diff options
Diffstat (limited to 'src/posix')
| -rw-r--r-- | src/posix/posixDaemon.cpp | 107 | ||||
| -rw-r--r-- | src/posix/posixDaemon.h | 2 | ||||
| -rw-r--r-- | src/posix/signalHandler.hpp | 18 | ||||
| -rw-r--r-- | src/posix/sysExec.hpp | 62 |
4 files changed, 109 insertions, 80 deletions
diff --git a/src/posix/posixDaemon.cpp b/src/posix/posixDaemon.cpp index e4a4148..96cad00 100644 --- a/src/posix/posixDaemon.cpp +++ b/src/posix/posixDaemon.cpp @@ -11,7 +11,7 @@ * tunneling and relaying of packets of any protocol. * * - * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl, + * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl, * Christian Pointner <satp@wirdorange.org> * * This file is part of Anytun. @@ -49,112 +49,131 @@ DaemonService::DaemonService() : pw_(NULL), gr_(NULL), daemonized_(false) void DaemonService::initPrivs(std::string const& username, std::string const& groupname) { - if(username == "") + if(username == "") { return; - + } + pw_ = getpwnam(username.c_str()); - if(!pw_) + if(!pw_) { AnytunError::throwErr() << "unknown user " << username; - - if(groupname != "") + } + + if(groupname != "") { gr_ = getgrnam(groupname.c_str()); - else + } else { gr_ = getgrgid(pw_->pw_gid); - - if(!gr_) + } + + if(!gr_) { AnytunError::throwErr() << "unknown group " << groupname; + } } void DaemonService::dropPrivs() { - if(!pw_ || !gr_) + if(!pw_ || !gr_) { return; - - if(setgid(gr_->gr_gid)) + } + + if(setgid(gr_->gr_gid)) { AnytunError::throwErr() << "setgid('" << gr_->gr_name << "') failed: " << AnytunErrno(errno); - + } + gid_t gr_list[1]; gr_list[0] = gr_->gr_gid; - if(setgroups (1, gr_list)) + if(setgroups(1, gr_list)) { AnytunError::throwErr() << "setgroups(['" << gr_->gr_name << "']) failed: " << AnytunErrno(errno); - - if(setuid(pw_->pw_uid)) + } + + if(setuid(pw_->pw_uid)) { AnytunError::throwErr() << "setuid('" << pw_->pw_name << "') failed: " << AnytunErrno(errno); - + } + cLog.msg(Log::PRIO_NOTICE) << "dropped privileges to " << pw_->pw_name << ":" << gr_->gr_name; } void DaemonService::chroot(std::string const& chrootdir) { - if (getuid() != 0) + if(getuid() != 0) { AnytunError::throwErr() << "this program has to be run as root in order to run in a chroot"; + } - if(::chroot(chrootdir.c_str())) + if(::chroot(chrootdir.c_str())) { AnytunError::throwErr() << "can't chroot to " << chrootdir; + } cLog.msg(Log::PRIO_NOTICE) << "we are in chroot jail (" << chrootdir << ") now" << std::endl; - if(chdir("/")) + if(chdir("/")) { AnytunError::throwErr() << "can't change to /"; + } } /// TODO: this outstandignly ugly please and i really can't stress the please fix it asap!!!!!!! -std::ofstream pidFile; // FIXXXME no global variable +std::ofstream pidFile; // FIXXXME no global variable void DaemonService::daemonize() { -// std::ofstream pidFile; + // std::ofstream pidFile; if(gOpt.getPidFile() != "") { pidFile.open(gOpt.getPidFile().c_str()); - if(!pidFile.is_open()) + if(!pidFile.is_open()) { AnytunError::throwErr() << "can't open pid file (" << gOpt.getPidFile() << "): " << AnytunErrno(errno); + } } pid_t pid; pid = fork(); - if(pid < 0) + if(pid < 0) { AnytunError::throwErr() << "daemonizing failed at fork(): " << AnytunErrno(errno) << ", exitting"; + } - if(pid) exit(0); + if(pid) { exit(0); } umask(0); - if(setsid() < 0) + if(setsid() < 0) { AnytunError::throwErr() << "daemonizing failed at setsid(): " << AnytunErrno(errno) << ", exitting"; + } pid = fork(); - if(pid < 0) + if(pid < 0) { AnytunError::throwErr() << "daemonizing failed at fork(): " << AnytunErrno(errno) << ", exitting"; + } - if(pid) exit(0); + if(pid) { exit(0); } - if ((chdir("/")) < 0) + if((chdir("/")) < 0) { AnytunError::throwErr() << "daemonizing failed at chdir(): " << AnytunErrno(errno) << ", exitting"; + } -// std::cout << "running in background now..." << std::endl; + // std::cout << "running in background now..." << std::endl; int fd; -// for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors - for (fd=0;fd<=2;fd++) // close all file descriptors + // for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors + for(fd=0; fd<=2; fd++) { // close all file descriptors close(fd); + } fd = open("/dev/null",O_RDWR); // stdin - if(fd == -1) + if(fd == -1) { cLog.msg(Log::PRIO_WARNING) << "can't open /dev/null as stdin"; - else { - if(dup(fd) == -1) // stdout + } else { + if(dup(fd) == -1) { // stdout cLog.msg(Log::PRIO_WARNING) << "can't open /dev/null as stdout"; - if(dup(fd) == -1) // stderr + } + if(dup(fd) == -1) { // stderr cLog.msg(Log::PRIO_WARNING) << "can't open /dev/null as stderr"; + } } - -// FIXXXXME: write this pid to file (currently pid from posix/signhandler.hpp:77 is used) -// -// if(pidFile.is_open()) { -// pid_t pid = getpid(); -// pidFile << pid; -// pidFile.close(); -// } + + // FIXXXXME: write this pid to file (currently pid from posix/signhandler.hpp:77 is used) + // + // if(pidFile.is_open()) { + // pid_t pid = getpid(); + // pidFile << pid; + // pidFile.close(); + // } daemonized_ = true; } diff --git a/src/posix/posixDaemon.h b/src/posix/posixDaemon.h index e6d56d5..e3ac3e3 100644 --- a/src/posix/posixDaemon.h +++ b/src/posix/posixDaemon.h @@ -11,7 +11,7 @@ * tunneling and relaying of packets of any protocol. * * - * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl, + * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl, * Christian Pointner <satp@wirdorange.org> * * This file is part of Anytun. diff --git a/src/posix/signalHandler.hpp b/src/posix/signalHandler.hpp index 3851c78..11d0c2f 100644 --- a/src/posix/signalHandler.hpp +++ b/src/posix/signalHandler.hpp @@ -11,7 +11,7 @@ * tunneling and relaying of packets of any protocol. * * - * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl, + * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl, * Christian Pointner <satp@wirdorange.org> * * This file is part of Anytun. @@ -51,7 +51,7 @@ int SigQuitHandler(int /*sig*/, const std::string& /*msg*/) int SigHupHandler(int /*sig*/, const std::string& /*msg*/) { - cLog.msg(Log::PRIO_NOTICE) << "SIG-Hup caught"; + cLog.msg(Log::PRIO_NOTICE) << "SIG-Hup caught"; return 0; } @@ -98,10 +98,10 @@ void handleSignal() timeout.tv_sec = 1; timeout.tv_nsec = 0; sigNum = sigtimedwait(&signal_set, NULL, &timeout); - if (sigNum == -1) { - if (errno != EINTR && errno != EAGAIN) { - cLog.msg(Log::PRIO_ERROR) << "sigwait failed with error: \"" << AnytunErrno(errno) << "\" SignalHandling will be disabled"; - break; + if(sigNum == -1) { + if(errno != EINTR && errno != EAGAIN) { + cLog.msg(Log::PRIO_ERROR) << "sigwait failed with error: \"" << AnytunErrno(errno) << "\" SignalHandling will be disabled"; + break; } } else { gSignalController.inject(sigNum); @@ -112,7 +112,7 @@ void handleSignal() void registerSignalHandler(SignalController& ctrl, DaemonService& /*service*/) { sigset_t signal_set; - + sigemptyset(&signal_set); sigaddset(&signal_set, SIGINT); sigaddset(&signal_set, SIGQUIT); @@ -120,13 +120,13 @@ void registerSignalHandler(SignalController& ctrl, DaemonService& /*service*/) sigaddset(&signal_set, SIGTERM); sigaddset(&signal_set, SIGUSR1); sigaddset(&signal_set, SIGUSR2); - + #if defined(BOOST_HAS_PTHREADS) pthread_sigmask(SIG_BLOCK, &signal_set, NULL); #else #error The signalhandler works only with pthreads #endif - + boost::thread(boost::bind(handleSignal)); ctrl.handler[SIGINT] = boost::bind(SigIntHandler, _1, _2); diff --git a/src/posix/sysExec.hpp b/src/posix/sysExec.hpp index 18fde97..7e8f37e 100644 --- a/src/posix/sysExec.hpp +++ b/src/posix/sysExec.hpp @@ -11,7 +11,7 @@ * tunneling and relaying of packets of any protocol. * * - * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl, + * Copyright (C) 2007-2009 Othmar Gsenger, Erwin Nindl, * Christian Pointner <satp@wirdorange.org> * * This file is part of Anytun. @@ -45,8 +45,9 @@ SysExec::~SysExec() { - if(!closed_) + if(!closed_) { close(pipefd_); + } } @@ -55,15 +56,17 @@ char** dupSysStringArray(T const& array) { char** new_array; new_array = static_cast<char**>(malloc((array.size() + 1)*sizeof(char*))); - if(!new_array) + if(!new_array) { return NULL; + } unsigned int i = 0; for(typename T::const_iterator it = array.begin(); it != array.end(); ++it) { new_array[i] = strdup(it->c_str()); if(!new_array) { - while(i--) + while(i--) { free(new_array[i]); + } free(new_array); return NULL; } @@ -75,11 +78,13 @@ char** dupSysStringArray(T const& array) void freeSysStringArray(char** array) { - if(!array) + if(!array) { return; + } - for(int i=0; array[i] ; ++i) + for(int i=0; array[i] ; ++i) { free(array[i]); + } free(array); } @@ -106,35 +111,38 @@ void SysExec::doExec(StringVector args, StringList env) } // child code, exec the script int fd; - for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors - if(fd != pipefd[1]) close(fd); - + for(fd=getdtablesize(); fd>=0; --fd) // close all file descriptors + if(fd != pipefd[1]) { close(fd); } + fd = open("/dev/null",O_RDWR); // stdin - if(fd == -1) + if(fd == -1) { cLog.msg(Log::PRIO_WARNING) << "can't open stdin"; - else { - if(dup(fd) == -1) // stdout + } else { + if(dup(fd) == -1) { // stdout cLog.msg(Log::PRIO_WARNING) << "can't open stdout"; - if(dup(fd) == -1) // stderr + } + if(dup(fd) == -1) { // stderr cLog.msg(Log::PRIO_WARNING) << "can't open stderr"; + } } - + args.insert(args.begin(), script_); char** argv = dupSysStringArray(args); char** evp = dupSysStringArray(env); - + execve(script_.c_str(), argv, evp); - // if execve returns, an error occurred, but logging doesn't work - // because we closed all file descriptors, so just write errno to - // pipe and call exit - + // if execve returns, an error occurred, but logging doesn't work + // because we closed all file descriptors, so just write errno to + // pipe and call exit + freeSysStringArray(argv); freeSysStringArray(evp); int err = errno; int ret = write(pipefd[1], (void*)(&err), sizeof(err)); - if(ret != sizeof(errno)) + if(ret != sizeof(errno)) { exit(-2); + } exit(-1); } @@ -166,18 +174,20 @@ int SysExec::waitForScript() void SysExec::waitAndDestroy(SysExec*& s) { - if(!s) + if(!s) { return; + } s->waitForScript(); - if(WIFEXITED(s->return_code_)) - cLog.msg(Log::PRIO_NOTICE) << "script '" << s->script_ << "' returned " << WEXITSTATUS(s->return_code_); - else if(WIFSIGNALED(s->return_code_)) + if(WIFEXITED(s->return_code_)) { + cLog.msg(Log::PRIO_NOTICE) << "script '" << s->script_ << "' returned " << WEXITSTATUS(s->return_code_); + } else if(WIFSIGNALED(s->return_code_)) { cLog.msg(Log::PRIO_NOTICE) << "script '" << s->script_ << "' terminated after signal " << WTERMSIG(s->return_code_); - else if(WIFSTOPPED(s->return_code_)) + } else if(WIFSTOPPED(s->return_code_)) { cLog.msg(Log::PRIO_NOTICE) << "script '" << s->script_ << "' stopped after signal " << WSTOPSIG(s->return_code_); - else if(WIFCONTINUED(s->return_code_)) + } else if(WIFCONTINUED(s->return_code_)) { cLog.msg(Log::PRIO_NOTICE) << "script '" << s->script_ << "' continued after SIGCONT"; + } delete(s); s = NULL; |