int nbSpawnChild(nbCELL context,int options,char *cursor){ char outname[1024],msg[NB_MSGSIZE]; char *outdir=outDirName(NULL); nbPROCESS process; static unsigned short childwrap=0; if(!(clientIdentity->authority&AUTH_SYSTEM)){ outMsg(0,'E',"Identity \"%s\" does not have system authority.",clientIdentity->name->value); return(0); } if(strlen(outdir)>=512){ // 2013-01-01 eat - VID 5539-0.8.13-1 outMsg(0,'L',"Output directory name is too large - %s.",outdir); nbExit("Fatal error"); } // add code to check command against the grant and deny commands specified for the user // perhaps that should actually be done within the medulla after parsing the command // or perhaps it should be done at the command intepreter to cover all commands // We have to decide if we want special controls on the system commands childwrap=(childwrap+1)%1000; snprintf(outname,sizeof(outname),"%sservant.%.10u.%.5u.%.3u.out",outdir,(unsigned int)time(NULL),getpid(),childwrap); // 2013-01-12 eat - VID 6544-0.8.13-2 process=nbMedullaProcessOpen(options,cursor,outname,(NB_Term *)context,NULL,NULL,nbCmdMsgReader,nbLogMsgReader,msg,sizeof(msg)); if(process==NULL){ outMsg(0,'E',"%s",msg); return(0); } else if(process->status&NB_MEDULLA_PROCESS_STATUS_BLOCKING){ if(process->status&NB_MEDULLA_PROCESS_STATUS_GENFILE) outPut("[%d] Started: %c=\"%s\" %s%s\n",nb_mode_check ? 0:process->pid,'%',outname,process->prefix,process->cmd); else outPut("[%d] Started: %s%s\n",nb_mode_check ? 0:process->pid,process->prefix,process->cmd); outFlush(); // 2013-01-19 eat - nbMedullaProcessWait calles nbMedullaProcessReadBlocking right away, so commenting this call //nbMedullaProcessReadBlocking(process); // read stdin and stdout using blocking IO nbMedullaProcessWait(process); // wait for the process to end } else{ if(process->status&NB_MEDULLA_PROCESS_STATUS_GENFILE) outMsg(0,'I',"[%d] Started: %c=\"%s\" %s%s",nb_mode_check ? 0:process->pid,'%',outname,process->prefix,process->cmd); else outMsg(0,'I',"[%d] Started: %s%s",nb_mode_check ? 0:process->pid,process->prefix,process->cmd); outFlush(); } return(process->pid); }
extern int nbListenerStart(nbCELL context){ NB_Listener *sel,*selnext=NULL; #if !defined(WIN32) struct passwd *pwd=NULL; struct group *grp=NULL; #endif if(trace) outMsg(0,'T',"nbListenerStart: called"); // enable listeners in nb_Disabled state for(sel=selectPending;sel!=NULL;sel=selnext){ selnext=sel->next; // Get pointer to next pending entry sel->next=selectFree; // move this entry to the free list selectFree=sel; // so it can be reused by the enable method context=sel->context; if(context->object.value==nb_Disabled){ context->object.type->enable(context); } } nb_listener_serving=1; // flag serving mode #if(!defined(WIN32)) // change working directory if requested if(*servedir!=0){ if(chdir(servedir)<0){ outMsg(0,'E',"Unable to change working directory to %s - errno=%d",servedir,errno); exit(NB_EXITCODE_FAIL); } outMsg(0,'I',"Working directory changed to %s",servedir); } // If running as root, check for and process special settings if(getuid()==0){ // get user id if user parameter specified if(*serveuser!=0){ if((pwd=getpwnam(serveuser))==NULL){ outMsg(0,'E',"User %s not defined",serveuser); exit(NB_EXITCODE_FAIL); } if((grp=getgrgid(pwd->pw_gid))==NULL){ outMsg(0,'E',"User %s has undefined group id %d",serveuser,pwd->pw_gid); exit(NB_EXITCODE_FAIL); } } // get group id if group parameter specified if(*servegroup && (grp=getgrnam(servegroup))==NULL){ outMsg(0,'E',"Group %s not defined",servegroup); // 2012-12-27 eat 0.8.13 - CID 751547 exit(NB_EXITCODE_FAIL); } // change root directory (jail) if requested if(*servejail!=0){ if(chroot(servejail)<0){ outMsg(0,'E',"Unable to change root directory to %s - %s",servejail,strerror(errno)); exit(NB_EXITCODE_FAIL); } if(chdir("/")<0){ // 2012-12-31 eat - VID 530-0.8.13-01 outMsg(0,'E',"Unable to change working directory to %s - %s",servejail,strerror(errno)); exit(NB_EXITCODE_FAIL); } outMsg(0,'I',"Root directory changed to %s",servejail); } // switch group if requested if(grp){ if(setgid(grp->gr_gid)<0){ outMsg(0,'E',"Unable to set group to %s - %s",grp->gr_name,strerror(errno)); exit(NB_EXITCODE_FAIL); } outMsg(0,'I',"Set group to %s",grp->gr_name); } // switch user if requested if(pwd){ if(setgid(pwd->pw_gid)<0){ // 2014-12-06 eat - Included setgid per POS36-C outMsg(0,'E',"Unable to set user to %s - %s",serveuser,strerror(errno)); exit(NB_EXITCODE_FAIL); } if(setuid(pwd->pw_uid)<0){ outMsg(0,'E',"Unable to set user to %s - %s",serveuser,strerror(errno)); exit(NB_EXITCODE_FAIL); } outMsg(0,'I',"Set user to %s",serveuser); } } #endif outFlush(); nbMedullaPulse(1); // start server return(0); }