|
Packit |
90a5c9 |
/* Licensed to the Apache Software Foundation (ASF) under one or more
|
|
Packit |
90a5c9 |
* contributor license agreements. See the NOTICE file distributed with
|
|
Packit |
90a5c9 |
* this work for additional information regarding copyright ownership.
|
|
Packit |
90a5c9 |
* The ASF licenses this file to You under the Apache License, Version 2.0
|
|
Packit |
90a5c9 |
* (the "License"); you may not use this file except in compliance with
|
|
Packit |
90a5c9 |
* the License. You may obtain a copy of the License at
|
|
Packit |
90a5c9 |
*
|
|
Packit |
90a5c9 |
* http://www.apache.org/licenses/LICENSE-2.0
|
|
Packit |
90a5c9 |
*
|
|
Packit |
90a5c9 |
* Unless required by applicable law or agreed to in writing, software
|
|
Packit |
90a5c9 |
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
Packit |
90a5c9 |
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
Packit |
90a5c9 |
* See the License for the specific language governing permissions and
|
|
Packit |
90a5c9 |
* limitations under the License.
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#include "ap_config.h"
|
|
Packit |
90a5c9 |
#include "httpd.h"
|
|
Packit |
90a5c9 |
#include "http_config.h"
|
|
Packit |
90a5c9 |
#include "http_main.h"
|
|
Packit |
90a5c9 |
#include "http_core.h"
|
|
Packit |
90a5c9 |
#include "http_log.h"
|
|
Packit |
90a5c9 |
#include "unixd.h"
|
|
Packit |
90a5c9 |
#include "mpm_common.h"
|
|
Packit |
90a5c9 |
#include "os.h"
|
|
Packit |
90a5c9 |
#include "ap_mpm.h"
|
|
Packit |
90a5c9 |
#include "apr_thread_proc.h"
|
|
Packit |
90a5c9 |
#include "apr_signal.h"
|
|
Packit |
90a5c9 |
#include "apr_strings.h"
|
|
Packit |
90a5c9 |
#include "apr_portable.h"
|
|
Packit |
90a5c9 |
#ifdef HAVE_PWD_H
|
|
Packit |
90a5c9 |
#include <pwd.h>
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef HAVE_SYS_RESOURCE_H
|
|
Packit |
90a5c9 |
#include <sys/resource.h>
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
/* XXX */
|
|
Packit |
90a5c9 |
#include <sys/stat.h>
|
|
Packit |
90a5c9 |
#ifdef HAVE_UNISTD_H
|
|
Packit |
90a5c9 |
#include <unistd.h>
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef HAVE_GRP_H
|
|
Packit |
90a5c9 |
#include <grp.h>
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef HAVE_STRINGS_H
|
|
Packit |
90a5c9 |
#include <strings.h>
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef HAVE_SYS_SEM_H
|
|
Packit |
90a5c9 |
#include <sys/sem.h>
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef HAVE_SYS_PRCTL_H
|
|
Packit |
90a5c9 |
#include <sys/prctl.h>
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
unixd_config_rec ap_unixd_config;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
APLOG_USE_MODULE(core);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
AP_DECLARE(void) ap_unixd_set_rlimit(cmd_parms *cmd, struct rlimit **plimit,
|
|
Packit |
90a5c9 |
const char *arg,
|
|
Packit |
90a5c9 |
const char * arg2, int type)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
#if (defined(RLIMIT_CPU) || defined(RLIMIT_DATA) || defined(RLIMIT_VMEM) || defined(RLIMIT_NPROC) || defined(RLIMIT_AS)) && APR_HAVE_STRUCT_RLIMIT && APR_HAVE_GETRLIMIT
|
|
Packit |
90a5c9 |
char *str;
|
|
Packit |
90a5c9 |
struct rlimit *limit;
|
|
Packit |
90a5c9 |
/* If your platform doesn't define rlim_t then typedef it in ap_config.h */
|
|
Packit |
90a5c9 |
rlim_t cur = 0;
|
|
Packit |
90a5c9 |
rlim_t max = 0;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
*plimit = (struct rlimit *)apr_pcalloc(cmd->pool, sizeof(**plimit));
|
|
Packit |
90a5c9 |
limit = *plimit;
|
|
Packit |
90a5c9 |
if ((getrlimit(type, limit)) != 0) {
|
|
Packit |
90a5c9 |
*plimit = NULL;
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_ERR, errno, cmd->server, APLOGNO(02172)
|
|
Packit |
90a5c9 |
"%s: getrlimit failed", cmd->cmd->name);
|
|
Packit |
90a5c9 |
return;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (*(str = ap_getword_conf(cmd->temp_pool, &arg)) != '\0') {
|
|
Packit |
90a5c9 |
if (!strcasecmp(str, "max")) {
|
|
Packit |
90a5c9 |
cur = limit->rlim_max;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
else {
|
|
Packit |
90a5c9 |
cur = atol(str);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
else {
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_ERR, 0, cmd->server, APLOGNO(02173)
|
|
Packit |
90a5c9 |
"Invalid parameters for %s", cmd->cmd->name);
|
|
Packit |
90a5c9 |
return;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (arg2 && (*(str = ap_getword_conf(cmd->temp_pool, &arg2)) != '\0')) {
|
|
Packit |
90a5c9 |
max = atol(str);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* if we aren't running as root, cannot increase max */
|
|
Packit |
90a5c9 |
if (geteuid()) {
|
|
Packit |
90a5c9 |
limit->rlim_cur = cur;
|
|
Packit |
90a5c9 |
if (max && (max > limit->rlim_max)) {
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_ERR, 0, cmd->server, APLOGNO(02174)
|
|
Packit |
90a5c9 |
"Must be uid 0 to raise maximum %s", cmd->cmd->name);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
else if (max) {
|
|
Packit |
90a5c9 |
limit->rlim_max = max;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
else {
|
|
Packit |
90a5c9 |
if (cur) {
|
|
Packit |
90a5c9 |
limit->rlim_cur = cur;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
if (max) {
|
|
Packit |
90a5c9 |
limit->rlim_max = max;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
#else
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_ERR, 0, cmd->server, APLOGNO(02175)
|
|
Packit |
90a5c9 |
"Platform does not support rlimit for %s", cmd->cmd->name);
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
APR_HOOK_STRUCT(
|
|
Packit |
90a5c9 |
APR_HOOK_LINK(get_suexec_identity)
|
|
Packit |
90a5c9 |
)
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
AP_IMPLEMENT_HOOK_RUN_FIRST(ap_unix_identity_t *, get_suexec_identity,
|
|
Packit |
90a5c9 |
(const request_rec *r), (r), NULL)
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static apr_status_t ap_unix_create_privileged_process(
|
|
Packit |
90a5c9 |
apr_proc_t *newproc, const char *progname,
|
|
Packit |
90a5c9 |
const char * const *args,
|
|
Packit |
90a5c9 |
const char * const *env,
|
|
Packit |
90a5c9 |
apr_procattr_t *attr, ap_unix_identity_t *ugid,
|
|
Packit |
90a5c9 |
apr_pool_t *p)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
int i = 0;
|
|
Packit |
90a5c9 |
const char **newargs;
|
|
Packit |
90a5c9 |
char *newprogname;
|
|
Packit |
90a5c9 |
char *execuser, *execgroup;
|
|
Packit |
90a5c9 |
const char *argv0;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (!ap_unixd_config.suexec_enabled) {
|
|
Packit |
90a5c9 |
return apr_proc_create(newproc, progname, args, env, attr, p);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
argv0 = ap_strrchr_c(progname, '/');
|
|
Packit |
90a5c9 |
/* Allow suexec's "/" check to succeed */
|
|
Packit |
90a5c9 |
if (argv0 != NULL) {
|
|
Packit |
90a5c9 |
argv0++;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
else {
|
|
Packit |
90a5c9 |
argv0 = progname;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (ugid->userdir) {
|
|
Packit |
90a5c9 |
execuser = apr_psprintf(p, "~%ld", (long) ugid->uid);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
else {
|
|
Packit |
90a5c9 |
execuser = apr_psprintf(p, "%ld", (long) ugid->uid);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
execgroup = apr_psprintf(p, "%ld", (long) ugid->gid);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (!execuser || !execgroup) {
|
|
Packit |
90a5c9 |
return APR_ENOMEM;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
i = 0;
|
|
Packit |
90a5c9 |
while (args[i])
|
|
Packit |
90a5c9 |
i++;
|
|
Packit |
90a5c9 |
/* allocate space for 4 new args, the input args, and a null terminator */
|
|
Packit |
90a5c9 |
newargs = apr_palloc(p, sizeof(char *) * (i + 4));
|
|
Packit |
90a5c9 |
newprogname = SUEXEC_BIN;
|
|
Packit |
90a5c9 |
newargs[0] = SUEXEC_BIN;
|
|
Packit |
90a5c9 |
newargs[1] = execuser;
|
|
Packit |
90a5c9 |
newargs[2] = execgroup;
|
|
Packit |
90a5c9 |
newargs[3] = apr_pstrdup(p, argv0);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/*
|
|
Packit |
90a5c9 |
** using a shell to execute suexec makes no sense thus
|
|
Packit |
90a5c9 |
** we force everything to be APR_PROGRAM, and never
|
|
Packit |
90a5c9 |
** APR_SHELLCMD
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
if (apr_procattr_cmdtype_set(attr, APR_PROGRAM) != APR_SUCCESS) {
|
|
Packit |
90a5c9 |
return APR_EGENERAL;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
i = 1;
|
|
Packit |
90a5c9 |
do {
|
|
Packit |
90a5c9 |
newargs[i + 3] = args[i];
|
|
Packit |
90a5c9 |
} while (args[i++]);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return apr_proc_create(newproc, newprogname, newargs, env, attr, p);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
AP_DECLARE(apr_status_t) ap_os_create_privileged_process(
|
|
Packit |
90a5c9 |
const request_rec *r,
|
|
Packit |
90a5c9 |
apr_proc_t *newproc, const char *progname,
|
|
Packit |
90a5c9 |
const char * const *args,
|
|
Packit |
90a5c9 |
const char * const *env,
|
|
Packit |
90a5c9 |
apr_procattr_t *attr, apr_pool_t *p)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
ap_unix_identity_t *ugid = ap_run_get_suexec_identity(r);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (ugid == NULL) {
|
|
Packit |
90a5c9 |
return apr_proc_create(newproc, progname, args, env, attr, p);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return ap_unix_create_privileged_process(newproc, progname, args, env,
|
|
Packit |
90a5c9 |
attr, ugid, p);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* XXX move to APR and externalize (but implement differently :) ) */
|
|
Packit |
90a5c9 |
static apr_lockmech_e proc_mutex_mech(apr_proc_mutex_t *pmutex)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
const char *mechname = apr_proc_mutex_name(pmutex);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (!strcmp(mechname, "sysvsem")) {
|
|
Packit |
90a5c9 |
return APR_LOCK_SYSVSEM;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
else if (!strcmp(mechname, "flock")) {
|
|
Packit |
90a5c9 |
return APR_LOCK_FLOCK;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
return APR_LOCK_DEFAULT;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
AP_DECLARE(apr_status_t) ap_unixd_set_proc_mutex_perms(apr_proc_mutex_t *pmutex)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
if (!geteuid()) {
|
|
Packit |
90a5c9 |
apr_lockmech_e mech = proc_mutex_mech(pmutex);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
switch(mech) {
|
|
Packit |
90a5c9 |
#if APR_HAS_SYSVSEM_SERIALIZE
|
|
Packit |
90a5c9 |
case APR_LOCK_SYSVSEM:
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
apr_os_proc_mutex_t ospmutex;
|
|
Packit |
90a5c9 |
#if !APR_HAVE_UNION_SEMUN
|
|
Packit |
90a5c9 |
union semun {
|
|
Packit |
90a5c9 |
long val;
|
|
Packit |
90a5c9 |
struct semid_ds *buf;
|
|
Packit |
90a5c9 |
unsigned short *array;
|
|
Packit |
90a5c9 |
};
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
union semun ick;
|
|
Packit |
90a5c9 |
struct semid_ds buf = { { 0 } };
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
apr_os_proc_mutex_get(&ospmutex, pmutex);
|
|
Packit |
90a5c9 |
buf.sem_perm.uid = ap_unixd_config.user_id;
|
|
Packit |
90a5c9 |
buf.sem_perm.gid = ap_unixd_config.group_id;
|
|
Packit |
90a5c9 |
buf.sem_perm.mode = 0600;
|
|
Packit |
90a5c9 |
ick.buf = &buf;
|
|
Packit |
90a5c9 |
if (semctl(ospmutex.crossproc, 0, IPC_SET, ick) < 0) {
|
|
Packit |
90a5c9 |
return errno;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
break;
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#if APR_HAS_FLOCK_SERIALIZE
|
|
Packit |
90a5c9 |
case APR_LOCK_FLOCK:
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
const char *lockfile = apr_proc_mutex_lockfile(pmutex);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (lockfile) {
|
|
Packit |
90a5c9 |
if (chown(lockfile, ap_unixd_config.user_id,
|
|
Packit |
90a5c9 |
-1 /* no gid change */) < 0) {
|
|
Packit |
90a5c9 |
return errno;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
break;
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
default:
|
|
Packit |
90a5c9 |
/* do nothing */
|
|
Packit |
90a5c9 |
break;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
return APR_SUCCESS;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
AP_DECLARE(apr_status_t) ap_unixd_set_global_mutex_perms(apr_global_mutex_t *gmutex)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
#if !APR_PROC_MUTEX_IS_GLOBAL
|
|
Packit |
90a5c9 |
apr_os_global_mutex_t osgmutex;
|
|
Packit |
90a5c9 |
apr_os_global_mutex_get(&osgmutex, gmutex);
|
|
Packit |
90a5c9 |
return ap_unixd_set_proc_mutex_perms(osgmutex.proc_mutex);
|
|
Packit |
90a5c9 |
#else /* APR_PROC_MUTEX_IS_GLOBAL */
|
|
Packit |
90a5c9 |
/* In this case, apr_proc_mutex_t and apr_global_mutex_t are the same. */
|
|
Packit |
90a5c9 |
return ap_unixd_set_proc_mutex_perms(gmutex);
|
|
Packit |
90a5c9 |
#endif /* APR_PROC_MUTEX_IS_GLOBAL */
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
AP_DECLARE(apr_status_t) ap_unixd_accept(void **accepted, ap_listen_rec *lr,
|
|
Packit |
90a5c9 |
apr_pool_t *ptrans)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
apr_socket_t *csd;
|
|
Packit |
90a5c9 |
apr_status_t status;
|
|
Packit |
90a5c9 |
#ifdef _OSD_POSIX
|
|
Packit |
90a5c9 |
int sockdes;
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
*accepted = NULL;
|
|
Packit |
90a5c9 |
status = apr_socket_accept(&csd, lr->sd, ptrans);
|
|
Packit |
90a5c9 |
if (status == APR_SUCCESS) {
|
|
Packit |
90a5c9 |
*accepted = csd;
|
|
Packit |
90a5c9 |
#ifdef _OSD_POSIX
|
|
Packit |
90a5c9 |
apr_os_sock_get(&sockdes, csd);
|
|
Packit |
90a5c9 |
if (sockdes >= FD_SETSIZE) {
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_WARNING, 0, ap_server_conf, APLOGNO(02176)
|
|
Packit |
90a5c9 |
"new file descriptor %d is too large; you probably need "
|
|
Packit |
90a5c9 |
"to rebuild Apache with a larger FD_SETSIZE "
|
|
Packit |
90a5c9 |
"(currently %d)",
|
|
Packit |
90a5c9 |
sockdes, FD_SETSIZE);
|
|
Packit |
90a5c9 |
apr_socket_close(csd);
|
|
Packit |
90a5c9 |
return APR_EINTR;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
return APR_SUCCESS;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (APR_STATUS_IS_EINTR(status)) {
|
|
Packit |
90a5c9 |
return status;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
/* Our old behaviour here was to continue after accept()
|
|
Packit |
90a5c9 |
* errors. But this leads us into lots of troubles
|
|
Packit |
90a5c9 |
* because most of the errors are quite fatal. For
|
|
Packit |
90a5c9 |
* example, EMFILE can be caused by slow descriptor
|
|
Packit |
90a5c9 |
* leaks (say in a 3rd party module, or libc). It's
|
|
Packit |
90a5c9 |
* foolish for us to continue after an EMFILE. We also
|
|
Packit |
90a5c9 |
* seem to tickle kernel bugs on some platforms which
|
|
Packit |
90a5c9 |
* lead to never-ending loops here. So it seems best
|
|
Packit |
90a5c9 |
* to just exit in most cases.
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
switch (status) {
|
|
Packit |
90a5c9 |
#if defined(HPUX11) && defined(ENOBUFS)
|
|
Packit |
90a5c9 |
/* On HPUX 11.x, the 'ENOBUFS, No buffer space available'
|
|
Packit |
90a5c9 |
* error occurs because the accept() cannot complete.
|
|
Packit |
90a5c9 |
* You will not see ENOBUFS with 10.20 because the kernel
|
|
Packit |
90a5c9 |
* hides any occurrence from being returned to user space.
|
|
Packit |
90a5c9 |
* ENOBUFS with 11.x's TCP/IP stack is possible, and could
|
|
Packit |
90a5c9 |
* occur intermittently. As a work-around, we are going to
|
|
Packit |
90a5c9 |
* ignore ENOBUFS.
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
case ENOBUFS:
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#ifdef EPROTO
|
|
Packit |
90a5c9 |
/* EPROTO on certain older kernels really means
|
|
Packit |
90a5c9 |
* ECONNABORTED, so we need to ignore it for them.
|
|
Packit |
90a5c9 |
* See discussion in new-httpd archives nh.9701
|
|
Packit |
90a5c9 |
* search for EPROTO.
|
|
Packit |
90a5c9 |
*
|
|
Packit |
90a5c9 |
* Also see nh.9603, search for EPROTO:
|
|
Packit |
90a5c9 |
* There is potentially a bug in Solaris 2.x x<6,
|
|
Packit |
90a5c9 |
* and other boxes that implement tcp sockets in
|
|
Packit |
90a5c9 |
* userland (i.e. on top of STREAMS). On these
|
|
Packit |
90a5c9 |
* systems, EPROTO can actually result in a fatal
|
|
Packit |
90a5c9 |
* loop. See PR#981 for example. It's hard to
|
|
Packit |
90a5c9 |
* handle both uses of EPROTO.
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
case EPROTO:
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef ECONNABORTED
|
|
Packit |
90a5c9 |
case ECONNABORTED:
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
/* Linux generates the rest of these, other tcp
|
|
Packit |
90a5c9 |
* stacks (i.e. bsd) tend to hide them behind
|
|
Packit |
90a5c9 |
* getsockopt() interfaces. They occur when
|
|
Packit |
90a5c9 |
* the net goes sour or the client disconnects
|
|
Packit |
90a5c9 |
* after the three-way handshake has been done
|
|
Packit |
90a5c9 |
* in the kernel but before userland has picked
|
|
Packit |
90a5c9 |
* up the socket.
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
#ifdef ECONNRESET
|
|
Packit |
90a5c9 |
case ECONNRESET:
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef ETIMEDOUT
|
|
Packit |
90a5c9 |
case ETIMEDOUT:
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef EHOSTUNREACH
|
|
Packit |
90a5c9 |
case EHOSTUNREACH:
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef ENETUNREACH
|
|
Packit |
90a5c9 |
case ENETUNREACH:
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
/* EAGAIN/EWOULDBLOCK can be returned on BSD-derived
|
|
Packit |
90a5c9 |
* TCP stacks when the connection is aborted before
|
|
Packit |
90a5c9 |
* we call connect, but only because our listener
|
|
Packit |
90a5c9 |
* sockets are non-blocking (AP_NONBLOCK_WHEN_MULTI_LISTEN)
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
#ifdef EAGAIN
|
|
Packit |
90a5c9 |
case EAGAIN:
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef EWOULDBLOCK
|
|
Packit |
90a5c9 |
#if !defined(EAGAIN) || EAGAIN != EWOULDBLOCK
|
|
Packit |
90a5c9 |
case EWOULDBLOCK:
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
break;
|
|
Packit |
90a5c9 |
#ifdef ENETDOWN
|
|
Packit |
90a5c9 |
case ENETDOWN:
|
|
Packit |
90a5c9 |
/*
|
|
Packit |
90a5c9 |
* When the network layer has been shut down, there
|
|
Packit |
90a5c9 |
* is not much use in simply exiting: the parent
|
|
Packit |
90a5c9 |
* would simply re-create us (and we'd fail again).
|
|
Packit |
90a5c9 |
* Use the CHILDFATAL code to tear the server down.
|
|
Packit |
90a5c9 |
* @@@ Martin's idea for possible improvement:
|
|
Packit |
90a5c9 |
* A different approach would be to define
|
|
Packit |
90a5c9 |
* a new APEXIT_NETDOWN exit code, the reception
|
|
Packit |
90a5c9 |
* of which would make the parent shutdown all
|
|
Packit |
90a5c9 |
* children, then idle-loop until it detected that
|
|
Packit |
90a5c9 |
* the network is up again, and restart the children.
|
|
Packit |
90a5c9 |
* Ben Hyde noted that temporary ENETDOWN situations
|
|
Packit |
90a5c9 |
* occur in mobile IP.
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_EMERG, status, ap_server_conf, APLOGNO(02177)
|
|
Packit |
90a5c9 |
"apr_socket_accept: giving up.");
|
|
Packit |
90a5c9 |
return APR_EGENERAL;
|
|
Packit |
90a5c9 |
#endif /*ENETDOWN*/
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
default:
|
|
Packit |
90a5c9 |
/* If the socket has been closed in ap_close_listeners()
|
|
Packit |
90a5c9 |
* by the restart/stop action, we may get EBADF.
|
|
Packit |
90a5c9 |
* Do not print an error in this case.
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
if (!lr->active) {
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_DEBUG, status, ap_server_conf, APLOGNO(02178)
|
|
Packit |
90a5c9 |
"apr_socket_accept failed for inactive listener");
|
|
Packit |
90a5c9 |
return status;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_ERR, status, ap_server_conf, APLOGNO(02179)
|
|
Packit |
90a5c9 |
"apr_socket_accept: (client socket)");
|
|
Packit |
90a5c9 |
return APR_EGENERAL;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
return status;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* Unixes MPMs' */
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static ap_unixd_mpm_retained_data *retained_data = NULL;
|
|
Packit |
90a5c9 |
static apr_status_t retained_data_cleanup(void *unused)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
(void)unused;
|
|
Packit |
90a5c9 |
retained_data = NULL;
|
|
Packit |
90a5c9 |
return APR_SUCCESS;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
AP_DECLARE(ap_unixd_mpm_retained_data *) ap_unixd_mpm_get_retained_data()
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
if (!retained_data) {
|
|
Packit |
90a5c9 |
retained_data = ap_retained_data_create("ap_unixd_mpm_retained_data",
|
|
Packit |
90a5c9 |
sizeof(*retained_data));
|
|
Packit |
90a5c9 |
apr_pool_pre_cleanup_register(ap_pglobal, NULL, retained_data_cleanup);
|
|
Packit |
90a5c9 |
retained_data->mpm_state = AP_MPMQ_STARTING;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
return retained_data;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static void sig_term(int sig)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
if (!retained_data) {
|
|
Packit |
90a5c9 |
/* Main process (ap_pglobal) is dying */
|
|
Packit |
90a5c9 |
return;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
retained_data->mpm_state = AP_MPMQ_STOPPING;
|
|
Packit |
90a5c9 |
if (retained_data->shutdown_pending
|
|
Packit |
90a5c9 |
&& (retained_data->is_ungraceful
|
|
Packit |
90a5c9 |
|| sig == AP_SIG_GRACEFUL_STOP)) {
|
|
Packit |
90a5c9 |
/* Already handled */
|
|
Packit |
90a5c9 |
return;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
retained_data->shutdown_pending = 1;
|
|
Packit |
90a5c9 |
if (sig != AP_SIG_GRACEFUL_STOP) {
|
|
Packit |
90a5c9 |
retained_data->is_ungraceful = 1;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static void sig_restart(int sig)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
if (!retained_data) {
|
|
Packit |
90a5c9 |
/* Main process (ap_pglobal) is dying */
|
|
Packit |
90a5c9 |
return;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
retained_data->mpm_state = AP_MPMQ_STOPPING;
|
|
Packit |
90a5c9 |
if (retained_data->restart_pending
|
|
Packit |
90a5c9 |
&& (retained_data->is_ungraceful
|
|
Packit |
90a5c9 |
|| sig == AP_SIG_GRACEFUL)) {
|
|
Packit |
90a5c9 |
/* Already handled */
|
|
Packit |
90a5c9 |
return;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
retained_data->restart_pending = 1;
|
|
Packit |
90a5c9 |
if (sig != AP_SIG_GRACEFUL) {
|
|
Packit |
90a5c9 |
retained_data->is_ungraceful = 1;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static apr_status_t unset_signals(void *unused)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
if (!retained_data) {
|
|
Packit |
90a5c9 |
/* Main process (ap_pglobal) is dying */
|
|
Packit |
90a5c9 |
return APR_SUCCESS;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
retained_data->shutdown_pending = retained_data->restart_pending = 0;
|
|
Packit |
90a5c9 |
retained_data->was_graceful = !retained_data->is_ungraceful;
|
|
Packit |
90a5c9 |
retained_data->is_ungraceful = 0;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return APR_SUCCESS;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static void ap_terminate(void)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
ap_main_state = AP_SQ_MS_EXITING;
|
|
Packit |
90a5c9 |
apr_pool_destroy(ap_pglobal);
|
|
Packit |
90a5c9 |
apr_terminate();
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
AP_DECLARE(void) ap_unixd_mpm_set_signals(apr_pool_t *pconf, int one_process)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
#ifndef NO_USE_SIGACTION
|
|
Packit |
90a5c9 |
struct sigaction sa;
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (!one_process) {
|
|
Packit |
90a5c9 |
ap_fatal_signal_setup(ap_server_conf, pconf);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
else if (!ap_retained_data_get("ap_unixd_mpm_one_process_cleanup")) {
|
|
Packit |
90a5c9 |
/* In one process mode (debug), httpd will exit immediately when asked
|
|
Packit |
90a5c9 |
* to (SIGTERM/SIGINT) and never restart. We still want the cleanups to
|
|
Packit |
90a5c9 |
* run though (such that e.g. temporary files/IPCs don't leak on the
|
|
Packit |
90a5c9 |
* system), so the first time around we use atexit() to cleanup after
|
|
Packit |
90a5c9 |
* ourselves.
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
ap_retained_data_create("ap_unixd_mpm_one_process_cleanup", 1);
|
|
Packit |
90a5c9 |
atexit(ap_terminate);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* Signals' handlers depend on retained data */
|
|
Packit |
90a5c9 |
(void)ap_unixd_mpm_get_retained_data();
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#ifndef NO_USE_SIGACTION
|
|
Packit |
90a5c9 |
memset(&sa, 0, sizeof sa);
|
|
Packit |
90a5c9 |
sigemptyset(&sa.sa_mask);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#ifdef SIGPIPE
|
|
Packit |
90a5c9 |
sa.sa_handler = SIG_IGN;
|
|
Packit |
90a5c9 |
if (sigaction(SIGPIPE, &sa, NULL) < 0)
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, APLOGNO(00269)
|
|
Packit |
90a5c9 |
"sigaction(SIGPIPE)");
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef SIGXCPU
|
|
Packit |
90a5c9 |
sa.sa_handler = SIG_DFL;
|
|
Packit |
90a5c9 |
if (sigaction(SIGXCPU, &sa, NULL) < 0)
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, APLOGNO(00267)
|
|
Packit |
90a5c9 |
"sigaction(SIGXCPU)");
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef SIGXFSZ
|
|
Packit |
90a5c9 |
/* For systems following the LFS standard, ignoring SIGXFSZ allows
|
|
Packit |
90a5c9 |
* a write() beyond the 2GB limit to fail gracefully with E2BIG
|
|
Packit |
90a5c9 |
* rather than terminate the process. */
|
|
Packit |
90a5c9 |
sa.sa_handler = SIG_IGN;
|
|
Packit |
90a5c9 |
if (sigaction(SIGXFSZ, &sa, NULL) < 0)
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, APLOGNO(00268)
|
|
Packit |
90a5c9 |
"sigaction(SIGXFSZ)");
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
sa.sa_handler = sig_term;
|
|
Packit |
90a5c9 |
if (sigaction(SIGTERM, &sa, NULL) < 0)
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, APLOGNO(00264)
|
|
Packit |
90a5c9 |
"sigaction(SIGTERM)");
|
|
Packit |
90a5c9 |
#ifdef SIGINT
|
|
Packit |
90a5c9 |
if (sigaction(SIGINT, &sa, NULL) < 0)
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, APLOGNO(00266)
|
|
Packit |
90a5c9 |
"sigaction(SIGINT)");
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
#ifdef AP_SIG_GRACEFUL_STOP
|
|
Packit |
90a5c9 |
if (sigaction(AP_SIG_GRACEFUL_STOP, &sa, NULL) < 0)
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, APLOGNO(00265)
|
|
Packit |
90a5c9 |
"sigaction(" AP_SIG_GRACEFUL_STOP_STRING ")");
|
|
Packit |
90a5c9 |
#endif
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* Don't catch restart signals in ONE_PROCESS mode :) */
|
|
Packit |
90a5c9 |
if (!one_process) {
|
|
Packit |
90a5c9 |
sa.sa_handler = sig_restart;
|
|
Packit |
90a5c9 |
if (sigaction(SIGHUP, &sa, NULL) < 0)
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, APLOGNO(00270)
|
|
Packit |
90a5c9 |
"sigaction(SIGHUP)");
|
|
Packit |
90a5c9 |
if (sigaction(AP_SIG_GRACEFUL, &sa, NULL) < 0)
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_WARNING, errno, ap_server_conf, APLOGNO(00271)
|
|
Packit |
90a5c9 |
"sigaction(" AP_SIG_GRACEFUL_STRING ")");
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#else /* NO_USE_SIGACTION */
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#ifdef SIGPIPE
|
|
Packit |
90a5c9 |
apr_signal(SIGPIPE, SIG_IGN);
|
|
Packit |
90a5c9 |
#endif /* SIGPIPE */
|
|
Packit |
90a5c9 |
#ifdef SIGXCPU
|
|
Packit |
90a5c9 |
apr_signal(SIGXCPU, SIG_DFL);
|
|
Packit |
90a5c9 |
#endif /* SIGXCPU */
|
|
Packit |
90a5c9 |
#ifdef SIGXFSZ
|
|
Packit |
90a5c9 |
apr_signal(SIGXFSZ, SIG_IGN);
|
|
Packit |
90a5c9 |
#endif /* SIGXFSZ */
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
apr_signal(SIGTERM, sig_term);
|
|
Packit |
90a5c9 |
#ifdef AP_SIG_GRACEFUL_STOP
|
|
Packit |
90a5c9 |
apr_signal(AP_SIG_GRACEFUL_STOP, sig_term);
|
|
Packit |
90a5c9 |
#endif /* AP_SIG_GRACEFUL_STOP */
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (!one_process) {
|
|
Packit |
90a5c9 |
/* Don't restart in ONE_PROCESS mode :) */
|
|
Packit |
90a5c9 |
#ifdef SIGHUP
|
|
Packit |
90a5c9 |
apr_signal(SIGHUP, sig_restart);
|
|
Packit |
90a5c9 |
#endif /* SIGHUP */
|
|
Packit |
90a5c9 |
#ifdef AP_SIG_GRACEFUL
|
|
Packit |
90a5c9 |
apr_signal(AP_SIG_GRACEFUL, sig_restart);
|
|
Packit |
90a5c9 |
#endif /* AP_SIG_GRACEFUL */
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#endif /* NO_USE_SIGACTION */
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
apr_pool_cleanup_register(pconf, NULL, unset_signals,
|
|
Packit |
90a5c9 |
apr_pool_cleanup_null);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#ifdef _OSD_POSIX
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#include "apr_lib.h"
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#define USER_LEN 8
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
typedef enum
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
bs2_unknown, /* not initialized yet. */
|
|
Packit |
90a5c9 |
bs2_noFORK, /* no fork() because -X flag was specified */
|
|
Packit |
90a5c9 |
bs2_FORK, /* only fork() because uid != 0 */
|
|
Packit |
90a5c9 |
bs2_UFORK /* Normally, ufork() is used to switch identities. */
|
|
Packit |
90a5c9 |
} bs2_ForkType;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
static bs2_ForkType forktype = bs2_unknown;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* Determine the method for forking off a child in such a way as to
|
|
Packit |
90a5c9 |
* set both the POSIX and BS2000 user id's to the unprivileged user.
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
static bs2_ForkType os_forktype(int one_process)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
/* have we checked the OS version before? If yes return the previous
|
|
Packit |
90a5c9 |
* result - the OS release isn't going to change suddenly!
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
if (forktype == bs2_unknown) {
|
|
Packit |
90a5c9 |
/* not initialized yet */
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* No fork if the one_process option was set */
|
|
Packit |
90a5c9 |
if (one_process) {
|
|
Packit |
90a5c9 |
forktype = bs2_noFORK;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
/* If the user is unprivileged, use the normal fork() only. */
|
|
Packit |
90a5c9 |
else if (getuid() != 0) {
|
|
Packit |
90a5c9 |
forktype = bs2_FORK;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
else
|
|
Packit |
90a5c9 |
forktype = bs2_UFORK;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
return forktype;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* This routine complements the setuid() call: it causes the BS2000 job
|
|
Packit |
90a5c9 |
* environment to be switched to the target user's user id.
|
|
Packit |
90a5c9 |
* That is important if CGI scripts try to execute native BS2000 commands.
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
int os_init_job_environment(server_rec *server, const char *user_name, int one_process)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
bs2_ForkType type = os_forktype(one_process);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* We can be sure that no change to uid==0 is possible because of
|
|
Packit |
90a5c9 |
* the checks in http_core.c:set_user()
|
|
Packit |
90a5c9 |
*/
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
if (one_process) {
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
type = forktype = bs2_noFORK;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_ERR, 0, server, APLOGNO(02180)
|
|
Packit |
90a5c9 |
"The debug mode of Apache should only "
|
|
Packit |
90a5c9 |
"be started by an unprivileged user!");
|
|
Packit |
90a5c9 |
return 0;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return 0;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* BS2000 requires a "special" version of fork() before a setuid() call */
|
|
Packit |
90a5c9 |
pid_t os_fork(const char *user)
|
|
Packit |
90a5c9 |
{
|
|
Packit |
90a5c9 |
pid_t pid;
|
|
Packit |
90a5c9 |
char username[USER_LEN+1];
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
switch (os_forktype(0)) {
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
case bs2_FORK:
|
|
Packit |
90a5c9 |
pid = fork();
|
|
Packit |
90a5c9 |
break;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
case bs2_UFORK:
|
|
Packit |
90a5c9 |
apr_cpystrn(username, user, sizeof username);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
/* Make user name all upper case - for some versions of ufork() */
|
|
Packit |
90a5c9 |
ap_str_toupper(username);
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
pid = ufork(username);
|
|
Packit |
90a5c9 |
if (pid == -1 && errno == EPERM) {
|
|
Packit |
90a5c9 |
ap_log_error(APLOG_MARK, APLOG_EMERG, errno, ap_server_conf,
|
|
Packit |
90a5c9 |
APLOGNO(02181) "ufork: Possible mis-configuration "
|
|
Packit |
90a5c9 |
"for user %s - Aborting.", user);
|
|
Packit |
90a5c9 |
exit(1);
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
break;
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
default:
|
|
Packit |
90a5c9 |
pid = 0;
|
|
Packit |
90a5c9 |
break;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
return pid;
|
|
Packit |
90a5c9 |
}
|
|
Packit |
90a5c9 |
|
|
Packit |
90a5c9 |
#endif /* _OSD_POSIX */
|
|
Packit |
90a5c9 |
|