1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
17 #include "apr_arch_threadproc.h"
18 #include "apr_strings.h"
19 #include "apr_portable.h"
20 #include "apr_signal.h"
21 #include "apr_random.h"
23 /* Heavy on no'ops, here's what we want to pass if there is APR_NO_FILE
24 * requested for a specific child handle;
26 static apr_file_t no_file = { NULL, -1, };
28 APR_DECLARE(apr_status_t) apr_procattr_create(apr_procattr_t **new,
31 (*new) = (apr_procattr_t *)apr_pcalloc(pool, sizeof(apr_procattr_t));
37 (*new)->cmdtype = APR_PROGRAM;
38 (*new)->uid = (*new)->gid = -1;
42 APR_DECLARE(apr_status_t) apr_procattr_io_set(apr_procattr_t *attr,
49 if ((in != APR_NO_PIPE) && (in != APR_NO_FILE)) {
50 /* APR_CHILD_BLOCK maps to APR_WRITE_BLOCK, while
51 * APR_PARENT_BLOCK maps to APR_READ_BLOCK, so transpose
52 * the CHILD/PARENT blocking flags for the stdin pipe.
53 * stdout/stderr map to the correct mode by default.
55 if (in == APR_CHILD_BLOCK)
57 else if (in == APR_PARENT_BLOCK)
60 if ((rv = apr_file_pipe_create_ex(&attr->child_in, &attr->parent_in,
61 in, attr->pool)) == APR_SUCCESS)
62 rv = apr_file_inherit_unset(attr->parent_in);
63 if (rv != APR_SUCCESS)
66 else if (in == APR_NO_FILE)
67 attr->child_in = &no_file;
69 if ((out != APR_NO_PIPE) && (out != APR_NO_FILE)) {
70 if ((rv = apr_file_pipe_create_ex(&attr->parent_out, &attr->child_out,
71 out, attr->pool)) == APR_SUCCESS)
72 rv = apr_file_inherit_unset(attr->parent_out);
73 if (rv != APR_SUCCESS)
76 else if (out == APR_NO_FILE)
77 attr->child_out = &no_file;
79 if ((err != APR_NO_PIPE) && (err != APR_NO_FILE)) {
80 if ((rv = apr_file_pipe_create_ex(&attr->parent_err, &attr->child_err,
81 err, attr->pool)) == APR_SUCCESS)
82 rv = apr_file_inherit_unset(attr->parent_err);
83 if (rv != APR_SUCCESS)
86 else if (err == APR_NO_FILE)
87 attr->child_err = &no_file;
93 APR_DECLARE(apr_status_t) apr_procattr_child_in_set(apr_procattr_t *attr,
95 apr_file_t *parent_in)
97 apr_status_t rv = APR_SUCCESS;
99 if (attr->child_in == NULL && attr->parent_in == NULL
100 && child_in == NULL && parent_in == NULL)
101 if ((rv = apr_file_pipe_create(&attr->child_in, &attr->parent_in,
102 attr->pool)) == APR_SUCCESS)
103 rv = apr_file_inherit_unset(attr->parent_in);
105 if (child_in != NULL && rv == APR_SUCCESS) {
106 if (attr->child_in && (attr->child_in->filedes != -1))
107 rv = apr_file_dup2(attr->child_in, child_in, attr->pool);
109 attr->child_in = NULL;
110 if ((rv = apr_file_dup(&attr->child_in, child_in, attr->pool))
112 rv = apr_file_inherit_set(attr->child_in);
116 if (parent_in != NULL && rv == APR_SUCCESS) {
118 rv = apr_file_dup2(attr->parent_in, parent_in, attr->pool);
120 rv = apr_file_dup(&attr->parent_in, parent_in, attr->pool);
127 APR_DECLARE(apr_status_t) apr_procattr_child_out_set(apr_procattr_t *attr,
128 apr_file_t *child_out,
129 apr_file_t *parent_out)
131 apr_status_t rv = APR_SUCCESS;
133 if (attr->child_out == NULL && attr->parent_out == NULL
134 && child_out == NULL && parent_out == NULL)
135 if ((rv = apr_file_pipe_create(&attr->parent_out, &attr->child_out,
136 attr->pool)) == APR_SUCCESS)
137 rv = apr_file_inherit_unset(attr->parent_out);
139 if (child_out != NULL && rv == APR_SUCCESS) {
140 if (attr->child_out && (attr->child_out->filedes != -1))
141 rv = apr_file_dup2(attr->child_out, child_out, attr->pool);
143 attr->child_out = NULL;
144 if ((rv = apr_file_dup(&attr->child_out, child_out, attr->pool))
146 rv = apr_file_inherit_set(attr->child_out);
150 if (parent_out != NULL && rv == APR_SUCCESS) {
151 if (attr->parent_out)
152 rv = apr_file_dup2(attr->parent_out, parent_out, attr->pool);
154 rv = apr_file_dup(&attr->parent_out, parent_out, attr->pool);
161 APR_DECLARE(apr_status_t) apr_procattr_child_err_set(apr_procattr_t *attr,
162 apr_file_t *child_err,
163 apr_file_t *parent_err)
165 apr_status_t rv = APR_SUCCESS;
167 if (attr->child_err == NULL && attr->parent_err == NULL
168 && child_err == NULL && parent_err == NULL)
169 if ((rv = apr_file_pipe_create(&attr->parent_err, &attr->child_err,
170 attr->pool)) == APR_SUCCESS)
171 rv = apr_file_inherit_unset(attr->parent_err);
173 if (child_err != NULL && rv == APR_SUCCESS) {
174 if (attr->child_err && (attr->child_err->filedes != -1))
175 rv = apr_file_dup2(attr->child_err, child_err, attr->pool);
177 attr->child_err = NULL;
178 if ((rv = apr_file_dup(&attr->child_err, child_err, attr->pool))
180 rv = apr_file_inherit_set(attr->child_err);
183 if (parent_err != NULL && rv == APR_SUCCESS) {
184 if (attr->parent_err)
185 rv = apr_file_dup2(attr->parent_err, parent_err, attr->pool);
187 rv = apr_file_dup(&attr->parent_err, parent_err, attr->pool);
194 APR_DECLARE(apr_status_t) apr_procattr_dir_set(apr_procattr_t *attr,
197 attr->currdir = apr_pstrdup(attr->pool, dir);
205 APR_DECLARE(apr_status_t) apr_procattr_cmdtype_set(apr_procattr_t *attr,
212 APR_DECLARE(apr_status_t) apr_procattr_detach_set(apr_procattr_t *attr,
215 attr->detached = detach;
219 APR_DECLARE(apr_status_t) apr_proc_fork(apr_proc_t *proc, apr_pool_t *pool)
223 memset(proc, 0, sizeof(apr_proc_t));
225 if ((pid = fork()) < 0) {
229 proc->pid = getpid();
231 apr_random_after_fork(proc);
241 static apr_status_t limit_proc(apr_procattr_t *attr)
243 #if APR_HAVE_STRUCT_RLIMIT && APR_HAVE_SETRLIMIT
245 if (attr->limit_cpu != NULL) {
246 if ((setrlimit(RLIMIT_CPU, attr->limit_cpu)) != 0) {
252 if (attr->limit_nproc != NULL) {
253 if ((setrlimit(RLIMIT_NPROC, attr->limit_nproc)) != 0) {
259 if (attr->limit_nofile != NULL) {
260 if ((setrlimit(RLIMIT_NOFILE, attr->limit_nofile)) != 0) {
265 #if defined(RLIMIT_AS)
266 if (attr->limit_mem != NULL) {
267 if ((setrlimit(RLIMIT_AS, attr->limit_mem)) != 0) {
271 #elif defined(RLIMIT_DATA)
272 if (attr->limit_mem != NULL) {
273 if ((setrlimit(RLIMIT_DATA, attr->limit_mem)) != 0) {
277 #elif defined(RLIMIT_VMEM)
278 if (attr->limit_mem != NULL) {
279 if ((setrlimit(RLIMIT_VMEM, attr->limit_mem)) != 0) {
286 * Maybe make a note in error_log that setrlimit isn't supported??
293 APR_DECLARE(apr_status_t) apr_procattr_child_errfn_set(apr_procattr_t *attr,
294 apr_child_errfn_t *errfn)
300 APR_DECLARE(apr_status_t) apr_procattr_error_check_set(apr_procattr_t *attr,
307 APR_DECLARE(apr_status_t) apr_procattr_addrspace_set(apr_procattr_t *attr,
308 apr_int32_t addrspace)
310 /* won't ever be used on this platform, so don't save the flag */
314 APR_DECLARE(apr_status_t) apr_procattr_user_set(apr_procattr_t *attr,
315 const char *username,
316 const char *password)
321 if ((rv = apr_uid_get(&attr->uid, &gid, username,
322 attr->pool)) != APR_SUCCESS) {
327 /* Use default user group if not already set */
328 if (attr->gid == -1) {
334 APR_DECLARE(apr_status_t) apr_procattr_group_set(apr_procattr_t *attr,
335 const char *groupname)
339 if ((rv = apr_gid_get(&attr->gid, groupname, attr->pool)) != APR_SUCCESS)
344 APR_DECLARE(apr_status_t) apr_proc_create(apr_proc_t *new,
345 const char *progname,
346 const char * const *args,
347 const char * const *env,
348 apr_procattr_t *attr,
352 const char * const empty_envp[] = {NULL};
354 if (!env) { /* Specs require an empty array instead of NULL;
355 * Purify will trigger a failure, even if many
356 * implementations don't.
361 new->in = attr->parent_in;
362 new->err = attr->parent_err;
363 new->out = attr->parent_out;
367 if (access(attr->currdir, X_OK) == -1) {
368 /* chdir() in child wouldn't have worked */
373 if (attr->cmdtype == APR_PROGRAM ||
374 attr->cmdtype == APR_PROGRAM_ENV ||
376 /* for both of these values of cmdtype, caller must pass
377 * full path, so it is easy to check;
378 * caller can choose to pass full path for other
381 if (access(progname, X_OK) == -1) {
382 /* exec*() in child wouldn't have worked */
387 /* todo: search PATH for progname then try to access it */
391 if ((new->pid = fork()) < 0) {
394 else if (new->pid == 0) {
398 * If we do exec cleanup before the dup2() calls to set up pipes
399 * on 0-2, we accidentally close the pipes used by programs like
402 * If we do exec cleanup after the dup2() calls, cleanup can accidentally
403 * close our pipes which replaced any files which previously had
406 * The solution is to kill the cleanup for the pipes, then do
407 * exec cleanup, then do the dup2() calls.
410 if (attr->child_in) {
411 apr_pool_cleanup_kill(apr_file_pool_get(attr->child_in),
412 attr->child_in, apr_unix_file_cleanup);
415 if (attr->child_out) {
416 apr_pool_cleanup_kill(apr_file_pool_get(attr->child_out),
417 attr->child_out, apr_unix_file_cleanup);
420 if (attr->child_err) {
421 apr_pool_cleanup_kill(apr_file_pool_get(attr->child_err),
422 attr->child_err, apr_unix_file_cleanup);
425 apr_pool_cleanup_for_exec();
427 if ((attr->child_in) && (attr->child_in->filedes == -1)) {
430 else if (attr->child_in &&
431 attr->child_in->filedes != STDIN_FILENO) {
432 dup2(attr->child_in->filedes, STDIN_FILENO);
433 apr_file_close(attr->child_in);
436 if ((attr->child_out) && (attr->child_out->filedes == -1)) {
437 close(STDOUT_FILENO);
439 else if (attr->child_out &&
440 attr->child_out->filedes != STDOUT_FILENO) {
441 dup2(attr->child_out->filedes, STDOUT_FILENO);
442 apr_file_close(attr->child_out);
445 if ((attr->child_err) && (attr->child_err->filedes == -1)) {
446 close(STDERR_FILENO);
448 else if (attr->child_err &&
449 attr->child_err->filedes != STDERR_FILENO) {
450 dup2(attr->child_err->filedes, STDERR_FILENO);
451 apr_file_close(attr->child_err);
454 apr_signal(SIGCHLD, SIG_DFL); /* not sure if this is needed or not */
456 if (attr->currdir != NULL) {
457 if (chdir(attr->currdir) == -1) {
459 attr->errfn(pool, errno, "change of working directory failed");
461 _exit(-1); /* We have big problems, the child should exit. */
465 apr_procattr_pscb_t *c = attr->perms_set_callbacks;
469 r = (*c->perms_set_fn)((void *)c->data, c->perms,
470 attr->uid, attr->gid);
471 if (r != APR_SUCCESS && r != APR_ENOTIMPL) {
477 /* Only try to switch if we are running as root */
478 if (attr->gid != -1 && !geteuid()) {
479 if (setgid(attr->gid)) {
481 attr->errfn(pool, errno, "setting of group failed");
483 _exit(-1); /* We have big problems, the child should exit. */
487 if (attr->uid != -1 && !geteuid()) {
488 if (setuid(attr->uid)) {
490 attr->errfn(pool, errno, "setting of user failed");
492 _exit(-1); /* We have big problems, the child should exit. */
496 if (limit_proc(attr) != APR_SUCCESS) {
498 attr->errfn(pool, errno, "setting of resource limits failed");
500 _exit(-1); /* We have big problems, the child should exit. */
503 if (attr->cmdtype == APR_SHELLCMD ||
504 attr->cmdtype == APR_SHELLCMD_ENV) {
506 const char *newargs[4];
508 newargs[0] = SHELL_PATH;
513 onearg_len += strlen(args[i]);
514 onearg_len++; /* for space delimiter */
520 /* bad parameters; we're doomed */
523 /* no args, or caller already built a single string from
526 newargs[2] = args[0];
532 ch = onearg = apr_palloc(pool, onearg_len);
535 size_t len = strlen(args[i]);
537 memcpy(ch, args[i], len);
543 --ch; /* back up to trailing blank */
551 if (attr->detached) {
552 apr_proc_detach(APR_PROC_DETACH_DAEMONIZE);
555 if (attr->cmdtype == APR_SHELLCMD) {
556 execve(SHELL_PATH, (char * const *) newargs, (char * const *)env);
559 execv(SHELL_PATH, (char * const *)newargs);
562 else if (attr->cmdtype == APR_PROGRAM) {
563 if (attr->detached) {
564 apr_proc_detach(APR_PROC_DETACH_DAEMONIZE);
567 execve(progname, (char * const *)args, (char * const *)env);
569 else if (attr->cmdtype == APR_PROGRAM_ENV) {
570 if (attr->detached) {
571 apr_proc_detach(APR_PROC_DETACH_DAEMONIZE);
574 execv(progname, (char * const *)args);
577 /* APR_PROGRAM_PATH */
578 if (attr->detached) {
579 apr_proc_detach(APR_PROC_DETACH_DAEMONIZE);
582 execvp(progname, (char * const *)args);
587 desc = apr_psprintf(pool, "exec of '%s' failed",
589 attr->errfn(pool, errno, desc);
592 _exit(-1); /* if we get here, there is a problem, so exit with an
597 if (attr->child_in && (attr->child_in->filedes != -1)) {
598 apr_file_close(attr->child_in);
601 if (attr->child_out && (attr->child_out->filedes != -1)) {
602 apr_file_close(attr->child_out);
605 if (attr->child_err && (attr->child_err->filedes != -1)) {
606 apr_file_close(attr->child_err);
612 APR_DECLARE(apr_status_t) apr_proc_wait_all_procs(apr_proc_t *proc,
614 apr_exit_why_e *exitwhy,
615 apr_wait_how_e waithow,
619 return apr_proc_wait(proc, exitcode, exitwhy, waithow);
622 APR_DECLARE(apr_status_t) apr_proc_wait(apr_proc_t *proc,
623 int *exitcode, apr_exit_why_e *exitwhy,
624 apr_wait_how_e waithow)
627 int waitpid_options = WUNTRACED;
630 apr_exit_why_e ignorewhy;
632 if (exitcode == NULL) {
636 if (exitwhy == NULL) {
637 exitwhy = &ignorewhy;
640 if (waithow != APR_WAIT) {
641 waitpid_options |= WNOHANG;
645 pstatus = waitpid(proc->pid, &exit_int, waitpid_options);
646 } while (pstatus < 0 && errno == EINTR);
651 if (WIFEXITED(exit_int)) {
652 *exitwhy = APR_PROC_EXIT;
653 *exitcode = WEXITSTATUS(exit_int);
655 else if (WIFSIGNALED(exit_int)) {
656 *exitwhy = APR_PROC_SIGNAL;
659 if (WCOREDUMP(exit_int)) {
660 *exitwhy |= APR_PROC_SIGNAL_CORE;
664 *exitcode = WTERMSIG(exit_int);
667 /* unexpected condition */
671 return APR_CHILD_DONE;
673 else if (pstatus == 0) {
674 return APR_CHILD_NOTDONE;
680 #if APR_HAVE_STRUCT_RLIMIT
681 APR_DECLARE(apr_status_t) apr_procattr_limit_set(apr_procattr_t *attr,
683 struct rlimit *limit)
688 attr->limit_cpu = limit;
695 #if defined(RLIMIT_DATA) || defined(RLIMIT_VMEM) || defined(RLIMIT_AS)
696 attr->limit_mem = limit;
702 case APR_LIMIT_NPROC:
704 attr->limit_nproc = limit;
710 case APR_LIMIT_NOFILE:
712 attr->limit_nofile = limit;
722 #endif /* APR_HAVE_STRUCT_RLIMIT */
724 APR_DECLARE(apr_status_t) apr_procattr_perms_set_register(apr_procattr_t *attr,
725 apr_perms_setfn_t *perms_set_fn,
727 apr_fileperms_t perms)
729 apr_procattr_pscb_t *c;
731 c = apr_palloc(attr->pool, sizeof(apr_procattr_pscb_t));
734 c->perms_set_fn = perms_set_fn;
735 c->next = attr->perms_set_callbacks;
736 attr->perms_set_callbacks = c;