void test_delete_user() {
printf("\nTesting delete_user\n");
char* app_dir = get_app_directory(TEST_ROOT "/local-1", yarn_username, "app_3");
if (mkdirs(app_dir, 0700) != 0) {
exit(1);
}
char buffer[100000];
sprintf(buffer, "%s/test.cfg", app_dir);
if (write_config_file(buffer, 1) != 0) {
exit(1);
}
char * dirs[] = {buffer, 0};
int ret = delete_as_user(yarn_username, "file1" , dirs);
if (ret == 0) {
printf("FAIL: if baseDir is a file, delete_as_user should fail if a subdir is also passed\n");
exit(1);
}
// Pass a file to delete_as_user in the baseDirs parameter. The file should
// be deleted.
ret = delete_as_user(yarn_username, "" , dirs);
if (ret != 0) {
printf("FAIL: delete_as_user could not delete baseDir when baseDir is a file: return code is %d\n", ret);
exit(1);
}
sprintf(buffer, "%s", app_dir);
char missing_dir[20];
strcpy(missing_dir, "/some/missing/dir");
char * dirs_with_missing[] = {missing_dir, buffer, 0};
ret = delete_as_user(yarn_username, "" , dirs_with_missing);
printf("%d" , ret);
if (access(buffer, R_OK) == 0) {
printf("FAIL: directory not deleted\n");
exit(1);
}
sprintf(buffer, "%s/local-1/usercache/%s", TEST_ROOT, yarn_username);
if (access(buffer, R_OK) != 0) {
printf("FAIL: directory missing before test\n");
exit(1);
}
if (delete_as_user(yarn_username, buffer, NULL) != 0) {
exit(1);
}
if (access(buffer, R_OK) == 0) {
printf("FAIL: directory not deleted\n");
exit(1);
}
if (access(TEST_ROOT "/local-1", R_OK) != 0) {
printf("FAIL: local-1 directory does not exist\n");
exit(1);
}
free(app_dir);
}
void test_delete_user() {
printf("\nTesting delete_user\n");
char* job_dir = get_job_directory(TEST_ROOT "/local-1", username, "job_3");
if (mkdirs(job_dir, 0700) != 0) {
exit(1);
}
char buffer[100000];
sprintf(buffer, "%s/local-1/usercache/%s", TEST_ROOT, username);
if (access(buffer, R_OK) != 0) {
printf("FAIL: directory missing before test\n");
exit(1);
}
if (delete_as_user(username, buffer, NULL) != 0) {
exit(1);
}
if (access(buffer, R_OK) == 0) {
printf("FAIL: directory not deleted\n");
exit(1);
}
if (access(TEST_ROOT "/local-1", R_OK) != 0) {
printf("FAIL: local-1 directory does not exist\n");
exit(1);
}
free(job_dir);
}
void test_delete_user() {
printf("\nTesting delete_user\n");
char* local_dirs = get_value("mapred.local.dir");
char* job_dir = get_job_directory(TEST_ROOT "/local-1", username, "job_3");
if (mkdirs(job_dir, 0700) != 0) {
exit(1);
}
char buffer[100000];
sprintf(buffer, "%s/local-1/taskTracker/%s", TEST_ROOT, username);
if (access(buffer, R_OK) != 0) {
printf("FAIL: directory missing before test\n");
exit(1);
}
if (delete_as_user(username, local_dirs, "") != 0) {
exit(1);
}
if (access(buffer, R_OK) == 0) {
printf("FAIL: directory not deleted\n");
exit(1);
}
if (access(TEST_ROOT "/local-1", R_OK) != 0) {
printf("FAIL: local-1 directory does not exist\n");
exit(1);
}
free(job_dir);
free(local_dirs);
}
void test_delete_job() {
char* local_dirs = get_value("mapred.local.dir");
char* job_dir = get_job_directory(TEST_ROOT "/local-2", username, "job_2");
char* dont_touch = get_job_directory(TEST_ROOT "/local-2", username,
DONT_TOUCH_FILE);
char* task_dir = get_attempt_work_directory(TEST_ROOT "/local-2",
username, "job_2", "task_1");
char buffer[100000];
sprintf(buffer, "mkdir -p %s/who/let/the/dogs/out/who/who", task_dir);
run(buffer);
sprintf(buffer, "touch %s", dont_touch);
run(buffer);
// soft link to the canary file from the task directory
sprintf(buffer, "ln -s %s %s/who/softlink", dont_touch, task_dir);
run(buffer);
// hard link to the canary file from the task directory
sprintf(buffer, "ln %s %s/who/hardlink", dont_touch, task_dir);
run(buffer);
// create a dot file in the task directory
sprintf(buffer, "touch %s/who/let/.dotfile", task_dir);
run(buffer);
// create a no permission file
sprintf(buffer, "touch %s/who/let/protect", task_dir);
run(buffer);
sprintf(buffer, "chmod 000 %s/who/let/protect", task_dir);
run(buffer);
// create a no permission directory
sprintf(buffer, "chmod 000 %s/who/let", task_dir);
run(buffer);
// delete task directory
int ret = delete_as_user(username, local_dirs, "jobcache/job_2");
if (ret != 0) {
printf("FAIL: return code from delete_as_user is %d\n", ret);
exit(1);
}
// check to make sure the task directory is gone
if (access(task_dir, R_OK) == 0) {
printf("FAIL: failed to delete the directory - %s\n", task_dir);
exit(1);
}
// check to make sure the job directory is gone
if (access(job_dir, R_OK) == 0) {
printf("FAIL: didn't delete the directory - %s\n", job_dir);
exit(1);
}
// but that the canary is not gone
if (access(dont_touch, R_OK) != 0) {
printf("FAIL: accidently deleted file %s\n", dont_touch);
exit(1);
}
free(job_dir);
free(task_dir);
free(dont_touch);
free(local_dirs);
}
void test_delete_app() {
char* app_dir = get_app_directory(TEST_ROOT "/local-2", yarn_username, "app_2");
char* dont_touch = get_app_directory(TEST_ROOT "/local-2", yarn_username,
DONT_TOUCH_FILE);
char* container_dir = get_container_work_directory(TEST_ROOT "/local-2",
yarn_username, "app_2", "container_1");
char buffer[100000];
sprintf(buffer, "mkdir -p %s/who/let/the/dogs/out/who/who", container_dir);
run(buffer);
sprintf(buffer, "touch %s", dont_touch);
run(buffer);
// soft link to the canary file from the container directory
sprintf(buffer, "ln -s %s %s/who/softlink", dont_touch, container_dir);
run(buffer);
// hard link to the canary file from the container directory
sprintf(buffer, "ln %s %s/who/hardlink", dont_touch, container_dir);
run(buffer);
// create a dot file in the container directory
sprintf(buffer, "touch %s/who/let/.dotfile", container_dir);
run(buffer);
// create a no permission file
sprintf(buffer, "touch %s/who/let/protect", container_dir);
run(buffer);
sprintf(buffer, "chmod 000 %s/who/let/protect", container_dir);
run(buffer);
// create a no permission directory
sprintf(buffer, "chmod 000 %s/who/let", container_dir);
run(buffer);
// delete container directory
int ret = delete_as_user(yarn_username, app_dir, NULL);
if (ret != 0) {
printf("FAIL: return code from delete_as_user is %d\n", ret);
exit(1);
}
// check to make sure the container directory is gone
if (access(container_dir, R_OK) == 0) {
printf("FAIL: failed to delete the directory - %s\n", container_dir);
exit(1);
}
// check to make sure the app directory is gone
if (access(app_dir, R_OK) == 0) {
printf("FAIL: didn't delete the directory - %s\n", app_dir);
exit(1);
}
// but that the canary is not gone
if (access(dont_touch, R_OK) != 0) {
printf("FAIL: accidently deleted file %s\n", dont_touch);
exit(1);
}
free(app_dir);
free(container_dir);
free(dont_touch);
}
int main(int argc, char **argv) {
//LOGFILE = stdout;
LOGFILE = fopen("/tmp/taskcontroller.log", "a+");
int i=0;
for (i=0; i<argc; i++)
fprintf(LOGFILE, "Arg[%i] = %s\n", i, argv[i]);
//Minimum number of arguments required to run the task-controller
if (argc < 4) {
display_usage(LOGFILE);
return INVALID_ARGUMENT_NUMBER;
}
int command;
const char * job_id = NULL;
const char * task_id = NULL;
const char * cred_file = NULL;
const char * script_file = NULL;
const char * current_dir = NULL;
const char * job_xml = NULL;
int exit_code = 0;
char * dir_to_be_deleted = NULL;
char *executable_file = get_executable();
#ifndef HADOOP_CONF_DIR
#error HADOOP_CONF_DIR must be defined
#endif
char *orig_conf_file = STRINGIFY(HADOOP_CONF_DIR) "/" CONF_FILENAME;
char *conf_file = realpath(orig_conf_file, NULL);
if (conf_file == NULL) {
fprintf(LOGFILE, "Configuration file %s not found.\n", orig_conf_file);
return INVALID_CONFIG_FILE;
}
if (check_configuration_permissions(conf_file) != 0) {
return INVALID_CONFIG_FILE;
}
read_config(conf_file);
free(conf_file);
// look up the task tracker group in the config file
char *tt_group = get_value(TT_GROUP_KEY);
if (tt_group == NULL) {
fprintf(LOGFILE, "Can't get configured value for %s.\n", TT_GROUP_KEY);
exit(INVALID_CONFIG_FILE);
}
struct group *group_info = getgrnam(tt_group);
if (group_info == NULL) {
fprintf(LOGFILE, "Can't get group information for %s - %s.\n", tt_group,
strerror(errno));
exit(INVALID_CONFIG_FILE);
}
set_tasktracker_uid(getuid(), group_info->gr_gid);
// if we are running from a setuid executable, make the real uid root
setuid(0);
// set the real and effective group id to the task tracker group
setgid(group_info->gr_gid);
if (check_taskcontroller_permissions(executable_file) != 0) {
fprintf(LOGFILE, "Invalid permissions on task-controller binary.\n");
return INVALID_TASKCONTROLLER_PERMISSIONS;
}
//checks done for user name
if (argv[optind] == NULL) {
fprintf(LOGFILE, "Invalid user name \n");
return INVALID_USER_NAME;
}
int ret = set_user(argv[optind]);
if (ret != 0) {
return ret;
}
optind = optind + 1;
command = atoi(argv[optind++]);
fprintf(LOGFILE, "main : command provided %d\n",command);
fprintf(LOGFILE, "main : user is %s\n", user_detail->pw_name);
switch (command) {
case INITIALIZE_JOB:
if (argc < 7) {
fprintf(LOGFILE, "Too few arguments (%d vs 7) for initialize job\n",
argc);
return INVALID_ARGUMENT_NUMBER;
}
job_id = argv[optind++];
cred_file = argv[optind++];
job_xml = argv[optind++];
exit_code = initialize_job(user_detail->pw_name, job_id, cred_file,
job_xml, argv + optind);
break;
case LAUNCH_TASK_JVM:
if (argc < 7) {
fprintf(LOGFILE, "Too few arguments (%d vs 7) for launch task\n",
argc);
return INVALID_ARGUMENT_NUMBER;
}
job_id = argv[optind++];
task_id = argv[optind++];
current_dir = argv[optind++];
script_file = argv[optind++];
exit_code = run_task_as_user(user_detail->pw_name, job_id, task_id,
current_dir, script_file);
break;
case SIGNAL_TASK:
if (argc < 5) {
fprintf(LOGFILE, "Too few arguments (%d vs 5) for signal task\n",
argc);
return INVALID_ARGUMENT_NUMBER;
} else {
char* end_ptr = NULL;
char* option = argv[optind++];
int task_pid = strtol(option, &end_ptr, 10);
if (option == end_ptr || *end_ptr != '\0') {
fprintf(LOGFILE, "Illegal argument for task pid %s\n", option);
return INVALID_ARGUMENT_NUMBER;
}
option = argv[optind++];
int signal = strtol(option, &end_ptr, 10);
if (option == end_ptr || *end_ptr != '\0') {
fprintf(LOGFILE, "Illegal argument for signal %s\n", option);
return INVALID_ARGUMENT_NUMBER;
}
exit_code = signal_user_task(user_detail->pw_name, task_pid, signal);
}
break;
case DELETE_AS_USER:
dir_to_be_deleted = argv[optind++];
exit_code= delete_as_user(user_detail->pw_name, dir_to_be_deleted);
break;
case DELETE_LOG_AS_USER:
dir_to_be_deleted = argv[optind++];
exit_code= delete_log_directory(dir_to_be_deleted);
break;
case RUN_COMMAND_AS_USER:
exit_code = run_command_as_user(user_detail->pw_name, argv + optind);
break;
default:
exit_code = INVALID_COMMAND_PROVIDED;
}
fclose(LOGFILE);
return exit_code;
}
int main(int argc, char **argv) {
open_log_files();
assert_valid_setup(argv[0]);
int operation;
int ret = validate_arguments(argc, argv, &operation);
if (ret != 0) {
flush_and_close_log_files();
return ret;
}
int exit_code = 0;
switch (operation) {
case CHECK_SETUP:
//we already did this
exit_code = 0;
break;
case MOUNT_CGROUPS:
exit_code = 0;
while (optind < argc && exit_code == 0) {
exit_code = mount_cgroup(argv[optind++], cmd_input.cgroups_hierarchy);
}
break;
case TRAFFIC_CONTROL_MODIFY_STATE:
exit_code = traffic_control_modify_state(cmd_input.traffic_control_command_file);
break;
case TRAFFIC_CONTROL_READ_STATE:
exit_code = traffic_control_read_state(cmd_input.traffic_control_command_file);
break;
case TRAFFIC_CONTROL_READ_STATS:
exit_code = traffic_control_read_stats(cmd_input.traffic_control_command_file);
break;
case RUN_DOCKER:
exit_code = run_docker(cmd_input.docker_command_file);
break;
case RUN_AS_USER_INITIALIZE_CONTAINER:
exit_code = set_user(cmd_input.run_as_user_name);
if (exit_code != 0) {
break;
}
exit_code = initialize_app(cmd_input.yarn_user_name,
cmd_input.app_id,
cmd_input.cred_file,
extract_values(cmd_input.local_dirs),
extract_values(cmd_input.log_dirs),
argv + optind);
break;
case RUN_AS_USER_LAUNCH_DOCKER_CONTAINER:
if (cmd_input.traffic_control_command_file != NULL) {
//apply tc rules before switching users and launching the container
exit_code = traffic_control_modify_state(cmd_input.traffic_control_command_file);
if( exit_code != 0) {
//failed to apply tc rules - break out before launching the container
break;
}
}
exit_code = set_user(cmd_input.run_as_user_name);
if (exit_code != 0) {
break;
}
exit_code = launch_docker_container_as_user(cmd_input.yarn_user_name,
cmd_input.app_id,
cmd_input.container_id,
cmd_input.current_dir,
cmd_input.script_file,
cmd_input.cred_file,
cmd_input.pid_file,
extract_values(cmd_input.local_dirs),
extract_values(cmd_input.log_dirs),
cmd_input.docker_command_file,
cmd_input.resources_key,
cmd_input.resources_values);
break;
case RUN_AS_USER_LAUNCH_CONTAINER:
if (cmd_input.traffic_control_command_file != NULL) {
//apply tc rules before switching users and launching the container
exit_code = traffic_control_modify_state(cmd_input.traffic_control_command_file);
if( exit_code != 0) {
//failed to apply tc rules - break out before launching the container
break;
}
}
exit_code = set_user(cmd_input.run_as_user_name);
if (exit_code != 0) {
break;
}
exit_code = launch_container_as_user(cmd_input.yarn_user_name,
cmd_input.app_id,
cmd_input.container_id,
cmd_input.current_dir,
cmd_input.script_file,
cmd_input.cred_file,
cmd_input.pid_file,
extract_values(cmd_input.local_dirs),
extract_values(cmd_input.log_dirs),
cmd_input.resources_key,
cmd_input.resources_values);
free(cmd_input.resources_key);
free(cmd_input.resources_value);
free(cmd_input.resources_values);
break;
case RUN_AS_USER_SIGNAL_CONTAINER:
exit_code = set_user(cmd_input.run_as_user_name);
if (exit_code != 0) {
break;
}
exit_code = signal_container_as_user(cmd_input.yarn_user_name,
cmd_input.container_pid,
cmd_input.signal);
break;
case RUN_AS_USER_DELETE:
exit_code = set_user(cmd_input.run_as_user_name);
if (exit_code != 0) {
break;
}
exit_code = delete_as_user(cmd_input.yarn_user_name,
cmd_input.dir_to_be_deleted,
argv + optind);
break;
}
flush_and_close_log_files();
return exit_code;
}
int main(int argc, char **argv) {
int invalid_args = 0;
int do_check_setup = 0;
int do_mount_cgroups = 0;
LOGFILE = stdout;
ERRORFILE = stderr;
if (argc > 1) {
if (strcmp("--mount-cgroups", argv[1]) == 0) {
do_mount_cgroups = 1;
}
}
// Minimum number of arguments required to run
// the std. container-executor commands is 4
// 4 args not needed for checksetup option
if (argc < 4 && !do_mount_cgroups) {
invalid_args = 1;
if (argc == 2) {
const char *arg1 = argv[1];
if (strcmp("--checksetup", arg1) == 0) {
invalid_args = 0;
do_check_setup = 1;
}
}
}
if (invalid_args != 0) {
display_usage(stdout);
return INVALID_ARGUMENT_NUMBER;
}
int command;
const char * app_id = NULL;
const char * container_id = NULL;
const char * cred_file = NULL;
const char * script_file = NULL;
const char * current_dir = NULL;
const char * pid_file = NULL;
int exit_code = 0;
char * dir_to_be_deleted = NULL;
char *executable_file = get_executable();
char *orig_conf_file = HADOOP_CONF_DIR "/" CONF_FILENAME;
char *conf_file = resolve_config_path(orig_conf_file, argv[0]);
char *local_dirs, *log_dirs;
char *resources, *resources_key, *resources_value;
if (conf_file == NULL) {
fprintf(ERRORFILE, "Configuration file %s not found.\n", orig_conf_file);
exit(INVALID_CONFIG_FILE);
}
if (check_configuration_permissions(conf_file) != 0) {
exit(INVALID_CONFIG_FILE);
}
read_config(conf_file);
free(conf_file);
// look up the node manager group in the config file
char *nm_group = get_value(NM_GROUP_KEY);
if (nm_group == NULL) {
fprintf(ERRORFILE, "Can't get configured value for %s.\n", NM_GROUP_KEY);
exit(INVALID_CONFIG_FILE);
}
struct group *group_info = getgrnam(nm_group);
if (group_info == NULL) {
fprintf(ERRORFILE, "Can't get group information for %s - %s.\n", nm_group,
strerror(errno));
fflush(LOGFILE);
exit(INVALID_CONFIG_FILE);
}
set_nm_uid(getuid(), group_info->gr_gid);
// if we are running from a setuid executable, make the real uid root
setuid(0);
// set the real and effective group id to the node manager group
setgid(group_info->gr_gid);
if (check_executor_permissions(executable_file) != 0) {
fprintf(ERRORFILE, "Invalid permissions on container-executor binary.\n");
return INVALID_CONTAINER_EXEC_PERMISSIONS;
}
if (do_check_setup != 0) {
// basic setup checks done
// verified configs available and valid
// verified executor permissions
return 0;
}
if (do_mount_cgroups) {
optind++;
char *hierarchy = argv[optind++];
int result = 0;
while (optind < argc && result == 0) {
result = mount_cgroup(argv[optind++], hierarchy);
}
return result;
}
//checks done for user name
if (argv[optind] == NULL) {
fprintf(ERRORFILE, "Invalid user name.\n");
return INVALID_USER_NAME;
}
int ret = set_user(argv[optind]);
if (ret != 0) {
return ret;
}
// this string is used for building pathnames, the
// process management is done based on the 'user_detail'
// global, which was set by 'set_user()' above
optind = optind + 1;
char *yarn_user_name = argv[optind];
if (yarn_user_name == NULL) {
fprintf(ERRORFILE, "Invalid yarn user name.\n");
return INVALID_USER_NAME;
}
optind = optind + 1;
command = atoi(argv[optind++]);
fprintf(LOGFILE, "main : command provided %d\n",command);
fprintf(LOGFILE, "main : user is %s\n", user_detail->pw_name);
fprintf(LOGFILE, "main : requested yarn user is %s\n", yarn_user_name);
fflush(LOGFILE);
switch (command) {
case INITIALIZE_CONTAINER:
if (argc < 9) {
fprintf(ERRORFILE, "Too few arguments (%d vs 9) for initialize container\n",
argc);
fflush(ERRORFILE);
return INVALID_ARGUMENT_NUMBER;
}
app_id = argv[optind++];
cred_file = argv[optind++];
local_dirs = argv[optind++];// good local dirs as a comma separated list
log_dirs = argv[optind++];// good log dirs as a comma separated list
exit_code = initialize_app(yarn_user_name, app_id, cred_file,
extract_values(local_dirs),
extract_values(log_dirs), argv + optind);
break;
case LAUNCH_CONTAINER:
if (argc != 13) {
fprintf(ERRORFILE, "Wrong number of arguments (%d vs 13) for launch container\n",
argc);
fflush(ERRORFILE);
return INVALID_ARGUMENT_NUMBER;
}
app_id = argv[optind++];
container_id = argv[optind++];
current_dir = argv[optind++];
script_file = argv[optind++];
cred_file = argv[optind++];
pid_file = argv[optind++];
local_dirs = argv[optind++];// good local dirs as a comma separated list
log_dirs = argv[optind++];// good log dirs as a comma separated list
resources = argv[optind++];// key,value pair describing resources
char *resources_key = malloc(strlen(resources));
char *resources_value = malloc(strlen(resources));
if (get_kv_key(resources, resources_key, strlen(resources)) < 0 ||
get_kv_value(resources, resources_value, strlen(resources)) < 0) {
fprintf(ERRORFILE, "Invalid arguments for cgroups resources: %s",
resources);
fflush(ERRORFILE);
free(resources_key);
free(resources_value);
return INVALID_ARGUMENT_NUMBER;
}
char** resources_values = extract_values(resources_value);
exit_code = launch_container_as_user(yarn_user_name, app_id,
container_id, current_dir, script_file, cred_file,
pid_file, extract_values(local_dirs),
extract_values(log_dirs), resources_key,
resources_values);
free(resources_key);
free(resources_value);
break;
case SIGNAL_CONTAINER:
if (argc != 6) {
fprintf(ERRORFILE, "Wrong number of arguments (%d vs 6) for " \
"signal container\n", argc);
fflush(ERRORFILE);
return INVALID_ARGUMENT_NUMBER;
} else {
char* end_ptr = NULL;
char* option = argv[optind++];
int container_pid = strtol(option, &end_ptr, 10);
if (option == end_ptr || *end_ptr != '\0') {
fprintf(ERRORFILE, "Illegal argument for container pid %s\n", option);
fflush(ERRORFILE);
return INVALID_ARGUMENT_NUMBER;
}
option = argv[optind++];
int signal = strtol(option, &end_ptr, 10);
if (option == end_ptr || *end_ptr != '\0') {
fprintf(ERRORFILE, "Illegal argument for signal %s\n", option);
fflush(ERRORFILE);
return INVALID_ARGUMENT_NUMBER;
}
exit_code = signal_container_as_user(yarn_user_name, container_pid, signal);
}
break;
case DELETE_AS_USER:
dir_to_be_deleted = argv[optind++];
exit_code= delete_as_user(yarn_user_name, dir_to_be_deleted,
argv + optind);
break;
default:
fprintf(ERRORFILE, "Invalid command %d not supported.",command);
fflush(ERRORFILE);
exit_code = INVALID_COMMAND_PROVIDED;
}
fclose(LOGFILE);
fclose(ERRORFILE);
return exit_code;
}
int main(int argc, char **argv) {
int invalid_args = 0;
int do_check_setup = 0;
LOGFILE = stdout;
ERRORFILE = stderr;
// Minimum number of arguments required to run
// the std. container-executor commands is 4
// 4 args not needed for checksetup option
if (argc < 4) {
invalid_args = 1;
if (argc == 2) {
const char *arg1 = argv[1];
if (strcmp("--checksetup", arg1) == 0) {
invalid_args = 0;
do_check_setup = 1;
}
}
}
if (invalid_args != 0) {
display_usage(stdout);
return INVALID_ARGUMENT_NUMBER;
}
int command;
const char * app_id = NULL;
const char * container_id = NULL;
const char * cred_file = NULL;
const char * script_file = NULL;
const char * current_dir = NULL;
const char * pid_file = NULL;
int exit_code = 0;
char * dir_to_be_deleted = NULL;
char *executable_file = get_executable();
char *orig_conf_file = STRINGIFY(HADOOP_CONF_DIR) "/" CONF_FILENAME;
char *conf_file = realpath(orig_conf_file, NULL);
if (conf_file == NULL) {
fprintf(ERRORFILE, "Configuration file %s not found.\n", orig_conf_file);
exit(INVALID_CONFIG_FILE);
}
if (check_configuration_permissions(conf_file) != 0) {
exit(INVALID_CONFIG_FILE);
}
read_config(conf_file);
free(conf_file);
// look up the node manager group in the config file
char *nm_group = get_value(NM_GROUP_KEY);
if (nm_group == NULL) {
fprintf(ERRORFILE, "Can't get configured value for %s.\n", NM_GROUP_KEY);
exit(INVALID_CONFIG_FILE);
}
struct group *group_info = getgrnam(nm_group);
if (group_info == NULL) {
fprintf(ERRORFILE, "Can't get group information for %s - %s.\n", nm_group,
strerror(errno));
fflush(LOGFILE);
exit(INVALID_CONFIG_FILE);
}
set_nm_uid(getuid(), group_info->gr_gid);
// if we are running from a setuid executable, make the real uid root
setuid(0);
// set the real and effective group id to the node manager group
setgid(group_info->gr_gid);
if (check_executor_permissions(executable_file) != 0) {
fprintf(ERRORFILE, "Invalid permissions on container-executor binary.\n");
return INVALID_CONTAINER_EXEC_PERMISSIONS;
}
if (do_check_setup != 0) {
// basic setup checks done
// verified configs available and valid
// verified executor permissions
return 0;
}
//checks done for user name
if (argv[optind] == NULL) {
fprintf(ERRORFILE, "Invalid user name.\n");
return INVALID_USER_NAME;
}
int ret = set_user(argv[optind]);
if (ret != 0) {
return ret;
}
optind = optind + 1;
command = atoi(argv[optind++]);
fprintf(LOGFILE, "main : command provided %d\n",command);
fprintf(LOGFILE, "main : user is %s\n", user_detail->pw_name);
fflush(LOGFILE);
switch (command) {
case INITIALIZE_CONTAINER:
if (argc < 6) {
fprintf(ERRORFILE, "Too few arguments (%d vs 6) for initialize container\n",
argc);
fflush(ERRORFILE);
return INVALID_ARGUMENT_NUMBER;
}
app_id = argv[optind++];
cred_file = argv[optind++];
exit_code = initialize_app(user_detail->pw_name, app_id, cred_file,
argv + optind);
break;
case LAUNCH_CONTAINER:
if (argc < 9) {
fprintf(ERRORFILE, "Too few arguments (%d vs 9) for launch container\n",
argc);
fflush(ERRORFILE);
return INVALID_ARGUMENT_NUMBER;
}
app_id = argv[optind++];
container_id = argv[optind++];
current_dir = argv[optind++];
script_file = argv[optind++];
cred_file = argv[optind++];
pid_file = argv[optind++];
exit_code = launch_container_as_user(user_detail->pw_name, app_id, container_id,
current_dir, script_file, cred_file, pid_file);
break;
case SIGNAL_CONTAINER:
if (argc < 5) {
fprintf(ERRORFILE, "Too few arguments (%d vs 5) for signal container\n",
argc);
fflush(ERRORFILE);
return INVALID_ARGUMENT_NUMBER;
} else {
char* end_ptr = NULL;
char* option = argv[optind++];
int container_pid = strtol(option, &end_ptr, 10);
if (option == end_ptr || *end_ptr != '\0') {
fprintf(ERRORFILE, "Illegal argument for container pid %s\n", option);
fflush(ERRORFILE);
return INVALID_ARGUMENT_NUMBER;
}
option = argv[optind++];
int signal = strtol(option, &end_ptr, 10);
if (option == end_ptr || *end_ptr != '\0') {
fprintf(ERRORFILE, "Illegal argument for signal %s\n", option);
fflush(ERRORFILE);
return INVALID_ARGUMENT_NUMBER;
}
exit_code = signal_container_as_user(user_detail->pw_name, container_pid, signal);
}
break;
case DELETE_AS_USER:
dir_to_be_deleted = argv[optind++];
exit_code= delete_as_user(user_detail->pw_name, dir_to_be_deleted,
argv + optind);
break;
default:
fprintf(ERRORFILE, "Invalid command %d not supported.",command);
fflush(ERRORFILE);
exit_code = INVALID_COMMAND_PROVIDED;
}
fclose(LOGFILE);
fclose(ERRORFILE);
return exit_code;
}
