void
UserProc::PublishToEnv( Env* proc_env )
{
if (m_proc_exited) {
// TODO: what should these really be called? use
// myDistro? get_mySubSystem()? hard to say...
MyString base;
base = "_";
base += myDistro->Get();
base += '_';
if( name ) {
base += name;
} else {
base += "MAINJOB";
}
base += '_';
base.upper_case();
MyString env_name;
if( WIFSIGNALED(exit_status) ) {
env_name = base.Value();
env_name += "EXIT_SIGNAL";
proc_env->SetEnv( env_name.Value(), WTERMSIG(exit_status) );
} else {
env_name = base.Value();
env_name += "EXIT_CODE";
proc_env->SetEnv( env_name.Value(), WEXITSTATUS(exit_status) );
}
}
}
bool
JobInfoCommunicator::initUserPrivWindows( void )
{
// Win32
// taken origionally from OsProc::StartJob. Here we create the
// user and initialize user_priv.
// By default, assume execute login may be shared by other processes.
setExecuteAccountIsDedicated( NULL );
// we support running the job as other users if the user
// is specifed in the config file, and the account's password
// is properly stored in our credential stash.
char *name = NULL;
char *domain = NULL;
bool init_priv_succeeded = true;
bool run_as_owner = allowRunAsOwner( false, false );
// TODO..
// Currently vmgahp for VMware VM universe can't run as user on Windows.
// It seems like a bug of VMware. VMware command line tool such as "vmrun"
// requires Administrator privilege.
// So here we set name and domain with my_username and my_domainname
// -jaeyoung 06/15/07
if( job_universe == CONDOR_UNIVERSE_VM ) {
#if 0
// If "VM_UNIV_NOBODY_USER" is defined in Condor configuration file,
// wee will use it.
char *vm_jobs_as = param("VM_UNIV_NOBODY_USER");
if (vm_jobs_as) {
getDomainAndName(vm_jobs_as, domain, name);
/*
* name and domain are now just pointers into vm_jobs_as
* buffer. copy these values into their own buffer so we
* deallocate below.
*/
if ( name ) {
name = strdup(name);
}
if ( domain ) {
domain = strdup(domain);
}
free(vm_jobs_as);
}
#endif
MyString vm_type;
job_ad->LookupString(ATTR_JOB_VM_TYPE, vm_type);
if( strcasecmp(vm_type.Value(), CONDOR_VM_UNIVERSE_VMWARE) == MATCH ) {
name = my_username();
domain = my_domainname();
}
}
if( !name ) {
if ( run_as_owner ) {
job_ad->LookupString(ATTR_OWNER,&name);
job_ad->LookupString(ATTR_NT_DOMAIN,&domain);
}
}
if ( !name ) {
char slot_user[255];
MyString slotName = "";
slotName = Starter->getMySlotName();
slotName.upper_case();
sprintf(slot_user, "%s_USER", slotName);
char *run_jobs_as = param(slot_user);
if (run_jobs_as) {
getDomainAndName(run_jobs_as, domain, name);
/*
* name and domain are now just pointers into run_jobs_as
* buffer. copy these values into their own buffer so we
* deallocate below.
*/
if ( name ) {
name = strdup(name);
}
if ( domain ) {
domain = strdup(domain);
}
free(run_jobs_as);
}
}
if ( name ) {
if (!init_user_ids(name, domain)) {
dprintf(D_ALWAYS, "Could not initialize user_priv as \"%s\\%s\".\n"
"\tMake sure this account's password is securely stored "
"with condor_store_cred.\n", domain, name );
init_priv_succeeded = false;
}
else {
MyString login_name;
joinDomainAndName(name, domain, login_name);
if( checkDedicatedExecuteAccounts( login_name.Value() ) ) {
setExecuteAccountIsDedicated( login_name.Value() );
}
}
} else if ( !can_switch_ids() ) {
char *u = my_username();
char *d = my_domainname();
if ( !init_user_ids(u, d) ) {
// shouldn't happen - we always can get our own token
dprintf(D_ALWAYS, "Could not initialize user_priv with our own token!\n");
init_priv_succeeded = false;
}
free(u);
free(d);
} else if( init_user_ids("nobody", ".") ) {
// just init a new nobody user; dynuser handles the rest.
// the "." means Local Machine to LogonUser
setExecuteAccountIsDedicated( get_user_loginname() );
}
else {
dprintf( D_ALWAYS, "ERROR: Could not initialize user_priv "
"as \"nobody\"\n" );
init_priv_succeeded = false;
}
if ( name ) free(name);
if ( domain ) free(domain);
user_priv_is_initialized = init_priv_succeeded;
return init_priv_succeeded;
}
