// This file is part of BOINC.
// http://boinc.berkeley.edu
// Copyright (C) 2008 University of California
//
// BOINC is free software; you can redistribute it and/or modify it
// under the terms of the GNU Lesser General Public License
// as published by the Free Software Foundation,
// either version 3 of the License, or (at your option) any later version.
//
// BOINC is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
// See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC. If not, see .
#include "cpp.h"
#ifdef _WIN32
#include "boinc_win.h"
#else
#include "config.h"
#include
#include
#include
#include
#include
#include
#endif
#ifdef _MSC_VER
#define snprintf _snprintf
#endif
#include "error_numbers.h"
#include "file_names.h"
#include "util.h"
#include "str_util.h"
#include "str_replace.h"
#include "filesys.h"
#include "parse.h"
#include "client_msgs.h"
#include "client_state.h"
#include "sandbox.h"
bool g_use_sandbox = false;
#ifndef _WIN32
// POSIX requires that shells run from an application will use the
// real UID and GID if different from the effective UID and GID.
// Mac OS 10.4 did not enforce this, but OS 10.5 does. Since
// system() invokes a shell, we can't use it to run the switcher
// or setprojectgrp utilities, so we must do a fork() and execv().
//
int switcher_exec(const char *util_filename, const char* cmdline) {
char* argv[100];
char util_path[MAXPATHLEN];
char command [1024];
char buffer[1024];
int fds_out[2], fds_err[2];
int stat;
int retval;
string output_out, output_err;
snprintf(util_path, sizeof(util_path), "%s/%s", SWITCHER_DIR, util_filename);
argv[0] = const_cast(util_filename);
// Make a copy of cmdline because parse_command_line modifies it
safe_strcpy(command, cmdline);
parse_command_line(const_cast(cmdline), argv+1);
// Create the output pipes
if (pipe(fds_out) == -1) {
perror("pipe() for fds_out failed in switcher_exec");
return ERR_PIPE;
}
if (pipe(fds_err) == -1) {
perror("pipe() for fds_err failed in switcher_exec");
return ERR_PIPE;
}
int pid = fork();
if (pid == -1) {
perror("fork() failed in switcher_exec");
return ERR_FORK;
}
if (pid == 0) {
// This is the new (forked) process
// Setup pipe redirects
while ((dup2(fds_out[1], STDOUT_FILENO) == -1) && (errno == EINTR)) {}
while ((dup2(fds_err[1], STDERR_FILENO) == -1) && (errno == EINTR)) {}
// Child only needs one-way (write) pipes so close read pipes
close(fds_out[0]);
close(fds_err[0]);
execv(util_path, argv);
fprintf(stderr, "execv failed in switcher_exec(%s, %s): %s", util_path, cmdline, strerror(errno));
_exit(EXIT_FAILURE);
}
// Parent only needs one-way (read) pipes so close write pipes
close(fds_out[1]);
close(fds_err[1]);
// Capture stdout output
while (1) {
ssize_t count = read(fds_out[0], buffer, sizeof(buffer));
if (count == -1) {
if (errno == EINTR) {
continue;
} else {
break;
}
} else if (count == 0) {
break;
} else {
buffer[count] = '\0';
output_out += buffer;
}
}
// Capture stderr output
while (1) {
ssize_t count = read(fds_err[0], buffer, sizeof(buffer));
if (count == -1) {
if (errno == EINTR) {
continue;
} else {
break;
}
} else if (count == 0) {
break;
} else {
buffer[count] = '\0';
output_err += buffer;
}
}
// Wait for command to complete, like system() does.
waitpid(pid, &stat, 0);
// Close pipe descriptors
close(fds_out[0]);
close(fds_err[0]);
if (WIFEXITED(stat)) {
retval = WEXITSTATUS(stat);
if (retval) {
if (log_flags.task_debug) {
msg_printf(0, MSG_INTERNAL_ERROR, "[task_debug] failure in switcher_exec");
msg_printf(0, MSG_INTERNAL_ERROR, "[task_debug] switcher: %s", util_path);
msg_printf(0, MSG_INTERNAL_ERROR, "[task_debug] command: %s", command);
msg_printf(0, MSG_INTERNAL_ERROR, "[task_debug] exit code: %d", retval);
msg_printf(0, MSG_INTERNAL_ERROR, "[task_debug] stdout: %s", output_out.c_str());
msg_printf(0, MSG_INTERNAL_ERROR, "[task_debug] stderr: %s", output_err.c_str());
}
}
return retval;
}
return 0;
}
int kill_via_switcher(int pid) {
char cmd[1024];
if (!g_use_sandbox) return 0;
// if project application is running as user boinc_project and
// client is running as user boinc_master,
// we cannot send a signal directly, so use switcher.
//
snprintf(cmd, sizeof(cmd), "/bin/kill kill -s KILL %d", pid);
return switcher_exec(SWITCHER_FILE_NAME, cmd);
}
#ifndef _DEBUG
static int lookup_group(const char* name, gid_t& gid) {
struct group* gp = getgrnam(name);
if (!gp) return ERR_GETGRNAM;
gid = gp->gr_gid;
return 0;
}
#endif
int remove_project_owned_file_or_dir(const char* path) {
char cmd[1024];
if (g_use_sandbox) {
snprintf(cmd, sizeof(cmd), "/bin/rm rm -fR \"%s\"", path);
if (switcher_exec(SWITCHER_FILE_NAME, cmd)) {
return ERR_UNLINK;
} else {
return 0;
}
}
return ERR_UNLINK;
}
int get_project_gid() {
if (g_use_sandbox) {
#ifdef _DEBUG
// GDB can't attach to applications which are running as a different user
// or group, so fix up data with current user and group during debugging
gstate.boinc_project_gid = getegid();
#else
return lookup_group(BOINC_PROJECT_GROUP_NAME, gstate.boinc_project_gid);
#endif // _DEBUG
} else {
gstate.boinc_project_gid = 0;
}
return 0;
}
int set_to_project_group(const char* path) {
if (g_use_sandbox) {
if (switcher_exec(SETPROJECTGRP_FILE_NAME, path)) {
return ERR_CHOWN;
}
}
return 0;
}
#else
int get_project_gid() {
return 0;
}
int set_to_project_group(const char*) {
return 0;
}
#endif // ! _WIN32
// delete a file.
// return success if we deleted it or it didn't exist in the first place
//
static int delete_project_owned_file_aux(const char* path) {
#ifdef _WIN32
if (DeleteFile(path)) return 0;
int error = GetLastError();
if (error == ERROR_FILE_NOT_FOUND) {
return 0;
}
if (error == ERROR_ACCESS_DENIED) {
SetFileAttributes(path, FILE_ATTRIBUTE_NORMAL);
if (DeleteFile(path)) return 0;
}
return error;
#else
int retval = unlink(path);
if (retval == 0) return 0;
if (errno == ENOENT) {
return 0;
}
if (g_use_sandbox && (errno == EACCES)) {
// We may not have permission to read subdirectories created by projects
//
return remove_project_owned_file_or_dir(path);
}
return ERR_UNLINK;
#endif
}
// Delete the file located at path.
// If "retry" is set, do retries for 5 sec in case some
// other program (e.g. virus checker) has the file locked.
// Don't do this if deleting directories - it can lock up the Manager.
//
int delete_project_owned_file(const char* path, bool retry) {
int retval = 0;
retval = delete_project_owned_file_aux(path);
if (retval && retry) {
if (log_flags.slot_debug) {
msg_printf(0, MSG_INFO,
"[slot] delete of %s failed (%d); retrying", path, retval
);
}
double start = dtime();
do {
boinc_sleep(drand()*2); // avoid lockstep
retval = delete_project_owned_file_aux(path);
if (!retval) break;
} while (dtime() < start + FILE_RETRY_INTERVAL);
}
if (retval) {
if (log_flags.slot_debug) {
msg_printf(0, MSG_INFO,
"[slot] failed to remove file %s: %s",
path, boincerror(retval)
);
}
safe_strcpy(boinc_failed_file, path);
return ERR_UNLINK;
}
if (log_flags.slot_debug) {
msg_printf(0, MSG_INFO, "[slot] removed file %s", path);
}
return 0;
}
// recursively delete everything in the specified directory
// (but not the directory itself).
// If an error occurs, delete as much as possible.
//
int client_clean_out_dir(
const char* dirpath, const char* reason, const char* except
) {
char filename[MAXPATHLEN], path[MAXPATHLEN];
int retval, final_retval = 0;
DIRREF dirp;
if (reason && log_flags.slot_debug) {
msg_printf(0, MSG_INFO, "[slot] cleaning out %s: %s", dirpath, reason);
}
dirp = dir_open(dirpath);
if (!dirp) {
#ifndef _WIN32
if (g_use_sandbox && (errno == EACCES)) {
// dir may be owned by boinc_apps
return remove_project_owned_file_or_dir(dirpath);
}
#endif
return 0; // if dir doesn't exist, it's empty
}
while (1) {
safe_strcpy(filename, "");
retval = dir_scan(filename, dirp, sizeof(filename));
if (retval) {
if (retval != ERR_NOT_FOUND) {
if (log_flags.slot_debug) {
msg_printf(0, MSG_INFO,
"[slot] dir_scan(%s) failed: %s",
dirpath, boincerror(retval)
);
}
final_retval = retval;
}
break;
}
if (except && !strcmp(except, filename)) {
continue;
}
snprintf(path, sizeof(path), "%s/%s", dirpath, filename);
if (is_dir(path)) {
retval = client_clean_out_dir(path, NULL);
if (retval) final_retval = retval;
retval = remove_project_owned_dir(path);
if (retval) final_retval = retval;
} else {
retval = delete_project_owned_file(path, false);
if (retval) final_retval = retval;
}
}
dir_close(dirp);
return final_retval;
}
int remove_project_owned_dir(const char* name) {
#ifdef _WIN32
if (!RemoveDirectory(name)) {
return GetLastError();
}
return 0;
#else
int retval;
retval = rmdir(name);
// We may not have permission to read subdirectories created by projects
if (retval && g_use_sandbox && (errno == EACCES)) {
retval = remove_project_owned_file_or_dir(name);
}
return retval;
#endif
}