// export function create (dirPath, mode)
any mkPath_create(DEFAULT_ARGUMENTS){
// define named params
var dirPath = argc>0? arguments[0] : undefined;
var mode = argc>1? arguments[1] : undefined;
//---------
//Make sure a path exists - Recursive
//if dirExists(dirPath), return; //ok! dir exists
if (_anyToBool(mkPath_dirExists(undefined,1,(any_arr){dirPath}))) {return undefined;};
//else... recursive:
//try a folder up, until a dir is found (or an error thrown)
//create path.dirname(dirPath), mode
mkPath_create(undefined,2,(any_arr){path_dirname(undefined,1,(any_arr){dirPath}),mode});
//ok, found parent dir! - make the children dir
//fs.mkdirSync dirPath, mode
fs_mkdirSync(undefined,2,(any_arr){dirPath,mode});
//return into recursion, creating children subdirs in reverse order (of recursion)
//return
return undefined;
return undefined;
}
int64_t copy_file_to_file(const char *input, const char *output)
{
int in = open(input, O_RDONLY);
if (in == -1)
return -1;
struct stat info;
if (fstat(in, &info) == -1) {
close(in);
return -1;
}
int out = open(output, O_WRONLY|O_CREAT|O_TRUNC, info.st_mode);
if (out == -1 && errno == ENOTDIR) {
char dir[PATH_MAX];
path_dirname(output, dir);
if (create_dir(dir, S_IRWXU)) {
out = open(output, O_WRONLY|O_CREAT|O_TRUNC, info.st_mode);
}
}
if (out == -1) {
close(in);
return -1;
}
int64_t total = copy_fd_to_fd(in, out);
close(in);
close(out);
return total;
}
string path_source_replace_includes(const string& source_, const string& path)
{
/* our own little c preprocessor that replaces #includes with the file
contents, to work around issue of opencl drivers not supporting
include paths with spaces in them */
string source = source_;
const string include = "#include \"";
size_t n, pos = 0;
while((n = source.find(include, pos)) != string::npos) {
size_t n_start = n + include.size();
size_t n_end = source.find("\"", n_start);
string filename = source.substr(n_start, n_end - n_start);
string text, filepath = path_join(path, filename);
if(path_read_text(filepath, text)) {
text = path_source_replace_includes(text, path_dirname(filepath));
source.replace(n, n_end + 1 - n, "\n" + text + "\n");
}
else
pos = n_end;
}
return source;
}
/* Creates and adds an example file. */
static char *add_example(struct manifest *m, struct ccan_file *source,
struct doc_section *example)
{
char *name, *linemarker;
unsigned int i;
int fd;
struct ccan_file *f;
name = tal_fmt(m, "example-%s-%s",
source->name, example->function);
/* example->function == 'struct foo' */
while (strchr(name, ' '))
*strchr(name, ' ') = '_';
name = temp_file(m, ".c", take(name));
f = new_ccan_file(m, take(path_dirname(m, name)),
take(path_basename(m, name)));
tal_steal(f, name);
list_add_tail(&m->examples, &f->list);
fd = open(f->fullname, O_WRONLY | O_CREAT | O_EXCL, 0600);
if (fd < 0)
return tal_fmt(m, "Creating temporary file %s: %s",
f->fullname, strerror(errno));
/* Add #line to demark where we are from, so errors are correct! */
linemarker = tal_fmt(f, "#line %i \"%s\"\n",
example->srcline+2, source->fullname);
if (write(fd, linemarker, strlen(linemarker)) != (int)strlen(linemarker)) {
close(fd);
return cast_const(char *, "Failure writing to temporary file");
}
string path_user_get(const string& sub)
{
if(cached_user_path == "")
cached_user_path = path_dirname(Sysutil::this_program_path());
return path_join(cached_user_path, sub);
}
static bool create_directories_recursivey(const string& path)
{
if(path_is_directory(path)) {
/* Directory already exists, nothing to do. */
return true;
}
if(path_exists(path)) {
/* File exists and it's not a directory. */
return false;
}
string parent = path_dirname(path);
if(parent.size() > 0 && parent != path) {
if(!create_directories_recursivey(parent)) {
return false;
}
}
#ifdef _WIN32
wstring path_wc = string_to_wstring(path);
return _wmkdir(path_wc.c_str()) == 0;
#else
return mkdir(path.c_str(), 0777) == 0;
#endif
}
int chirp_acl_check_dir(const char *dirname, const char *subject, int flags)
{
int myflags = 0;
int paflags = 0;
if(cfs->do_acl_check() == 0)
return 1;
/* If flags is CHIRP_ACL_DELETE, then check if we have delete permissions in the *containing directory*. */
if (flags & CHIRP_ACL_DELETE) {
char dir[CHIRP_PATH_MAX];
path_dirname(dirname, dir);
if(!do_chirp_acl_get(dir, subject, &paflags)) {
/* Applications are very sensitive to this error condition. A
* missing ACL file indicates permission denied, but a missing
* directory entirely indicates no such entry.
*/
if(cfs_isdir(dirname)) {
errno = EACCES;
} else {
errno = ENOENT;
}
return 0;
}
}
/* other flags require checking the actual directory... */
if ((flags & ~CHIRP_ACL_DELETE)) {
if(!do_chirp_acl_get(dirname, subject, &myflags)) {
/* Applications are very sensitive to this error condition. A
* missing ACL file indicates permission denied, but a missing
* directory entirely indicates no such entry.
*/
if(cfs_isdir(dirname)) {
errno = EACCES;
} else {
errno = ENOENT;
}
return 0;
}
}
myflags |= (paflags & CHIRP_ACL_DELETE);
/* The superuser can implicitly list and admin */
if(strcmp(subject, chirp_super_user) == 0) {
myflags |= CHIRP_ACL_LIST | CHIRP_ACL_ADMIN;
}
if((flags & myflags) == flags) {
return 1;
} else {
errno = EACCES;
return 0;
}
}
string path_get(const string& sub)
{
char *special = path_specials(sub);
if(special != NULL)
return special;
if(cached_path == "")
cached_path = path_dirname(Sysutil::this_program_path());
return path_join(cached_path, sub);
}
// export function toFile(filename, mode)
any mkPath_toFile(DEFAULT_ARGUMENTS){
// define named params
var filename = argc>0? arguments[0] : undefined;
var mode = argc>1? arguments[1] : undefined;
//---------
//Create a path to a file
//create path.dirname(filename), mode
mkPath_create(undefined,2,(any_arr){path_dirname(undefined,1,(any_arr){filename}),mode});
return undefined;
}
/**
* Get absolute path to the specified relative path. This path will typically
* point to the to client data directory (which is usually located in the user's
* home/appdata directory), but depending on the specified mode, extra actions
* may be performed. These ensure that if you're trying to access a file that
* does not yet exist in the client data directory, it will be read from the
* client installation directory instead (unless it's being appended to, in
* which case it will be copied to the client data directory first).
*
* Generally, you should almost always use this when you need to construct a
* path, or use one of the many @ref file_wrapper_functions.
* @param fname
* The file path.
* @param mode
* File mode.
* @return
* The absolute path. Must be freed.
*/
char *file_path(const char *path, const char *mode)
{
bool is_write, is_append;
StringBuffer *sb;
char version[MAX_BUF], client_path[HUGE_BUF], *new_path;
HARD_ASSERT(path != NULL);
HARD_ASSERT(mode != NULL);
SOFT_ASSERT_RC(path[0] != '/', estrdup(path),
"Path is already absolute: %s", path);
sb = stringbuffer_new();
stringbuffer_append_printf(sb, "%s/.atrinik/%s/%s", get_config_dir(),
package_get_version_partial(VS(version)), path);
new_path = stringbuffer_sub(sb, 0, 0);
is_write = is_append = false;
if (strchr(mode, 'w') != NULL) {
is_write = true;
} else if (strchr(mode, '+') != NULL || strchr(mode, 'a') != NULL) {
is_append = true;
}
if (is_write || is_append) {
if (access(new_path, W_OK) != 0) {
char *dirname;
/* Ensure directories exist if we're going to use this path for
* writing/appending. */
dirname = path_dirname(new_path);
mkdir_recurse(dirname);
efree(dirname);
if (is_append) {
get_data_dir_file(VS(client_path), path);
copy_file(client_path, new_path);
}
}
} else {
if (access(new_path, R_OK) != 0) {
get_data_dir_file(VS(client_path), path);
stringbuffer_seek(sb, 0);
stringbuffer_append_string(sb, client_path);
}
}
efree(new_path);
return stringbuffer_finish(sb);
}
int chirp_acl_init_reserve(const char *path, const char *subject)
{
char dirname[CHIRP_PATH_MAX];
char aclpath[CHIRP_PATH_MAX];
CHIRP_FILE *file;
int newflags = 0;
int aclflags;
if(!cfs->do_acl_check())
return 1;
path_dirname(path, dirname);
if(!do_chirp_acl_get(dirname, subject, &aclflags))
return 0;
if(aclflags & CHIRP_ACL_RESERVE_READ)
newflags |= CHIRP_ACL_READ;
if(aclflags & CHIRP_ACL_RESERVE_WRITE)
newflags |= CHIRP_ACL_WRITE;
if(aclflags & CHIRP_ACL_RESERVE_LIST)
newflags |= CHIRP_ACL_LIST;
if(aclflags & CHIRP_ACL_RESERVE_DELETE)
newflags |= CHIRP_ACL_DELETE;
if(aclflags & CHIRP_ACL_RESERVE_PUT)
newflags |= CHIRP_ACL_PUT;
if(aclflags & CHIRP_ACL_RESERVE_RESERVE)
newflags |= CHIRP_ACL_RESERVE;
if(aclflags & CHIRP_ACL_RESERVE_ADMIN)
newflags |= CHIRP_ACL_ADMIN;
if(aclflags & CHIRP_ACL_RESERVE_EXECUTE)
newflags |= CHIRP_ACL_EXECUTE;
/*
compatibility note:
If no sub-rights are associated with the v right,
then give all of the ordinary subrights.
*/
if(newflags == 0)
newflags = CHIRP_ACL_READ | CHIRP_ACL_WRITE | CHIRP_ACL_LIST | CHIRP_ACL_DELETE | CHIRP_ACL_ADMIN;
sprintf(aclpath, "%s/%s", path, CHIRP_ACL_BASE_NAME);
file = cfs_fopen(aclpath, "w");
if(file) {
cfs_fprintf(file, "%s %s\n", subject, chirp_acl_flags_to_text(newflags));
cfs_fclose(file);
return 1;
} else {
return 0;
}
}
bool ensure_path_for_file(const std::string & path)
{
try {
Glib::RefPtr<Gio::File> dir = Gio::File::create_for_path(path_dirname(path));
if(dir->query_exists()) {
return true;
}
return dir->make_directory_with_parents();
}
catch(...) {
return false;
}
}
string path_source_replace_includes(const string& source,
const string& path,
const string& source_filename)
{
/* Our own little c preprocessor that replaces #includes with the file
* contents, to work around issue of opencl drivers not supporting
* include paths with spaces in them.
*/
string result = "";
vector<string> lines;
string_split(lines, source, "\n", false);
for(size_t i = 0; i < lines.size(); ++i) {
string line = lines[i];
if(line[0] == '#') {
string token = string_strip(line.substr(1, line.size() - 1));
if(string_startswith(token, "include")) {
token = string_strip(token.substr(7, token.size() - 7));
if(token[0] == '"') {
size_t n_start = 1;
size_t n_end = token.find("\"", n_start);
string filename = token.substr(n_start, n_end - n_start);
string text, filepath = path_join(path, filename);
if(path_read_text(filepath, text)) {
/* Replace include directories with both current path
* and path extracted from the include file.
* Not totally robust, but works fine for Cycles kernel
* and avoids having list of include directories.x
*/
text = path_source_replace_includes(
text, path_dirname(filepath), filename);
text = path_source_replace_includes(text, path, filename);
/* Use line directives for better error messages. */
line = line_directive(filepath, 1)
+ token.replace(0, n_end + 1, "\n" + text + "\n")
+ line_directive(path_join(path, source_filename), i);
}
}
}
}
result += line + "\n";
}
return result;
}
/**
* Load suite and test specific configurations
*/
static bool load_configs(char *suite_file, char *test_file)
{
if (!test_file)
{
fprintf(stderr, "Missing test configuration file.\n");
return FALSE;
}
if (access(suite_file, R_OK) != 0)
{
fprintf(stderr, "Reading suite configuration file '%s' failed: %s.\n",
suite_file, strerror(errno));
return FALSE;
}
if (access(test_file, R_OK) != 0)
{
fprintf(stderr, "Reading test configuration file '%s' failed: %s.\n",
test_file, strerror(errno));
return FALSE;
}
conftest->test = settings_create(suite_file);
conftest->test->load_files(conftest->test, test_file, TRUE);
conftest->suite_dir = path_dirname(suite_file);
return TRUE;
}
/* Archive the specified file.
* This includes several steps:
* 1. Generate the id
* 2. Copy file to id if non-existent
* 3. Link back to creating task
*
@return 0 if successfully archived, 1 if failed at any point.
*/
static int makeflow_archive_file(struct archive_instance *a, struct batch_file *f, char *job_file_archive_path) {
/* Generate the file archive id (content based) if does not exist. */
char * id;
if(path_is_dir(f->inner_name) == 1){
f->hash = batch_file_generate_id_dir(f->inner_name);
id = xxstrdup(f->hash);
}
else{
id = batch_file_generate_id(f);
}
struct stat buf;
int rv = 0;
char * file_archive_dir = string_format("%s/files/%.2s", a->dir, id);
char * file_archive_path = string_format("%s/%s", file_archive_dir, id);
char * job_file_archive_dir = NULL;
/* Create the archive path with 2 character prefix. */
if (!create_dir(file_archive_dir, 0777) && errno != EEXIST){
debug(D_ERROR|D_MAKEFLOW_HOOK, "could not create file archiving directory %s: %d %s\n",
file_archive_dir, errno, strerror(errno));
rv = 1;
goto FAIL;
}
/* Check if file is already archived */
if(stat(file_archive_path, &buf) >= 0) {
debug(D_MAKEFLOW_HOOK, "file %s already archived at %s", f->outer_name, file_archive_path);
/* File did not already exist, store in general file area */
} else {
if(path_is_dir(f->outer_name) != 1){
if (!copy_file_to_file(f->outer_name, file_archive_path)){
debug(D_ERROR|D_MAKEFLOW_HOOK, "could not archive output file %s at %s: %d %s\n",
f->outer_name, file_archive_path, errno, strerror(errno));
rv = 1;
goto FAIL;
}
}
else{
debug(D_MAKEFLOW,"COPYING %s to the archive",f->outer_name);
if(copy_dir(f->outer_name,file_archive_path) != 0){
debug(D_ERROR|D_MAKEFLOW_HOOK, "could not archive output file %s at %s: %d %s\n",
f->outer_name, file_archive_path, errno, strerror(errno));
rv = 1;
goto FAIL;
}
}
}
/* Create the directory structure for job_file_archive. */
job_file_archive_dir = xxstrdup(job_file_archive_path);
path_dirname(job_file_archive_path, job_file_archive_dir);
if (!create_dir(job_file_archive_dir, 0777) && errno != EEXIST){
debug(D_ERROR|D_MAKEFLOW_HOOK, "could not create job file directory %s: %d %s\n",
file_archive_dir, errno, strerror(errno));
rv = 1;
goto FAIL;
}
if(a->s3){
int result = 1;
// Check to see if file already exists in the s3 bucket
if(a->s3_check){
if(!in_s3_archive(a,id)){
result = makeflow_archive_s3_file(a,id,file_archive_path);
}
}
else
result = makeflow_archive_s3_file(a,id,file_archive_path);
/* Copy file to the s3 bucket*/
if(!result){
debug(D_ERROR|D_MAKEFLOW_HOOK, "could not copy file %s to s3 bucket: %d %s\n", id, errno, strerror(errno));
rv = 1;
goto FAIL;
}
}
free(file_archive_path);
file_archive_path = string_format("../../../../files/%.2s/%s", id, id);
/* Create a symlink to task that used/created this file. */
int symlink_failure = symlink(file_archive_path, job_file_archive_path);
if (symlink_failure && errno != EEXIST) {
debug(D_ERROR|D_MAKEFLOW_HOOK, "could not create symlink %s pointing to %s: %d %s\n",
job_file_archive_path, file_archive_path, errno, strerror(errno));
rv = 1;
goto FAIL;
}
FAIL:
free(id);
free(file_archive_dir);
free(file_archive_path);
free(job_file_archive_dir);
return rv;
}
void path_create_directories(const string& filepath)
{
string path = path_dirname(filepath);
create_directories_recursivey(path);
}
static void
open_logfile (const char *logfile, int priority, int got_force)
{
int got_symlink;
struct stat st;
int n;
char logdir [PATH_MAX];
char ebuf [1024];
mode_t mask;
FILE *fp;
/* Check file permissions and whatnot.
*/
got_symlink = (lstat (logfile, &st) == 0) ? S_ISLNK (st.st_mode) : 0;
if (((n = stat (logfile, &st)) < 0) && (errno == ENOENT)) {
if (!got_symlink) {
; /* A missing logfile is not considered an error. */
}
else if (!got_force) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Logfile is insecure: \"%s\" should be a regular file",
logfile);
}
else {
log_msg (LOG_WARNING,
"Logfile is insecure: \"%s\" should not be a symlink",
logfile);
}
}
else {
if (n < 0) {
log_errno (EMUNGE_SNAFU, LOG_ERR,
"Failed to check logfile \"%s\"", logfile);
}
if (!S_ISREG (st.st_mode) || got_symlink) {
if (!got_force || !got_symlink)
log_err (EMUNGE_SNAFU, LOG_ERR,
"Logfile is insecure: \"%s\" should be a regular file",
logfile);
else
log_msg (LOG_WARNING,
"Logfile is insecure: \"%s\" should not be a symlink",
logfile);
}
if (st.st_uid != geteuid ()) {
if (!got_force)
log_err (EMUNGE_SNAFU, LOG_ERR,
"Logfile is insecure: \"%s\" should be owned by UID %u",
logfile, (unsigned) geteuid ());
else
log_msg (LOG_WARNING,
"Logfile is insecure: \"%s\" should be owned by UID %u",
logfile, (unsigned) geteuid ());
}
if (st.st_mode & (S_IWGRP | S_IWOTH)) {
if (!got_force)
log_err (EMUNGE_SNAFU, LOG_ERR,
"Logfile is insecure: \"%s\" should not be writable "
"by group or world", logfile);
else
log_msg (LOG_WARNING,
"Logfile is insecure: \"%s\" should not be writable "
"by group or world", logfile);
}
}
/* Ensure logfile dir is secure against modification by others.
*/
if (path_dirname (logfile, logdir, sizeof (logdir)) < 0) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Failed to determine dirname of logfile \"%s\"", logfile);
}
n = path_is_secure (logdir, ebuf, sizeof (ebuf));
if (n < 0) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Failed to check logfile dir \"%s\": %s", logdir, ebuf);
}
else if ((n == 0) && (!got_force)) {
log_err (EMUNGE_SNAFU, LOG_ERR, "Logfile is insecure: %s", ebuf);
}
else if (n == 0) {
log_msg (LOG_WARNING, "Logfile is insecure: %s", ebuf);
}
/* Protect logfile against unauthorized access by removing write-access
* from group and all access from other.
*/
mask = umask (0);
umask (mask | 027);
fp = fopen (logfile, "a");
umask (mask);
if (!fp) {
log_errno (EMUNGE_SNAFU, LOG_ERR,
"Failed to open logfile \"%s\"", logfile);
}
log_open_file (fp, NULL, priority,
LOG_OPT_JUSTIFY | LOG_OPT_PRIORITY | LOG_OPT_TIMESTAMP);
return;
}
static void
write_pidfile (const char *pidfile, int got_force)
{
/* Creates the specified pidfile.
* The pidfile must be created after the daemon has finished forking.
*/
char piddir [PATH_MAX];
char ebuf [1024];
int n;
mode_t mask;
FILE *fp;
assert (pidfile != NULL);
/* The pidfile must be specified with an absolute pathname; o/w, the
* unlink() call in destroy_conf() will fail because the daemon has
* chdir()'d.
*/
if (pidfile[0] != '/') {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Pidfile \"%s\" requires an absolute path", pidfile);
}
/* Ensure pidfile dir is secure against modification by others.
*/
if (path_dirname (pidfile, piddir, sizeof (piddir)) < 0) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Failed to determine dirname of pidfile \"%s\"", pidfile);
}
n = path_is_secure (piddir, ebuf, sizeof (ebuf));
if (n < 0) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Failed to check pidfile dir \"%s\": %s", piddir, ebuf);
}
else if ((n == 0) && (!got_force)) {
log_err (EMUNGE_SNAFU, LOG_ERR, "Pidfile is insecure: %s", ebuf);
}
else if (n == 0) {
log_msg (LOG_WARNING, "Pidfile is insecure: %s", ebuf);
}
/* Protect pidfile against unauthorized access by removing write-access
* from group and other.
*/
mask = umask (0);
umask (mask | 022);
(void) unlink (pidfile);
fp = fopen (pidfile, "w");
umask (mask);
/*
* An error in creating the pidfile is not considered fatal.
*/
if (!fp) {
log_msg (LOG_WARNING, "Failed to open pidfile \"%s\": %s",
pidfile, strerror (errno));
}
else if (fprintf (fp, "%d\n", (int) getpid ()) == EOF) {
log_msg (LOG_WARNING, "Failed to write to pidfile \"%s\": %s",
pidfile, strerror (errno));
(void) fclose (fp);
}
else if (fclose (fp) == EOF) {
log_msg (LOG_WARNING, "Failed to close pidfile \"%s\": %s",
pidfile, strerror (errno));
}
else {
return; /* success */
}
(void) unlink (pidfile);
return; /* failure */
}
static void
sock_create (conf_t conf)
{
char sockdir [PATH_MAX];
char ebuf [1024];
int n;
int sd;
struct sockaddr_un addr;
mode_t mask;
int rv;
assert (conf != NULL);
if ((conf->socket_name == NULL) || (*conf->socket_name == '\0')) {
log_err (EMUNGE_SNAFU, LOG_ERR, "MUNGE socket name is undefined");
}
/* Ensure socket dir is secure against modification by others.
*/
if (path_dirname (conf->socket_name, sockdir, sizeof (sockdir)) < 0) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Failed to determine dirname of socket \"%s\"", conf->socket_name);
}
n = path_is_secure (sockdir, ebuf, sizeof (ebuf));
if (n < 0) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Failed to check socket dir \"%s\": %s", sockdir, ebuf);
}
else if ((n == 0) && (!conf->got_force)) {
log_err (EMUNGE_SNAFU, LOG_ERR, "Socket is insecure: %s", ebuf);
}
else if (n == 0) {
log_msg (LOG_WARNING, "Socket is insecure: %s", ebuf);
}
/* Ensure socket dir is accessible by all.
*/
n = path_is_accessible (sockdir, ebuf, sizeof (ebuf));
if (n < 0) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Failed to check socket dir \"%s\": %s", sockdir, ebuf);
}
else if ((n == 0) && (!conf->got_force)) {
log_err (EMUNGE_SNAFU, LOG_ERR, "Socket is inaccessible: %s", ebuf);
}
else if (n == 0) {
log_msg (LOG_WARNING, "Socket is inaccessible: %s", ebuf);
}
/* Create lockfile for exclusive access to the socket.
*/
sock_lock (conf);
/*
* Create socket for communicating with clients.
*/
if ((sd = socket (PF_UNIX, SOCK_STREAM, 0)) < 0) {
log_errno (EMUNGE_SNAFU, LOG_ERR, "Failed to create socket");
}
memset (&addr, 0, sizeof (addr));
addr.sun_family = AF_UNIX;
n = strlcpy (addr.sun_path, conf->socket_name, sizeof (addr.sun_path));
if (n >= sizeof (addr.sun_path)) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Exceeded maximum length of socket pathname");
}
/* Ensure socket is accessible by all.
*/
mask = umask (0);
rv = bind (sd, (struct sockaddr *) &addr, sizeof (addr));
umask (mask);
if (rv < 0) {
log_errno (EMUNGE_SNAFU, LOG_ERR,
"Failed to bind \"%s\"", conf->socket_name);
}
if (listen (sd, MUNGE_SOCKET_BACKLOG) < 0) {
log_errno (EMUNGE_SNAFU, LOG_ERR,
"Failed to listen on \"%s\"", conf->socket_name);
}
conf->ld = sd;
return;
}
/// Load ROM image from 2SF file.
/// @param filename the path to 2sf file.
/// @param rom the rom image to be loaded.
/// @param lib_nest_level the nest level of psflib.
/// @param first_load true for the first file.
void load_2sf(const std::string & filename, std::vector<char> & rom, int lib_nest_level = 0, bool first_load = true) {
// check the psflib nest level
if (lib_nest_level >= kPSFLibMaxNestLevel) {
std::ostringstream message_buffer;
message_buffer << filename << ": " << "Nest level error on psflib loading.";
throw std::out_of_range(message_buffer.str());
}
// save the current directory
char pwd[PATH_MAX];
getcwd(pwd, PATH_MAX);
// get the absolute path
char absolute_path[PATH_MAX];
if (path_getabspath(filename.c_str(), absolute_path) == NULL) {
std::ostringstream message_buffer;
message_buffer << filename << ": " << "Unable to determine absolute path.";
throw std::out_of_range(message_buffer.str());
}
// get the directory path
char basedir[PATH_MAX];
strcpy(basedir, absolute_path);
path_dirname(basedir);
// load the psf file
PSFFile psf(filename);
// check CRC32 of the compressed program
uint32_t actual_crc32 = ::crc32(0L, reinterpret_cast<const Bytef *>(
psf.compressed_exe().data()), static_cast<uInt>(psf.compressed_exe().size()));
if (psf.compressed_exe_crc32() != actual_crc32) {
std::ostringstream message_buffer;
message_buffer << filename << ": " << "CRC32 error at the compressed program.";
throw std::runtime_error(message_buffer.str());
}
// load psflibs
int lib_index = 1;
while (true) {
// search for _libN tag
std::ostringstream lib_tag_name_buffer;
lib_tag_name_buffer << "_lib";
if (lib_index > 1) {
lib_tag_name_buffer << lib_index;
}
std::string lib_tag_name = lib_tag_name_buffer.str();
// if no tag is present, end the lib loading
if (psf.tags().count(lib_tag_name) == 0) {
break;
}
// set the current directory to the parent psf directory
chdir(basedir);
// load the lib
try {
load_2sf(psf.tags()[lib_tag_name], rom, lib_nest_level + 1, first_load);
}
catch (std::exception) {
chdir(pwd);
throw;
}
chdir(pwd);
first_load = false;
// check the next lib
lib_index++;
}
// read the exe header
// - 4 bytes offset
// - 4 bytes size
ZlibReader compressed_exe(psf.compressed_exe().c_str(), psf.compressed_exe().size());
uint32_t load_offset;
uint32_t load_size;
bool read_success = true;
read_success &= compressed_exe.readInt(load_offset);
read_success &= compressed_exe.readInt(load_size);
if (!read_success) {
std::ostringstream message_buffer;
message_buffer << filename << ": " << "Unable to read the program header.";
throw std::runtime_error(message_buffer.str());
}
// ensure the rom buffer size
if (load_offset + load_size > kNDSRomMaxSize) {
std::ostringstream message_buffer;
message_buffer << filename << ": " << "Load offset/size of 2SF is too large. ";
throw std::out_of_range(message_buffer.str());
}
if (first_load) {
rom.resize(load_offset + load_size, 0);
}
else {
if (load_offset + load_size > rom.size()) {
std::ostringstream message_buffer;
message_buffer << filename << ": " << "Load offset/size of 2SF is out of bound.";
throw std::out_of_range(message_buffer.str());
}
}
// decompress the program area
if (compressed_exe.read(&rom[load_offset], load_size) != load_size) {
std::ostringstream message_buffer;
message_buffer << filename << ": " << "Failed to deflate data. Program data is corrupted.";
throw std::out_of_range(message_buffer.str());
}
}
static void
_check_auth_client_dir (const char *dir, int got_force)
{
#if defined(AUTH_METHOD_RECVFD_MKFIFO) || defined(AUTH_METHOD_RECVFD_MKNOD)
int got_symlink;
struct stat st;
int n;
char dirdir [PATH_MAX];
char ebuf [1024];
if ((dir == NULL) || (*dir == '\0')) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"The auth client dir name is undefined");
}
/* Check directory permissions and whatnot.
*/
got_symlink = (lstat (dir, &st) == 0) ? S_ISLNK (st.st_mode) : 0;
if (stat (dir, &st) < 0) {
log_errno (EMUNGE_SNAFU, LOG_ERR,
"Failed to check auth client dir \"%s\"", dir);
}
if (!S_ISDIR (st.st_mode) || got_symlink) {
if (!got_force || !got_symlink)
log_err (EMUNGE_SNAFU, LOG_ERR,
"The auth client dir is insecure: "
"\"%s\" must be a directory", dir);
else
log_msg (LOG_WARNING,
"The auth client dir is insecure: "
"\"%s\" should not be a symlink", dir);
}
if ((st.st_uid != 0) && (st.st_uid != geteuid ())) {
if (!got_force)
log_err (EMUNGE_SNAFU, LOG_ERR,
"The auth client dir is insecure: "
"invalid ownership of \"%s\"", dir);
else
log_msg (LOG_WARNING,
"The auth client dir is insecure: "
"invalid ownership of \"%s\"", dir);
}
if ((st.st_mode & (S_IWUSR | S_IWGRP | S_IWOTH | S_ISVTX))
!= (S_IWUSR | S_IWGRP | S_IWOTH | S_ISVTX)) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"The auth client dir is insecure: "
"\"%s\" must be writable by all with the sticky bit set", dir);
}
/* Ensure auth client parent dir is secure against modification by others.
*/
if (path_dirname (dir, dirdir, sizeof (dirdir)) < 0) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Failed to determine dirname of auth client dir \"%s\"", dir);
}
n = path_is_secure (dirdir, ebuf, sizeof (ebuf));
if (n < 0) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Failed to check auth client parent dir \"%s\": %s", dirdir, ebuf);
}
else if ((n == 0) && (!got_force)) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"The auth client dir is insecure: %s", ebuf);
}
else if (n == 0) {
log_msg (LOG_WARNING,
"The auth client dir is insecure: %s", ebuf);
}
/* Ensure auth client dir is accessible by all.
*/
n = path_is_accessible (dir, ebuf, sizeof (ebuf));
if (n < 0) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"Failed to check auth client dir \"%s\": %s", dir, ebuf);
}
else if ((n == 0) && (!got_force)) {
log_err (EMUNGE_SNAFU, LOG_ERR,
"The auth client dir is inaccessible: %s", ebuf);
}
else if (n == 0) {
log_msg (LOG_WARNING,
"The auth client dir is inaccessible: %s", ebuf);
}
#endif /* AUTH_METHOD_RECVFD_MKFIFO || AUTH_METHOD_RECVFD_MKNOD */
return;
}
void path_create_directories(const string& path)
{
boost::filesystem::create_directories(path_dirname(path));
}
static int do_chirp_acl_check(const char *filename, const char *subject, int flags, int follow_links)
{
char linkname[CHIRP_PATH_MAX];
char temp[CHIRP_PATH_MAX];
char dirname[CHIRP_PATH_MAX];
if(cfs->do_acl_check() == 0)
return 1;
/*
Symbolic links require special handling.
If requested, follow the link and look for rights in that directory.
*/
if(follow_links && flags != CHIRP_ACL_DELETE) {
int length = cfs->readlink(filename, linkname, sizeof(linkname));
if(length > 0) {
linkname[length] = 0;
/* If the link is relative, construct a full path */
if(linkname[0] != '/') {
sprintf(temp, "%s/../%s", filename, linkname);
path_collapse(temp, linkname, 1);
}
/* Use the linkname now to look up the ACL */
debug(D_DEBUG, "symlink %s points to %s", filename, linkname);
filename = linkname;
}
}
/*
If the file being checked is an ACL file,
then it may be written with the admin flag, but never deleted.
*/
if(!strcmp(string_back(filename, CHIRP_ACL_BASE_LENGTH), CHIRP_ACL_BASE_NAME)) {
if(flags & CHIRP_ACL_DELETE) {
errno = EACCES;
return 0;
}
if(flags & CHIRP_ACL_WRITE) {
flags &= ~CHIRP_ACL_WRITE;
flags |= CHIRP_ACL_ADMIN;
}
}
/* Now get the name of the directory containing the file */
path_collapse(filename, temp, 1);
if(!cfs_isdir(temp))
path_dirname(temp, dirname);
else
strcpy(dirname, temp);
/* Perform the permissions check on that directory. */
return chirp_acl_check_dir(dirname, subject, flags);
}
static void start_mesos_scheduler(struct batch_queue *q)
{
pid_t mesos_pid;
mesos_pid = fork();
if (mesos_pid > 0) {
debug(D_INFO, "Start makeflow mesos scheduler.");
} else if (mesos_pid == 0) {
char *mesos_cwd;
mesos_cwd = path_getcwd();
char exe_path[MAX_BUF_SIZE];
if(readlink("/proc/self/exe", exe_path, MAX_BUF_SIZE) == -1) {
fatal("read \"proc/self/exe\" fail\n");
}
char exe_dir_path[MAX_BUF_SIZE];
path_dirname(exe_path, exe_dir_path);
char *exe_py_path = string_format("%s/mf_mesos_scheduler", exe_dir_path);
char *ld_preload_str = NULL;
char *python_path = NULL;
if(mesos_preload) {
ld_preload_str = string_format("LD_PRELOAD=%s", mesos_preload);
}
if(mesos_py_path) {
char *mesos_python_path = xxstrdup(mesos_py_path);
python_path = string_format("PYTHONPATH=%s", mesos_python_path);
}
char *envs[3];
if(ld_preload_str && python_path) {
envs[0] = ld_preload_str;
envs[1] = python_path;
} else if(!ld_preload_str && python_path) {
envs[0] = python_path;
} else if(ld_preload_str && !python_path) {
envs[0] = ld_preload_str;
} else {
envs[0] = NULL;
}
const char *batch_log_name = q->logfile;
int mesos_fd = open(batch_log_name, O_RDWR | O_CREAT, S_IRUSR | S_IWUSR);
if (mesos_fd == -1) {
fatal("Failed to open %s \n", batch_log_name);
}
if (dup2(mesos_fd, 1) == -1) {
fatal("Failed to duplicate file descriptor: %s\n", strerror(errno));
}
if (dup2(mesos_fd, 2) == -1) {
fatal("Failed to duplicate file descriptor: %s\n", strerror(errno));
}
close(mesos_fd);
execle("/usr/bin/python", "python", exe_py_path, mesos_cwd,
mesos_master, (char *) 0, envs);
exit(errno);
} else {
fatal("mesos batch system couldn't create new process: %s\n", strerror(errno));
}
}
static int bindfile (sqlite3 *db, chirp_jobid_t id, const char *subject, const char *sandbox, struct url_binding **urlsp, const char *task_path, const char *serv_path, const char *binding, const char *type, enum BINDSTATE mode)
{
static const char SQL[] =
"UPDATE JobFile"
" SET serv_path = ?, size = ?"
" WHERE id = ? AND task_path = ? AND type = 'OUTPUT'";
int rc;
sqlite3_stmt *stmt = NULL;
const char *current = SQL;
char task_path_resolved[CHIRP_PATH_MAX] = "";
char serv_path_interpolated[CHIRP_PATH_MAX] = "";
char serv_path_resolved[CHIRP_PATH_MAX] = "";
char task_path_dir[CHIRP_PATH_MAX] = ""; /* directory containing task_path_resolved */
CATCHUNIX(snprintf(task_path_resolved, sizeof(task_path_resolved), "%s/%s", sandbox, task_path));
if ((size_t)rc >= sizeof(task_path_resolved))
CATCH(ENAMETOOLONG);
path_dirname(task_path_resolved, task_path_dir);
if (strcmp(binding, "URL") == 0) {
if (strcmp(type, "INPUT") != 0)
CATCH(EINVAL);
if (mode == BOOTSTRAP) {
debug(D_DEBUG, "binding `%s' for future URL fetch `%s'", task_path, serv_path);
CATCHUNIX(create_dir(task_path_dir, S_IRWXU) ? 0 : -1);
struct url_binding *url = malloc(sizeof(struct url_binding));
CATCHUNIX(url ? 0 : -1);
memset(url, 0, sizeof(struct url_binding));
strncpy(url->path, "", sizeof(url->path));
url->url = NULL;
url->next = *urlsp;
*urlsp = url;
CATCHUNIX(snprintf(url->path, sizeof(url->path), "%s", task_path));
CATCHUNIX((url->url = strdup(serv_path)) ? 0 : -1);
}
rc = 0;
goto out;
}
strncpy(serv_path_interpolated, serv_path, sizeof(serv_path_interpolated)-1);
if (mode == STRAPBOOT && strcmp(type, "OUTPUT") == 0)
CATCH(interpolate(id, task_path_resolved, serv_path_interpolated));
serv_path = serv_path_interpolated;
CATCH(chirp_fs_local_resolve(serv_path, serv_path_resolved));
if (mode == BOOTSTRAP) {
debug(D_DEBUG, "binding `%s' as `%s'", task_path, serv_path);
CATCHUNIX(create_dir(task_path_dir, S_IRWXU) ? 0 : -1);
if (strcmp(type, "INPUT") == 0) {
if (strcmp(binding, "LINK") == 0) {
CATCHUNIX(link(serv_path_resolved, task_path_resolved));
} else if (strcmp(binding, "COPY") == 0) {
CATCHUNIX(copy_file_to_file(serv_path_resolved, task_path_resolved));
} else assert(0);
CATCHUNIX(chmod(serv_path_resolved, S_IRWXU));
}
} else if (mode == STRAPBOOT) {
if (strcmp(type, "OUTPUT") == 0) {
struct stat info;
debug(D_DEBUG, "binding output file `%s' as `%s'", task_path, serv_path);
if (strcmp(binding, "LINK") == 0) {
CATCHUNIXIGNORE(unlink(serv_path_resolved), ENOENT); /* ignore error/success */
CATCHUNIX(link(task_path_resolved, serv_path_resolved));
} else if (strcmp(binding, "COPY") == 0) {
CATCHUNIXIGNORE(unlink(serv_path_resolved), ENOENT);
CATCHUNIX(copy_file_to_file(task_path_resolved, serv_path_resolved));
}
if (stat(serv_path_resolved, &info) == 0) {
sqlcatch(sqlite3_prepare_v2(db, current, -1, &stmt, ¤t));
sqlcatch(sqlite3_bind_text(stmt, 1, serv_path, -1, SQLITE_STATIC));
sqlcatch(sqlite3_bind_int64(stmt, 2, info.st_size));
sqlcatch(sqlite3_bind_int64(stmt, 3, (sqlite3_int64)id));
sqlcatch(sqlite3_bind_text(stmt, 4, task_path, -1, SQLITE_STATIC));
sqlcatchcode(sqlite3_step(stmt), SQLITE_DONE);
sqlcatch(sqlite3_finalize(stmt); stmt = NULL);
}
}
} else assert(0);
