This source file includes following definitions.
- sigchld_setup
- sigchld_open
- sigchld_close
- sigchld_received
- sigchld_cleanup
- sigchld_handler
- sigchld_setup
- sigchld_open
- sigchld_close
- sigchld_received
- sigchld_cleanup
- close_pipe
- svc_read_output
- dispatch_stdout
- dispatch_stderr
- pipe_out_done
- pipe_err_done
- set_ocf_env
- set_ocf_env_with_prefix
- set_alert_env
- add_action_env_vars
- pipe_in_single_parameter
- pipe_in_action_stdin_parameters
- recurring_action_timer
- services__finalize_async_op
- close_op_input
- finish_op_output
- log_op_output
- parse_exit_reason_from_stderr
- async_action_complete
- services__generic_error
- services__not_installed_error
- services__authorization_error
- services__configuration_error
- services__handle_exec_error
- exit_child
- action_launch_child
- wait_for_sync_result
- services__execute_file
- services_os_get_single_directory_list
- services_os_get_directory_list
1
2
3
4
5
6
7
8
9
10 #include <crm_internal.h>
11
12 #ifndef _GNU_SOURCE
13 # define _GNU_SOURCE
14 #endif
15
16 #include <sys/types.h>
17 #include <sys/stat.h>
18 #include <sys/wait.h>
19 #include <errno.h>
20 #include <unistd.h>
21 #include <dirent.h>
22 #include <grp.h>
23 #include <string.h>
24 #include <sys/time.h>
25 #include <sys/resource.h>
26
27 #include "crm/crm.h"
28 #include "crm/common/mainloop.h"
29 #include "crm/services.h"
30 #include "crm/services_internal.h"
31
32 #include "services_private.h"
33
34 static void close_pipe(int fildes[]);
35
36
37
38
39
40
41
42
43
44 #ifdef HAVE_SYS_SIGNALFD_H
45
46
47
48 #include <sys/signalfd.h>
49
50
51 struct sigchld_data_s {
52 sigset_t mask;
53 sigset_t old_mask;
54 };
55
56
57 static bool
58 sigchld_setup(struct sigchld_data_s *data)
59 {
60 sigemptyset(&(data->mask));
61 sigaddset(&(data->mask), SIGCHLD);
62
63 sigemptyset(&(data->old_mask));
64
65
66 if (sigprocmask(SIG_BLOCK, &(data->mask), &(data->old_mask)) < 0) {
67 crm_info("Wait for child process completion failed: %s "
68 CRM_XS " source=sigprocmask", pcmk_rc_str(errno));
69 return false;
70 }
71 return true;
72 }
73
74
75 static int
76 sigchld_open(struct sigchld_data_s *data)
77 {
78 int fd;
79
80 CRM_CHECK(data != NULL, return -1);
81
82 fd = signalfd(-1, &(data->mask), SFD_NONBLOCK);
83 if (fd < 0) {
84 crm_info("Wait for child process completion failed: %s "
85 CRM_XS " source=signalfd", pcmk_rc_str(errno));
86 }
87 return fd;
88 }
89
90
91 static void
92 sigchld_close(int fd)
93 {
94 if (fd > 0) {
95 close(fd);
96 }
97 }
98
99
100 static bool
101 sigchld_received(int fd)
102 {
103 struct signalfd_siginfo fdsi;
104 ssize_t s;
105
106 if (fd < 0) {
107 return false;
108 }
109 s = read(fd, &fdsi, sizeof(struct signalfd_siginfo));
110 if (s != sizeof(struct signalfd_siginfo)) {
111 crm_info("Wait for child process completion failed: %s "
112 CRM_XS " source=read", pcmk_rc_str(errno));
113
114 } else if (fdsi.ssi_signo == SIGCHLD) {
115 return true;
116 }
117 return false;
118 }
119
120
121 static void
122 sigchld_cleanup(struct sigchld_data_s *data)
123 {
124
125 if ((sigismember(&(data->old_mask), SIGCHLD) == 0)
126 && (sigprocmask(SIG_UNBLOCK, &(data->mask), NULL) < 0)) {
127 crm_warn("Could not clean up after child process completion: %s",
128 pcmk_rc_str(errno));
129 }
130 }
131
132 #else
133
134
135
136 struct sigchld_data_s {
137 int pipe_fd[2];
138 struct sigaction sa;
139 struct sigaction old_sa;
140 };
141
142
143 volatile struct sigchld_data_s *last_sigchld_data = NULL;
144
145 static void
146 sigchld_handler(void)
147 {
148
149 if ((last_sigchld_data != NULL)
150 && (last_sigchld_data->pipe_fd[1] >= 0)
151 && (write(last_sigchld_data->pipe_fd[1], "", 1) == -1)) {
152 crm_info("Wait for child process completion failed: %s "
153 CRM_XS " source=write", pcmk_rc_str(errno));
154 }
155 }
156
157 static bool
158 sigchld_setup(struct sigchld_data_s *data)
159 {
160 int rc;
161
162 data->pipe_fd[0] = data->pipe_fd[1] = -1;
163
164 if (pipe(data->pipe_fd) == -1) {
165 crm_info("Wait for child process completion failed: %s "
166 CRM_XS " source=pipe", pcmk_rc_str(errno));
167 return false;
168 }
169
170 rc = pcmk__set_nonblocking(data->pipe_fd[0]);
171 if (rc != pcmk_rc_ok) {
172 crm_info("Could not set pipe input non-blocking: %s " CRM_XS " rc=%d",
173 pcmk_rc_str(rc), rc);
174 }
175 rc = pcmk__set_nonblocking(data->pipe_fd[1]);
176 if (rc != pcmk_rc_ok) {
177 crm_info("Could not set pipe output non-blocking: %s " CRM_XS " rc=%d",
178 pcmk_rc_str(rc), rc);
179 }
180
181
182 data->sa.sa_handler = (sighandler_t) sigchld_handler;
183 data->sa.sa_flags = 0;
184 sigemptyset(&(data->sa.sa_mask));
185 if (sigaction(SIGCHLD, &(data->sa), &(data->old_sa)) < 0) {
186 crm_info("Wait for child process completion failed: %s "
187 CRM_XS " source=sigaction", pcmk_rc_str(errno));
188 }
189
190
191 last_sigchld_data = data;
192 return true;
193 }
194
195 static int
196 sigchld_open(struct sigchld_data_s *data)
197 {
198 CRM_CHECK(data != NULL, return -1);
199 return data->pipe_fd[0];
200 }
201
202 static void
203 sigchld_close(int fd)
204 {
205
206 return;
207 }
208
209 static bool
210 sigchld_received(int fd)
211 {
212 char ch;
213
214 if (fd < 0) {
215 return false;
216 }
217
218
219 while (read(fd, &ch, 1) == 1) ;
220 return true;
221 }
222
223 static void
224 sigchld_cleanup(struct sigchld_data_s *data)
225 {
226
227 if (sigaction(SIGCHLD, &(data->old_sa), NULL) < 0) {
228 crm_warn("Could not clean up after child process completion: %s",
229 pcmk_rc_str(errno));
230 }
231
232 close_pipe(data->pipe_fd);
233 }
234
235 #endif
236
237
238
239
240
241
242
243 static void
244 close_pipe(int fildes[])
245 {
246 if (fildes[0] >= 0) {
247 close(fildes[0]);
248 fildes[0] = -1;
249 }
250 if (fildes[1] >= 0) {
251 close(fildes[1]);
252 fildes[1] = -1;
253 }
254 }
255
256 static gboolean
257 svc_read_output(int fd, svc_action_t * op, bool is_stderr)
258 {
259 char *data = NULL;
260 int rc = 0, len = 0;
261 char buf[500];
262 static const size_t buf_read_len = sizeof(buf) - 1;
263
264
265 if (fd < 0) {
266 crm_trace("No fd for %s", op->id);
267 return FALSE;
268 }
269
270 if (is_stderr && op->stderr_data) {
271 len = strlen(op->stderr_data);
272 data = op->stderr_data;
273 crm_trace("Reading %s stderr into offset %d", op->id, len);
274
275 } else if (is_stderr == FALSE && op->stdout_data) {
276 len = strlen(op->stdout_data);
277 data = op->stdout_data;
278 crm_trace("Reading %s stdout into offset %d", op->id, len);
279
280 } else {
281 crm_trace("Reading %s %s into offset %d", op->id, is_stderr?"stderr":"stdout", len);
282 }
283
284 do {
285 rc = read(fd, buf, buf_read_len);
286 if (rc > 0) {
287 buf[rc] = 0;
288 crm_trace("Got %d chars: %.80s", rc, buf);
289 data = pcmk__realloc(data, len + rc + 1);
290 len += sprintf(data + len, "%s", buf);
291
292 } else if (errno != EINTR) {
293
294
295
296 rc = FALSE;
297 break;
298 }
299
300 } while (rc == buf_read_len || rc < 0);
301
302 if (is_stderr) {
303 op->stderr_data = data;
304 } else {
305 op->stdout_data = data;
306 }
307
308 return rc;
309 }
310
311 static int
312 dispatch_stdout(gpointer userdata)
313 {
314 svc_action_t *op = (svc_action_t *) userdata;
315
316 return svc_read_output(op->opaque->stdout_fd, op, FALSE);
317 }
318
319 static int
320 dispatch_stderr(gpointer userdata)
321 {
322 svc_action_t *op = (svc_action_t *) userdata;
323
324 return svc_read_output(op->opaque->stderr_fd, op, TRUE);
325 }
326
327 static void
328 pipe_out_done(gpointer user_data)
329 {
330 svc_action_t *op = (svc_action_t *) user_data;
331
332 crm_trace("%p", op);
333
334 op->opaque->stdout_gsource = NULL;
335 if (op->opaque->stdout_fd > STDOUT_FILENO) {
336 close(op->opaque->stdout_fd);
337 }
338 op->opaque->stdout_fd = -1;
339 }
340
341 static void
342 pipe_err_done(gpointer user_data)
343 {
344 svc_action_t *op = (svc_action_t *) user_data;
345
346 op->opaque->stderr_gsource = NULL;
347 if (op->opaque->stderr_fd > STDERR_FILENO) {
348 close(op->opaque->stderr_fd);
349 }
350 op->opaque->stderr_fd = -1;
351 }
352
353 static struct mainloop_fd_callbacks stdout_callbacks = {
354 .dispatch = dispatch_stdout,
355 .destroy = pipe_out_done,
356 };
357
358 static struct mainloop_fd_callbacks stderr_callbacks = {
359 .dispatch = dispatch_stderr,
360 .destroy = pipe_err_done,
361 };
362
363 static void
364 set_ocf_env(const char *key, const char *value, gpointer user_data)
365 {
366 if (setenv(key, value, 1) != 0) {
367 crm_perror(LOG_ERR, "setenv failed for key:%s and value:%s", key, value);
368 }
369 }
370
371 static void
372 set_ocf_env_with_prefix(gpointer key, gpointer value, gpointer user_data)
373 {
374 char buffer[500];
375
376 snprintf(buffer, sizeof(buffer), strcmp(key, "OCF_CHECK_LEVEL") != 0 ? "OCF_RESKEY_%s" : "%s", (char *)key);
377 set_ocf_env(buffer, value, user_data);
378 }
379
380 static void
381 set_alert_env(gpointer key, gpointer value, gpointer user_data)
382 {
383 int rc;
384
385 if (value != NULL) {
386 rc = setenv(key, value, 1);
387 } else {
388 rc = unsetenv(key);
389 }
390
391 if (rc < 0) {
392 crm_perror(LOG_ERR, "setenv %s=%s",
393 (char*)key, (value? (char*)value : ""));
394 } else {
395 crm_trace("setenv %s=%s", (char*)key, (value? (char*)value : ""));
396 }
397 }
398
399
400
401
402
403
404
405 static void
406 add_action_env_vars(const svc_action_t *op)
407 {
408 void (*env_setter)(gpointer, gpointer, gpointer) = NULL;
409 if (op->agent == NULL) {
410 env_setter = set_alert_env;
411
412 } else if (pcmk__str_eq(op->standard, PCMK_RESOURCE_CLASS_OCF, pcmk__str_casei)) {
413 env_setter = set_ocf_env_with_prefix;
414 }
415
416 if (env_setter != NULL && op->params != NULL) {
417 g_hash_table_foreach(op->params, env_setter, NULL);
418 }
419
420 if (env_setter == NULL || env_setter == set_alert_env) {
421 return;
422 }
423
424 set_ocf_env("OCF_RA_VERSION_MAJOR", PCMK_OCF_MAJOR_VERSION, NULL);
425 set_ocf_env("OCF_RA_VERSION_MINOR", PCMK_OCF_MINOR_VERSION, NULL);
426 set_ocf_env("OCF_ROOT", OCF_ROOT_DIR, NULL);
427 set_ocf_env("OCF_EXIT_REASON_PREFIX", PCMK_OCF_REASON_PREFIX, NULL);
428
429 if (op->rsc) {
430 set_ocf_env("OCF_RESOURCE_INSTANCE", op->rsc, NULL);
431 }
432
433 if (op->agent != NULL) {
434 set_ocf_env("OCF_RESOURCE_TYPE", op->agent, NULL);
435 }
436
437
438 if (op->provider != NULL) {
439 set_ocf_env("OCF_RESOURCE_PROVIDER", op->provider, NULL);
440 }
441 }
442
443 static void
444 pipe_in_single_parameter(gpointer key, gpointer value, gpointer user_data)
445 {
446 svc_action_t *op = user_data;
447 char *buffer = crm_strdup_printf("%s=%s\n", (char *)key, (char *) value);
448 int ret, total = 0, len = strlen(buffer);
449
450 do {
451 errno = 0;
452 ret = write(op->opaque->stdin_fd, buffer + total, len - total);
453 if (ret > 0) {
454 total += ret;
455 }
456
457 } while ((errno == EINTR) && (total < len));
458 free(buffer);
459 }
460
461
462
463
464
465
466
467 static void
468 pipe_in_action_stdin_parameters(const svc_action_t *op)
469 {
470 if (op->params) {
471 g_hash_table_foreach(op->params, pipe_in_single_parameter, (gpointer) op);
472 }
473 }
474
475 gboolean
476 recurring_action_timer(gpointer data)
477 {
478 svc_action_t *op = data;
479
480 crm_debug("Scheduling another invocation of %s", op->id);
481
482
483 free(op->stdout_data);
484 op->stdout_data = NULL;
485 free(op->stderr_data);
486 op->stderr_data = NULL;
487 op->opaque->repeat_timer = 0;
488
489 services_action_async(op, NULL);
490 return FALSE;
491 }
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511 int
512 services__finalize_async_op(svc_action_t *op)
513 {
514 CRM_CHECK((op != NULL) && !(op->synchronous), return EINVAL);
515
516 if (op->interval_ms != 0) {
517
518 if (op->cancel) {
519 services__set_cancelled(op);
520 cancel_recurring_action(op);
521 } else {
522 op->opaque->repeat_timer = g_timeout_add(op->interval_ms,
523 recurring_action_timer,
524 (void *) op);
525 }
526 }
527
528 if (op->opaque->callback != NULL) {
529 op->opaque->callback(op);
530 }
531
532
533 op->pid = 0;
534 services_untrack_op(op);
535
536 if ((op->interval_ms != 0) && !(op->cancel)) {
537
538 services_action_cleanup(op);
539 return EBUSY;
540 }
541
542 services_action_free(op);
543 return pcmk_rc_ok;
544 }
545
546 static void
547 close_op_input(svc_action_t *op)
548 {
549 if (op->opaque->stdin_fd >= 0) {
550 close(op->opaque->stdin_fd);
551 }
552 }
553
554 static void
555 finish_op_output(svc_action_t *op, bool is_stderr)
556 {
557 mainloop_io_t **source;
558 int fd;
559
560 if (is_stderr) {
561 source = &(op->opaque->stderr_gsource);
562 fd = op->opaque->stderr_fd;
563 } else {
564 source = &(op->opaque->stdout_gsource);
565 fd = op->opaque->stdout_fd;
566 }
567
568 if (op->synchronous || *source) {
569 crm_trace("Finish reading %s[%d] %s",
570 op->id, op->pid, (is_stderr? "stderr" : "stdout"));
571 svc_read_output(fd, op, is_stderr);
572 if (op->synchronous) {
573 close(fd);
574 } else {
575 mainloop_del_fd(*source);
576 *source = NULL;
577 }
578 }
579 }
580
581
582 static void
583 log_op_output(svc_action_t *op)
584 {
585 char *prefix = crm_strdup_printf("%s[%d] error output", op->id, op->pid);
586
587
588
589
590
591 crm_log_output(LOG_INFO, prefix, op->stderr_data);
592 strcpy(prefix + strlen(prefix) - strlen("error output"), "output");
593 crm_log_output(LOG_DEBUG, prefix, op->stdout_data);
594 free(prefix);
595 }
596
597
598 #define EXIT_REASON_MAX_LEN 128
599
600 static void
601 parse_exit_reason_from_stderr(svc_action_t *op)
602 {
603 const char *reason_start = NULL;
604 const char *reason_end = NULL;
605 const int prefix_len = strlen(PCMK_OCF_REASON_PREFIX);
606
607 if ((op->stderr_data == NULL) ||
608
609 !pcmk__str_eq(op->standard, PCMK_RESOURCE_CLASS_OCF, pcmk__str_none)) {
610 return;
611 }
612
613
614 for (const char *cur = strstr(op->stderr_data, PCMK_OCF_REASON_PREFIX);
615 cur != NULL; cur = strstr(cur, PCMK_OCF_REASON_PREFIX)) {
616
617 cur += prefix_len;
618 reason_start = cur;
619 }
620
621 if ((reason_start == NULL) || (reason_start[0] == '\n')
622 || (reason_start[0] == '\0')) {
623 return;
624 }
625
626
627 reason_end = strchr(reason_start, '\n');
628 if (reason_end == NULL) {
629 reason_end = reason_start + strlen(reason_start);
630 }
631
632
633 if (reason_end > (reason_start + EXIT_REASON_MAX_LEN)) {
634 reason_end = reason_start + EXIT_REASON_MAX_LEN;
635 }
636
637 free(op->opaque->exit_reason);
638 op->opaque->exit_reason = strndup(reason_start, reason_end - reason_start);
639 }
640
641
642
643
644
645
646
647
648
649
650
651 static void
652 async_action_complete(mainloop_child_t *p, pid_t pid, int core, int signo,
653 int exitcode)
654 {
655 svc_action_t *op = mainloop_child_userdata(p);
656
657 mainloop_clear_child_userdata(p);
658 CRM_CHECK(op->pid == pid,
659 services__set_result(op, services__generic_error(op),
660 PCMK_EXEC_ERROR, "Bug in mainloop handling");
661 return);
662
663
664
665
666
667 finish_op_output(op, true);
668 finish_op_output(op, false);
669
670 close_op_input(op);
671
672 if (signo == 0) {
673 crm_debug("%s[%d] exited with status %d", op->id, op->pid, exitcode);
674 services__set_result(op, exitcode, PCMK_EXEC_DONE, NULL);
675 log_op_output(op);
676 parse_exit_reason_from_stderr(op);
677
678 } else if (mainloop_child_timeout(p)) {
679 const char *kind = services__action_kind(op);
680
681 crm_info("%s %s[%d] timed out after %s",
682 kind, op->id, op->pid, pcmk__readable_interval(op->timeout));
683 services__format_result(op, services__generic_error(op),
684 PCMK_EXEC_TIMEOUT,
685 "%s did not complete within %s",
686 kind, pcmk__readable_interval(op->timeout));
687
688 } else if (op->cancel) {
689
690
691
692 crm_info("%s[%d] terminated with signal %d (%s)",
693 op->id, op->pid, signo, strsignal(signo));
694 services__set_result(op, PCMK_OCF_OK, PCMK_EXEC_CANCELLED, NULL);
695
696 } else {
697 crm_info("%s[%d] terminated with signal %d (%s)",
698 op->id, op->pid, signo, strsignal(signo));
699 services__format_result(op, PCMK_OCF_UNKNOWN_ERROR, PCMK_EXEC_ERROR,
700 "%s interrupted by %s signal",
701 services__action_kind(op), strsignal(signo));
702 }
703
704 services__finalize_async_op(op);
705 }
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720 int
721 services__generic_error(const svc_action_t *op)
722 {
723 if ((op == NULL) || (op->standard == NULL)) {
724 return PCMK_OCF_UNKNOWN_ERROR;
725 }
726
727 if (pcmk__str_eq(op->standard, PCMK_RESOURCE_CLASS_LSB, pcmk__str_casei)
728 && pcmk__str_eq(op->action, PCMK_ACTION_STATUS, pcmk__str_casei)) {
729
730 return PCMK_LSB_STATUS_UNKNOWN;
731 }
732
733 #if SUPPORT_NAGIOS
734 if (pcmk__str_eq(op->standard, PCMK_RESOURCE_CLASS_NAGIOS, pcmk__str_casei)) {
735 return NAGIOS_STATE_UNKNOWN;
736 }
737 #endif
738
739 return PCMK_OCF_UNKNOWN_ERROR;
740 }
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755 int
756 services__not_installed_error(const svc_action_t *op)
757 {
758 if ((op == NULL) || (op->standard == NULL)) {
759 return PCMK_OCF_UNKNOWN_ERROR;
760 }
761
762 if (pcmk__str_eq(op->standard, PCMK_RESOURCE_CLASS_LSB, pcmk__str_casei)
763 && pcmk__str_eq(op->action, PCMK_ACTION_STATUS, pcmk__str_casei)) {
764
765 return PCMK_LSB_STATUS_NOT_INSTALLED;
766 }
767
768 #if SUPPORT_NAGIOS
769 if (pcmk__str_eq(op->standard, PCMK_RESOURCE_CLASS_NAGIOS, pcmk__str_casei)) {
770 return NAGIOS_STATE_UNKNOWN;
771 }
772 #endif
773
774 return PCMK_OCF_NOT_INSTALLED;
775 }
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790 int
791 services__authorization_error(const svc_action_t *op)
792 {
793 if ((op == NULL) || (op->standard == NULL)) {
794 return PCMK_OCF_UNKNOWN_ERROR;
795 }
796
797 if (pcmk__str_eq(op->standard, PCMK_RESOURCE_CLASS_LSB, pcmk__str_casei)
798 && pcmk__str_eq(op->action, PCMK_ACTION_STATUS, pcmk__str_casei)) {
799
800 return PCMK_LSB_STATUS_INSUFFICIENT_PRIV;
801 }
802
803 #if SUPPORT_NAGIOS
804 if (pcmk__str_eq(op->standard, PCMK_RESOURCE_CLASS_NAGIOS, pcmk__str_casei)) {
805 return NAGIOS_INSUFFICIENT_PRIV;
806 }
807 #endif
808
809 return PCMK_OCF_INSUFFICIENT_PRIV;
810 }
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826 int
827 services__configuration_error(const svc_action_t *op, bool is_fatal)
828 {
829 if ((op == NULL) || (op->standard == NULL)) {
830 return PCMK_OCF_UNKNOWN_ERROR;
831 }
832
833 if (pcmk__str_eq(op->standard, PCMK_RESOURCE_CLASS_LSB, pcmk__str_casei)
834 && pcmk__str_eq(op->action, PCMK_ACTION_STATUS, pcmk__str_casei)) {
835
836 return PCMK_LSB_NOT_CONFIGURED;
837 }
838
839 #if SUPPORT_NAGIOS
840 if (pcmk__str_eq(op->standard, PCMK_RESOURCE_CLASS_NAGIOS, pcmk__str_casei)) {
841 return NAGIOS_STATE_UNKNOWN;
842 }
843 #endif
844
845 return is_fatal? PCMK_OCF_NOT_CONFIGURED : PCMK_OCF_INVALID_PARAM;
846 }
847
848
849
850
851
852
853
854
855
856
857
858 void
859 services__handle_exec_error(svc_action_t * op, int error)
860 {
861 const char *name = op->opaque->exec;
862
863 if (name == NULL) {
864 name = op->agent;
865 if (name == NULL) {
866 name = op->id;
867 }
868 }
869
870 switch (error) {
871 case ENOENT:
872 case EISDIR:
873 case ENOTDIR:
874 case EINVAL:
875 case ENOEXEC:
876 services__format_result(op, services__not_installed_error(op),
877 PCMK_EXEC_NOT_INSTALLED, "%s: %s",
878 name, pcmk_rc_str(error));
879 break;
880 case EACCES:
881 case EPERM:
882 services__format_result(op, services__authorization_error(op),
883 PCMK_EXEC_ERROR, "%s: %s",
884 name, pcmk_rc_str(error));
885 break;
886 default:
887 services__set_result(op, services__generic_error(op),
888 PCMK_EXEC_ERROR, pcmk_rc_str(error));
889 }
890 }
891
892
893
894
895
896
897
898
899
900 static void
901 exit_child(const svc_action_t *op, int exit_status, const char *exit_reason)
902 {
903 if ((op != NULL) && (exit_reason != NULL)
904 && pcmk__str_eq(op->standard, PCMK_RESOURCE_CLASS_OCF,
905 pcmk__str_none)) {
906 fprintf(stderr, PCMK_OCF_REASON_PREFIX "%s\n", exit_reason);
907 }
908 _exit(exit_status);
909 }
910
911 static void
912 action_launch_child(svc_action_t *op)
913 {
914 int rc;
915
916
917
918
919
920
921 signal(SIGPIPE, SIG_DFL);
922
923 #if defined(HAVE_SCHED_SETSCHEDULER)
924 if (sched_getscheduler(0) != SCHED_OTHER) {
925 struct sched_param sp;
926
927 memset(&sp, 0, sizeof(sp));
928 sp.sched_priority = 0;
929
930 if (sched_setscheduler(0, SCHED_OTHER, &sp) == -1) {
931 crm_info("Could not reset scheduling policy for %s", op->id);
932 }
933 }
934 #endif
935 if (setpriority(PRIO_PROCESS, 0, 0) == -1) {
936 crm_info("Could not reset process priority for %s", op->id);
937 }
938
939
940
941
942
943 setpgid(0, 0);
944
945 pcmk__close_fds_in_child(false);
946
947
948
949
950
951
952
953
954 #if SUPPORT_CIBSECRETS
955 rc = pcmk__substitute_secrets(op->rsc, op->params);
956 if (rc != pcmk_rc_ok) {
957 if (pcmk__str_eq(op->action, PCMK_ACTION_STOP, pcmk__str_casei)) {
958 crm_info("Proceeding with stop operation for %s "
959 "despite being unable to load CIB secrets (%s)",
960 op->rsc, pcmk_rc_str(rc));
961 } else {
962 crm_err("Considering %s unconfigured "
963 "because unable to load CIB secrets: %s",
964 op->rsc, pcmk_rc_str(rc));
965 exit_child(op, services__configuration_error(op, false),
966 "Unable to load CIB secrets");
967 }
968 }
969 #endif
970
971 add_action_env_vars(op);
972
973
974 if (op->opaque->uid && (geteuid() == 0)) {
975
976
977 if (op->opaque->gid && (setgid(op->opaque->gid) < 0)) {
978 crm_err("Considering %s unauthorized because could not set "
979 "child group to %d: %s",
980 op->id, op->opaque->gid, strerror(errno));
981 exit_child(op, services__authorization_error(op),
982 "Could not set group for child process");
983 }
984
985
986
987 if (setgroups(0, NULL) < 0) {
988 crm_err("Considering %s unauthorized because could not "
989 "clear supplementary groups: %s", op->id, strerror(errno));
990 exit_child(op, services__authorization_error(op),
991 "Could not clear supplementary groups for child process");
992 }
993
994
995 if (setuid(op->opaque->uid) < 0) {
996 crm_err("Considering %s unauthorized because could not set user "
997 "to %d: %s", op->id, op->opaque->uid, strerror(errno));
998 exit_child(op, services__authorization_error(op),
999 "Could not set user for child process");
1000 }
1001 }
1002
1003
1004 execvp(op->opaque->exec, op->opaque->args);
1005
1006
1007 rc = errno;
1008 services__handle_exec_error(op, rc);
1009 crm_err("Unable to execute %s: %s", op->id, strerror(rc));
1010 exit_child(op, op->rc, "Child process was unable to execute file");
1011 }
1012
1013
1014
1015
1016
1017
1018
1019
1020 static void
1021 wait_for_sync_result(svc_action_t *op, struct sigchld_data_s *data)
1022 {
1023 int status = 0;
1024 int timeout = op->timeout;
1025 time_t start = time(NULL);
1026 struct pollfd fds[3];
1027 int wait_rc = 0;
1028 const char *wait_reason = NULL;
1029
1030 fds[0].fd = op->opaque->stdout_fd;
1031 fds[0].events = POLLIN;
1032 fds[0].revents = 0;
1033
1034 fds[1].fd = op->opaque->stderr_fd;
1035 fds[1].events = POLLIN;
1036 fds[1].revents = 0;
1037
1038 fds[2].fd = sigchld_open(data);
1039 fds[2].events = POLLIN;
1040 fds[2].revents = 0;
1041
1042 crm_trace("Waiting for %s[%d]", op->id, op->pid);
1043 do {
1044 int poll_rc = poll(fds, 3, timeout);
1045
1046 wait_reason = NULL;
1047
1048 if (poll_rc > 0) {
1049 if (fds[0].revents & POLLIN) {
1050 svc_read_output(op->opaque->stdout_fd, op, FALSE);
1051 }
1052
1053 if (fds[1].revents & POLLIN) {
1054 svc_read_output(op->opaque->stderr_fd, op, TRUE);
1055 }
1056
1057 if ((fds[2].revents & POLLIN) && sigchld_received(fds[2].fd)) {
1058 wait_rc = waitpid(op->pid, &status, WNOHANG);
1059
1060 if ((wait_rc > 0) || ((wait_rc < 0) && (errno == ECHILD))) {
1061
1062 break;
1063
1064 } else if (wait_rc < 0) {
1065 wait_reason = pcmk_rc_str(errno);
1066 crm_info("Wait for completion of %s[%d] failed: %s "
1067 CRM_XS " source=waitpid",
1068 op->id, op->pid, wait_reason);
1069 wait_rc = 0;
1070 }
1071 }
1072
1073 } else if (poll_rc == 0) {
1074
1075 timeout = 0;
1076 break;
1077
1078 } else if ((poll_rc < 0) && (errno != EINTR)) {
1079 wait_reason = pcmk_rc_str(errno);
1080 crm_info("Wait for completion of %s[%d] failed: %s "
1081 CRM_XS " source=poll", op->id, op->pid, wait_reason);
1082 break;
1083 }
1084
1085 timeout = op->timeout - (time(NULL) - start) * 1000;
1086
1087 } while ((op->timeout < 0 || timeout > 0));
1088
1089 crm_trace("Stopped waiting for %s[%d]", op->id, op->pid);
1090 finish_op_output(op, true);
1091 finish_op_output(op, false);
1092 close_op_input(op);
1093 sigchld_close(fds[2].fd);
1094
1095 if (wait_rc <= 0) {
1096
1097 if ((op->timeout > 0) && (timeout <= 0)) {
1098 services__format_result(op, services__generic_error(op),
1099 PCMK_EXEC_TIMEOUT,
1100 "%s did not exit within specified timeout",
1101 services__action_kind(op));
1102 crm_info("%s[%d] timed out after %dms",
1103 op->id, op->pid, op->timeout);
1104
1105 } else {
1106 services__set_result(op, services__generic_error(op),
1107 PCMK_EXEC_ERROR, wait_reason);
1108 }
1109
1110
1111
1112 if ((wait_rc == 0) && (waitpid(op->pid, &status, WNOHANG) == 0)) {
1113 if (kill(op->pid, SIGKILL)) {
1114 crm_warn("Could not kill rogue child %s[%d]: %s",
1115 op->id, op->pid, pcmk_rc_str(errno));
1116 }
1117
1118 while ((waitpid(op->pid, &status, 0) == (pid_t) -1)
1119 && (errno == EINTR)) {
1120 ;
1121 }
1122 }
1123
1124 } else if (WIFEXITED(status)) {
1125 services__set_result(op, WEXITSTATUS(status), PCMK_EXEC_DONE, NULL);
1126 parse_exit_reason_from_stderr(op);
1127 crm_info("%s[%d] exited with status %d", op->id, op->pid, op->rc);
1128
1129 } else if (WIFSIGNALED(status)) {
1130 int signo = WTERMSIG(status);
1131
1132 services__format_result(op, services__generic_error(op),
1133 PCMK_EXEC_ERROR, "%s interrupted by %s signal",
1134 services__action_kind(op), strsignal(signo));
1135 crm_info("%s[%d] terminated with signal %d (%s)",
1136 op->id, op->pid, signo, strsignal(signo));
1137
1138 #ifdef WCOREDUMP
1139 if (WCOREDUMP(status)) {
1140 crm_warn("%s[%d] dumped core", op->id, op->pid);
1141 }
1142 #endif
1143
1144 } else {
1145
1146 services__set_result(op, services__generic_error(op), PCMK_EXEC_ERROR,
1147 "Unable to wait for child to complete");
1148 }
1149 }
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167 int
1168 services__execute_file(svc_action_t *op)
1169 {
1170 int stdout_fd[2];
1171 int stderr_fd[2];
1172 int stdin_fd[2] = {-1, -1};
1173 int rc;
1174 struct stat st;
1175 struct sigchld_data_s data;
1176
1177
1178 if (stat(op->opaque->exec, &st) != 0) {
1179 rc = errno;
1180 crm_info("Cannot execute '%s': %s " CRM_XS " stat rc=%d",
1181 op->opaque->exec, pcmk_rc_str(rc), rc);
1182 services__handle_exec_error(op, rc);
1183 goto done;
1184 }
1185
1186 if (pipe(stdout_fd) < 0) {
1187 rc = errno;
1188 crm_info("Cannot execute '%s': %s " CRM_XS " pipe(stdout) rc=%d",
1189 op->opaque->exec, pcmk_rc_str(rc), rc);
1190 services__handle_exec_error(op, rc);
1191 goto done;
1192 }
1193
1194 if (pipe(stderr_fd) < 0) {
1195 rc = errno;
1196
1197 close_pipe(stdout_fd);
1198
1199 crm_info("Cannot execute '%s': %s " CRM_XS " pipe(stderr) rc=%d",
1200 op->opaque->exec, pcmk_rc_str(rc), rc);
1201 services__handle_exec_error(op, rc);
1202 goto done;
1203 }
1204
1205 if (pcmk_is_set(pcmk_get_ra_caps(op->standard), pcmk_ra_cap_stdin)) {
1206 if (pipe(stdin_fd) < 0) {
1207 rc = errno;
1208
1209 close_pipe(stdout_fd);
1210 close_pipe(stderr_fd);
1211
1212 crm_info("Cannot execute '%s': %s " CRM_XS " pipe(stdin) rc=%d",
1213 op->opaque->exec, pcmk_rc_str(rc), rc);
1214 services__handle_exec_error(op, rc);
1215 goto done;
1216 }
1217 }
1218
1219 if (op->synchronous && !sigchld_setup(&data)) {
1220 close_pipe(stdin_fd);
1221 close_pipe(stdout_fd);
1222 close_pipe(stderr_fd);
1223 sigchld_cleanup(&data);
1224 services__set_result(op, services__generic_error(op), PCMK_EXEC_ERROR,
1225 "Could not manage signals for child process");
1226 goto done;
1227 }
1228
1229 op->pid = fork();
1230 switch (op->pid) {
1231 case -1:
1232 rc = errno;
1233 close_pipe(stdin_fd);
1234 close_pipe(stdout_fd);
1235 close_pipe(stderr_fd);
1236
1237 crm_info("Cannot execute '%s': %s " CRM_XS " fork rc=%d",
1238 op->opaque->exec, pcmk_rc_str(rc), rc);
1239 services__handle_exec_error(op, rc);
1240 if (op->synchronous) {
1241 sigchld_cleanup(&data);
1242 }
1243 goto done;
1244 break;
1245
1246 case 0:
1247 close(stdout_fd[0]);
1248 close(stderr_fd[0]);
1249 if (stdin_fd[1] >= 0) {
1250 close(stdin_fd[1]);
1251 }
1252 if (STDOUT_FILENO != stdout_fd[1]) {
1253 if (dup2(stdout_fd[1], STDOUT_FILENO) != STDOUT_FILENO) {
1254 crm_warn("Can't redirect output from '%s': %s "
1255 CRM_XS " errno=%d",
1256 op->opaque->exec, pcmk_rc_str(errno), errno);
1257 }
1258 close(stdout_fd[1]);
1259 }
1260 if (STDERR_FILENO != stderr_fd[1]) {
1261 if (dup2(stderr_fd[1], STDERR_FILENO) != STDERR_FILENO) {
1262 crm_warn("Can't redirect error output from '%s': %s "
1263 CRM_XS " errno=%d",
1264 op->opaque->exec, pcmk_rc_str(errno), errno);
1265 }
1266 close(stderr_fd[1]);
1267 }
1268 if ((stdin_fd[0] >= 0) &&
1269 (STDIN_FILENO != stdin_fd[0])) {
1270 if (dup2(stdin_fd[0], STDIN_FILENO) != STDIN_FILENO) {
1271 crm_warn("Can't redirect input to '%s': %s "
1272 CRM_XS " errno=%d",
1273 op->opaque->exec, pcmk_rc_str(errno), errno);
1274 }
1275 close(stdin_fd[0]);
1276 }
1277
1278 if (op->synchronous) {
1279 sigchld_cleanup(&data);
1280 }
1281
1282 action_launch_child(op);
1283 CRM_ASSERT(0);
1284 }
1285
1286
1287 close(stdout_fd[1]);
1288 close(stderr_fd[1]);
1289 if (stdin_fd[0] >= 0) {
1290 close(stdin_fd[0]);
1291 }
1292
1293 op->opaque->stdout_fd = stdout_fd[0];
1294 rc = pcmk__set_nonblocking(op->opaque->stdout_fd);
1295 if (rc != pcmk_rc_ok) {
1296 crm_info("Could not set '%s' output non-blocking: %s "
1297 CRM_XS " rc=%d",
1298 op->opaque->exec, pcmk_rc_str(rc), rc);
1299 }
1300
1301 op->opaque->stderr_fd = stderr_fd[0];
1302 rc = pcmk__set_nonblocking(op->opaque->stderr_fd);
1303 if (rc != pcmk_rc_ok) {
1304 crm_info("Could not set '%s' error output non-blocking: %s "
1305 CRM_XS " rc=%d",
1306 op->opaque->exec, pcmk_rc_str(rc), rc);
1307 }
1308
1309 op->opaque->stdin_fd = stdin_fd[1];
1310 if (op->opaque->stdin_fd >= 0) {
1311
1312
1313 rc = pcmk__set_nonblocking(op->opaque->stdin_fd);
1314 if (rc != pcmk_rc_ok) {
1315 crm_info("Could not set '%s' input non-blocking: %s "
1316 CRM_XS " fd=%d,rc=%d", op->opaque->exec,
1317 pcmk_rc_str(rc), op->opaque->stdin_fd, rc);
1318 }
1319 pipe_in_action_stdin_parameters(op);
1320
1321 close(op->opaque->stdin_fd);
1322 op->opaque->stdin_fd = -1;
1323 }
1324
1325
1326 if (op->opaque->fork_callback) {
1327 op->opaque->fork_callback(op);
1328 }
1329
1330 if (op->synchronous) {
1331 wait_for_sync_result(op, &data);
1332 sigchld_cleanup(&data);
1333 goto done;
1334 }
1335
1336 crm_trace("Waiting async for '%s'[%d]", op->opaque->exec, op->pid);
1337 mainloop_child_add_with_flags(op->pid, op->timeout, op->id, op,
1338 pcmk_is_set(op->flags, SVC_ACTION_LEAVE_GROUP)? mainloop_leave_pid_group : 0,
1339 async_action_complete);
1340
1341 op->opaque->stdout_gsource = mainloop_add_fd(op->id,
1342 G_PRIORITY_LOW,
1343 op->opaque->stdout_fd, op,
1344 &stdout_callbacks);
1345 op->opaque->stderr_gsource = mainloop_add_fd(op->id,
1346 G_PRIORITY_LOW,
1347 op->opaque->stderr_fd, op,
1348 &stderr_callbacks);
1349 services_add_inflight_op(op);
1350 return pcmk_rc_ok;
1351
1352 done:
1353 if (op->synchronous) {
1354 return (op->rc == PCMK_OCF_OK)? pcmk_rc_ok : pcmk_rc_error;
1355 } else {
1356 return services__finalize_async_op(op);
1357 }
1358 }
1359
1360 GList *
1361 services_os_get_single_directory_list(const char *root, gboolean files, gboolean executable)
1362 {
1363 GList *list = NULL;
1364 struct dirent **namelist;
1365 int entries = 0, lpc = 0;
1366 char buffer[PATH_MAX];
1367
1368 entries = scandir(root, &namelist, NULL, alphasort);
1369 if (entries <= 0) {
1370 return list;
1371 }
1372
1373 for (lpc = 0; lpc < entries; lpc++) {
1374 struct stat sb;
1375
1376 if ('.' == namelist[lpc]->d_name[0]) {
1377 free(namelist[lpc]);
1378 continue;
1379 }
1380
1381 snprintf(buffer, sizeof(buffer), "%s/%s", root, namelist[lpc]->d_name);
1382
1383 if (stat(buffer, &sb)) {
1384 continue;
1385 }
1386
1387 if (S_ISDIR(sb.st_mode)) {
1388 if (files) {
1389 free(namelist[lpc]);
1390 continue;
1391 }
1392
1393 } else if (S_ISREG(sb.st_mode)) {
1394 if (files == FALSE) {
1395 free(namelist[lpc]);
1396 continue;
1397
1398 } else if (executable
1399 && (sb.st_mode & S_IXUSR) == 0
1400 && (sb.st_mode & S_IXGRP) == 0 && (sb.st_mode & S_IXOTH) == 0) {
1401 free(namelist[lpc]);
1402 continue;
1403 }
1404 }
1405
1406 list = g_list_append(list, strdup(namelist[lpc]->d_name));
1407
1408 free(namelist[lpc]);
1409 }
1410
1411 free(namelist);
1412 return list;
1413 }
1414
1415 GList *
1416 services_os_get_directory_list(const char *root, gboolean files, gboolean executable)
1417 {
1418 GList *result = NULL;
1419 char *dirs = strdup(root);
1420 char *dir = NULL;
1421
1422 if (pcmk__str_empty(dirs)) {
1423 free(dirs);
1424 return result;
1425 }
1426
1427 for (dir = strtok(dirs, ":"); dir != NULL; dir = strtok(NULL, ":")) {
1428 GList *tmp = services_os_get_single_directory_list(dir, files, executable);
1429
1430 if (tmp) {
1431 result = g_list_concat(result, tmp);
1432 }
1433 }
1434
1435 free(dirs);
1436
1437 return result;
1438 }