); run_test_in_child("test_signal_container_group", test_signal_container_group); // init app and run container can't be run if you aren't testing as root if (getuid() == 0) { // these tests do internal forks so that the change_owner and execs // don't mess up our process. test_init_app(); test_run_container(); } seteuid(0); // test_delete_user must run as root since that's how we use the delete_as_user test_delete_user(); free_configurations(); printf("\nTrying banned default user()\n"); if (write_config_file(TEST_ROOT "/test.cfg", 0) != 0) { exit(1); } read_config(TEST_ROOT "/test.cfg"); username = "******"; test_check_user(1); username = "******"; test_check_user(1); run("rm -fr " TEST_ROOT); printf("\nFinished tests\n"); free(current_username); free_configurations(); return 0; }
int main(int argc, char **argv) { LOGFILE = stdout; ERRORFILE = stderr; int my_username = 0; // clean up any junk from previous run system("chmod -R u=rwx " TEST_ROOT "; rm -fr " TEST_ROOT); if (mkdirs(TEST_ROOT "/logs/userlogs", 0755) != 0) { exit(1); } if (write_config_file(TEST_ROOT "/test.cfg") != 0) { exit(1); } read_config(TEST_ROOT "/test.cfg"); create_nm_roots(); if (getuid() == 0 && argc == 2) { username = argv[1]; } else { username = strdup(getpwuid(getuid())->pw_name); my_username = 1; } set_nm_uid(geteuid(), getegid()); if (set_user(username)) { exit(1); } printf("\nStarting tests\n"); printf("\nTesting get_user_directory()\n"); test_get_user_directory(); printf("\nTesting get_app_directory()\n"); test_get_app_directory(); printf("\nTesting get_container_directory()\n"); test_get_container_directory(); printf("\nTesting get_container_launcher_file()\n"); test_get_container_launcher_file(); printf("\nTesting get_app_log_dir()\n"); test_get_app_log_dir(); test_check_configuration_permissions(); printf("\nTesting delete_container()\n"); test_delete_container(); printf("\nTesting delete_app()\n"); test_delete_app(); test_delete_user(); test_check_user(); // the tests that change user need to be run in a subshell, so that // when they change user they don't give up our privs run_test_in_child("test_signal_container", test_signal_container); run_test_in_child("test_signal_container_group", test_signal_container_group); // init app and run container can't be run if you aren't testing as root if (getuid() == 0) { // these tests do internal forks so that the change_owner and execs // don't mess up our process. test_init_app(); test_run_container(); } seteuid(0); run("rm -fr " TEST_ROOT); printf("\nFinished tests\n"); if (my_username) { free(username); } free_configurations(); return 0; }