static void
unsetPreloadEnv()
{
char *env = getenv("LD_PRELOAD");
char *pos;
// the const <-> non-const assignment is not an issue since the following
// modifying operations will not be executed in the const-case
env = env ? env : "";
pos = strstr(env, LIBNAME);
if (pos!=0) {
char *end_pos = pos + sizeof(LIBNAME);
bool is_end = (end_pos[-1]=='\0');
char *start_pos;
end_pos[-1] = '\0';
start_pos = strrchr(env, ':');
if (start_pos==0) start_pos = env;
else if (!is_end) ++start_pos;
if (is_end) *start_pos = '\0';
else memmove(start_pos, end_pos, strlen(end_pos)+1);
}
#ifdef DEBUG
if (isDbgLevel(DBG_VERBOSE1|DBG_VARIABLES)) {
WRITE_MSG(2, "env='");
WRITE_STR(2, env);
WRITE_MSG(2, "'\n");
}
#endif
if (*env=='\0') unsetenv("LD_PRELOAD");
}
int main(int argc, char *argv[])
{
char const * dir;
int root_fd;
int this_fd;
char * umount_cmd[] = { UMOUNT_PROG, "-l", "-n", ".", 0 };
if (argc<2) {
WRITE_MSG(2, "Try '");
WRITE_STR(2, argv[0]);
WRITE_MSG(2, " --help' for more information.\n");
return EXIT_FAILURE;
}
if (strcmp(argv[1], "--help")==0) showHelp(1, argv[0], 0);
if (strcmp(argv[1], "--version")==0) showVersion();
dir = argv[1];
if (strcmp(dir, "--")==0 && argc>=3) dir = argv[2];
root_fd = Eopen("/", O_RDONLY, 0);
Echroot(".");
Echdir(dir);
this_fd = Eopen(".", O_RDONLY, 0);
Efchdir(root_fd);
Echroot(".");
Efchdir(this_fd);
Eclose(root_fd);
Eclose(this_fd);
Eexecv(umount_cmd[0], umount_cmd);
}
static void
showHelp(int fd, char const *cmd, int res)
{
VSERVER_DECLARE_CMD(cmd);
WRITE_MSG(fd, "Usage: ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" [-g] --xid <xid> <TAG>*\n"
" or ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" -s --xid <xid> -t <TAG>=<VALUE> [--] [<command> <args>*]\n"
" or ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" --dir <dir> --xid <xid> [--missingok] [--] [<command> <args>*]\n\n"
" Options:\n"
" -g ... get and print the value\n"
" -s ... set the value\n\n"
" --xid <xid> ... operate on this context; 'self' means the current one\n"
" -t <TAG>=<VALUE>\n"
" ... set <TAG> to <VALUE>; this option can be repeated multiple time\n"
" --dir <dir> ... read values from files in <dir>. These files must\n"
" have a valid TAG as their name\n"
" --missingok ... do not fail when the <DIR> from '--dir' does not exist.\n"
"\n"
" Possible values for TAG are:\n"
" context, sysname, nodename, release, version, machine, domainname\n"
"\n"
"Please report bugs to " PACKAGE_BUGREPORT "\n");
exit(res);
}
static bool
checkFile(char const *fname)
{
int fd = Eopen(fname, O_RDONLY, 0);
off_t l = Elseek(fd, 0, SEEK_END);
char const * data = 0;
bool res = true;
if (l>100*1024*1024) {
WRITE_MSG(2, "WARNING: '");
WRITE_STR(2, fname);
WRITE_STR(2, "' is too large for a vserver configuration file\n");
res = false;
}
else if (l>0) {
data = mmap(0, l, PROT_READ, MAP_PRIVATE, fd, 0);
if (data==MAP_FAILED) {
perror("mmap()");
exit(wrapper_exit_code);
}
if (data[l-1]!='\n') {
WRITE_MSG(2, "WARNING: '");
WRITE_STR(2, fname);
WRITE_MSG(2, "' does not end on newline\n");
res = false;
}
munmap(const_cast(char *)(data), l);
}
static void
showHelp(int fd, char const *cmd)
{
WRITE_MSG(fd, "Usage: ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" [--] <file>+\n\n"
"Please report bugs to " PACKAGE_BUGREPORT "\n");
exit(0);
}
static void
showHelp(int fd, char const *cmd, int res)
{
WRITE_MSG(fd, "Usage: ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" [--] <cmd> <args>*\n\n"
"Please report bugs to " PACKAGE_BUGREPORT "\n");
exit(res);
}
static void
showHelp(int fd, char const *cmd, int res)
{
WRITE_MSG(fd, "Usage: ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" [-ql] <vserver>|<pid>|<context> <tag>\n"
"Please report bugs to " PACKAGE_BUGREPORT "\n");
exit(res);
}
static void
showHelp(int fd, char const *cmd, int res)
{
WRITE_MSG(fd, "Usage: ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
"[--help] [--version] <dir>\n\n"
"Please report bugs to " PACKAGE_BUGREPORT "\n");
exit(res);
}
static void
showHelp(int fd, char const *cmd, int res)
{
WRITE_MSG(fd, "Usage:\n ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" --socket <filename> [--timeout <seconds>]\n"
"\n"
"Please report bugs to " PACKAGE_BUGREPORT "\n");
exit(res);
}
static int
assumeNonNull(PathInfo const *cfgdir, char const *file, char const *val)
{
if (val!=0) return 0;
WRITE_MSG(2, "vserver-start: no value configured for '");
Vwrite (2, cfgdir->d, cfgdir->l);
WRITE_MSG(2, "/");
WRITE_STR(2, file);
WRITE_STR(2, "'\n");
return 1;
}
void
showHelp(int fd, char const *cmd, int res)
{
WRITE_MSG(fd, "Usage: ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" [-Rx] [--[~](iunlink|admin|watch|hide|barrier|iunlink-but-not-immutable|immutable|write|cow|ixunlink)]* [--] <file>+\n\n"
" Options:\n"
" -R ... recurse through directories\n"
" -x ... do not cross filesystems\n\n"
"Please report bugs to " PACKAGE_BUGREPORT "\n");
exit(res);
}
static void
showHelp(char const *cmd)
{
WRITE_MSG(1, "Usage: ");
WRITE_STR(1, cmd);
WRITE_MSG(1,
" [--] <filename>\n"
"\n"
"Shows the relative age of <filename>\n"
"\n"
"Please report bugs to " PACKAGE_BUGREPORT "\n");
exit(0);
}
static void alarm_handler(int sig LTP_ATTRIBUTE_UNUSED)
{
WRITE_MSG("Test timeouted, sending SIGKILL!\n");
kill(-test_pid, SIGKILL);
alarm(5);
if (++sigkill_retries > 10) {
WRITE_MSG("Cannot kill test processes!\n");
WRITE_MSG("Congratulation, likely test hit a kernel bug.\n");
WRITE_MSG("Exitting uncleanly...\n");
_exit(TFAIL);
}
}
static uint32_t
getCap(char const *cap)
{
int bit = vc_text2cap(cap);
if (bit!=0) {
WRITE_MSG(2, "Unknown capability '");
WRITE_STR(2, optarg);
WRITE_MSG(2, "'; try '--help' for more information\n");
exit(wrapper_exit_code);
}
return (1<<bit);
}
static void
parseUMask(char const *str, struct vc_umask *umask)
{
struct vc_err_listparser err;
int rc;
rc = vc_list2umask(str, 0, &err, umask);
if (rc==-1) {
WRITE_MSG(2, "Unknown namespace '");
Vwrite(2, err.ptr, err.len);
WRITE_MSG(2, "'\n");
exit(wrapper_exit_code);
}
}
static void
parseFlags(char const *str, struct vc_ctx_flags *flags)
{
struct vc_err_listparser err;
int rc;
rc = vc_list2cflag(str,0, &err, flags);
if (rc==-1) {
WRITE_MSG(2, "Unknown flag '");
Vwrite(2, err.ptr, err.len);
WRITE_MSG(2, "'\n");
exit(wrapper_exit_code);
}
}
static void
parseCCaps(char const *str, struct vc_ctx_caps *caps)
{
struct vc_err_listparser err;
int rc;
rc = vc_list2ccap(str,0, &err, caps);
if (rc==-1) {
WRITE_MSG(2, "Unknown ccap '");
Vwrite(2, err.ptr, err.len);
WRITE_MSG(2, "'\n");
exit(wrapper_exit_code);
}
}
static void
showHelp(int fd, char const *cmd, int res)
{
WRITE_MSG(fd, "Usage:\n ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" {--set|--get} [--nid <nid>] [--ncap [~!]<ncap>] [--flag [~!]<flag>] [--secure] --\n"
" [<program> <args>*]\n"
"\n"
" --ncap <cap> ... network capability to be added\n"
" --flag <flag> ... network flag to be added\n"
"\n"
"Please report bugs to " PACKAGE_BUGREPORT "\n");
exit(res);
}
static inline void
showHelp(int fd, int exit_code)
{
WRITE_MSG(fd,
"Usage: mask2prefix <mask>\n");
exit(exit_code);
}
static void sigint_handler(int sig LTP_ATTRIBUTE_UNUSED)
{
if (test_pid > 0) {
WRITE_MSG("Sending SIGKILL to test process...\n");
kill(-test_pid, SIGKILL);
}
}
static void
showTags()
{
char const * delim = "";
size_t i;
WRITE_MSG(1, "Valid tags are: ");
for (i=0; i<DIM_OF(TAGS); ++i) {
WRITE_STR(1, delim);
WRITE_STR(1, TAGS[i].tag);
delim = ", ";
}
WRITE_MSG(1, "\n");
exit(0);
}
static void
showHelp(int fd, char const *cmd, int res)
{
VSERVER_DECLARE_CMD(cmd);
WRITE_MSG(fd, "Usage: ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" [--help] [--version] [--bind] [--move] [--rbind] [-t <type>] [--chroot]\n"
" [--mtab <filename>] [--fstab <filename>] [--rootfs yes|no|only]\n"
" [-n] -a|([-o <options>] [--] <src> <dst>)\n\n"
"Executes mount-operations under the current directory: it assumes sources in\n"
"the current root-dir while destinations are expected in the chroot environment.\n\n"
"For non-trivial mount-operations it uses the external 'mount' program which\n"
"can be overridden by the $MOUNT environment variable.\n\n"
"Options:\n"
" --bind|move|rbind ... set the correspond flags; with this options\n"
" the mount will be executed internally without\n"
" calling an external mount program.\n"
" -t <type> ... assume the given filesystem type\n"
" -o <options> ... set additional options; see mount(2) for details\n"
" -n ... do not update the mtab-file\n"
" --mtab <filename> ... use <filename> as an alternative mtab file\n"
" [default: /etc/mtab]\n"
" --chroot ... chroot into the current directory before\n"
" mounting the filesystem\n"
" --fstab <filename> ... use <filename> as an alternative fstab file;\n"
" this option has an effect only with the '-a'\n"
" option [default: /etc/fstab]\n"
" --rootfs yes|no|only ... specifies how to handle an entry for a rootfs\n"
" ('/') when processing an fstab file. 'yes' will\n"
" mount it among the other entries, 'only' will\n"
" mount only the rootfs entry, and 'no' will ignore\n"
" it and mount only the other entries [default: yes]\n"
" --trigger-automount ... trigger automounting of <src> paths but do not\n"
" mount <dst> nor touch mtab\n"
" -a ... mount everything listed in the fstab-file\n\n"
" <src> ... the source-filesystem; this path is absolute\n"
" to the current root-filesystem. Only valid\n"
" without the '-a' option.\n"
" <dst> ... the destination mount-point; when used with\n"
" '--chroot', this path is relative to the current\n"
" directory. Only valid without the '-a' option\n\n"
"Please report bugs to " PACKAGE_BUGREPORT "\n");
exit(res);
}
int main(int argc, char *argv[])
{
bool quiet = false;
char const * vserver;
VserverTag tag;
while (1) {
int c = getopt_long(argc, argv, "ql", CMDLINE_OPTIONS, 0);
if (c==-1) break;
switch (c) {
case 'h' : showHelp(1, argv[0], 0);
case 'v' : showVersion();
case 'l' : showTags();
case 'q' : quiet = true; break;
default :
WRITE_MSG(2, "Try '");
WRITE_STR(2, argv[0]);
WRITE_MSG(2, " --help' for more information.\n");
exit(1);
break;
}
}
if (optind+2>argc) {
execQuery("-", tgSYSINFO, 0, 0);
WRITE_MSG(2, "\nAssumed 'SYSINFO' as no other option given; try '--help' for more information.\n");
exit(0);
}
vserver = argv[optind];
tag = stringToTag(argv[optind+1]);
if (tag==tgNONE) {
WRITE_MSG(2, "Unknown tag; use '-l' to get list of valid tags\n");
exit(1);
}
if (quiet) {
int fd = Eopen("/dev/null", O_WRONLY, 0644);
Edup2(fd, 1);
Eclose(fd);
}
return execQuery(vserver, tag, argc-(optind+2), argv+optind+2);
}
static void
showHelp(int fd, char const *cmd, int res)
{
#if !defined(VC_ENABLE_API_COMPAT) && !defined(VC_ENABLE_API_LEGACY)
WRITE_MSG(1, "ERROR: tools were built without legacy API support; reducecap will not work!\n\n");
#endif
WRITE_MSG(fd, "Usage:\n ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" [--show] [--secure] [--flag <flag>] [--cap <capability>] [--] <cmd> <args>*\n ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" --show [--pid <pid>]\n\n"
"Please report bugs to " PACKAGE_BUGREPORT "\n");
exit(res);
}
inline static void
restoreRoot(struct Options const *opt)
{
if (opt->do_chroot!=0 && fchroot(opt->cur_rootdir_fd)==-1) {
perror("secure-mount: fchdir(\"/\")");
WRITE_MSG(2, "Failed to restore root-directory; aborting\n");
exit(1);
}
}
static void
showHelp(int fd, char const *cmd, int res)
{
WRITE_MSG(fd, "Usage:\n ");
WRITE_STR(fd, cmd);
WRITE_MSG(fd,
" [--xid <xid>] {--get|--set [--bcap [~!]<cap>] [--ccap [~!]<cap>]\n"
" [--flag [~!]<flag>] [--secure]} -- [<program> <args>*]\n"
"\n"
" --bcap <cap> ... system capability to be set\n"
" --ccap <cap> ... context capability to be set\n"
" --flag <flag> ... context flag to be set\n"
" --umask <mask> ... unshare mask to be set\n"
"\n"
"Please report bugs to " PACKAGE_BUGREPORT "\n");
exit(res);
}
static void show_version(void)
{
WRITE_MSG(1,
"systemd-vserver-generator " VERSION " -- generates systemd units"
"This program is part of " PACKAGE_STRING "\n\n"
"Copyright (C) 2015 Enrico Scholz\n"
VERSION_COPYRIGHT_DISCLAIMER);
exit(0);
}
static void
showVersion()
{
WRITE_MSG(1,
"check-unixfile " VERSION " -- execute some basic fileformat checks\n"
"This program is part of " PACKAGE_STRING "\n\n"
"Copyright (C) 2005 Enrico Scholz\n"
VERSION_COPYRIGHT_DISCLAIMER);
exit(0);
}
static void
showVersion()
{
WRITE_MSG(1,
"reducecap " VERSION " -- starts programs with reduced capabilities\n"
"This program is part of " PACKAGE_STRING "\n\n"
"Copyright (C) 2003,2004 Enrico Scholz\n"
VERSION_COPYRIGHT_DISCLAIMER);
exit(0);
}
static void
showVersion()
{
WRITE_MSG(1,
"vserver-info " VERSION " -- returns information about vservers\n"
"This program is part of " PACKAGE_STRING "\n\n"
"Copyright (C) 2003 Enrico Scholz\n"
VERSION_COPYRIGHT_DISCLAIMER);
exit(0);
}
