2007-07-19 16:22:40 +00:00
|
|
|
/*
|
|
|
|
|
* utils.c: common, generic utility functions
|
|
|
|
|
*
|
2010-01-15 09:31:23 +00:00
|
|
|
* Copyright (C) 2006-2010 Red Hat, Inc.
|
2007-07-19 16:22:40 +00:00
|
|
|
* Copyright (C) 2006 Daniel P. Berrange
|
|
|
|
|
* Copyright (C) 2006, 2007 Binary Karma
|
|
|
|
|
* Copyright (C) 2006 Shuveb Hussain
|
|
|
|
|
*
|
|
|
|
|
* This library is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This library is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
* License along with this library; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
|
|
|
*
|
|
|
|
|
* Author: Daniel P. Berrange <berrange@redhat.com>
|
|
|
|
|
* File created Jul 18, 2007 - Shuveb Hussain <shuveb@binarykarma.com>
|
|
|
|
|
*/
|
|
|
|
|
|
2008-01-29 18:15:54 +00:00
|
|
|
#include <config.h>
|
2007-12-03 16:19:41 +00:00
|
|
|
|
2007-07-19 16:22:40 +00:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdarg.h>
|
2010-01-15 09:31:23 +00:00
|
|
|
#include <stdlib.h>
|
2007-07-19 16:22:40 +00:00
|
|
|
#include <unistd.h>
|
|
|
|
|
#include <fcntl.h>
|
|
|
|
|
#include <errno.h>
|
2008-11-05 18:57:42 +00:00
|
|
|
#include <poll.h>
|
2009-01-22 20:27:01 +00:00
|
|
|
#include <time.h>
|
2007-12-03 14:30:46 +00:00
|
|
|
#include <sys/types.h>
|
|
|
|
|
#include <sys/stat.h>
|
2009-01-20 16:36:34 +00:00
|
|
|
#include <sys/ioctl.h>
|
2008-04-18 08:33:23 +00:00
|
|
|
#if HAVE_SYS_WAIT_H
|
2010-03-09 18:22:22 +00:00
|
|
|
# include <sys/wait.h>
|
2008-04-18 08:33:23 +00:00
|
|
|
#endif
|
2009-03-20 12:17:56 +00:00
|
|
|
#if HAVE_MMAP
|
2010-03-09 18:22:22 +00:00
|
|
|
# include <sys/mman.h>
|
2009-03-20 12:17:56 +00:00
|
|
|
#endif
|
2007-12-03 16:19:41 +00:00
|
|
|
#include <string.h>
|
2008-08-20 08:53:49 +00:00
|
|
|
#include <signal.h>
|
2008-08-13 10:52:15 +00:00
|
|
|
#if HAVE_TERMIOS_H
|
2010-03-09 18:22:22 +00:00
|
|
|
# include <termios.h>
|
2008-08-13 10:52:15 +00:00
|
|
|
#endif
|
start using c-ctype functions
Up to now, we've been avoiding ctype functions like isspace, isdigit,
etc. because they are locale-dependent. Now that we have the c-ctype
functions, we can start using *them*, to make the code more readable
with changes like these:
- /* This may not work on EBCDIC. */
- if ((*p >= 'a' && *p <= 'z') ||
- (*p >= 'A' && *p <= 'Z') ||
- (*p >= '0' && *p <= '9'))
+ if (c_isalnum(*p))
- while ((*cur >= '0') && (*cur <= '9')) {
+ while (c_isdigit(*cur)) {
Also, some macros in conf.c used names that conflicted with
standard meaning of "BLANK" and "SPACE", so I've adjusted them
to be in line with the definition of e.g., isblank.
In addition, I've wrapped those statement macros with do {...} while (0),
so that we can't forget the ";" after a use. There was one like that
already (fixed below). The missing semicolon would mess up automatic
indenting.
* src/buf.c (virBufferURIEncodeString):
* src/conf.c (IS_EOL, SKIP_BLANKS_AND_EOL, SKIP_BLANKS)
(virConfParseLong, virConfParseValue, virConfParseName)
(virConfParseSeparator, virConfParseStatement, IS_BLANK, IS_CHAR)
(IS_DIGIT, IS_SPACE, SKIP_SPACES):
* src/nodeinfo.c:
* src/qemu_conf.c (qemudParseInterfaceXML):
* src/qemu_driver.c (qemudDomainBlockStats):
* src/sexpr.c:
* src/stats_linux.c:
* src/util.c (virParseNumber, virDiskNameToIndex):
* src/uuid.c (hextobin, virUUIDParse):
* src/virsh.c:
* src/xml.c (parseCpuNumber, virParseCpuSet):
2008-05-16 09:37:44 +00:00
|
|
|
#include "c-ctype.h"
|
2007-12-03 16:19:41 +00:00
|
|
|
|
2007-12-07 14:45:39 +00:00
|
|
|
#ifdef HAVE_PATHS_H
|
2010-03-09 18:22:22 +00:00
|
|
|
# include <paths.h>
|
2007-12-07 14:45:39 +00:00
|
|
|
#endif
|
2009-01-07 10:43:16 +00:00
|
|
|
#include <netdb.h>
|
2009-01-22 19:41:48 +00:00
|
|
|
#ifdef HAVE_GETPWUID_R
|
2010-03-09 18:22:22 +00:00
|
|
|
# include <pwd.h>
|
|
|
|
|
# include <grp.h>
|
2009-01-22 19:41:48 +00:00
|
|
|
#endif
|
2009-06-29 17:00:52 +00:00
|
|
|
#if HAVE_CAPNG
|
2010-03-09 18:22:22 +00:00
|
|
|
# include <cap-ng.h>
|
2009-06-29 17:00:52 +00:00
|
|
|
#endif
|
2010-04-23 09:34:17 +00:00
|
|
|
#if defined HAVE_MNTENT_H && defined HAVE_GETMNTENT_R
|
2010-03-09 18:22:22 +00:00
|
|
|
# include <mntent.h>
|
Support configuration of huge pages in guests
Add option to domain XML for
<memoryBacking>
<hugepages/>
</memoryBacking>
* configure.in: Add check for mntent.h
* qemud/libvirtd_qemu.aug, qemud/test_libvirtd_qemu.aug, src/qemu.conf
Add 'hugetlbfs_mount' config parameter
* src/qemu_conf.c, src/qemu_conf.h: Check for -mem-path flag in QEMU,
and pass it when hugepages are requested.
Load hugetlbfs_mount config parameter, search for mount if not given.
* src/qemu_driver.c: Free hugetlbfs_mount/path parameter in driver shutdown.
Create directory for QEMU hugepage usage, chowning if required.
* docs/formatdomain.html.in: Document memoryBacking/hugepages elements
* docs/schemas/domain.rng: Add memoryBacking/hugepages elements to schema
* src/util.c, src/util.h, src/libvirt_private.syms: Add virFileFindMountPoint
helper API
* tests/qemuhelptest.c: Add -mem-path constants
* tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c: Add tests for hugepage
handling
* tests/qemuxml2argvdata/qemuxml2argv-hugepages.xml,
tests/qemuxml2argvdata/qemuxml2argv-hugepages.args: Data files for
hugepage tests
2009-08-25 14:05:18 +00:00
|
|
|
#endif
|
2007-12-07 14:45:39 +00:00
|
|
|
|
2009-12-15 07:27:53 +00:00
|
|
|
#include "areadlink.h"
|
2008-11-04 22:30:33 +00:00
|
|
|
#include "virterror_internal.h"
|
2008-11-06 16:36:07 +00:00
|
|
|
#include "logging.h"
|
2007-07-19 16:22:40 +00:00
|
|
|
#include "event.h"
|
2010-02-19 17:40:14 +00:00
|
|
|
#include "ignore-value.h"
|
2007-07-19 16:22:40 +00:00
|
|
|
#include "buf.h"
|
2007-07-19 19:23:30 +00:00
|
|
|
#include "util.h"
|
2008-05-29 19:20:22 +00:00
|
|
|
#include "memory.h"
|
2009-01-22 20:27:01 +00:00
|
|
|
#include "threads.h"
|
2010-04-29 03:36:03 +00:00
|
|
|
#include "verify.h"
|
Move safewrite and saferead to a separate file.
We currently use safewrite from inside libvirt and don't want to publish
any such function name. However, we do want to use it in applications
like virsh, libvirtd and libvirt_proxy that link with libvirt. To that
end, this change moves that function definition (along with the nearly
identical saferead) into a new file, util-lib.c. To avoid maintaining
separate copies of even such small functions, we simply include that new
file from util.c. Then, the separate applications that need to use
safewrite simply compile and link with util-lib.c.
Of course, this does mean that each of those applications will
containing two copies of these functions. However, the functions
are so small that it's not worth worrying about that.
* src/util.c (saferead, safewrite): Move function definitions to
util-lib.c and include that .c file.
* src/util-lib.c (saferead, safewrite): New file. Functions from src/util.c
with slight change (s/int r =/ssize_t r =/) to reflect read/write return type.
* src/util-lib.h: Declare the two moved functions.
* src/util.h: Remove declarations. Include src/util-lib.h.
* proxy/Makefile.am (libvirt_proxy_SOURCES): Add src/util-lib.c.
* qemud/Makefile.am (libvirtd_SOURCES): Likewise.
* src/Makefile.am (virsh_SOURCES): Add util-lib.c. Remove some SP-before-TAB.
2008-02-22 15:53:13 +00:00
|
|
|
|
2008-08-20 08:53:49 +00:00
|
|
|
#ifndef NSIG
|
|
|
|
|
# define NSIG 32
|
|
|
|
|
#endif
|
|
|
|
|
|
2010-04-29 03:36:03 +00:00
|
|
|
verify(sizeof(gid_t) <= sizeof (unsigned int) &&
|
|
|
|
|
sizeof(uid_t) <= sizeof (unsigned int));
|
|
|
|
|
|
2009-01-20 17:13:33 +00:00
|
|
|
#define VIR_FROM_THIS VIR_FROM_NONE
|
2007-07-19 16:22:40 +00:00
|
|
|
|
2010-03-01 23:38:28 +00:00
|
|
|
#define virUtilError(code, ...) \
|
2010-02-04 22:41:52 +00:00
|
|
|
virReportErrorHelper(NULL, VIR_FROM_NONE, code, __FILE__, \
|
2010-03-01 23:38:28 +00:00
|
|
|
__FUNCTION__, __LINE__, __VA_ARGS__)
|
2007-07-19 16:22:40 +00:00
|
|
|
|
2008-11-17 11:03:25 +00:00
|
|
|
/* Like read(), but restarts after EINTR */
|
|
|
|
|
int saferead(int fd, void *buf, size_t count)
|
|
|
|
|
{
|
|
|
|
|
size_t nread = 0;
|
|
|
|
|
while (count > 0) {
|
|
|
|
|
ssize_t r = read(fd, buf, count);
|
|
|
|
|
if (r < 0 && errno == EINTR)
|
|
|
|
|
continue;
|
|
|
|
|
if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
if (r == 0)
|
|
|
|
|
return nread;
|
|
|
|
|
buf = (char *)buf + r;
|
|
|
|
|
count -= r;
|
|
|
|
|
nread += r;
|
|
|
|
|
}
|
|
|
|
|
return nread;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Like write(), but restarts after EINTR */
|
|
|
|
|
ssize_t safewrite(int fd, const void *buf, size_t count)
|
|
|
|
|
{
|
|
|
|
|
size_t nwritten = 0;
|
|
|
|
|
while (count > 0) {
|
|
|
|
|
ssize_t r = write(fd, buf, count);
|
|
|
|
|
|
|
|
|
|
if (r < 0 && errno == EINTR)
|
|
|
|
|
continue;
|
|
|
|
|
if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
if (r == 0)
|
|
|
|
|
return nwritten;
|
|
|
|
|
buf = (const char *)buf + r;
|
|
|
|
|
count -= r;
|
|
|
|
|
nwritten += r;
|
|
|
|
|
}
|
|
|
|
|
return nwritten;
|
|
|
|
|
}
|
|
|
|
|
|
2009-03-20 12:17:56 +00:00
|
|
|
#ifdef HAVE_POSIX_FALLOCATE
|
2009-03-20 20:46:07 +00:00
|
|
|
int safezero(int fd, int flags ATTRIBUTE_UNUSED, off_t offset, off_t len)
|
2009-03-20 12:17:56 +00:00
|
|
|
{
|
|
|
|
|
return posix_fallocate(fd, offset, len);
|
|
|
|
|
}
|
|
|
|
|
#else
|
|
|
|
|
|
2010-03-09 18:22:22 +00:00
|
|
|
# ifdef HAVE_MMAP
|
2009-03-20 20:46:07 +00:00
|
|
|
int safezero(int fd, int flags ATTRIBUTE_UNUSED, off_t offset, off_t len)
|
2009-03-20 12:17:56 +00:00
|
|
|
{
|
|
|
|
|
int r;
|
|
|
|
|
char *buf;
|
|
|
|
|
|
|
|
|
|
/* memset wants the mmap'ed file to be present on disk so create a
|
|
|
|
|
* sparse file
|
|
|
|
|
*/
|
2009-04-02 18:42:33 +00:00
|
|
|
r = ftruncate(fd, offset + len);
|
2009-03-20 12:17:56 +00:00
|
|
|
if (r < 0)
|
2010-03-02 15:11:24 +00:00
|
|
|
return -1;
|
2009-03-20 12:17:56 +00:00
|
|
|
|
|
|
|
|
buf = mmap(NULL, len, PROT_READ | PROT_WRITE, MAP_SHARED, fd, offset);
|
|
|
|
|
if (buf == MAP_FAILED)
|
2010-03-02 15:11:24 +00:00
|
|
|
return -1;
|
2009-03-20 12:17:56 +00:00
|
|
|
|
|
|
|
|
memset(buf, 0, len);
|
|
|
|
|
munmap(buf, len);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-09 18:22:22 +00:00
|
|
|
# else /* HAVE_MMAP */
|
2009-03-20 12:17:56 +00:00
|
|
|
|
2009-03-20 20:46:07 +00:00
|
|
|
int safezero(int fd, int flags ATTRIBUTE_UNUSED, off_t offset, off_t len)
|
2009-03-20 12:17:56 +00:00
|
|
|
{
|
|
|
|
|
int r;
|
|
|
|
|
char *buf;
|
|
|
|
|
unsigned long long remain, bytes;
|
|
|
|
|
|
2009-04-02 18:42:33 +00:00
|
|
|
if (lseek(fd, offset, SEEK_SET) < 0)
|
2010-03-02 15:11:24 +00:00
|
|
|
return -1;
|
2009-04-02 18:42:33 +00:00
|
|
|
|
2009-03-20 12:17:56 +00:00
|
|
|
/* Split up the write in small chunks so as not to allocate lots of RAM */
|
|
|
|
|
remain = len;
|
|
|
|
|
bytes = 1024 * 1024;
|
|
|
|
|
|
|
|
|
|
r = VIR_ALLOC_N(buf, bytes);
|
2010-03-02 15:11:24 +00:00
|
|
|
if (r < 0) {
|
|
|
|
|
errno = ENOMEM;
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2009-03-20 12:17:56 +00:00
|
|
|
|
|
|
|
|
while (remain) {
|
|
|
|
|
if (bytes > remain)
|
|
|
|
|
bytes = remain;
|
|
|
|
|
|
2010-03-02 15:11:24 +00:00
|
|
|
r = safewrite(fd, buf, bytes);
|
2009-03-20 12:17:56 +00:00
|
|
|
if (r < 0) {
|
|
|
|
|
VIR_FREE(buf);
|
2010-03-02 15:11:24 +00:00
|
|
|
return -1;
|
2009-03-20 12:17:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* safewrite() guarantees all data will be written */
|
|
|
|
|
remain -= bytes;
|
|
|
|
|
}
|
|
|
|
|
VIR_FREE(buf);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2010-03-09 18:22:22 +00:00
|
|
|
# endif /* HAVE_MMAP */
|
2009-03-20 12:17:56 +00:00
|
|
|
#endif /* HAVE_POSIX_FALLOCATE */
|
|
|
|
|
|
2008-11-17 11:03:25 +00:00
|
|
|
#ifndef PROXY
|
|
|
|
|
|
2008-08-20 19:42:36 +00:00
|
|
|
int virFileStripSuffix(char *str,
|
|
|
|
|
const char *suffix)
|
|
|
|
|
{
|
|
|
|
|
int len = strlen(str);
|
|
|
|
|
int suffixlen = strlen(suffix);
|
|
|
|
|
|
|
|
|
|
if (len < suffixlen)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
if (!STREQ(str + len - suffixlen, suffix))
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
str[len-suffixlen] = '\0';
|
|
|
|
|
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
2008-11-05 18:22:10 +00:00
|
|
|
char *
|
|
|
|
|
virArgvToString(const char *const *argv)
|
|
|
|
|
{
|
|
|
|
|
int len, i;
|
|
|
|
|
char *ret, *p;
|
|
|
|
|
|
|
|
|
|
for (len = 1, i = 0; argv[i]; i++)
|
|
|
|
|
len += strlen(argv[i]) + 1;
|
|
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(ret, len) < 0)
|
|
|
|
|
return NULL;
|
|
|
|
|
p = ret;
|
|
|
|
|
|
|
|
|
|
for (i = 0; argv[i]; i++) {
|
|
|
|
|
if (i != 0)
|
|
|
|
|
*(p++) = ' ';
|
|
|
|
|
|
|
|
|
|
strcpy(p, argv[i]);
|
|
|
|
|
p += strlen(argv[i]);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*p = '\0';
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-20 16:36:34 +00:00
|
|
|
int virSetNonBlock(int fd) {
|
2010-03-09 18:22:22 +00:00
|
|
|
# ifndef WIN32
|
2007-07-19 16:22:40 +00:00
|
|
|
int flags;
|
2009-01-20 16:36:34 +00:00
|
|
|
if ((flags = fcntl(fd, F_GETFL)) < 0)
|
2007-07-19 16:22:40 +00:00
|
|
|
return -1;
|
2009-01-20 16:36:34 +00:00
|
|
|
flags |= O_NONBLOCK;
|
|
|
|
|
if ((fcntl(fd, F_SETFL, flags)) < 0)
|
|
|
|
|
return -1;
|
2010-03-09 18:22:22 +00:00
|
|
|
# else
|
2009-01-20 16:36:34 +00:00
|
|
|
unsigned long flag = 1;
|
|
|
|
|
|
|
|
|
|
/* This is actually Gnulib's replacement rpl_ioctl function.
|
|
|
|
|
* We can't call ioctlsocket directly in any case.
|
|
|
|
|
*/
|
|
|
|
|
if (ioctl (fd, FIONBIO, (void *) &flag) == -1)
|
2007-07-19 16:22:40 +00:00
|
|
|
return -1;
|
2010-03-09 18:22:22 +00:00
|
|
|
# endif
|
2007-07-19 16:22:40 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-20 16:36:34 +00:00
|
|
|
|
2010-03-09 18:22:22 +00:00
|
|
|
# ifndef WIN32
|
2009-01-20 16:36:34 +00:00
|
|
|
|
2009-02-05 16:27:17 +00:00
|
|
|
int virSetCloseExec(int fd) {
|
2007-07-19 16:22:40 +00:00
|
|
|
int flags;
|
2009-01-20 16:36:34 +00:00
|
|
|
if ((flags = fcntl(fd, F_GETFD)) < 0)
|
2007-07-19 16:22:40 +00:00
|
|
|
return -1;
|
2009-01-20 16:36:34 +00:00
|
|
|
flags |= FD_CLOEXEC;
|
|
|
|
|
if ((fcntl(fd, F_SETFD, flags)) < 0)
|
2007-07-19 16:22:40 +00:00
|
|
|
return -1;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2009-06-29 17:00:52 +00:00
|
|
|
|
2010-03-09 18:22:22 +00:00
|
|
|
# if HAVE_CAPNG
|
2009-06-29 17:00:52 +00:00
|
|
|
static int virClearCapabilities(void)
|
|
|
|
|
{
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
capng_clear(CAPNG_SELECT_BOTH);
|
|
|
|
|
|
|
|
|
|
if ((ret = capng_apply(CAPNG_SELECT_BOTH)) < 0) {
|
|
|
|
|
VIR_ERROR("cannot clear process capabilities %d", ret);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2010-03-09 18:22:22 +00:00
|
|
|
# else
|
2009-06-29 17:00:52 +00:00
|
|
|
static int virClearCapabilities(void)
|
|
|
|
|
{
|
|
|
|
|
// VIR_WARN0("libcap-ng support not compiled in, unable to clear capabilities");
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2010-03-09 18:22:22 +00:00
|
|
|
# endif
|
2009-06-29 17:00:52 +00:00
|
|
|
|
Add virFork() function to utils
virFork() contains bookkeeping that must be done any time a process
forks. Currently this includes:
1) Call virLogLock() prior to fork() and virLogUnlock() just after,
to avoid a deadlock if some other thread happens to hold that lock
during the fork.
2) Reset the logging hooks and send all child process log messages to
stderr.
3) Block all signals prior to fork(), then either a) reset the signal
mask for the parent process, or b) clear the signal mask for the
child process.
Note that the signal mask handling in __virExec erroneously fails to
restore the signal mask when fork() fails. virFork() fixes this
problem.
Other than this, it attempts to behave as closely to fork() as
possible (including preserving errno for the caller), with a couple
exceptions:
1) The return value is 0 (success) or -1 (failure), while the pid is
returned via the pid_t* argument. Like fork(), if pid < 0 there is
no child process, otherwise both the child and the parent will
return to the caller, and both should look at the return value,
which will indicate if some of the extra processing outlined above
encountered an error.
2) If virFork() returns with pid < 0 or with a return value < 0
indicating an error condition, the error has already been
reported. You can log an additional message if you like, but it
isn't necessary, and may be awkwardly extraneous.
Note that virFork()'s child process will *never* call _exit() - if a
child process is created, it will return to the caller.
* util.c util.h: add virFork() function, based on what is currently
done in __virExec().
2010-02-18 21:13:48 +00:00
|
|
|
|
|
|
|
|
/* virFork() - fork a new process while avoiding various race/deadlock conditions
|
|
|
|
|
|
|
|
|
|
@pid - a pointer to a pid_t that will receive the return value from
|
|
|
|
|
fork()
|
|
|
|
|
|
|
|
|
|
on return from virFork(), if *pid < 0, the fork failed and there is
|
|
|
|
|
no new process. Otherwise, just like fork(), if *pid == 0, it is the
|
|
|
|
|
child process returning, and if *pid > 0, it is the parent.
|
|
|
|
|
|
|
|
|
|
Even if *pid >= 0, if the return value from virFork() is < 0, it
|
|
|
|
|
indicates a failure that occurred in the parent or child process
|
|
|
|
|
after the fork. In this case, the child process should call
|
|
|
|
|
_exit(1) after doing any additional error reporting.
|
|
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
int virFork(pid_t *pid) {
|
2010-03-19 20:09:30 +00:00
|
|
|
# ifdef HAVE_PTHREAD_H
|
Add virFork() function to utils
virFork() contains bookkeeping that must be done any time a process
forks. Currently this includes:
1) Call virLogLock() prior to fork() and virLogUnlock() just after,
to avoid a deadlock if some other thread happens to hold that lock
during the fork.
2) Reset the logging hooks and send all child process log messages to
stderr.
3) Block all signals prior to fork(), then either a) reset the signal
mask for the parent process, or b) clear the signal mask for the
child process.
Note that the signal mask handling in __virExec erroneously fails to
restore the signal mask when fork() fails. virFork() fixes this
problem.
Other than this, it attempts to behave as closely to fork() as
possible (including preserving errno for the caller), with a couple
exceptions:
1) The return value is 0 (success) or -1 (failure), while the pid is
returned via the pid_t* argument. Like fork(), if pid < 0 there is
no child process, otherwise both the child and the parent will
return to the caller, and both should look at the return value,
which will indicate if some of the extra processing outlined above
encountered an error.
2) If virFork() returns with pid < 0 or with a return value < 0
indicating an error condition, the error has already been
reported. You can log an additional message if you like, but it
isn't necessary, and may be awkwardly extraneous.
Note that virFork()'s child process will *never* call _exit() - if a
child process is created, it will return to the caller.
* util.c util.h: add virFork() function, based on what is currently
done in __virExec().
2010-02-18 21:13:48 +00:00
|
|
|
sigset_t oldmask, newmask;
|
2010-03-19 20:09:30 +00:00
|
|
|
# endif
|
Add virFork() function to utils
virFork() contains bookkeeping that must be done any time a process
forks. Currently this includes:
1) Call virLogLock() prior to fork() and virLogUnlock() just after,
to avoid a deadlock if some other thread happens to hold that lock
during the fork.
2) Reset the logging hooks and send all child process log messages to
stderr.
3) Block all signals prior to fork(), then either a) reset the signal
mask for the parent process, or b) clear the signal mask for the
child process.
Note that the signal mask handling in __virExec erroneously fails to
restore the signal mask when fork() fails. virFork() fixes this
problem.
Other than this, it attempts to behave as closely to fork() as
possible (including preserving errno for the caller), with a couple
exceptions:
1) The return value is 0 (success) or -1 (failure), while the pid is
returned via the pid_t* argument. Like fork(), if pid < 0 there is
no child process, otherwise both the child and the parent will
return to the caller, and both should look at the return value,
which will indicate if some of the extra processing outlined above
encountered an error.
2) If virFork() returns with pid < 0 or with a return value < 0
indicating an error condition, the error has already been
reported. You can log an additional message if you like, but it
isn't necessary, and may be awkwardly extraneous.
Note that virFork()'s child process will *never* call _exit() - if a
child process is created, it will return to the caller.
* util.c util.h: add virFork() function, based on what is currently
done in __virExec().
2010-02-18 21:13:48 +00:00
|
|
|
struct sigaction sig_action;
|
|
|
|
|
int saved_errno, ret = -1;
|
|
|
|
|
|
|
|
|
|
*pid = -1;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Need to block signals now, so that child process can safely
|
|
|
|
|
* kill off caller's signal handlers without a race.
|
|
|
|
|
*/
|
2010-03-19 20:09:30 +00:00
|
|
|
# ifdef HAVE_PTHREAD_H
|
Add virFork() function to utils
virFork() contains bookkeeping that must be done any time a process
forks. Currently this includes:
1) Call virLogLock() prior to fork() and virLogUnlock() just after,
to avoid a deadlock if some other thread happens to hold that lock
during the fork.
2) Reset the logging hooks and send all child process log messages to
stderr.
3) Block all signals prior to fork(), then either a) reset the signal
mask for the parent process, or b) clear the signal mask for the
child process.
Note that the signal mask handling in __virExec erroneously fails to
restore the signal mask when fork() fails. virFork() fixes this
problem.
Other than this, it attempts to behave as closely to fork() as
possible (including preserving errno for the caller), with a couple
exceptions:
1) The return value is 0 (success) or -1 (failure), while the pid is
returned via the pid_t* argument. Like fork(), if pid < 0 there is
no child process, otherwise both the child and the parent will
return to the caller, and both should look at the return value,
which will indicate if some of the extra processing outlined above
encountered an error.
2) If virFork() returns with pid < 0 or with a return value < 0
indicating an error condition, the error has already been
reported. You can log an additional message if you like, but it
isn't necessary, and may be awkwardly extraneous.
Note that virFork()'s child process will *never* call _exit() - if a
child process is created, it will return to the caller.
* util.c util.h: add virFork() function, based on what is currently
done in __virExec().
2010-02-18 21:13:48 +00:00
|
|
|
sigfillset(&newmask);
|
|
|
|
|
if (pthread_sigmask(SIG_SETMASK, &newmask, &oldmask) != 0) {
|
|
|
|
|
saved_errno = errno;
|
|
|
|
|
virReportSystemError(errno,
|
|
|
|
|
"%s", _("cannot block signals"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2010-03-19 20:09:30 +00:00
|
|
|
# endif
|
Add virFork() function to utils
virFork() contains bookkeeping that must be done any time a process
forks. Currently this includes:
1) Call virLogLock() prior to fork() and virLogUnlock() just after,
to avoid a deadlock if some other thread happens to hold that lock
during the fork.
2) Reset the logging hooks and send all child process log messages to
stderr.
3) Block all signals prior to fork(), then either a) reset the signal
mask for the parent process, or b) clear the signal mask for the
child process.
Note that the signal mask handling in __virExec erroneously fails to
restore the signal mask when fork() fails. virFork() fixes this
problem.
Other than this, it attempts to behave as closely to fork() as
possible (including preserving errno for the caller), with a couple
exceptions:
1) The return value is 0 (success) or -1 (failure), while the pid is
returned via the pid_t* argument. Like fork(), if pid < 0 there is
no child process, otherwise both the child and the parent will
return to the caller, and both should look at the return value,
which will indicate if some of the extra processing outlined above
encountered an error.
2) If virFork() returns with pid < 0 or with a return value < 0
indicating an error condition, the error has already been
reported. You can log an additional message if you like, but it
isn't necessary, and may be awkwardly extraneous.
Note that virFork()'s child process will *never* call _exit() - if a
child process is created, it will return to the caller.
* util.c util.h: add virFork() function, based on what is currently
done in __virExec().
2010-02-18 21:13:48 +00:00
|
|
|
|
|
|
|
|
/* Ensure we hold the logging lock, to protect child processes
|
|
|
|
|
* from deadlocking on another thread's inherited mutex state */
|
|
|
|
|
virLogLock();
|
|
|
|
|
|
|
|
|
|
*pid = fork();
|
|
|
|
|
saved_errno = errno; /* save for caller */
|
|
|
|
|
|
|
|
|
|
/* Unlock for both parent and child process */
|
|
|
|
|
virLogUnlock();
|
|
|
|
|
|
|
|
|
|
if (*pid < 0) {
|
2010-03-19 20:09:30 +00:00
|
|
|
# ifdef HAVE_PTHREAD_H
|
Add virFork() function to utils
virFork() contains bookkeeping that must be done any time a process
forks. Currently this includes:
1) Call virLogLock() prior to fork() and virLogUnlock() just after,
to avoid a deadlock if some other thread happens to hold that lock
during the fork.
2) Reset the logging hooks and send all child process log messages to
stderr.
3) Block all signals prior to fork(), then either a) reset the signal
mask for the parent process, or b) clear the signal mask for the
child process.
Note that the signal mask handling in __virExec erroneously fails to
restore the signal mask when fork() fails. virFork() fixes this
problem.
Other than this, it attempts to behave as closely to fork() as
possible (including preserving errno for the caller), with a couple
exceptions:
1) The return value is 0 (success) or -1 (failure), while the pid is
returned via the pid_t* argument. Like fork(), if pid < 0 there is
no child process, otherwise both the child and the parent will
return to the caller, and both should look at the return value,
which will indicate if some of the extra processing outlined above
encountered an error.
2) If virFork() returns with pid < 0 or with a return value < 0
indicating an error condition, the error has already been
reported. You can log an additional message if you like, but it
isn't necessary, and may be awkwardly extraneous.
Note that virFork()'s child process will *never* call _exit() - if a
child process is created, it will return to the caller.
* util.c util.h: add virFork() function, based on what is currently
done in __virExec().
2010-02-18 21:13:48 +00:00
|
|
|
/* attempt to restore signal mask, but ignore failure, to
|
|
|
|
|
avoid obscuring the fork failure */
|
2010-02-19 17:40:14 +00:00
|
|
|
ignore_value (pthread_sigmask(SIG_SETMASK, &oldmask, NULL));
|
2010-03-19 20:09:30 +00:00
|
|
|
# endif
|
Add virFork() function to utils
virFork() contains bookkeeping that must be done any time a process
forks. Currently this includes:
1) Call virLogLock() prior to fork() and virLogUnlock() just after,
to avoid a deadlock if some other thread happens to hold that lock
during the fork.
2) Reset the logging hooks and send all child process log messages to
stderr.
3) Block all signals prior to fork(), then either a) reset the signal
mask for the parent process, or b) clear the signal mask for the
child process.
Note that the signal mask handling in __virExec erroneously fails to
restore the signal mask when fork() fails. virFork() fixes this
problem.
Other than this, it attempts to behave as closely to fork() as
possible (including preserving errno for the caller), with a couple
exceptions:
1) The return value is 0 (success) or -1 (failure), while the pid is
returned via the pid_t* argument. Like fork(), if pid < 0 there is
no child process, otherwise both the child and the parent will
return to the caller, and both should look at the return value,
which will indicate if some of the extra processing outlined above
encountered an error.
2) If virFork() returns with pid < 0 or with a return value < 0
indicating an error condition, the error has already been
reported. You can log an additional message if you like, but it
isn't necessary, and may be awkwardly extraneous.
Note that virFork()'s child process will *never* call _exit() - if a
child process is created, it will return to the caller.
* util.c util.h: add virFork() function, based on what is currently
done in __virExec().
2010-02-18 21:13:48 +00:00
|
|
|
virReportSystemError(saved_errno,
|
|
|
|
|
"%s", _("cannot fork child process"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (*pid) {
|
|
|
|
|
|
|
|
|
|
/* parent process */
|
|
|
|
|
|
2010-03-19 20:09:30 +00:00
|
|
|
# ifdef HAVE_PTHREAD_H
|
Add virFork() function to utils
virFork() contains bookkeeping that must be done any time a process
forks. Currently this includes:
1) Call virLogLock() prior to fork() and virLogUnlock() just after,
to avoid a deadlock if some other thread happens to hold that lock
during the fork.
2) Reset the logging hooks and send all child process log messages to
stderr.
3) Block all signals prior to fork(), then either a) reset the signal
mask for the parent process, or b) clear the signal mask for the
child process.
Note that the signal mask handling in __virExec erroneously fails to
restore the signal mask when fork() fails. virFork() fixes this
problem.
Other than this, it attempts to behave as closely to fork() as
possible (including preserving errno for the caller), with a couple
exceptions:
1) The return value is 0 (success) or -1 (failure), while the pid is
returned via the pid_t* argument. Like fork(), if pid < 0 there is
no child process, otherwise both the child and the parent will
return to the caller, and both should look at the return value,
which will indicate if some of the extra processing outlined above
encountered an error.
2) If virFork() returns with pid < 0 or with a return value < 0
indicating an error condition, the error has already been
reported. You can log an additional message if you like, but it
isn't necessary, and may be awkwardly extraneous.
Note that virFork()'s child process will *never* call _exit() - if a
child process is created, it will return to the caller.
* util.c util.h: add virFork() function, based on what is currently
done in __virExec().
2010-02-18 21:13:48 +00:00
|
|
|
/* Restore our original signal mask now that the child is
|
|
|
|
|
safely running */
|
|
|
|
|
if (pthread_sigmask(SIG_SETMASK, &oldmask, NULL) != 0) {
|
|
|
|
|
saved_errno = errno; /* save for caller */
|
|
|
|
|
virReportSystemError(errno, "%s", _("cannot unblock signals"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2010-03-19 20:09:30 +00:00
|
|
|
# endif
|
Add virFork() function to utils
virFork() contains bookkeeping that must be done any time a process
forks. Currently this includes:
1) Call virLogLock() prior to fork() and virLogUnlock() just after,
to avoid a deadlock if some other thread happens to hold that lock
during the fork.
2) Reset the logging hooks and send all child process log messages to
stderr.
3) Block all signals prior to fork(), then either a) reset the signal
mask for the parent process, or b) clear the signal mask for the
child process.
Note that the signal mask handling in __virExec erroneously fails to
restore the signal mask when fork() fails. virFork() fixes this
problem.
Other than this, it attempts to behave as closely to fork() as
possible (including preserving errno for the caller), with a couple
exceptions:
1) The return value is 0 (success) or -1 (failure), while the pid is
returned via the pid_t* argument. Like fork(), if pid < 0 there is
no child process, otherwise both the child and the parent will
return to the caller, and both should look at the return value,
which will indicate if some of the extra processing outlined above
encountered an error.
2) If virFork() returns with pid < 0 or with a return value < 0
indicating an error condition, the error has already been
reported. You can log an additional message if you like, but it
isn't necessary, and may be awkwardly extraneous.
Note that virFork()'s child process will *never* call _exit() - if a
child process is created, it will return to the caller.
* util.c util.h: add virFork() function, based on what is currently
done in __virExec().
2010-02-18 21:13:48 +00:00
|
|
|
ret = 0;
|
|
|
|
|
|
|
|
|
|
} else {
|
|
|
|
|
|
|
|
|
|
/* child process */
|
|
|
|
|
|
|
|
|
|
int logprio;
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
/* Remove any error callback so errors in child now
|
|
|
|
|
get sent to stderr where they stand a fighting chance
|
|
|
|
|
of being seen / logged */
|
|
|
|
|
virSetErrorFunc(NULL, NULL);
|
|
|
|
|
|
|
|
|
|
/* Make sure any hook logging is sent to stderr, since child
|
|
|
|
|
* process may close the logfile FDs */
|
|
|
|
|
logprio = virLogGetDefaultPriority();
|
|
|
|
|
virLogReset();
|
|
|
|
|
virLogSetDefaultPriority(logprio);
|
|
|
|
|
|
|
|
|
|
/* Clear out all signal handlers from parent so nothing
|
|
|
|
|
unexpected can happen in our child once we unblock
|
|
|
|
|
signals */
|
|
|
|
|
sig_action.sa_handler = SIG_DFL;
|
|
|
|
|
sig_action.sa_flags = 0;
|
|
|
|
|
sigemptyset(&sig_action.sa_mask);
|
|
|
|
|
|
|
|
|
|
for (i = 1; i < NSIG; i++) {
|
|
|
|
|
/* Only possible errors are EFAULT or EINVAL
|
|
|
|
|
The former wont happen, the latter we
|
|
|
|
|
expect, so no need to check return value */
|
|
|
|
|
|
|
|
|
|
sigaction(i, &sig_action, NULL);
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-19 20:09:30 +00:00
|
|
|
# ifdef HAVE_PTHREAD_H
|
Add virFork() function to utils
virFork() contains bookkeeping that must be done any time a process
forks. Currently this includes:
1) Call virLogLock() prior to fork() and virLogUnlock() just after,
to avoid a deadlock if some other thread happens to hold that lock
during the fork.
2) Reset the logging hooks and send all child process log messages to
stderr.
3) Block all signals prior to fork(), then either a) reset the signal
mask for the parent process, or b) clear the signal mask for the
child process.
Note that the signal mask handling in __virExec erroneously fails to
restore the signal mask when fork() fails. virFork() fixes this
problem.
Other than this, it attempts to behave as closely to fork() as
possible (including preserving errno for the caller), with a couple
exceptions:
1) The return value is 0 (success) or -1 (failure), while the pid is
returned via the pid_t* argument. Like fork(), if pid < 0 there is
no child process, otherwise both the child and the parent will
return to the caller, and both should look at the return value,
which will indicate if some of the extra processing outlined above
encountered an error.
2) If virFork() returns with pid < 0 or with a return value < 0
indicating an error condition, the error has already been
reported. You can log an additional message if you like, but it
isn't necessary, and may be awkwardly extraneous.
Note that virFork()'s child process will *never* call _exit() - if a
child process is created, it will return to the caller.
* util.c util.h: add virFork() function, based on what is currently
done in __virExec().
2010-02-18 21:13:48 +00:00
|
|
|
/* Unmask all signals in child, since we've no idea
|
|
|
|
|
what the caller's done with their signal mask
|
|
|
|
|
and don't want to propagate that to children */
|
|
|
|
|
sigemptyset(&newmask);
|
|
|
|
|
if (pthread_sigmask(SIG_SETMASK, &newmask, NULL) != 0) {
|
|
|
|
|
saved_errno = errno; /* save for caller */
|
|
|
|
|
virReportSystemError(errno, "%s", _("cannot unblock signals"));
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
2010-03-19 20:09:30 +00:00
|
|
|
# endif
|
Add virFork() function to utils
virFork() contains bookkeeping that must be done any time a process
forks. Currently this includes:
1) Call virLogLock() prior to fork() and virLogUnlock() just after,
to avoid a deadlock if some other thread happens to hold that lock
during the fork.
2) Reset the logging hooks and send all child process log messages to
stderr.
3) Block all signals prior to fork(), then either a) reset the signal
mask for the parent process, or b) clear the signal mask for the
child process.
Note that the signal mask handling in __virExec erroneously fails to
restore the signal mask when fork() fails. virFork() fixes this
problem.
Other than this, it attempts to behave as closely to fork() as
possible (including preserving errno for the caller), with a couple
exceptions:
1) The return value is 0 (success) or -1 (failure), while the pid is
returned via the pid_t* argument. Like fork(), if pid < 0 there is
no child process, otherwise both the child and the parent will
return to the caller, and both should look at the return value,
which will indicate if some of the extra processing outlined above
encountered an error.
2) If virFork() returns with pid < 0 or with a return value < 0
indicating an error condition, the error has already been
reported. You can log an additional message if you like, but it
isn't necessary, and may be awkwardly extraneous.
Note that virFork()'s child process will *never* call _exit() - if a
child process is created, it will return to the caller.
* util.c util.h: add virFork() function, based on what is currently
done in __virExec().
2010-02-18 21:13:48 +00:00
|
|
|
ret = 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
if (ret < 0)
|
|
|
|
|
errno = saved_errno;
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2009-05-04 15:41:46 +00:00
|
|
|
/*
|
|
|
|
|
* @argv argv to exec
|
2009-09-22 09:42:06 +00:00
|
|
|
* @envp optional environment to use for exec
|
2009-05-04 15:41:46 +00:00
|
|
|
* @keepfd options fd_ret to keep open for child process
|
|
|
|
|
* @retpid optional pointer to store child process pid
|
|
|
|
|
* @infd optional file descriptor to use as child input, otherwise /dev/null
|
|
|
|
|
* @outfd optional pointer to communicate output fd behavior
|
|
|
|
|
* outfd == NULL : Use /dev/null
|
|
|
|
|
* *outfd == -1 : Use a new fd
|
|
|
|
|
* *outfd != -1 : Use *outfd
|
|
|
|
|
* @errfd optional pointer to communcate error fd behavior. See outfd
|
|
|
|
|
* @flags possible combination of the following:
|
|
|
|
|
* VIR_EXEC_NONE : Default function behavior
|
|
|
|
|
* VIR_EXEC_NONBLOCK : Set child process output fd's as non-blocking
|
|
|
|
|
* VIR_EXEC_DAEMON : Daemonize the child process (don't use directly,
|
|
|
|
|
* use virExecDaemonize wrapper)
|
|
|
|
|
* @hook optional virExecHook function to call prior to exec
|
|
|
|
|
* @data data to pass to the hook function
|
2009-05-11 13:50:38 +00:00
|
|
|
* @pidfile path to use as pidfile for daemonized process (needs DAEMON flag)
|
2009-05-04 15:41:46 +00:00
|
|
|
*/
|
2008-11-05 18:41:07 +00:00
|
|
|
static int
|
2010-02-04 22:41:52 +00:00
|
|
|
__virExec(const char *const*argv,
|
2008-11-05 18:41:07 +00:00
|
|
|
const char *const*envp,
|
|
|
|
|
const fd_set *keepfd,
|
2008-12-18 11:58:28 +00:00
|
|
|
pid_t *retpid,
|
2008-11-05 18:41:07 +00:00
|
|
|
int infd, int *outfd, int *errfd,
|
2009-02-26 16:27:51 +00:00
|
|
|
int flags,
|
|
|
|
|
virExecHook hook,
|
2009-05-11 13:50:38 +00:00
|
|
|
void *data,
|
|
|
|
|
char *pidfile)
|
2009-02-26 16:27:51 +00:00
|
|
|
{
|
2008-12-18 11:58:28 +00:00
|
|
|
pid_t pid;
|
|
|
|
|
int null, i, openmax;
|
2007-07-19 16:22:40 +00:00
|
|
|
int pipeout[2] = {-1,-1};
|
|
|
|
|
int pipeerr[2] = {-1,-1};
|
2008-08-20 09:08:17 +00:00
|
|
|
int childout = -1;
|
|
|
|
|
int childerr = -1;
|
2007-07-19 16:22:40 +00:00
|
|
|
|
2008-12-17 18:04:55 +00:00
|
|
|
if ((null = open("/dev/null", O_RDONLY)) < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-01-20 17:13:33 +00:00
|
|
|
_("cannot open %s"),
|
|
|
|
|
"/dev/null");
|
2007-07-19 16:22:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2008-08-20 09:08:17 +00:00
|
|
|
if (outfd != NULL) {
|
|
|
|
|
if (*outfd == -1) {
|
|
|
|
|
if (pipe(pipeout) < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-01-20 17:13:33 +00:00
|
|
|
"%s", _("cannot create pipe"));
|
2008-08-20 09:08:17 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2008-08-20 09:24:14 +00:00
|
|
|
if ((flags & VIR_EXEC_NONBLOCK) &&
|
2008-08-20 09:08:17 +00:00
|
|
|
virSetNonBlock(pipeout[0]) == -1) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-01-20 17:13:33 +00:00
|
|
|
"%s", _("Failed to set non-blocking file descriptor flag"));
|
2008-08-20 09:08:17 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virSetCloseExec(pipeout[0]) == -1) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-01-20 17:13:33 +00:00
|
|
|
"%s", _("Failed to set close-on-exec file descriptor flag"));
|
2008-08-20 09:08:17 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
childout = pipeout[1];
|
|
|
|
|
} else {
|
|
|
|
|
childout = *outfd;
|
2008-08-20 08:30:04 +00:00
|
|
|
}
|
2009-07-06 17:43:38 +00:00
|
|
|
} else {
|
|
|
|
|
childout = null;
|
2008-08-20 08:30:04 +00:00
|
|
|
}
|
2008-08-20 09:08:17 +00:00
|
|
|
|
|
|
|
|
if (errfd != NULL) {
|
|
|
|
|
if (*errfd == -1) {
|
|
|
|
|
if (pipe(pipeerr) < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-01-20 17:13:33 +00:00
|
|
|
"%s", _("Failed to create pipe"));
|
2008-08-20 09:08:17 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2008-08-20 09:24:14 +00:00
|
|
|
if ((flags & VIR_EXEC_NONBLOCK) &&
|
2008-08-20 09:08:17 +00:00
|
|
|
virSetNonBlock(pipeerr[0]) == -1) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-01-20 17:13:33 +00:00
|
|
|
"%s", _("Failed to set non-blocking file descriptor flag"));
|
2008-08-20 09:08:17 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (virSetCloseExec(pipeerr[0]) == -1) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-01-20 17:13:33 +00:00
|
|
|
"%s", _("Failed to set close-on-exec file descriptor flag"));
|
2008-08-20 09:08:17 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
childerr = pipeerr[1];
|
|
|
|
|
} else {
|
|
|
|
|
childerr = *errfd;
|
2008-08-20 08:30:04 +00:00
|
|
|
}
|
2009-07-06 17:43:38 +00:00
|
|
|
} else {
|
|
|
|
|
childerr = null;
|
2008-08-20 08:30:04 +00:00
|
|
|
}
|
|
|
|
|
|
2010-02-18 21:20:07 +00:00
|
|
|
int forkRet = virFork(&pid);
|
2010-02-03 16:12:57 +00:00
|
|
|
|
|
|
|
|
if (pid < 0) {
|
2007-07-19 16:22:40 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (pid) { /* parent */
|
|
|
|
|
close(null);
|
2008-08-20 09:08:17 +00:00
|
|
|
if (outfd && *outfd == -1) {
|
2007-07-19 16:22:40 +00:00
|
|
|
close(pipeout[1]);
|
|
|
|
|
*outfd = pipeout[0];
|
|
|
|
|
}
|
2008-08-20 09:08:17 +00:00
|
|
|
if (errfd && *errfd == -1) {
|
2007-07-19 16:22:40 +00:00
|
|
|
close(pipeerr[1]);
|
|
|
|
|
*errfd = pipeerr[0];
|
|
|
|
|
}
|
2008-08-20 08:53:49 +00:00
|
|
|
|
2010-02-18 21:20:07 +00:00
|
|
|
if (forkRet < 0) {
|
|
|
|
|
goto cleanup;
|
2008-08-20 08:53:49 +00:00
|
|
|
}
|
|
|
|
|
|
2007-07-19 16:22:40 +00:00
|
|
|
*retpid = pid;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* child */
|
|
|
|
|
|
2010-02-18 21:20:07 +00:00
|
|
|
if (forkRet < 0) {
|
|
|
|
|
/* The fork was sucessful, but after that there was an error
|
|
|
|
|
* in the child (which was already logged).
|
|
|
|
|
*/
|
2009-05-04 15:43:25 +00:00
|
|
|
_exit(1);
|
2008-08-20 08:53:49 +00:00
|
|
|
}
|
|
|
|
|
|
2008-08-20 09:24:14 +00:00
|
|
|
openmax = sysconf (_SC_OPEN_MAX);
|
|
|
|
|
for (i = 3; i < openmax; i++)
|
|
|
|
|
if (i != infd &&
|
|
|
|
|
i != null &&
|
|
|
|
|
i != childout &&
|
2008-08-27 11:42:52 +00:00
|
|
|
i != childerr &&
|
|
|
|
|
(!keepfd ||
|
|
|
|
|
!FD_ISSET(i, keepfd)))
|
2008-08-20 09:24:14 +00:00
|
|
|
close(i);
|
|
|
|
|
|
2008-08-20 08:30:04 +00:00
|
|
|
if (dup2(infd >= 0 ? infd : null, STDIN_FILENO) < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-01-20 17:13:33 +00:00
|
|
|
"%s", _("failed to setup stdin file handle"));
|
2007-07-19 16:22:40 +00:00
|
|
|
_exit(1);
|
2008-08-20 08:30:04 +00:00
|
|
|
}
|
2008-08-20 09:08:17 +00:00
|
|
|
if (childout > 0 &&
|
|
|
|
|
dup2(childout, STDOUT_FILENO) < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-01-20 17:13:33 +00:00
|
|
|
"%s", _("failed to setup stdout file handle"));
|
2007-07-19 16:22:40 +00:00
|
|
|
_exit(1);
|
2008-08-20 08:30:04 +00:00
|
|
|
}
|
2008-08-20 09:08:17 +00:00
|
|
|
if (childerr > 0 &&
|
|
|
|
|
dup2(childerr, STDERR_FILENO) < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-01-20 17:13:33 +00:00
|
|
|
"%s", _("failed to setup stderr file handle"));
|
2007-07-19 16:22:40 +00:00
|
|
|
_exit(1);
|
2008-08-20 08:30:04 +00:00
|
|
|
}
|
2007-07-19 16:22:40 +00:00
|
|
|
|
2009-01-29 17:27:54 +00:00
|
|
|
if (infd > 0)
|
|
|
|
|
close(infd);
|
2007-07-19 16:22:40 +00:00
|
|
|
close(null);
|
2008-08-20 09:08:17 +00:00
|
|
|
if (childout > 0)
|
|
|
|
|
close(childout);
|
|
|
|
|
if (childerr > 0 &&
|
|
|
|
|
childerr != childout)
|
|
|
|
|
close(childerr);
|
2007-07-19 16:22:40 +00:00
|
|
|
|
2009-05-04 15:43:25 +00:00
|
|
|
/* Daemonize as late as possible, so the parent process can detect
|
|
|
|
|
* the above errors with wait* */
|
|
|
|
|
if (flags & VIR_EXEC_DAEMON) {
|
|
|
|
|
if (setsid() < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-05-04 15:43:25 +00:00
|
|
|
"%s", _("cannot become session leader"));
|
|
|
|
|
_exit(1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (chdir("/") < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-05-04 15:43:25 +00:00
|
|
|
"%s", _("cannot change to root directory: %s"));
|
|
|
|
|
_exit(1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
pid = fork();
|
|
|
|
|
if (pid < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-05-04 15:43:25 +00:00
|
|
|
"%s", _("cannot fork child process"));
|
|
|
|
|
_exit(1);
|
|
|
|
|
}
|
|
|
|
|
|
2009-05-11 13:50:38 +00:00
|
|
|
if (pid > 0) {
|
|
|
|
|
if (pidfile && virFileWritePidPath(pidfile,pid)) {
|
2009-07-30 13:58:16 +00:00
|
|
|
kill(pid, SIGTERM);
|
|
|
|
|
usleep(500*1000);
|
|
|
|
|
kill(pid, SIGTERM);
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-07-31 14:51:27 +00:00
|
|
|
_("could not write pidfile %s for %d"),
|
|
|
|
|
pidfile, pid);
|
2009-05-11 13:50:38 +00:00
|
|
|
_exit(1);
|
|
|
|
|
}
|
2009-05-04 15:43:25 +00:00
|
|
|
_exit(0);
|
2009-05-11 13:50:38 +00:00
|
|
|
}
|
2009-05-04 15:43:25 +00:00
|
|
|
}
|
|
|
|
|
|
2009-08-25 15:49:09 +00:00
|
|
|
if (hook)
|
2010-01-13 20:22:28 +00:00
|
|
|
if ((hook)(data) != 0) {
|
|
|
|
|
VIR_DEBUG0("Hook function failed.");
|
|
|
|
|
virDispatchError(NULL);
|
2009-08-25 15:49:09 +00:00
|
|
|
_exit(1);
|
2010-01-13 20:22:28 +00:00
|
|
|
}
|
2009-08-25 15:49:09 +00:00
|
|
|
|
2009-07-30 13:58:16 +00:00
|
|
|
/* The steps above may need todo something privileged, so
|
|
|
|
|
* we delay clearing capabilities until the last minute */
|
|
|
|
|
if ((flags & VIR_EXEC_CLEAR_CAPS) &&
|
|
|
|
|
virClearCapabilities() < 0)
|
|
|
|
|
_exit(1);
|
|
|
|
|
|
2008-08-20 09:24:14 +00:00
|
|
|
if (envp)
|
|
|
|
|
execve(argv[0], (char **) argv, (char**)envp);
|
|
|
|
|
else
|
|
|
|
|
execvp(argv[0], (char **) argv);
|
2007-07-19 16:22:40 +00:00
|
|
|
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-01-20 17:13:33 +00:00
|
|
|
_("cannot execute binary %s"),
|
|
|
|
|
argv[0]);
|
2008-08-20 08:30:04 +00:00
|
|
|
|
2007-07-19 16:22:40 +00:00
|
|
|
_exit(1);
|
|
|
|
|
|
|
|
|
|
cleanup:
|
2008-08-20 08:30:04 +00:00
|
|
|
/* This is cleanup of parent process only - child
|
|
|
|
|
should never jump here on error */
|
|
|
|
|
|
2010-02-04 22:41:52 +00:00
|
|
|
/* NB we don't virUtilError() on any failures here
|
2008-08-20 08:30:04 +00:00
|
|
|
because the code which jumped hre already raised
|
|
|
|
|
an error condition which we must not overwrite */
|
2007-07-19 16:22:40 +00:00
|
|
|
if (pipeerr[0] > 0)
|
|
|
|
|
close(pipeerr[0]);
|
|
|
|
|
if (pipeerr[1] > 0)
|
|
|
|
|
close(pipeerr[1]);
|
|
|
|
|
if (pipeout[0] > 0)
|
|
|
|
|
close(pipeout[0]);
|
|
|
|
|
if (pipeout[1] > 0)
|
|
|
|
|
close(pipeout[1]);
|
|
|
|
|
if (null > 0)
|
|
|
|
|
close(null);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2008-11-05 18:41:07 +00:00
|
|
|
int
|
2010-02-04 22:41:52 +00:00
|
|
|
virExecWithHook(const char *const*argv,
|
2009-02-26 16:27:51 +00:00
|
|
|
const char *const*envp,
|
|
|
|
|
const fd_set *keepfd,
|
|
|
|
|
pid_t *retpid,
|
|
|
|
|
int infd, int *outfd, int *errfd,
|
|
|
|
|
int flags,
|
|
|
|
|
virExecHook hook,
|
2009-05-11 13:50:38 +00:00
|
|
|
void *data,
|
|
|
|
|
char *pidfile)
|
2009-02-26 16:27:51 +00:00
|
|
|
{
|
2008-11-05 18:41:07 +00:00
|
|
|
char *argv_str;
|
2009-10-08 15:11:03 +00:00
|
|
|
char *envp_str;
|
2008-11-05 18:41:07 +00:00
|
|
|
|
|
|
|
|
if ((argv_str = virArgvToString(argv)) == NULL) {
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2008-11-05 18:41:07 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2009-10-08 15:11:03 +00:00
|
|
|
|
|
|
|
|
if (envp) {
|
|
|
|
|
if ((envp_str = virArgvToString(envp)) == NULL) {
|
2010-02-04 11:25:34 +00:00
|
|
|
VIR_FREE(argv_str);
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2009-10-08 15:11:03 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
VIR_DEBUG("%s %s", envp_str, argv_str);
|
|
|
|
|
VIR_FREE(envp_str);
|
|
|
|
|
} else {
|
|
|
|
|
VIR_DEBUG0(argv_str);
|
|
|
|
|
}
|
2008-11-05 18:41:07 +00:00
|
|
|
VIR_FREE(argv_str);
|
|
|
|
|
|
2010-02-04 22:41:52 +00:00
|
|
|
return __virExec(argv, envp, keepfd, retpid, infd, outfd, errfd,
|
2009-05-11 13:50:38 +00:00
|
|
|
flags, hook, data, pidfile);
|
2009-02-26 16:27:51 +00:00
|
|
|
}
|
|
|
|
|
|
2009-05-04 15:41:46 +00:00
|
|
|
/*
|
|
|
|
|
* See __virExec for explanation of the arguments.
|
|
|
|
|
*
|
|
|
|
|
* Wrapper function for __virExec, with a simpler set of parameters.
|
|
|
|
|
* Used to insulate the numerous callers from changes to __virExec argument
|
|
|
|
|
* list.
|
|
|
|
|
*/
|
2009-02-26 16:27:51 +00:00
|
|
|
int
|
2010-02-04 22:41:52 +00:00
|
|
|
virExec(const char *const*argv,
|
2009-02-26 16:27:51 +00:00
|
|
|
const char *const*envp,
|
|
|
|
|
const fd_set *keepfd,
|
|
|
|
|
pid_t *retpid,
|
|
|
|
|
int infd, int *outfd, int *errfd,
|
|
|
|
|
int flags)
|
|
|
|
|
{
|
2010-02-04 22:41:52 +00:00
|
|
|
return virExecWithHook(argv, envp, keepfd, retpid,
|
2009-02-26 16:27:51 +00:00
|
|
|
infd, outfd, errfd,
|
2009-05-11 13:50:38 +00:00
|
|
|
flags, NULL, NULL, NULL);
|
2008-11-05 18:41:07 +00:00
|
|
|
}
|
|
|
|
|
|
2009-05-11 13:34:37 +00:00
|
|
|
/*
|
|
|
|
|
* See __virExec for explanation of the arguments.
|
|
|
|
|
*
|
|
|
|
|
* This function will wait for the intermediate process (between the caller
|
|
|
|
|
* and the daemon) to exit. retpid will be the pid of the daemon, which can
|
|
|
|
|
* be checked for example to see if the daemon crashed immediately.
|
|
|
|
|
*
|
|
|
|
|
* Returns 0 on success
|
|
|
|
|
* -1 if initial fork failed (will have a reported error)
|
|
|
|
|
* -2 if intermediate process failed
|
|
|
|
|
* (won't have a reported error. pending on where the failure
|
|
|
|
|
* occured and when in the process occured, the error output
|
|
|
|
|
* could have gone to stderr or the passed errfd).
|
|
|
|
|
*/
|
2010-02-04 22:41:52 +00:00
|
|
|
int virExecDaemonize(const char *const*argv,
|
2009-05-11 13:34:37 +00:00
|
|
|
const char *const*envp,
|
|
|
|
|
const fd_set *keepfd,
|
|
|
|
|
pid_t *retpid,
|
|
|
|
|
int infd, int *outfd, int *errfd,
|
|
|
|
|
int flags,
|
|
|
|
|
virExecHook hook,
|
2009-05-11 13:50:38 +00:00
|
|
|
void *data,
|
|
|
|
|
char *pidfile) {
|
2009-05-11 13:34:37 +00:00
|
|
|
int ret;
|
|
|
|
|
int childstat = 0;
|
|
|
|
|
|
2010-02-04 22:41:52 +00:00
|
|
|
ret = virExecWithHook(argv, envp, keepfd, retpid,
|
2009-05-11 13:34:37 +00:00
|
|
|
infd, outfd, errfd,
|
2009-09-04 16:53:20 +00:00
|
|
|
flags | VIR_EXEC_DAEMON,
|
2009-05-11 13:50:38 +00:00
|
|
|
hook, data, pidfile);
|
2009-05-11 13:34:37 +00:00
|
|
|
|
|
|
|
|
/* __virExec should have set an error */
|
|
|
|
|
if (ret != 0)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
/* Wait for intermediate process to exit */
|
|
|
|
|
while (waitpid(*retpid, &childstat, 0) == -1 &&
|
|
|
|
|
errno == EINTR);
|
|
|
|
|
|
|
|
|
|
if (childstat != 0) {
|
2010-02-04 22:41:52 +00:00
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("Intermediate daemon process exited with status %d."),
|
|
|
|
|
WEXITSTATUS(childstat));
|
2009-05-11 13:34:37 +00:00
|
|
|
ret = -2;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2008-01-10 13:46:10 +00:00
|
|
|
/**
|
|
|
|
|
* @argv NULL terminated argv to run
|
|
|
|
|
* @status optional variable to return exit status in
|
|
|
|
|
*
|
|
|
|
|
* Run a command without using the shell.
|
|
|
|
|
*
|
|
|
|
|
* If status is NULL, then return 0 if the command run and
|
|
|
|
|
* exited with 0 status; Otherwise return -1
|
|
|
|
|
*
|
|
|
|
|
* If status is not-NULL, then return 0 if the command ran.
|
|
|
|
|
* The status variable is filled with the command exit status
|
|
|
|
|
* and should be checked by caller for success. Return -1
|
|
|
|
|
* only if the command could not be run.
|
|
|
|
|
*/
|
|
|
|
|
int
|
2010-02-04 22:41:52 +00:00
|
|
|
virRunWithHook(const char *const*argv,
|
2010-01-20 23:30:36 +00:00
|
|
|
virExecHook hook,
|
|
|
|
|
void *data,
|
|
|
|
|
int *status) {
|
2008-12-18 11:58:28 +00:00
|
|
|
pid_t childpid;
|
|
|
|
|
int exitstatus, execret, waitret;
|
2008-11-05 18:57:42 +00:00
|
|
|
int ret = -1;
|
|
|
|
|
int errfd = -1, outfd = -1;
|
|
|
|
|
char *outbuf = NULL;
|
|
|
|
|
char *errbuf = NULL;
|
|
|
|
|
char *argv_str = NULL;
|
2008-11-05 18:41:07 +00:00
|
|
|
|
|
|
|
|
if ((argv_str = virArgvToString(argv)) == NULL) {
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2008-11-05 18:57:42 +00:00
|
|
|
goto error;
|
2008-11-05 18:41:07 +00:00
|
|
|
}
|
|
|
|
|
DEBUG0(argv_str);
|
2008-01-10 13:46:10 +00:00
|
|
|
|
2010-02-04 22:41:52 +00:00
|
|
|
if ((execret = __virExec(argv, NULL, NULL,
|
2008-11-05 18:57:42 +00:00
|
|
|
&childpid, -1, &outfd, &errfd,
|
2010-01-20 23:30:36 +00:00
|
|
|
VIR_EXEC_NONE, hook, data, NULL)) < 0) {
|
2008-11-05 18:57:42 +00:00
|
|
|
ret = execret;
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-04 22:41:52 +00:00
|
|
|
if (virPipeReadUntilEOF(outfd, errfd, &outbuf, &errbuf) < 0) {
|
2009-03-31 12:26:54 +00:00
|
|
|
while (waitpid(childpid, &exitstatus, 0) == -1 && errno == EINTR)
|
|
|
|
|
;
|
2008-11-05 18:57:42 +00:00
|
|
|
goto error;
|
2009-03-31 12:26:54 +00:00
|
|
|
}
|
2008-11-05 18:57:42 +00:00
|
|
|
|
|
|
|
|
if (outbuf)
|
|
|
|
|
DEBUG("Command stdout: %s", outbuf);
|
|
|
|
|
if (errbuf)
|
|
|
|
|
DEBUG("Command stderr: %s", errbuf);
|
2008-01-10 13:46:10 +00:00
|
|
|
|
2008-11-05 18:57:42 +00:00
|
|
|
while ((waitret = waitpid(childpid, &exitstatus, 0) == -1) &&
|
|
|
|
|
errno == EINTR);
|
|
|
|
|
if (waitret == -1) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-01-20 17:13:33 +00:00
|
|
|
_("cannot wait for '%s'"),
|
|
|
|
|
argv[0]);
|
2008-11-05 18:57:42 +00:00
|
|
|
goto error;
|
2008-08-20 08:30:04 +00:00
|
|
|
}
|
2008-01-10 13:46:10 +00:00
|
|
|
|
|
|
|
|
if (status == NULL) {
|
|
|
|
|
errno = EINVAL;
|
2008-11-05 18:57:42 +00:00
|
|
|
if (WIFEXITED(exitstatus) && WEXITSTATUS(exitstatus) != 0) {
|
2010-02-04 22:41:52 +00:00
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("'%s' exited with non-zero status %d and "
|
|
|
|
|
"signal %d: %s"), argv_str,
|
|
|
|
|
WIFEXITED(exitstatus) ? WEXITSTATUS(exitstatus) : 0,
|
|
|
|
|
WIFSIGNALED(exitstatus) ? WTERMSIG(exitstatus) : 0,
|
|
|
|
|
(errbuf ? errbuf : ""));
|
2008-11-05 18:57:42 +00:00
|
|
|
goto error;
|
|
|
|
|
}
|
2008-01-10 13:46:10 +00:00
|
|
|
} else {
|
|
|
|
|
*status = exitstatus;
|
|
|
|
|
}
|
2008-11-05 18:57:42 +00:00
|
|
|
|
|
|
|
|
ret = 0;
|
|
|
|
|
|
|
|
|
|
error:
|
|
|
|
|
VIR_FREE(outbuf);
|
|
|
|
|
VIR_FREE(errbuf);
|
|
|
|
|
VIR_FREE(argv_str);
|
2008-11-25 10:44:52 +00:00
|
|
|
if (outfd != -1)
|
|
|
|
|
close(outfd);
|
|
|
|
|
if (errfd != -1)
|
|
|
|
|
close(errfd);
|
2008-11-05 18:57:42 +00:00
|
|
|
return ret;
|
2008-01-10 13:46:10 +00:00
|
|
|
}
|
|
|
|
|
|
2010-03-20 10:57:30 +00:00
|
|
|
# else /* WIN32 */
|
|
|
|
|
|
|
|
|
|
int virSetCloseExec(int fd ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2007-12-07 14:45:39 +00:00
|
|
|
|
2008-11-07 16:43:23 +00:00
|
|
|
int
|
2010-02-04 22:41:52 +00:00
|
|
|
virRunWithHook(const char *const *argv ATTRIBUTE_UNUSED,
|
2010-01-20 23:30:36 +00:00
|
|
|
virExecHook hook ATTRIBUTE_UNUSED,
|
|
|
|
|
void *data ATTRIBUTE_UNUSED,
|
|
|
|
|
int *status)
|
2008-11-07 16:43:23 +00:00
|
|
|
{
|
|
|
|
|
if (status)
|
|
|
|
|
*status = ENOTSUP;
|
|
|
|
|
else
|
2010-03-20 10:57:30 +00:00
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virRunWithHook is not implemented for WIN32"));
|
2008-11-07 16:43:23 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2007-12-07 14:45:39 +00:00
|
|
|
int
|
2010-02-04 22:41:52 +00:00
|
|
|
virExec(const char *const*argv ATTRIBUTE_UNUSED,
|
2008-09-05 12:03:45 +00:00
|
|
|
const char *const*envp ATTRIBUTE_UNUSED,
|
|
|
|
|
const fd_set *keepfd ATTRIBUTE_UNUSED,
|
2007-12-07 14:45:39 +00:00
|
|
|
int *retpid ATTRIBUTE_UNUSED,
|
|
|
|
|
int infd ATTRIBUTE_UNUSED,
|
|
|
|
|
int *outfd ATTRIBUTE_UNUSED,
|
2008-09-05 12:03:45 +00:00
|
|
|
int *errfd ATTRIBUTE_UNUSED,
|
|
|
|
|
int flags ATTRIBUTE_UNUSED)
|
2007-12-07 14:45:39 +00:00
|
|
|
{
|
2010-03-20 10:57:30 +00:00
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virExec is not implemented for WIN32"));
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int
|
|
|
|
|
virExecDaemonize(const char *const*argv ATTRIBUTE_UNUSED,
|
|
|
|
|
const char *const*envp ATTRIBUTE_UNUSED,
|
|
|
|
|
const fd_set *keepfd ATTRIBUTE_UNUSED,
|
|
|
|
|
pid_t *retpid ATTRIBUTE_UNUSED,
|
|
|
|
|
int infd ATTRIBUTE_UNUSED,
|
|
|
|
|
int *outfd ATTRIBUTE_UNUSED,
|
|
|
|
|
int *errfd ATTRIBUTE_UNUSED,
|
|
|
|
|
int flags ATTRIBUTE_UNUSED,
|
|
|
|
|
virExecHook hook ATTRIBUTE_UNUSED,
|
|
|
|
|
void *data ATTRIBUTE_UNUSED,
|
|
|
|
|
char *pidfile ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virExecDaemonize is not implemented for WIN32"));
|
|
|
|
|
|
2007-12-07 14:45:39 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-20 10:57:30 +00:00
|
|
|
# endif /* WIN32 */
|
2007-12-07 14:45:39 +00:00
|
|
|
|
2010-05-03 23:05:44 +00:00
|
|
|
int
|
|
|
|
|
virPipeReadUntilEOF(int outfd, int errfd,
|
|
|
|
|
char **outbuf, char **errbuf) {
|
|
|
|
|
|
|
|
|
|
struct pollfd fds[2];
|
|
|
|
|
int i;
|
|
|
|
|
int finished[2];
|
|
|
|
|
|
|
|
|
|
fds[0].fd = outfd;
|
|
|
|
|
fds[0].events = POLLIN;
|
|
|
|
|
finished[0] = 0;
|
|
|
|
|
fds[1].fd = errfd;
|
|
|
|
|
fds[1].events = POLLIN;
|
|
|
|
|
finished[1] = 0;
|
|
|
|
|
|
|
|
|
|
while(!(finished[0] && finished[1])) {
|
|
|
|
|
|
|
|
|
|
if (poll(fds, ARRAY_CARDINALITY(fds), -1) < 0) {
|
|
|
|
|
if ((errno == EAGAIN) || (errno == EINTR))
|
|
|
|
|
continue;
|
|
|
|
|
goto pollerr;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < ARRAY_CARDINALITY(fds); ++i) {
|
|
|
|
|
char data[1024], **buf;
|
|
|
|
|
int got, size;
|
|
|
|
|
|
|
|
|
|
if (!(fds[i].revents))
|
|
|
|
|
continue;
|
|
|
|
|
else if (fds[i].revents & POLLHUP)
|
|
|
|
|
finished[i] = 1;
|
|
|
|
|
|
|
|
|
|
if (!(fds[i].revents & POLLIN)) {
|
|
|
|
|
if (fds[i].revents & POLLHUP)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("Unknown poll response."));
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
got = read(fds[i].fd, data, sizeof(data));
|
|
|
|
|
|
|
|
|
|
if (got == 0) {
|
|
|
|
|
finished[i] = 1;
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
if (got < 0) {
|
|
|
|
|
if (errno == EINTR)
|
|
|
|
|
continue;
|
|
|
|
|
if (errno == EAGAIN)
|
|
|
|
|
break;
|
|
|
|
|
goto pollerr;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
buf = ((fds[i].fd == outfd) ? outbuf : errbuf);
|
|
|
|
|
size = (*buf ? strlen(*buf) : 0);
|
|
|
|
|
if (VIR_REALLOC_N(*buf, size+got+1) < 0) {
|
|
|
|
|
virReportOOMError();
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
memmove(*buf+size, data, got);
|
|
|
|
|
(*buf)[size+got] = '\0';
|
|
|
|
|
}
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
pollerr:
|
|
|
|
|
virReportSystemError(errno,
|
|
|
|
|
"%s", _("poll error"));
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
error:
|
|
|
|
|
VIR_FREE(*outbuf);
|
|
|
|
|
VIR_FREE(*errbuf);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-20 23:30:36 +00:00
|
|
|
int
|
2010-02-04 22:41:52 +00:00
|
|
|
virRun(const char *const*argv,
|
2010-01-20 23:30:36 +00:00
|
|
|
int *status) {
|
2010-02-04 22:41:52 +00:00
|
|
|
return virRunWithHook(argv, NULL, NULL, status);
|
2010-01-20 23:30:36 +00:00
|
|
|
}
|
|
|
|
|
|
2008-04-08 15:33:16 +00:00
|
|
|
/* Like gnulib's fread_file, but read no more than the specified maximum
|
|
|
|
|
number of bytes. If the length of the input is <= max_len, and
|
|
|
|
|
upon error while reading that data, it works just like fread_file. */
|
|
|
|
|
static char *
|
2009-10-12 19:32:33 +00:00
|
|
|
saferead_lim (int fd, size_t max_len, size_t *length)
|
2008-04-08 15:33:16 +00:00
|
|
|
{
|
|
|
|
|
char *buf = NULL;
|
|
|
|
|
size_t alloc = 0;
|
|
|
|
|
size_t size = 0;
|
|
|
|
|
int save_errno;
|
|
|
|
|
|
|
|
|
|
for (;;) {
|
2009-10-12 19:32:33 +00:00
|
|
|
int count;
|
|
|
|
|
int requested;
|
2008-04-08 15:33:16 +00:00
|
|
|
|
|
|
|
|
if (size + BUFSIZ + 1 > alloc) {
|
|
|
|
|
alloc += alloc / 2;
|
|
|
|
|
if (alloc < size + BUFSIZ + 1)
|
|
|
|
|
alloc = size + BUFSIZ + 1;
|
|
|
|
|
|
2008-06-19 14:30:52 +00:00
|
|
|
if (VIR_REALLOC_N(buf, alloc) < 0) {
|
2008-04-08 15:33:16 +00:00
|
|
|
save_errno = errno;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Ensure that (size + requested <= max_len); */
|
|
|
|
|
requested = MIN (size < max_len ? max_len - size : 0,
|
|
|
|
|
alloc - size - 1);
|
2009-10-12 19:32:33 +00:00
|
|
|
count = saferead (fd, buf + size, requested);
|
2008-04-08 15:33:16 +00:00
|
|
|
size += count;
|
|
|
|
|
|
|
|
|
|
if (count != requested || requested == 0) {
|
|
|
|
|
save_errno = errno;
|
2009-10-12 19:32:33 +00:00
|
|
|
if (count < 0)
|
2008-04-08 15:33:16 +00:00
|
|
|
break;
|
|
|
|
|
buf[size] = '\0';
|
|
|
|
|
*length = size;
|
|
|
|
|
return buf;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-12-09 23:00:50 +00:00
|
|
|
VIR_FREE(buf);
|
2008-04-08 15:33:16 +00:00
|
|
|
errno = save_errno;
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2007-12-03 14:30:46 +00:00
|
|
|
|
2009-10-12 19:32:33 +00:00
|
|
|
/* A wrapper around saferead_lim that maps a failure due to
|
2008-09-02 10:29:51 +00:00
|
|
|
exceeding the maximum size limitation to EOVERFLOW. */
|
2010-03-03 10:42:11 +00:00
|
|
|
int
|
|
|
|
|
virFileReadLimFD(int fd, int maxlen, char **buf)
|
2007-12-03 14:30:46 +00:00
|
|
|
{
|
2008-04-08 15:33:16 +00:00
|
|
|
size_t len;
|
2010-03-03 10:42:11 +00:00
|
|
|
char *s;
|
|
|
|
|
|
|
|
|
|
if (maxlen <= 0) {
|
|
|
|
|
errno = EINVAL;
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
s = saferead_lim (fd, maxlen+1, &len);
|
2008-09-02 10:29:51 +00:00
|
|
|
if (s == NULL)
|
|
|
|
|
return -1;
|
|
|
|
|
if (len > maxlen || (int)len != len) {
|
|
|
|
|
VIR_FREE(s);
|
|
|
|
|
/* There was at least one byte more than MAXLEN.
|
|
|
|
|
Set errno accordingly. */
|
|
|
|
|
errno = EOVERFLOW;
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
*buf = s;
|
|
|
|
|
return len;
|
|
|
|
|
}
|
|
|
|
|
|
2008-11-17 11:03:25 +00:00
|
|
|
int virFileReadAll(const char *path, int maxlen, char **buf)
|
2008-09-02 10:29:51 +00:00
|
|
|
{
|
2009-10-12 19:32:33 +00:00
|
|
|
int fd = open(path, O_RDONLY);
|
|
|
|
|
if (fd < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("Failed to open file '%s'"), path);
|
2008-09-02 10:29:51 +00:00
|
|
|
return -1;
|
2007-12-03 14:30:46 +00:00
|
|
|
}
|
|
|
|
|
|
2009-10-12 19:32:33 +00:00
|
|
|
int len = virFileReadLimFD(fd, maxlen, buf);
|
|
|
|
|
close(fd);
|
2008-09-02 10:29:51 +00:00
|
|
|
if (len < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("Failed to read file '%s'"), path);
|
2008-09-02 10:29:51 +00:00
|
|
|
return -1;
|
2007-12-03 14:30:46 +00:00
|
|
|
}
|
|
|
|
|
|
2008-09-02 10:29:51 +00:00
|
|
|
return len;
|
2007-12-03 14:30:46 +00:00
|
|
|
}
|
|
|
|
|
|
2009-02-13 19:13:06 +00:00
|
|
|
/* Truncate @path and write @str to it.
|
|
|
|
|
Return 0 for success, nonzero for failure.
|
|
|
|
|
Be careful to preserve any errno value upon failure. */
|
|
|
|
|
int virFileWriteStr(const char *path, const char *str)
|
|
|
|
|
{
|
|
|
|
|
int fd;
|
|
|
|
|
|
|
|
|
|
if ((fd = open(path, O_WRONLY|O_TRUNC)) == -1)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
if (safewrite(fd, str, strlen(str)) < 0) {
|
|
|
|
|
int saved_errno = errno;
|
|
|
|
|
close (fd);
|
|
|
|
|
errno = saved_errno;
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Use errno from failed close only if there was no write error. */
|
|
|
|
|
if (close (fd) != 0)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2007-12-03 14:30:46 +00:00
|
|
|
int virFileMatchesNameSuffix(const char *file,
|
|
|
|
|
const char *name,
|
|
|
|
|
const char *suffix)
|
|
|
|
|
{
|
|
|
|
|
int filelen = strlen(file);
|
|
|
|
|
int namelen = strlen(name);
|
|
|
|
|
int suffixlen = strlen(suffix);
|
|
|
|
|
|
|
|
|
|
if (filelen == (namelen + suffixlen) &&
|
2008-05-14 19:51:24 +00:00
|
|
|
STREQLEN(file, name, namelen) &&
|
|
|
|
|
STREQLEN(file + namelen, suffix, suffixlen))
|
2007-12-03 14:30:46 +00:00
|
|
|
return 1;
|
|
|
|
|
else
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int virFileHasSuffix(const char *str,
|
|
|
|
|
const char *suffix)
|
|
|
|
|
{
|
|
|
|
|
int len = strlen(str);
|
|
|
|
|
int suffixlen = strlen(suffix);
|
|
|
|
|
|
|
|
|
|
if (len < suffixlen)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2010-04-30 12:03:41 +00:00
|
|
|
return STRCASEEQ(str + len - suffixlen, suffix);
|
2007-12-03 14:30:46 +00:00
|
|
|
}
|
|
|
|
|
|
2010-03-09 18:22:22 +00:00
|
|
|
# define SAME_INODE(Stat_buf_1, Stat_buf_2) \
|
2008-08-12 17:38:08 +00:00
|
|
|
((Stat_buf_1).st_ino == (Stat_buf_2).st_ino \
|
|
|
|
|
&& (Stat_buf_1).st_dev == (Stat_buf_2).st_dev)
|
2007-12-03 14:30:46 +00:00
|
|
|
|
2008-08-12 17:38:08 +00:00
|
|
|
/* Return nonzero if checkLink and checkDest
|
|
|
|
|
refer to the same file. Otherwise, return 0. */
|
2007-12-03 14:30:46 +00:00
|
|
|
int virFileLinkPointsTo(const char *checkLink,
|
|
|
|
|
const char *checkDest)
|
|
|
|
|
{
|
2008-08-12 17:38:08 +00:00
|
|
|
struct stat src_sb;
|
|
|
|
|
struct stat dest_sb;
|
2007-12-03 14:30:46 +00:00
|
|
|
|
2008-08-12 17:38:08 +00:00
|
|
|
return (stat (checkLink, &src_sb) == 0
|
|
|
|
|
&& stat (checkDest, &dest_sb) == 0
|
|
|
|
|
&& SAME_INODE (src_sb, dest_sb));
|
2007-12-07 14:45:39 +00:00
|
|
|
}
|
|
|
|
|
|
2009-04-01 10:26:22 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Attempt to resolve a symbolic link, returning the
|
|
|
|
|
* real path
|
|
|
|
|
*
|
|
|
|
|
* Return 0 if path was not a symbolic, or the link was
|
|
|
|
|
* resolved. Return -1 upon error
|
|
|
|
|
*/
|
|
|
|
|
int virFileResolveLink(const char *linkpath,
|
|
|
|
|
char **resultpath)
|
|
|
|
|
{
|
|
|
|
|
struct stat st;
|
|
|
|
|
|
|
|
|
|
*resultpath = NULL;
|
|
|
|
|
|
|
|
|
|
if (lstat(linkpath, &st) < 0)
|
|
|
|
|
return errno;
|
|
|
|
|
|
|
|
|
|
if (!S_ISLNK(st.st_mode)) {
|
|
|
|
|
if (!(*resultpath = strdup(linkpath)))
|
|
|
|
|
return -ENOMEM;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2009-12-15 07:27:53 +00:00
|
|
|
*resultpath = areadlink (linkpath);
|
2009-04-01 10:26:22 +00:00
|
|
|
|
2009-12-15 07:27:53 +00:00
|
|
|
return *resultpath == NULL ? -1 : 0;
|
2009-04-01 10:26:22 +00:00
|
|
|
}
|
|
|
|
|
|
2009-06-11 13:18:56 +00:00
|
|
|
/*
|
|
|
|
|
* Finds a requested file in the PATH env. e.g.:
|
|
|
|
|
* "kvm-img" will return "/usr/bin/kvm-img"
|
|
|
|
|
*
|
|
|
|
|
* You must free the result
|
|
|
|
|
*/
|
|
|
|
|
char *virFindFileInPath(const char *file)
|
|
|
|
|
{
|
|
|
|
|
char pathenv[PATH_MAX];
|
2009-06-15 11:08:28 +00:00
|
|
|
char *penv = pathenv;
|
2009-06-11 13:18:56 +00:00
|
|
|
char *pathseg;
|
|
|
|
|
char fullpath[PATH_MAX];
|
|
|
|
|
|
2010-01-25 15:01:15 +00:00
|
|
|
if (file == NULL)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
/* if we are passed an absolute path (starting with /), return a
|
|
|
|
|
* copy of that path
|
|
|
|
|
*/
|
|
|
|
|
if (file[0] == '/') {
|
|
|
|
|
if (virFileExists(file))
|
|
|
|
|
return strdup(file);
|
|
|
|
|
else
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2009-06-11 13:18:56 +00:00
|
|
|
/* copy PATH env so we can tweak it */
|
2009-08-03 12:37:44 +00:00
|
|
|
if (virStrcpyStatic(pathenv, getenv("PATH")) == NULL)
|
|
|
|
|
return NULL;
|
2009-04-01 10:26:22 +00:00
|
|
|
|
2009-06-11 13:18:56 +00:00
|
|
|
/* for each path segment, append the file to search for and test for
|
|
|
|
|
* it. return it if found.
|
|
|
|
|
*/
|
|
|
|
|
while ((pathseg = strsep(&penv, ":")) != NULL) {
|
|
|
|
|
snprintf(fullpath, PATH_MAX, "%s/%s", pathseg, file);
|
|
|
|
|
if (virFileExists(fullpath))
|
|
|
|
|
return strdup(fullpath);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2008-02-26 07:05:18 +00:00
|
|
|
int virFileExists(const char *path)
|
|
|
|
|
{
|
|
|
|
|
struct stat st;
|
|
|
|
|
|
|
|
|
|
if (stat(path, &st) >= 0)
|
|
|
|
|
return(1);
|
|
|
|
|
return(0);
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-17 15:36:08 +00:00
|
|
|
# ifndef WIN32
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
static int virFileOperationNoFork(const char *path, int openflags, mode_t mode,
|
|
|
|
|
uid_t uid, gid_t gid,
|
|
|
|
|
virFileOperationHook hook, void *hookdata,
|
|
|
|
|
unsigned int flags) {
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
int fd = -1;
|
|
|
|
|
int ret = 0;
|
|
|
|
|
struct stat st;
|
|
|
|
|
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
if ((fd = open(path, openflags, mode)) < 0) {
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("failed to create file '%s'"),
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
path);
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
if (fstat(fd, &st) == -1) {
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("stat of '%s' failed"), path);
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
if (((st.st_uid != uid) || (st.st_gid != gid))
|
|
|
|
|
&& (fchown(fd, uid, gid) < 0)) {
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("cannot chown '%s' to (%u, %u)"),
|
2010-04-29 03:36:03 +00:00
|
|
|
path, (unsigned int) uid, (unsigned int) gid);
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
goto error;
|
|
|
|
|
}
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
if ((flags & VIR_FILE_OP_FORCE_PERMS)
|
|
|
|
|
&& (fchmod(fd, mode) < 0)) {
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
_("cannot set mode of '%s' to %04o"),
|
|
|
|
|
path, mode);
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
if ((hook) && ((ret = hook(fd, hookdata)) != 0)) {
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
if (close(fd) < 0) {
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("failed to close new file '%s'"),
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
path);
|
|
|
|
|
fd = -1;
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
fd = -1;
|
|
|
|
|
error:
|
|
|
|
|
if (fd != -1)
|
|
|
|
|
close(fd);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
static int virDirCreateNoFork(const char *path, mode_t mode, uid_t uid, gid_t gid,
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
unsigned int flags) {
|
|
|
|
|
int ret = 0;
|
|
|
|
|
struct stat st;
|
|
|
|
|
|
|
|
|
|
if ((mkdir(path, mode) < 0)
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
&& !((errno == EEXIST) && (flags & VIR_DIR_CREATE_ALLOW_EXIST)))
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
{
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("failed to create directory '%s'"),
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
path);
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (stat(path, &st) == -1) {
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("stat of '%s' failed"), path);
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
if (((st.st_uid != uid) || (st.st_gid != gid))
|
|
|
|
|
&& (chown(path, uid, gid) < 0)) {
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("cannot chown '%s' to (%u, %u)"),
|
2010-04-29 03:36:03 +00:00
|
|
|
path, (unsigned int) uid, (unsigned int) gid);
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
goto error;
|
|
|
|
|
}
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
if ((flags & VIR_DIR_CREATE_FORCE_PERMS)
|
|
|
|
|
&& (chmod(path, mode) < 0)) {
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
_("cannot set mode of '%s' to %04o"),
|
|
|
|
|
path, mode);
|
|
|
|
|
goto error;
|
|
|
|
|
}
|
|
|
|
|
error:
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
int virFileOperation(const char *path, int openflags, mode_t mode,
|
|
|
|
|
uid_t uid, gid_t gid,
|
|
|
|
|
virFileOperationHook hook, void *hookdata,
|
|
|
|
|
unsigned int flags) {
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
struct stat st;
|
|
|
|
|
pid_t pid;
|
|
|
|
|
int waitret, status, ret = 0;
|
|
|
|
|
int fd;
|
|
|
|
|
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
if ((!(flags & VIR_FILE_OP_AS_UID))
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
|| (getuid() != 0)
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
|| ((uid == 0) && (gid == 0))) {
|
|
|
|
|
return virFileOperationNoFork(path, openflags, mode, uid, gid,
|
|
|
|
|
hook, hookdata, flags);
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* parent is running as root, but caller requested that the
|
|
|
|
|
* file be created as some other user and/or group). The
|
|
|
|
|
* following dance avoids problems caused by root-squashing
|
|
|
|
|
* NFS servers. */
|
|
|
|
|
|
2010-02-18 21:20:07 +00:00
|
|
|
int forkRet = virFork(&pid);
|
2010-02-03 16:19:39 +00:00
|
|
|
|
|
|
|
|
if (pid < 0) {
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
ret = errno;
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (pid) { /* parent */
|
|
|
|
|
/* wait for child to complete, and retrieve its exit code */
|
|
|
|
|
while ((waitret = waitpid(pid, &status, 0) == -1)
|
|
|
|
|
&& (errno == EINTR));
|
|
|
|
|
if (waitret == -1) {
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
_("failed to wait for child creating '%s'"),
|
|
|
|
|
path);
|
|
|
|
|
goto parenterror;
|
|
|
|
|
}
|
|
|
|
|
ret = WEXITSTATUS(status);
|
|
|
|
|
if (!WIFEXITED(status) || (ret == EACCES)) {
|
|
|
|
|
/* fall back to the simpler method, which works better in
|
|
|
|
|
* some cases */
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
return virFileOperationNoFork(path, openflags, mode, uid, gid,
|
|
|
|
|
hook, hookdata, flags);
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
}
|
|
|
|
|
parenterror:
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-18 21:20:07 +00:00
|
|
|
|
|
|
|
|
/* child */
|
|
|
|
|
|
|
|
|
|
if (forkRet < 0) {
|
|
|
|
|
/* error encountered and logged in virFork() after the fork. */
|
|
|
|
|
goto childerror;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* set desired uid/gid, then attempt to create the file */
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
|
|
|
|
|
if ((gid != 0) && (setgid(gid) != 0)) {
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
_("cannot set gid %u creating '%s'"),
|
2010-04-29 03:36:03 +00:00
|
|
|
(unsigned int) gid, path);
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
goto childerror;
|
|
|
|
|
}
|
|
|
|
|
if ((uid != 0) && (setuid(uid) != 0)) {
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
_("cannot set uid %u creating '%s'"),
|
2010-04-29 03:36:03 +00:00
|
|
|
(unsigned int) uid, path);
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
goto childerror;
|
|
|
|
|
}
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
if ((fd = open(path, openflags, mode)) < 0) {
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
ret = errno;
|
|
|
|
|
if (ret != EACCES) {
|
|
|
|
|
/* in case of EACCES, the parent will retry */
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
_("child failed to create file '%s'"),
|
|
|
|
|
path);
|
|
|
|
|
}
|
|
|
|
|
goto childerror;
|
|
|
|
|
}
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
if (fstat(fd, &st) == -1) {
|
|
|
|
|
ret = errno;
|
|
|
|
|
virReportSystemError(errno, _("stat of '%s' failed"), path);
|
|
|
|
|
goto childerror;
|
|
|
|
|
}
|
|
|
|
|
if ((st.st_gid != gid)
|
|
|
|
|
&& (fchown(fd, -1, gid) < 0)) {
|
|
|
|
|
ret = errno;
|
|
|
|
|
virReportSystemError(errno, _("cannot chown '%s' to (%u, %u)"),
|
2010-04-29 03:36:03 +00:00
|
|
|
path, (unsigned int) uid, (unsigned int) gid);
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
goto childerror;
|
|
|
|
|
}
|
|
|
|
|
if ((flags & VIR_FILE_OP_FORCE_PERMS)
|
|
|
|
|
&& (fchmod(fd, mode) < 0)) {
|
|
|
|
|
ret = errno;
|
|
|
|
|
virReportSystemError(errno,
|
|
|
|
|
_("cannot set mode of '%s' to %04o"),
|
|
|
|
|
path, mode);
|
|
|
|
|
goto childerror;
|
|
|
|
|
}
|
|
|
|
|
if ((hook) && ((ret = hook(fd, hookdata)) != 0)) {
|
|
|
|
|
goto childerror;
|
|
|
|
|
}
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
if (close(fd) < 0) {
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("child failed to close new file '%s'"),
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
path);
|
|
|
|
|
goto childerror;
|
|
|
|
|
}
|
|
|
|
|
childerror:
|
|
|
|
|
_exit(ret);
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int virDirCreate(const char *path, mode_t mode,
|
|
|
|
|
uid_t uid, gid_t gid, unsigned int flags) {
|
|
|
|
|
struct stat st;
|
|
|
|
|
pid_t pid;
|
|
|
|
|
int waitret;
|
|
|
|
|
int status, ret = 0;
|
|
|
|
|
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
if ((!(flags & VIR_DIR_CREATE_AS_UID))
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
|| (getuid() != 0)
|
|
|
|
|
|| ((uid == 0) && (gid == 0))
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
|| ((flags & VIR_DIR_CREATE_ALLOW_EXIST) && (stat(path, &st) >= 0))) {
|
|
|
|
|
return virDirCreateNoFork(path, mode, uid, gid, flags);
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
}
|
|
|
|
|
|
2010-02-18 21:20:07 +00:00
|
|
|
int forkRet = virFork(&pid);
|
2010-02-03 16:19:39 +00:00
|
|
|
|
|
|
|
|
if (pid < 0) {
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
ret = errno;
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (pid) { /* parent */
|
|
|
|
|
/* wait for child to complete, and retrieve its exit code */
|
|
|
|
|
while ((waitret = waitpid(pid, &status, 0) == -1) && (errno == EINTR));
|
|
|
|
|
if (waitret == -1) {
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
_("failed to wait for child creating '%s'"),
|
|
|
|
|
path);
|
|
|
|
|
goto parenterror;
|
|
|
|
|
}
|
|
|
|
|
ret = WEXITSTATUS(status);
|
|
|
|
|
if (!WIFEXITED(status) || (ret == EACCES)) {
|
|
|
|
|
/* fall back to the simpler method, which works better in
|
|
|
|
|
* some cases */
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
return virDirCreateNoFork(path, mode, uid, gid, flags);
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
}
|
|
|
|
|
if (ret != 0) {
|
|
|
|
|
goto parenterror;
|
|
|
|
|
}
|
|
|
|
|
parenterror:
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-18 21:20:07 +00:00
|
|
|
/* child */
|
|
|
|
|
|
|
|
|
|
if (forkRet < 0) {
|
|
|
|
|
/* error encountered and logged in virFork() after the fork. */
|
|
|
|
|
goto childerror;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* set desired uid/gid, then attempt to create the directory */
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
|
|
|
|
|
if ((gid != 0) && (setgid(gid) != 0)) {
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("cannot set gid %u creating '%s'"),
|
2010-04-29 03:36:03 +00:00
|
|
|
(unsigned int) gid, path);
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
goto childerror;
|
|
|
|
|
}
|
|
|
|
|
if ((uid != 0) && (setuid(uid) != 0)) {
|
|
|
|
|
ret = errno;
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("cannot set uid %u creating '%s'"),
|
2010-04-29 03:36:03 +00:00
|
|
|
(unsigned int) uid, path);
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
goto childerror;
|
|
|
|
|
}
|
|
|
|
|
if (mkdir(path, mode) < 0) {
|
|
|
|
|
ret = errno;
|
|
|
|
|
if (ret != EACCES) {
|
|
|
|
|
/* in case of EACCES, the parent will retry */
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, _("child failed to create directory '%s'"),
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
path);
|
|
|
|
|
}
|
|
|
|
|
goto childerror;
|
|
|
|
|
}
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
/* check if group was set properly by creating after
|
|
|
|
|
* setgid. If not, try doing it with chown */
|
|
|
|
|
if (stat(path, &st) == -1) {
|
|
|
|
|
ret = errno;
|
|
|
|
|
virReportSystemError(errno,
|
|
|
|
|
_("stat of '%s' failed"), path);
|
|
|
|
|
goto childerror;
|
|
|
|
|
}
|
|
|
|
|
if ((st.st_gid != gid) && (chown(path, -1, gid) < 0)) {
|
|
|
|
|
ret = errno;
|
|
|
|
|
virReportSystemError(errno,
|
|
|
|
|
_("cannot chown '%s' to group %u"),
|
2010-04-29 03:36:03 +00:00
|
|
|
path, (unsigned int) gid);
|
Rename virFileCreate to virFileOperation, add hook function
It turns out it is also useful to be able to perform other operations
on a file created while running as a different uid (eg, write things
to that file), and possibly to do this to a file that already
exists. This patch adds an optional hook function to the renamed (for
more accuracy of purpose) virFileOperation; the hook will be called
after the file has been opened (possibly created) and gid/mode
checked/set, before closing it.
As with the other operations on the file, if the VIR_FILE_OP_AS_UID
flag is set, this hook function will be called in the context of a
child process forked from the process that called virFileOperation.
The implication here is that, while all data in memory is available to
this hook function, any modification to that data will not be seen by
the caller - the only indication in memory of what happened in the
hook will be the return value (which the hook should set to 0 on
success, or one of the standard errno values on failure).
Another piece of making the function more flexible was to add an
"openflags" argument. This arg should contain exactly the flags to be
passed to open(2), eg O_RDWR | O_EXCL, etc.
In the process of adding the hook to virFileOperation, I also realized
that the bits to fix up file owner/group/mode settings after creation
were being done in the parent process, which could fail, so I moved
them to the child process where they should be.
* src/util/util.[ch]: rename and rework virFileCreate-->virFileOperation,
and redo flags in virDirCreate
* storage/storage_backend.c, storage/storage_backend_fs.c: update the
calls to virFileOperation/virDirCreate to reflect changes in the API,
but don't yet take advantage of the hook.
2010-02-19 16:43:22 +00:00
|
|
|
goto childerror;
|
|
|
|
|
}
|
|
|
|
|
if ((flags & VIR_DIR_CREATE_FORCE_PERMS)
|
|
|
|
|
&& chmod(path, mode) < 0) {
|
|
|
|
|
virReportSystemError(errno,
|
|
|
|
|
_("cannot set mode of '%s' to %04o"),
|
|
|
|
|
path, mode);
|
|
|
|
|
goto childerror;
|
|
|
|
|
}
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
childerror:
|
|
|
|
|
_exit(ret);
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-09 18:22:22 +00:00
|
|
|
# else /* WIN32 */
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
|
2010-03-17 15:36:08 +00:00
|
|
|
int virFileOperation(const char *path ATTRIBUTE_UNUSED,
|
|
|
|
|
int openflags ATTRIBUTE_UNUSED,
|
|
|
|
|
mode_t mode ATTRIBUTE_UNUSED,
|
|
|
|
|
uid_t uid ATTRIBUTE_UNUSED,
|
|
|
|
|
gid_t gid ATTRIBUTE_UNUSED,
|
|
|
|
|
virFileOperationHook hook ATTRIBUTE_UNUSED,
|
|
|
|
|
void *hookdata ATTRIBUTE_UNUSED,
|
|
|
|
|
unsigned int flags ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virFileOperation is not implemented for WIN32"));
|
|
|
|
|
|
|
|
|
|
return -1;
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
}
|
|
|
|
|
|
2010-03-17 15:36:08 +00:00
|
|
|
int virDirCreate(const char *path ATTRIBUTE_UNUSED,
|
|
|
|
|
mode_t mode ATTRIBUTE_UNUSED,
|
|
|
|
|
uid_t uid ATTRIBUTE_UNUSED,
|
|
|
|
|
gid_t gid ATTRIBUTE_UNUSED,
|
|
|
|
|
unsigned int flags ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("virDirCreate is not implemented for WIN32"));
|
|
|
|
|
|
|
|
|
|
return -1;
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
}
|
2010-03-17 15:36:08 +00:00
|
|
|
# endif /* WIN32 */
|
New utility functions virFileCreate and virDirCreate
These functions create a new file or directory with the given
uid/gid. If the flag VIR_FILE_CREATE_AS_UID is given, they do this by
forking a new process, calling setuid/setgid in the new process, and
then creating the file. This is better than simply calling open then
fchown, because in the latter case, a root-squashing nfs server would
create the new file as user nobody, then refuse to allow fchown.
If VIR_FILE_CREATE_AS_UID is not specified, the simpler tactic of
creating the file/dir, then chowning is is used. This gives better
results in cases where the parent directory isn't on a root-squashing
NFS server, but doesn't give permission for the specified uid/gid to
create files. (Note that if the fork/setuid method fails to create the
file due to access privileges, the parent process will make a second
attempt using this simpler method.)
If the bit VIR_FILE_CREATE_ALLOW_EXIST is set in the flags, an
existing file/directory will not cause an error; in this case, the
function will simply set the permissions of the file/directory to
those requested. If VIR_FILE_CREATE_ALLOW_EXIST is not specified, an
existing file/directory is considered (and reported as) an error.
Return from both of these functions is 0 on success, or the value of
errno if there was a failure.
* src/util/util.[ch]: add the 2 new util functions
2010-01-20 23:33:43 +00:00
|
|
|
|
2010-01-26 13:47:02 +00:00
|
|
|
static int virFileMakePathHelper(char *path) {
|
2007-12-03 14:30:46 +00:00
|
|
|
struct stat st;
|
2010-01-26 13:47:02 +00:00
|
|
|
char *p = NULL;
|
2007-12-03 14:30:46 +00:00
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
if (stat(path, &st) >= 0)
|
|
|
|
|
return 0;
|
|
|
|
|
|
2010-01-26 13:47:02 +00:00
|
|
|
if ((p = strrchr(path, '/')) == NULL)
|
2007-12-03 14:30:46 +00:00
|
|
|
return EINVAL;
|
|
|
|
|
|
2010-01-26 13:47:02 +00:00
|
|
|
if (p != path) {
|
2008-08-28 22:40:50 +00:00
|
|
|
*p = '\0';
|
2010-01-26 13:47:02 +00:00
|
|
|
err = virFileMakePathHelper(path);
|
|
|
|
|
*p = '/';
|
|
|
|
|
if (err != 0)
|
2008-08-28 22:40:50 +00:00
|
|
|
return err;
|
|
|
|
|
}
|
2007-12-03 14:30:46 +00:00
|
|
|
|
2010-01-26 13:47:02 +00:00
|
|
|
if (mkdir(path, 0777) < 0 && errno != EEXIST) {
|
2007-12-03 14:30:46 +00:00
|
|
|
return errno;
|
2010-01-26 13:47:02 +00:00
|
|
|
}
|
2007-12-03 14:30:46 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2010-01-26 13:47:02 +00:00
|
|
|
int virFileMakePath(const char *path)
|
|
|
|
|
{
|
|
|
|
|
struct stat st;
|
|
|
|
|
char *parent = NULL;
|
|
|
|
|
char *p;
|
|
|
|
|
int err = 0;
|
|
|
|
|
|
|
|
|
|
if (stat(path, &st) >= 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((parent = strdup(path)) == NULL) {
|
|
|
|
|
err = ENOMEM;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ((p = strrchr(parent, '/')) == NULL) {
|
|
|
|
|
err = EINVAL;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (p != parent) {
|
|
|
|
|
*p = '\0';
|
|
|
|
|
if ((err = virFileMakePathHelper(parent)) != 0) {
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (mkdir(path, 0777) < 0 && errno != EEXIST) {
|
|
|
|
|
err = errno;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
VIR_FREE(parent);
|
|
|
|
|
return err;
|
|
|
|
|
}
|
|
|
|
|
|
2007-12-03 14:30:46 +00:00
|
|
|
/* Build up a fully qualfiied path for a config file to be
|
|
|
|
|
* associated with a persistent guest or network */
|
|
|
|
|
int virFileBuildPath(const char *dir,
|
|
|
|
|
const char *name,
|
|
|
|
|
const char *ext,
|
|
|
|
|
char *buf,
|
|
|
|
|
unsigned int buflen)
|
|
|
|
|
{
|
|
|
|
|
if ((strlen(dir) + 1 + strlen(name) + (ext ? strlen(ext) : 0) + 1) >= (buflen-1))
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
strcpy(buf, dir);
|
|
|
|
|
strcat(buf, "/");
|
|
|
|
|
strcat(buf, name);
|
|
|
|
|
if (ext)
|
|
|
|
|
strcat(buf, ext);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2008-08-13 10:52:15 +00:00
|
|
|
|
|
|
|
|
int virFileOpenTty(int *ttymaster,
|
|
|
|
|
char **ttyName,
|
|
|
|
|
int rawmode)
|
2009-04-22 14:26:50 +00:00
|
|
|
{
|
|
|
|
|
return virFileOpenTtyAt("/dev/ptmx",
|
|
|
|
|
ttymaster,
|
|
|
|
|
ttyName,
|
|
|
|
|
rawmode);
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-09 18:22:22 +00:00
|
|
|
# ifdef __linux__
|
2009-04-22 14:26:50 +00:00
|
|
|
int virFileOpenTtyAt(const char *ptmx,
|
|
|
|
|
int *ttymaster,
|
|
|
|
|
char **ttyName,
|
|
|
|
|
int rawmode)
|
2008-08-13 10:52:15 +00:00
|
|
|
{
|
|
|
|
|
int rc = -1;
|
|
|
|
|
|
2009-04-22 14:26:50 +00:00
|
|
|
if ((*ttymaster = open(ptmx, O_RDWR|O_NOCTTY|O_NONBLOCK)) < 0)
|
2008-08-13 10:52:15 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (unlockpt(*ttymaster) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (grantpt(*ttymaster) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if (rawmode) {
|
|
|
|
|
struct termios ttyAttr;
|
|
|
|
|
if (tcgetattr(*ttymaster, &ttyAttr) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
cfmakeraw(&ttyAttr);
|
|
|
|
|
|
|
|
|
|
if (tcsetattr(*ttymaster, TCSADRAIN, &ttyAttr) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (ttyName) {
|
|
|
|
|
char tempTtyName[PATH_MAX];
|
|
|
|
|
if (ptsname_r(*ttymaster, tempTtyName, sizeof(tempTtyName)) < 0)
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
|
|
|
|
if ((*ttyName = strdup(tempTtyName)) == NULL) {
|
|
|
|
|
errno = ENOMEM;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rc = 0;
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
if (rc != 0 &&
|
|
|
|
|
*ttymaster != -1) {
|
|
|
|
|
close(*ttymaster);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
|
|
|
|
|
}
|
2010-03-09 18:22:22 +00:00
|
|
|
# else
|
2009-04-22 14:26:50 +00:00
|
|
|
int virFileOpenTtyAt(const char *ptmx ATTRIBUTE_UNUSED,
|
|
|
|
|
int *ttymaster ATTRIBUTE_UNUSED,
|
|
|
|
|
char **ttyName ATTRIBUTE_UNUSED,
|
|
|
|
|
int rawmode ATTRIBUTE_UNUSED)
|
2008-08-13 10:52:15 +00:00
|
|
|
{
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2010-03-09 18:22:22 +00:00
|
|
|
# endif
|
2008-08-13 10:52:15 +00:00
|
|
|
|
2008-12-18 15:22:49 +00:00
|
|
|
char* virFilePid(const char *dir, const char* name)
|
|
|
|
|
{
|
2008-12-23 13:03:29 +00:00
|
|
|
char *pidfile;
|
2009-10-16 10:09:13 +00:00
|
|
|
if (virAsprintf(&pidfile, "%s/%s.pid", dir, name) < 0)
|
|
|
|
|
return NULL;
|
2008-12-18 15:22:49 +00:00
|
|
|
return pidfile;
|
|
|
|
|
}
|
|
|
|
|
|
2008-08-13 10:52:15 +00:00
|
|
|
int virFileWritePid(const char *dir,
|
|
|
|
|
const char *name,
|
|
|
|
|
pid_t pid)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
char *pidfile = NULL;
|
|
|
|
|
|
2009-05-07 07:29:51 +00:00
|
|
|
if (name == NULL || dir == NULL) {
|
|
|
|
|
rc = EINVAL;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2008-08-13 10:52:15 +00:00
|
|
|
if ((rc = virFileMakePath(dir)))
|
|
|
|
|
goto cleanup;
|
|
|
|
|
|
2008-12-18 15:22:49 +00:00
|
|
|
if (!(pidfile = virFilePid(dir, name))) {
|
2008-08-13 10:52:15 +00:00
|
|
|
rc = ENOMEM;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2009-05-11 13:50:38 +00:00
|
|
|
rc = virFileWritePidPath(pidfile, pid);
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
VIR_FREE(pidfile);
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int virFileWritePidPath(const char *pidfile,
|
|
|
|
|
pid_t pid)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
int fd;
|
|
|
|
|
FILE *file = NULL;
|
|
|
|
|
|
2008-08-13 10:52:15 +00:00
|
|
|
if ((fd = open(pidfile,
|
|
|
|
|
O_WRONLY | O_CREAT | O_TRUNC,
|
|
|
|
|
S_IRUSR | S_IWUSR)) < 0) {
|
|
|
|
|
rc = errno;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(file = fdopen(fd, "w"))) {
|
|
|
|
|
rc = errno;
|
|
|
|
|
close(fd);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (fprintf(file, "%d", pid) < 0) {
|
|
|
|
|
rc = errno;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rc = 0;
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
if (file &&
|
|
|
|
|
fclose(file) < 0) {
|
|
|
|
|
rc = errno;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int virFileReadPid(const char *dir,
|
|
|
|
|
const char *name,
|
|
|
|
|
pid_t *pid)
|
|
|
|
|
{
|
|
|
|
|
int rc;
|
|
|
|
|
FILE *file;
|
|
|
|
|
char *pidfile = NULL;
|
|
|
|
|
*pid = 0;
|
2008-12-18 15:22:49 +00:00
|
|
|
|
2009-05-07 07:29:51 +00:00
|
|
|
if (name == NULL || dir == NULL) {
|
|
|
|
|
rc = EINVAL;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2008-12-18 15:22:49 +00:00
|
|
|
if (!(pidfile = virFilePid(dir, name))) {
|
2008-08-13 10:52:15 +00:00
|
|
|
rc = ENOMEM;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!(file = fopen(pidfile, "r"))) {
|
|
|
|
|
rc = errno;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (fscanf(file, "%d", pid) != 1) {
|
|
|
|
|
rc = EINVAL;
|
2009-03-16 10:41:37 +00:00
|
|
|
fclose(file);
|
2008-08-13 10:52:15 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (fclose(file) < 0) {
|
|
|
|
|
rc = errno;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
rc = 0;
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
VIR_FREE(pidfile);
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int virFileDeletePid(const char *dir,
|
|
|
|
|
const char *name)
|
|
|
|
|
{
|
|
|
|
|
int rc = 0;
|
|
|
|
|
char *pidfile = NULL;
|
|
|
|
|
|
2009-05-07 07:29:51 +00:00
|
|
|
if (name == NULL || dir == NULL) {
|
|
|
|
|
rc = EINVAL;
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
2008-12-18 15:22:49 +00:00
|
|
|
if (!(pidfile = virFilePid(dir, name))) {
|
|
|
|
|
rc = ENOMEM;
|
2008-08-13 10:52:15 +00:00
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (unlink(pidfile) < 0 && errno != ENOENT)
|
|
|
|
|
rc = errno;
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
VIR_FREE(pidfile);
|
|
|
|
|
return rc;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-29 17:02:00 +00:00
|
|
|
#endif /* PROXY */
|
2008-08-13 10:52:15 +00:00
|
|
|
|
2009-10-08 14:55:58 +00:00
|
|
|
/*
|
|
|
|
|
* Creates an absolute path for a potentialy realtive path.
|
|
|
|
|
* Return 0 if the path was not relative, or on success.
|
|
|
|
|
* Return -1 on error.
|
|
|
|
|
*
|
|
|
|
|
* You must free the result.
|
|
|
|
|
*/
|
|
|
|
|
int virFileAbsPath(const char *path, char **abspath)
|
|
|
|
|
{
|
|
|
|
|
char *buf;
|
|
|
|
|
int cwdlen;
|
|
|
|
|
|
|
|
|
|
if (path[0] == '/') {
|
|
|
|
|
buf = strdup(path);
|
|
|
|
|
if (buf == NULL)
|
|
|
|
|
return(-1);
|
|
|
|
|
} else {
|
|
|
|
|
buf = getcwd(NULL, 0);
|
|
|
|
|
if (buf == NULL)
|
|
|
|
|
return(-1);
|
|
|
|
|
|
|
|
|
|
cwdlen = strlen(buf);
|
|
|
|
|
/* cwdlen includes the null terminator */
|
|
|
|
|
if (VIR_REALLOC_N(buf, cwdlen + strlen(path) + 1) < 0) {
|
|
|
|
|
VIR_FREE(buf);
|
|
|
|
|
errno = ENOMEM;
|
|
|
|
|
return(-1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
buf[cwdlen] = '/';
|
|
|
|
|
strcpy(&buf[cwdlen + 1], path);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*abspath = buf;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2008-08-13 10:52:15 +00:00
|
|
|
|
2008-02-08 09:15:16 +00:00
|
|
|
/* Like strtol, but produce an "int" result, and check more carefully.
|
|
|
|
|
Return 0 upon success; return -1 to indicate failure.
|
|
|
|
|
When END_PTR is NULL, the byte after the final valid digit must be NUL.
|
|
|
|
|
Otherwise, it's like strtol and lets the caller check any suffix for
|
|
|
|
|
validity. This function is careful to return -1 when the string S
|
|
|
|
|
represents a number that is not representable as an "int". */
|
|
|
|
|
int
|
2008-11-17 11:03:25 +00:00
|
|
|
virStrToLong_i(char const *s, char **end_ptr, int base, int *result)
|
2008-02-08 09:15:16 +00:00
|
|
|
{
|
|
|
|
|
long int val;
|
|
|
|
|
char *p;
|
|
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
|
val = strtol(s, &p, base);
|
|
|
|
|
err = (errno || (!end_ptr && *p) || p == s || (int) val != val);
|
|
|
|
|
if (end_ptr)
|
|
|
|
|
*end_ptr = p;
|
|
|
|
|
if (err)
|
|
|
|
|
return -1;
|
|
|
|
|
*result = val;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Just like virStrToLong_i, above, but produce an "unsigned int" value. */
|
|
|
|
|
int
|
|
|
|
|
virStrToLong_ui(char const *s, char **end_ptr, int base, unsigned int *result)
|
|
|
|
|
{
|
|
|
|
|
unsigned long int val;
|
|
|
|
|
char *p;
|
|
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
|
val = strtoul(s, &p, base);
|
|
|
|
|
err = (errno || (!end_ptr && *p) || p == s || (unsigned int) val != val);
|
|
|
|
|
if (end_ptr)
|
|
|
|
|
*end_ptr = p;
|
|
|
|
|
if (err)
|
|
|
|
|
return -1;
|
|
|
|
|
*result = val;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Just like virStrToLong_i, above, but produce an "long long" value. */
|
|
|
|
|
int
|
|
|
|
|
virStrToLong_ll(char const *s, char **end_ptr, int base, long long *result)
|
|
|
|
|
{
|
|
|
|
|
long long val;
|
|
|
|
|
char *p;
|
|
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
|
val = strtoll(s, &p, base);
|
|
|
|
|
err = (errno || (!end_ptr && *p) || p == s || (long long) val != val);
|
|
|
|
|
if (end_ptr)
|
|
|
|
|
*end_ptr = p;
|
|
|
|
|
if (err)
|
|
|
|
|
return -1;
|
|
|
|
|
*result = val;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Just like virStrToLong_i, above, but produce an "unsigned long long" value. */
|
|
|
|
|
int
|
2008-11-17 11:03:25 +00:00
|
|
|
virStrToLong_ull(char const *s, char **end_ptr, int base, unsigned long long *result)
|
2008-02-08 09:15:16 +00:00
|
|
|
{
|
|
|
|
|
unsigned long long val;
|
|
|
|
|
char *p;
|
|
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
|
val = strtoull(s, &p, base);
|
|
|
|
|
err = (errno || (!end_ptr && *p) || p == s || (unsigned long long) val != val);
|
|
|
|
|
if (end_ptr)
|
|
|
|
|
*end_ptr = p;
|
|
|
|
|
if (err)
|
|
|
|
|
return -1;
|
|
|
|
|
*result = val;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2008-02-27 04:35:08 +00:00
|
|
|
|
2009-07-09 13:11:21 +00:00
|
|
|
int
|
|
|
|
|
virStrToDouble(char const *s,
|
|
|
|
|
char **end_ptr,
|
|
|
|
|
double *result)
|
|
|
|
|
{
|
|
|
|
|
double val;
|
|
|
|
|
char *p;
|
|
|
|
|
int err;
|
|
|
|
|
|
|
|
|
|
errno = 0;
|
|
|
|
|
val = strtod(s, &p);
|
|
|
|
|
err = (errno || (!end_ptr && *p) || p == s);
|
|
|
|
|
if (end_ptr)
|
|
|
|
|
*end_ptr = p;
|
|
|
|
|
if (err)
|
|
|
|
|
return -1;
|
|
|
|
|
*result = val;
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2008-02-27 04:35:08 +00:00
|
|
|
/**
|
|
|
|
|
* virSkipSpaces:
|
|
|
|
|
* @str: pointer to the char pointer used
|
|
|
|
|
*
|
|
|
|
|
* Skip potential blanks, this includes space tabs, line feed,
|
|
|
|
|
* carriage returns and also '\\' which can be erronously emitted
|
|
|
|
|
* by xend
|
|
|
|
|
*/
|
|
|
|
|
void
|
|
|
|
|
virSkipSpaces(const char **str)
|
|
|
|
|
{
|
|
|
|
|
const char *cur = *str;
|
|
|
|
|
|
|
|
|
|
while ((*cur == ' ') || (*cur == '\t') || (*cur == '\n') ||
|
|
|
|
|
(*cur == '\r') || (*cur == '\\'))
|
|
|
|
|
cur++;
|
|
|
|
|
*str = cur;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* virParseNumber:
|
|
|
|
|
* @str: pointer to the char pointer used
|
|
|
|
|
*
|
|
|
|
|
* Parse an unsigned number
|
|
|
|
|
*
|
|
|
|
|
* Returns the unsigned number or -1 in case of error. @str will be
|
|
|
|
|
* updated to skip the number.
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
virParseNumber(const char **str)
|
|
|
|
|
{
|
|
|
|
|
int ret = 0;
|
|
|
|
|
const char *cur = *str;
|
|
|
|
|
|
|
|
|
|
if ((*cur < '0') || (*cur > '9'))
|
|
|
|
|
return (-1);
|
|
|
|
|
|
start using c-ctype functions
Up to now, we've been avoiding ctype functions like isspace, isdigit,
etc. because they are locale-dependent. Now that we have the c-ctype
functions, we can start using *them*, to make the code more readable
with changes like these:
- /* This may not work on EBCDIC. */
- if ((*p >= 'a' && *p <= 'z') ||
- (*p >= 'A' && *p <= 'Z') ||
- (*p >= '0' && *p <= '9'))
+ if (c_isalnum(*p))
- while ((*cur >= '0') && (*cur <= '9')) {
+ while (c_isdigit(*cur)) {
Also, some macros in conf.c used names that conflicted with
standard meaning of "BLANK" and "SPACE", so I've adjusted them
to be in line with the definition of e.g., isblank.
In addition, I've wrapped those statement macros with do {...} while (0),
so that we can't forget the ";" after a use. There was one like that
already (fixed below). The missing semicolon would mess up automatic
indenting.
* src/buf.c (virBufferURIEncodeString):
* src/conf.c (IS_EOL, SKIP_BLANKS_AND_EOL, SKIP_BLANKS)
(virConfParseLong, virConfParseValue, virConfParseName)
(virConfParseSeparator, virConfParseStatement, IS_BLANK, IS_CHAR)
(IS_DIGIT, IS_SPACE, SKIP_SPACES):
* src/nodeinfo.c:
* src/qemu_conf.c (qemudParseInterfaceXML):
* src/qemu_driver.c (qemudDomainBlockStats):
* src/sexpr.c:
* src/stats_linux.c:
* src/util.c (virParseNumber, virDiskNameToIndex):
* src/uuid.c (hextobin, virUUIDParse):
* src/virsh.c:
* src/xml.c (parseCpuNumber, virParseCpuSet):
2008-05-16 09:37:44 +00:00
|
|
|
while (c_isdigit(*cur)) {
|
2008-02-27 04:35:08 +00:00
|
|
|
unsigned int c = *cur - '0';
|
|
|
|
|
|
|
|
|
|
if ((ret > INT_MAX / 10) ||
|
|
|
|
|
((ret == INT_MAX / 10) && (c > INT_MAX % 10)))
|
|
|
|
|
return (-1);
|
|
|
|
|
ret = ret * 10 + c;
|
|
|
|
|
cur++;
|
|
|
|
|
}
|
|
|
|
|
*str = cur;
|
|
|
|
|
return (ret);
|
|
|
|
|
}
|
2008-02-08 09:15:16 +00:00
|
|
|
|
2010-03-30 14:15:13 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* virParseVersionString:
|
|
|
|
|
* @str: const char pointer to the version string
|
|
|
|
|
* @version: unsigned long pointer to output the version number
|
|
|
|
|
*
|
|
|
|
|
* Parse an unsigned version number from a version string. Expecting
|
|
|
|
|
* 'major.minor.micro' format, ignoring an optional suffix.
|
|
|
|
|
*
|
|
|
|
|
* The major, minor and micro numbers are encoded into a single version number:
|
|
|
|
|
*
|
|
|
|
|
* 1000000 * major + 1000 * minor + micro
|
|
|
|
|
*
|
|
|
|
|
* Returns the 0 for success, -1 for error.
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
virParseVersionString(const char *str, unsigned long *version)
|
|
|
|
|
{
|
|
|
|
|
unsigned int major, minor, micro;
|
|
|
|
|
char *tmp;
|
|
|
|
|
|
|
|
|
|
if (virStrToLong_ui(str, &tmp, 10, &major) < 0 || *tmp != '.')
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
if (virStrToLong_ui(tmp + 1, &tmp, 10, &minor) < 0 || *tmp != '.')
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
if (virStrToLong_ui(tmp + 1, &tmp, 10, µ) < 0)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
*version = 1000000 * major + 1000 * minor + micro;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2008-12-15 20:09:29 +00:00
|
|
|
/**
|
|
|
|
|
* virAsprintf
|
|
|
|
|
*
|
2008-12-23 13:03:29 +00:00
|
|
|
* like glibc's_asprintf but makes sure *strp == NULL on failure
|
2008-12-15 20:09:29 +00:00
|
|
|
*/
|
2008-12-17 17:22:43 +00:00
|
|
|
int
|
2008-12-15 20:09:29 +00:00
|
|
|
virAsprintf(char **strp, const char *fmt, ...)
|
|
|
|
|
{
|
|
|
|
|
va_list ap;
|
|
|
|
|
int ret;
|
|
|
|
|
|
|
|
|
|
va_start(ap, fmt);
|
|
|
|
|
|
|
|
|
|
if ((ret = vasprintf(strp, fmt, ap)) == -1)
|
|
|
|
|
*strp = NULL;
|
|
|
|
|
|
|
|
|
|
va_end(ap);
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
2009-08-03 12:37:44 +00:00
|
|
|
/**
|
|
|
|
|
* virStrncpy
|
|
|
|
|
*
|
|
|
|
|
* A safe version of strncpy. The last parameter is the number of bytes
|
|
|
|
|
* available in the destination string, *not* the number of bytes you want
|
|
|
|
|
* to copy. If the destination is not large enough to hold all n of the
|
|
|
|
|
* src string bytes plus a \0, NULL is returned and no data is copied.
|
|
|
|
|
* If the destination is large enough to hold the n bytes plus \0, then the
|
|
|
|
|
* string is copied and a pointer to the destination string is returned.
|
|
|
|
|
*/
|
|
|
|
|
char *
|
|
|
|
|
virStrncpy(char *dest, const char *src, size_t n, size_t destbytes)
|
|
|
|
|
{
|
|
|
|
|
char *ret;
|
|
|
|
|
|
|
|
|
|
if (n > (destbytes - 1))
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
ret = strncpy(dest, src, n);
|
|
|
|
|
/* strncpy NULL terminates iff the last character is \0. Therefore
|
|
|
|
|
* force the last byte to be \0
|
|
|
|
|
*/
|
|
|
|
|
dest[n] = '\0';
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* virStrcpy
|
|
|
|
|
*
|
|
|
|
|
* A safe version of strcpy. The last parameter is the number of bytes
|
|
|
|
|
* available in the destination string, *not* the number of bytes you want
|
|
|
|
|
* to copy. If the destination is not large enough to hold all n of the
|
|
|
|
|
* src string bytes plus a \0, NULL is returned and no data is copied.
|
|
|
|
|
* If the destination is large enough to hold the source plus \0, then the
|
|
|
|
|
* string is copied and a pointer to the destination string is returned.
|
|
|
|
|
*/
|
|
|
|
|
char *
|
|
|
|
|
virStrcpy(char *dest, const char *src, size_t destbytes)
|
|
|
|
|
{
|
|
|
|
|
return virStrncpy(dest, src, strlen(src), destbytes);
|
|
|
|
|
}
|
|
|
|
|
|
2008-03-03 20:39:52 +00:00
|
|
|
/* Compare two MAC addresses, ignoring differences in case,
|
|
|
|
|
* as well as leading zeros.
|
2008-02-27 16:14:44 +00:00
|
|
|
*/
|
|
|
|
|
int
|
2008-11-17 11:03:25 +00:00
|
|
|
virMacAddrCompare (const char *p, const char *q)
|
2008-02-27 16:14:44 +00:00
|
|
|
{
|
2008-03-03 20:39:52 +00:00
|
|
|
unsigned char c, d;
|
|
|
|
|
do {
|
2008-05-09 13:50:14 +00:00
|
|
|
while (*p == '0' && c_isxdigit (p[1]))
|
2008-03-03 20:39:52 +00:00
|
|
|
++p;
|
2008-05-09 13:50:14 +00:00
|
|
|
while (*q == '0' && c_isxdigit (q[1]))
|
2008-03-03 20:39:52 +00:00
|
|
|
++q;
|
2008-05-09 13:50:14 +00:00
|
|
|
c = c_tolower (*p);
|
|
|
|
|
d = c_tolower (*q);
|
2008-03-03 20:39:52 +00:00
|
|
|
|
|
|
|
|
if (c == 0 || d == 0)
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
++p;
|
|
|
|
|
++q;
|
|
|
|
|
} while (c == d);
|
|
|
|
|
|
|
|
|
|
if (UCHAR_MAX <= INT_MAX)
|
|
|
|
|
return c - d;
|
|
|
|
|
|
|
|
|
|
/* On machines where 'char' and 'int' are types of the same size, the
|
|
|
|
|
difference of two 'unsigned char' values - including the sign bit -
|
|
|
|
|
doesn't fit in an 'int'. */
|
|
|
|
|
return (c > d ? 1 : c < d ? -1 : 0);
|
2008-02-27 16:14:44 +00:00
|
|
|
}
|
|
|
|
|
|
2008-03-20 11:24:30 +00:00
|
|
|
/**
|
|
|
|
|
* virParseMacAddr:
|
|
|
|
|
* @str: string representation of MAC address, e.g., "0:1E:FC:E:3a:CB"
|
|
|
|
|
* @addr: 6-byte MAC address
|
|
|
|
|
*
|
|
|
|
|
* Parse a MAC address
|
|
|
|
|
*
|
|
|
|
|
* Return 0 upon success, or -1 in case of error.
|
|
|
|
|
*/
|
|
|
|
|
int
|
|
|
|
|
virParseMacAddr(const char* str, unsigned char *addr)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
errno = 0;
|
2008-10-24 11:20:08 +00:00
|
|
|
for (i = 0; i < VIR_MAC_BUFLEN; i++) {
|
2008-03-20 11:24:30 +00:00
|
|
|
char *end_ptr;
|
|
|
|
|
unsigned long result;
|
|
|
|
|
|
|
|
|
|
/* This is solely to avoid accepting the leading
|
|
|
|
|
* space or "+" that strtoul would otherwise accept.
|
|
|
|
|
*/
|
2008-05-09 13:50:14 +00:00
|
|
|
if (!c_isxdigit(*str))
|
2008-03-20 11:24:30 +00:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
result = strtoul(str, &end_ptr, 16);
|
|
|
|
|
|
|
|
|
|
if ((end_ptr - str) < 1 || 2 < (end_ptr - str) ||
|
|
|
|
|
(errno != 0) ||
|
|
|
|
|
(0xFF < result))
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
addr[i] = (unsigned char) result;
|
|
|
|
|
|
2008-04-10 16:54:54 +00:00
|
|
|
if ((i == 5) && (*end_ptr == '\0'))
|
|
|
|
|
return 0;
|
|
|
|
|
if (*end_ptr != ':')
|
|
|
|
|
break;
|
2008-03-20 11:24:30 +00:00
|
|
|
|
|
|
|
|
str = end_ptr + 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
2008-05-09 16:41:19 +00:00
|
|
|
|
2008-10-24 11:20:08 +00:00
|
|
|
void virFormatMacAddr(const unsigned char *addr,
|
|
|
|
|
char *str)
|
|
|
|
|
{
|
|
|
|
|
snprintf(str, VIR_MAC_STRING_BUFLEN,
|
|
|
|
|
"%02X:%02X:%02X:%02X:%02X:%02X",
|
|
|
|
|
addr[0], addr[1], addr[2],
|
|
|
|
|
addr[3], addr[4], addr[5]);
|
|
|
|
|
str[VIR_MAC_STRING_BUFLEN-1] = '\0';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void virGenerateMacAddr(const unsigned char *prefix,
|
|
|
|
|
unsigned char *addr)
|
|
|
|
|
{
|
|
|
|
|
addr[0] = prefix[0];
|
|
|
|
|
addr[1] = prefix[1];
|
|
|
|
|
addr[2] = prefix[2];
|
2009-01-22 20:27:01 +00:00
|
|
|
addr[3] = virRandom(256);
|
|
|
|
|
addr[4] = virRandom(256);
|
|
|
|
|
addr[5] = virRandom(256);
|
2008-10-24 11:20:08 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2008-06-24 15:00:15 +00:00
|
|
|
int virEnumFromString(const char *const*types,
|
|
|
|
|
unsigned int ntypes,
|
|
|
|
|
const char *type)
|
|
|
|
|
{
|
|
|
|
|
unsigned int i;
|
2009-06-22 16:37:52 +00:00
|
|
|
if (!type)
|
|
|
|
|
return -1;
|
|
|
|
|
|
2008-06-24 15:00:15 +00:00
|
|
|
for (i = 0 ; i < ntypes ; i++)
|
|
|
|
|
if (STREQ(types[i], type))
|
|
|
|
|
return i;
|
|
|
|
|
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const char *virEnumToString(const char *const*types,
|
|
|
|
|
unsigned int ntypes,
|
|
|
|
|
int type)
|
|
|
|
|
{
|
|
|
|
|
if (type < 0 || type >= ntypes)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
return types[type];
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-19 17:26:09 +00:00
|
|
|
/* Translates a device name of the form (regex) /^[fhv]d[a-z]+[0-9]*$/
|
|
|
|
|
* into the corresponding index (e.g. sda => 0, hdz => 25, vdaa => 26)
|
|
|
|
|
* Note that any trailing string of digits is simply ignored.
|
2008-05-09 16:41:19 +00:00
|
|
|
* @param name The name of the device
|
|
|
|
|
* @return name's index, or -1 on failure
|
|
|
|
|
*/
|
|
|
|
|
int virDiskNameToIndex(const char *name) {
|
|
|
|
|
const char *ptr = NULL;
|
|
|
|
|
int idx = 0;
|
2008-05-15 16:05:41 +00:00
|
|
|
static char const* const drive_prefix[] = {"fd", "hd", "vd", "sd", "xvd"};
|
|
|
|
|
unsigned int i;
|
2008-05-09 16:41:19 +00:00
|
|
|
|
2008-05-15 16:05:41 +00:00
|
|
|
for (i = 0; i < ARRAY_CARDINALITY(drive_prefix); i++) {
|
|
|
|
|
if (STRPREFIX(name, drive_prefix[i])) {
|
|
|
|
|
ptr = name + strlen(drive_prefix[i]);
|
2008-05-09 16:41:19 +00:00
|
|
|
break;
|
2008-05-15 16:05:41 +00:00
|
|
|
}
|
2008-05-09 16:41:19 +00:00
|
|
|
}
|
|
|
|
|
|
2008-05-15 16:05:41 +00:00
|
|
|
if (!ptr)
|
2008-05-09 16:41:19 +00:00
|
|
|
return -1;
|
|
|
|
|
|
2008-10-10 08:37:35 +00:00
|
|
|
for (i = 0; *ptr; i++) {
|
2009-12-03 16:17:40 +00:00
|
|
|
idx = (idx + (i < 1 ? 0 : 1)) * 26;
|
2008-05-09 16:41:19 +00:00
|
|
|
|
start using c-ctype functions
Up to now, we've been avoiding ctype functions like isspace, isdigit,
etc. because they are locale-dependent. Now that we have the c-ctype
functions, we can start using *them*, to make the code more readable
with changes like these:
- /* This may not work on EBCDIC. */
- if ((*p >= 'a' && *p <= 'z') ||
- (*p >= 'A' && *p <= 'Z') ||
- (*p >= '0' && *p <= '9'))
+ if (c_isalnum(*p))
- while ((*cur >= '0') && (*cur <= '9')) {
+ while (c_isdigit(*cur)) {
Also, some macros in conf.c used names that conflicted with
standard meaning of "BLANK" and "SPACE", so I've adjusted them
to be in line with the definition of e.g., isblank.
In addition, I've wrapped those statement macros with do {...} while (0),
so that we can't forget the ";" after a use. There was one like that
already (fixed below). The missing semicolon would mess up automatic
indenting.
* src/buf.c (virBufferURIEncodeString):
* src/conf.c (IS_EOL, SKIP_BLANKS_AND_EOL, SKIP_BLANKS)
(virConfParseLong, virConfParseValue, virConfParseName)
(virConfParseSeparator, virConfParseStatement, IS_BLANK, IS_CHAR)
(IS_DIGIT, IS_SPACE, SKIP_SPACES):
* src/nodeinfo.c:
* src/qemu_conf.c (qemudParseInterfaceXML):
* src/qemu_driver.c (qemudDomainBlockStats):
* src/sexpr.c:
* src/stats_linux.c:
* src/util.c (virParseNumber, virDiskNameToIndex):
* src/uuid.c (hextobin, virUUIDParse):
* src/virsh.c:
* src/xml.c (parseCpuNumber, virParseCpuSet):
2008-05-16 09:37:44 +00:00
|
|
|
if (!c_islower(*ptr))
|
2010-03-19 17:26:09 +00:00
|
|
|
break;
|
2008-05-09 16:41:19 +00:00
|
|
|
|
|
|
|
|
idx += *ptr - 'a';
|
|
|
|
|
ptr++;
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-19 17:26:09 +00:00
|
|
|
/* Count the trailing digits. */
|
|
|
|
|
size_t n_digits = strspn(ptr, "0123456789");
|
|
|
|
|
if (ptr[n_digits] != '\0')
|
|
|
|
|
return -1;
|
|
|
|
|
|
2008-05-09 16:41:19 +00:00
|
|
|
return idx;
|
|
|
|
|
}
|
2009-01-06 17:46:46 +00:00
|
|
|
|
2009-12-03 16:17:40 +00:00
|
|
|
char *virIndexToDiskName(int idx, const char *prefix)
|
|
|
|
|
{
|
|
|
|
|
char *name = NULL;
|
|
|
|
|
int i, k, offset;
|
|
|
|
|
|
|
|
|
|
if (idx < 0) {
|
2010-02-04 22:41:52 +00:00
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("Disk index %d is negative"), idx);
|
2009-12-03 16:17:40 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (i = 0, k = idx; k >= 0; ++i, k = k / 26 - 1) { }
|
|
|
|
|
|
|
|
|
|
offset = strlen(prefix);
|
|
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(name, offset + i + 1)) {
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2009-12-03 16:17:40 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
strcpy(name, prefix);
|
|
|
|
|
name[offset + i] = '\0';
|
|
|
|
|
|
|
|
|
|
for (i = i - 1, k = idx; k >= 0; --i, k = k / 26 - 1) {
|
|
|
|
|
name[offset + i] = 'a' + (k % 26);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return name;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-07 10:43:16 +00:00
|
|
|
#ifndef AI_CANONIDN
|
2010-03-09 18:22:22 +00:00
|
|
|
# define AI_CANONIDN 0
|
2009-01-07 10:43:16 +00:00
|
|
|
#endif
|
|
|
|
|
|
2010-02-19 15:15:21 +00:00
|
|
|
char *virGetHostnameLocalhost(int allow_localhost)
|
2009-01-07 10:43:16 +00:00
|
|
|
{
|
|
|
|
|
int r;
|
|
|
|
|
char hostname[HOST_NAME_MAX+1], *result;
|
2010-02-19 15:15:21 +00:00
|
|
|
struct addrinfo hints, *info, *res;
|
2009-01-07 10:43:16 +00:00
|
|
|
|
|
|
|
|
r = gethostname (hostname, sizeof(hostname));
|
2009-10-23 17:01:22 +00:00
|
|
|
if (r == -1) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
|
|
|
|
"%s", _("failed to determine host name"));
|
2009-01-07 10:43:16 +00:00
|
|
|
return NULL;
|
2009-10-23 17:01:22 +00:00
|
|
|
}
|
2009-01-07 10:43:16 +00:00
|
|
|
NUL_TERMINATE(hostname);
|
|
|
|
|
|
|
|
|
|
memset(&hints, 0, sizeof(hints));
|
|
|
|
|
hints.ai_flags = AI_CANONNAME|AI_CANONIDN;
|
|
|
|
|
hints.ai_family = AF_UNSPEC;
|
|
|
|
|
r = getaddrinfo(hostname, NULL, &hints, &info);
|
2009-10-23 17:01:22 +00:00
|
|
|
if (r != 0) {
|
2010-02-04 22:41:52 +00:00
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
_("getaddrinfo failed for '%s': %s"),
|
|
|
|
|
hostname, gai_strerror(r));
|
2009-01-07 10:43:16 +00:00
|
|
|
return NULL;
|
2009-10-23 17:01:22 +00:00
|
|
|
}
|
2010-02-19 15:15:21 +00:00
|
|
|
|
2010-04-07 15:23:24 +00:00
|
|
|
/* Tell static analyzers about getaddrinfo semantics. */
|
|
|
|
|
sa_assert (info);
|
|
|
|
|
|
2010-02-19 15:15:21 +00:00
|
|
|
/* if we aren't allowing localhost, then we iterate through the
|
|
|
|
|
* list and make sure none of the IPv4 addresses are 127.0.0.1 and
|
|
|
|
|
* that none of the IPv6 addresses are ::1
|
|
|
|
|
*/
|
|
|
|
|
if (!allow_localhost) {
|
|
|
|
|
res = info;
|
|
|
|
|
while (res) {
|
|
|
|
|
if (res->ai_family == AF_INET) {
|
|
|
|
|
if (htonl(((struct sockaddr_in *)res->ai_addr)->sin_addr.s_addr) == INADDR_LOOPBACK) {
|
|
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
|
|
_("canonical hostname pointed to localhost, but this is not allowed"));
|
|
|
|
|
freeaddrinfo(info);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else if (res->ai_family == AF_INET6) {
|
|
|
|
|
if (IN6_IS_ADDR_LOOPBACK(&((struct sockaddr_in6 *)res->ai_addr)->sin6_addr)) {
|
|
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR, "%s",
|
|
|
|
|
_("canonical hostname pointed to localhost, but this is not allowed"));
|
|
|
|
|
freeaddrinfo(info);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
res = res->ai_next;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-07 10:43:16 +00:00
|
|
|
if (info->ai_canonname == NULL) {
|
2010-02-04 22:41:52 +00:00
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
|
|
|
|
"%s", _("could not determine canonical host name"));
|
2009-01-07 10:43:16 +00:00
|
|
|
freeaddrinfo(info);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Caller frees this string. */
|
|
|
|
|
result = strdup (info->ai_canonname);
|
2009-10-23 17:01:22 +00:00
|
|
|
if (!result)
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2009-10-23 17:01:22 +00:00
|
|
|
|
2009-01-07 10:43:16 +00:00
|
|
|
freeaddrinfo(info);
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
2010-02-19 15:15:21 +00:00
|
|
|
char *virGetHostname(virConnectPtr conn ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
return virGetHostnameLocalhost(1);
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-06 17:46:46 +00:00
|
|
|
/* send signal to a single process */
|
|
|
|
|
int virKillProcess(pid_t pid, int sig)
|
|
|
|
|
{
|
2009-06-03 10:55:33 +00:00
|
|
|
if (pid <= 1) {
|
2009-01-06 17:46:46 +00:00
|
|
|
errno = ESRCH;
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-15 19:40:21 +00:00
|
|
|
#ifdef WIN32
|
|
|
|
|
/* Mingw / Windows don't have many signals (AFAIK) */
|
|
|
|
|
switch (sig) {
|
|
|
|
|
case SIGINT:
|
|
|
|
|
/* This does a Ctrl+C equiv */
|
|
|
|
|
if (!GenerateConsoleCtrlEvent(CTRL_C_EVENT, pid)) {
|
|
|
|
|
errno = ESRCH;
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case SIGTERM:
|
|
|
|
|
/* Since TerminateProcess is closer to SIG_KILL, we do
|
|
|
|
|
* a Ctrl+Break equiv which is more pleasant like the
|
|
|
|
|
* good old unix SIGTERM/HUP
|
|
|
|
|
*/
|
|
|
|
|
if (!GenerateConsoleCtrlEvent(CTRL_BREAK_EVENT, pid)) {
|
|
|
|
|
errno = ESRCH;
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
{
|
|
|
|
|
HANDLE proc;
|
|
|
|
|
proc = OpenProcess(PROCESS_TERMINATE, FALSE, pid);
|
|
|
|
|
if (!proc) {
|
|
|
|
|
errno = ESRCH; /* Not entirely accurate, but close enough */
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* TerminateProcess is more or less equiv to SIG_KILL, in that
|
|
|
|
|
* a process can't trap / block it
|
|
|
|
|
*/
|
|
|
|
|
if (!TerminateProcess(proc, sig)) {
|
|
|
|
|
errno = ESRCH;
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
CloseHandle(proc);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return 0;
|
|
|
|
|
#else
|
2009-01-06 17:46:46 +00:00
|
|
|
return kill(pid, sig);
|
2009-01-15 19:40:21 +00:00
|
|
|
#endif
|
2009-01-06 17:46:46 +00:00
|
|
|
}
|
2009-01-22 19:41:48 +00:00
|
|
|
|
|
|
|
|
|
2009-01-22 20:27:01 +00:00
|
|
|
static char randomState[128];
|
|
|
|
|
static struct random_data randomData;
|
|
|
|
|
static virMutex randomLock;
|
|
|
|
|
|
|
|
|
|
int virRandomInitialize(unsigned int seed)
|
|
|
|
|
{
|
|
|
|
|
if (virMutexInit(&randomLock) < 0)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
if (initstate_r(seed,
|
|
|
|
|
randomState,
|
|
|
|
|
sizeof(randomState),
|
|
|
|
|
&randomData) < 0)
|
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int virRandom(int max)
|
|
|
|
|
{
|
|
|
|
|
int32_t ret;
|
|
|
|
|
|
|
|
|
|
virMutexLock(&randomLock);
|
|
|
|
|
random_r(&randomData, &ret);
|
|
|
|
|
virMutexUnlock(&randomLock);
|
|
|
|
|
|
|
|
|
|
return (int) ((double)max * ((double)ret / (double)RAND_MAX));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2009-01-22 19:41:48 +00:00
|
|
|
#ifdef HAVE_GETPWUID_R
|
2009-07-10 10:40:04 +00:00
|
|
|
enum {
|
|
|
|
|
VIR_USER_ENT_DIRECTORY,
|
|
|
|
|
VIR_USER_ENT_NAME,
|
|
|
|
|
};
|
|
|
|
|
|
2010-02-04 20:02:58 +00:00
|
|
|
static char *virGetUserEnt(uid_t uid,
|
2009-07-10 10:40:04 +00:00
|
|
|
int field)
|
2009-01-22 19:41:48 +00:00
|
|
|
{
|
|
|
|
|
char *strbuf;
|
|
|
|
|
char *ret;
|
|
|
|
|
struct passwd pwbuf;
|
2009-01-30 15:43:05 +00:00
|
|
|
struct passwd *pw = NULL;
|
2010-01-28 12:37:05 +00:00
|
|
|
long val = sysconf(_SC_GETPW_R_SIZE_MAX);
|
|
|
|
|
size_t strbuflen = val;
|
|
|
|
|
|
|
|
|
|
if (val < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, "%s", _("sysconf failed"));
|
2010-01-28 12:37:05 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
2009-01-22 19:41:48 +00:00
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(strbuf, strbuflen) < 0) {
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2009-01-22 19:41:48 +00:00
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2009-01-30 15:43:05 +00:00
|
|
|
/*
|
|
|
|
|
* From the manpage (terrifying but true):
|
|
|
|
|
*
|
|
|
|
|
* ERRORS
|
|
|
|
|
* 0 or ENOENT or ESRCH or EBADF or EPERM or ...
|
|
|
|
|
* The given name or uid was not found.
|
|
|
|
|
*/
|
|
|
|
|
if (getpwuid_r(uid, &pwbuf, strbuf, strbuflen, &pw) != 0 || pw == NULL) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2010-04-29 03:36:03 +00:00
|
|
|
_("Failed to find user record for uid '%u'"),
|
|
|
|
|
(unsigned int) uid);
|
2009-01-22 19:41:48 +00:00
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2009-07-10 10:40:04 +00:00
|
|
|
if (field == VIR_USER_ENT_DIRECTORY)
|
|
|
|
|
ret = strdup(pw->pw_dir);
|
|
|
|
|
else
|
|
|
|
|
ret = strdup(pw->pw_name);
|
2009-01-22 19:41:48 +00:00
|
|
|
|
|
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
if (!ret)
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2009-01-22 19:41:48 +00:00
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
2009-07-15 21:25:01 +00:00
|
|
|
|
2010-02-04 22:41:52 +00:00
|
|
|
char *virGetUserDirectory(uid_t uid)
|
2009-07-10 10:40:04 +00:00
|
|
|
{
|
2010-02-04 20:02:58 +00:00
|
|
|
return virGetUserEnt(uid, VIR_USER_ENT_DIRECTORY);
|
2009-07-10 10:40:04 +00:00
|
|
|
}
|
|
|
|
|
|
2010-02-04 22:41:52 +00:00
|
|
|
char *virGetUserName(uid_t uid)
|
2009-07-10 10:40:04 +00:00
|
|
|
{
|
2010-02-04 20:02:58 +00:00
|
|
|
return virGetUserEnt(uid, VIR_USER_ENT_NAME);
|
2009-07-10 10:40:04 +00:00
|
|
|
}
|
|
|
|
|
|
2009-07-15 21:25:01 +00:00
|
|
|
|
2010-02-04 22:41:52 +00:00
|
|
|
int virGetUserID(const char *name,
|
2009-07-15 21:25:01 +00:00
|
|
|
uid_t *uid)
|
|
|
|
|
{
|
|
|
|
|
char *strbuf;
|
|
|
|
|
struct passwd pwbuf;
|
|
|
|
|
struct passwd *pw = NULL;
|
2010-02-01 20:45:06 +00:00
|
|
|
long val = sysconf(_SC_GETPW_R_SIZE_MAX);
|
|
|
|
|
size_t strbuflen = val;
|
|
|
|
|
|
|
|
|
|
if (val < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, "%s", _("sysconf failed"));
|
2010-02-01 20:45:06 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2009-07-15 21:25:01 +00:00
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(strbuf, strbuflen) < 0) {
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2009-07-15 21:25:01 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* From the manpage (terrifying but true):
|
|
|
|
|
*
|
|
|
|
|
* ERRORS
|
|
|
|
|
* 0 or ENOENT or ESRCH or EBADF or EPERM or ...
|
|
|
|
|
* The given name or uid was not found.
|
|
|
|
|
*/
|
|
|
|
|
if (getpwnam_r(name, &pwbuf, strbuf, strbuflen, &pw) != 0 || pw == NULL) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-07-15 21:25:01 +00:00
|
|
|
_("Failed to find user record for name '%s'"),
|
|
|
|
|
name);
|
|
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*uid = pw->pw_uid;
|
|
|
|
|
|
|
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2010-02-04 22:41:52 +00:00
|
|
|
int virGetGroupID(const char *name,
|
2009-07-15 21:25:01 +00:00
|
|
|
gid_t *gid)
|
|
|
|
|
{
|
|
|
|
|
char *strbuf;
|
|
|
|
|
struct group grbuf;
|
|
|
|
|
struct group *gr = NULL;
|
2010-02-01 20:45:06 +00:00
|
|
|
long val = sysconf(_SC_GETGR_R_SIZE_MAX);
|
|
|
|
|
size_t strbuflen = val;
|
|
|
|
|
|
|
|
|
|
if (val < 0) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno, "%s", _("sysconf failed"));
|
2010-02-01 20:45:06 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
2009-07-15 21:25:01 +00:00
|
|
|
|
|
|
|
|
if (VIR_ALLOC_N(strbuf, strbuflen) < 0) {
|
2010-02-04 18:19:08 +00:00
|
|
|
virReportOOMError();
|
2009-07-15 21:25:01 +00:00
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* From the manpage (terrifying but true):
|
|
|
|
|
*
|
|
|
|
|
* ERRORS
|
|
|
|
|
* 0 or ENOENT or ESRCH or EBADF or EPERM or ...
|
|
|
|
|
* The given name or uid was not found.
|
|
|
|
|
*/
|
|
|
|
|
if (getgrnam_r(name, &grbuf, strbuf, strbuflen, &gr) != 0 || gr == NULL) {
|
2010-02-04 20:02:58 +00:00
|
|
|
virReportSystemError(errno,
|
2009-07-15 21:25:01 +00:00
|
|
|
_("Failed to find group record for name '%s'"),
|
|
|
|
|
name);
|
|
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
*gid = gr->gr_gid;
|
|
|
|
|
|
|
|
|
|
VIR_FREE(strbuf);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2010-03-17 00:06:31 +00:00
|
|
|
|
|
|
|
|
#else /* HAVE_GETPWUID_R */
|
|
|
|
|
|
|
|
|
|
char *
|
|
|
|
|
virGetUserDirectory(uid_t uid ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
2010-04-06 19:44:11 +00:00
|
|
|
"%s", _("virGetUserDirectory is not available"));
|
2010-03-17 00:06:31 +00:00
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
char *
|
|
|
|
|
virGetUserName(uid_t uid ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
2010-04-06 19:44:11 +00:00
|
|
|
"%s", _("virGetUserName is not available"));
|
2010-03-17 00:06:31 +00:00
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int virGetUserID(const char *name ATTRIBUTE_UNUSED,
|
|
|
|
|
uid_t *uid ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
2010-04-06 19:44:11 +00:00
|
|
|
"%s", _("virGetUserID is not available"));
|
2010-03-17 00:06:31 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
int virGetGroupID(const char *name ATTRIBUTE_UNUSED,
|
|
|
|
|
gid_t *gid ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
virUtilError(VIR_ERR_INTERNAL_ERROR,
|
2010-04-06 19:44:11 +00:00
|
|
|
"%s", _("virGetGroupID is not available"));
|
2010-03-17 00:06:31 +00:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
#endif /* HAVE_GETPWUID_R */
|
Support configuration of huge pages in guests
Add option to domain XML for
<memoryBacking>
<hugepages/>
</memoryBacking>
* configure.in: Add check for mntent.h
* qemud/libvirtd_qemu.aug, qemud/test_libvirtd_qemu.aug, src/qemu.conf
Add 'hugetlbfs_mount' config parameter
* src/qemu_conf.c, src/qemu_conf.h: Check for -mem-path flag in QEMU,
and pass it when hugepages are requested.
Load hugetlbfs_mount config parameter, search for mount if not given.
* src/qemu_driver.c: Free hugetlbfs_mount/path parameter in driver shutdown.
Create directory for QEMU hugepage usage, chowning if required.
* docs/formatdomain.html.in: Document memoryBacking/hugepages elements
* docs/schemas/domain.rng: Add memoryBacking/hugepages elements to schema
* src/util.c, src/util.h, src/libvirt_private.syms: Add virFileFindMountPoint
helper API
* tests/qemuhelptest.c: Add -mem-path constants
* tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c: Add tests for hugepage
handling
* tests/qemuxml2argvdata/qemuxml2argv-hugepages.xml,
tests/qemuxml2argvdata/qemuxml2argv-hugepages.args: Data files for
hugepage tests
2009-08-25 14:05:18 +00:00
|
|
|
|
|
|
|
|
|
2010-04-23 09:34:17 +00:00
|
|
|
#if defined HAVE_MNTENT_H && defined HAVE_GETMNTENT_R
|
Support configuration of huge pages in guests
Add option to domain XML for
<memoryBacking>
<hugepages/>
</memoryBacking>
* configure.in: Add check for mntent.h
* qemud/libvirtd_qemu.aug, qemud/test_libvirtd_qemu.aug, src/qemu.conf
Add 'hugetlbfs_mount' config parameter
* src/qemu_conf.c, src/qemu_conf.h: Check for -mem-path flag in QEMU,
and pass it when hugepages are requested.
Load hugetlbfs_mount config parameter, search for mount if not given.
* src/qemu_driver.c: Free hugetlbfs_mount/path parameter in driver shutdown.
Create directory for QEMU hugepage usage, chowning if required.
* docs/formatdomain.html.in: Document memoryBacking/hugepages elements
* docs/schemas/domain.rng: Add memoryBacking/hugepages elements to schema
* src/util.c, src/util.h, src/libvirt_private.syms: Add virFileFindMountPoint
helper API
* tests/qemuhelptest.c: Add -mem-path constants
* tests/qemuxml2argvtest.c, tests/qemuxml2xmltest.c: Add tests for hugepage
handling
* tests/qemuxml2argvdata/qemuxml2argv-hugepages.xml,
tests/qemuxml2argvdata/qemuxml2argv-hugepages.args: Data files for
hugepage tests
2009-08-25 14:05:18 +00:00
|
|
|
/* search /proc/mounts for mount point of *type; return pointer to
|
|
|
|
|
* malloc'ed string of the path if found, otherwise return NULL
|
|
|
|
|
* with errno set to an appropriate value.
|
|
|
|
|
*/
|
|
|
|
|
char *virFileFindMountPoint(const char *type)
|
|
|
|
|
{
|
|
|
|
|
FILE *f;
|
|
|
|
|
struct mntent mb;
|
|
|
|
|
char mntbuf[1024];
|
|
|
|
|
char *ret = NULL;
|
|
|
|
|
|
|
|
|
|
f = setmntent("/proc/mounts", "r");
|
|
|
|
|
if (!f)
|
|
|
|
|
return NULL;
|
|
|
|
|
|
|
|
|
|
while (getmntent_r(f, &mb, mntbuf, sizeof(mntbuf))) {
|
|
|
|
|
if (STREQ(mb.mnt_type, type)) {
|
|
|
|
|
ret = strdup(mb.mnt_dir);
|
|
|
|
|
goto cleanup;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!ret)
|
|
|
|
|
errno = ENOENT;
|
|
|
|
|
|
|
|
|
|
cleanup:
|
|
|
|
|
endmntent(f);
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
2010-03-17 00:06:31 +00:00
|
|
|
|
2010-04-23 09:34:17 +00:00
|
|
|
#else /* defined HAVE_MNTENT_H && defined HAVE_GETMNTENT_R */
|
2010-03-17 00:06:31 +00:00
|
|
|
|
|
|
|
|
char *
|
|
|
|
|
virFileFindMountPoint(const char *type ATTRIBUTE_UNUSED)
|
|
|
|
|
{
|
|
|
|
|
errno = ENOSYS;
|
|
|
|
|
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2010-04-23 09:34:17 +00:00
|
|
|
#endif /* defined HAVE_MNTENT_H && defined HAVE_GETMNTENT_R */
|
2009-09-10 13:21:10 +00:00
|
|
|
|
|
|
|
|
#ifndef PROXY
|
2010-03-09 18:22:22 +00:00
|
|
|
# if defined(UDEVADM) || defined(UDEVSETTLE)
|
2010-02-04 22:41:52 +00:00
|
|
|
void virFileWaitForDevices(void)
|
2009-09-10 13:21:10 +00:00
|
|
|
{
|
2010-03-09 18:22:22 +00:00
|
|
|
# ifdef UDEVADM
|
2009-09-10 13:21:10 +00:00
|
|
|
const char *const settleprog[] = { UDEVADM, "settle", NULL };
|
2010-03-09 18:22:22 +00:00
|
|
|
# else
|
2009-09-10 13:21:10 +00:00
|
|
|
const char *const settleprog[] = { UDEVSETTLE, NULL };
|
2010-03-09 18:22:22 +00:00
|
|
|
# endif
|
2009-09-10 13:21:10 +00:00
|
|
|
int exitstatus;
|
|
|
|
|
|
|
|
|
|
if (access(settleprog[0], X_OK) != 0)
|
|
|
|
|
return;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* NOTE: we ignore errors here; this is just to make sure that any device
|
|
|
|
|
* nodes that are being created finish before we try to scan them.
|
|
|
|
|
* If this fails for any reason, we still have the backup of polling for
|
|
|
|
|
* 5 seconds for device nodes.
|
|
|
|
|
*/
|
2010-02-04 22:41:52 +00:00
|
|
|
if (virRun(settleprog, &exitstatus) < 0)
|
2009-10-16 10:09:13 +00:00
|
|
|
{}
|
2009-09-10 13:21:10 +00:00
|
|
|
}
|
2010-03-09 18:22:22 +00:00
|
|
|
# else
|
2010-02-04 22:41:52 +00:00
|
|
|
void virFileWaitForDevices(void) {}
|
2010-03-09 18:22:22 +00:00
|
|
|
# endif
|
2009-09-10 13:21:10 +00:00
|
|
|
#endif
|
2009-11-12 21:48:24 +00:00
|
|
|
|
|
|
|
|
int virBuildPathInternal(char **path, ...)
|
|
|
|
|
{
|
|
|
|
|
char *path_component = NULL;
|
|
|
|
|
virBuffer buf = VIR_BUFFER_INITIALIZER;
|
|
|
|
|
va_list ap;
|
|
|
|
|
int ret = 0;
|
|
|
|
|
|
2010-05-04 22:07:18 +00:00
|
|
|
va_start(ap, path);
|
2009-11-12 21:48:24 +00:00
|
|
|
|
|
|
|
|
path_component = va_arg(ap, char *);
|
|
|
|
|
virBufferAdd(&buf, path_component, -1);
|
|
|
|
|
|
|
|
|
|
while ((path_component = va_arg(ap, char *)) != NULL)
|
|
|
|
|
{
|
|
|
|
|
virBufferAddChar(&buf, '/');
|
|
|
|
|
virBufferAdd(&buf, path_component, -1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
va_end(ap);
|
|
|
|
|
|
|
|
|
|
*path = virBufferContentAndReset(&buf);
|
|
|
|
|
if (*path == NULL) {
|
|
|
|
|
ret = -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return ret;
|
|
|
|
|
}
|
