From patchwork Mon Feb 12 03:00:24 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yousong Zhou X-Patchwork-Id: 871861 X-Patchwork-Delegate: blogic@openwrt.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2001:8b0:10b:1236::1; helo=casper.infradead.org; envelope-from=lede-dev-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=infradead.org header.i=@infradead.org header.b="oGGUwiJX"; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="mTQb2a1I"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="IPnYkx91"; dkim-atps=neutral Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3zfrYM6mmqz9sPk for ; Mon, 12 Feb 2018 14:21:27 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:MIME-Version:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:Subject:Message-Id:Date:To:From:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Owner; bh=I+UY6q5VaN1XCFNfMBuMS5w+8xiv1QZ4pMbxEipAhgw=; b=oGGUwiJXztg/fdXNRC/qKez11E 2uQJZChAMb2357xlRehOzxzXks5E7COa5xxeVrIK45kWcosNKbn9Sq25ZagH8Ex3X46Mvqyiab0UK 7GLu34xyjKulyfuDPY7jFrmYvQlnjAZ+ftw9O8oxqiuf8YsypBm6xxX9y+4tIYsfWsjp62AXytkjC h7ABvI9cahWFKKpuSOyQl0BVt1IdOsK3GweBogBcB6185n1ss2IQLuaxo+YZ8/t4UcbwFyfvZ48Oj 6D2Ft7WjxQVxuegNnPYUuQ5JmAc8z7skm7BhEgxV5hhDneohEjOMLO3Q547Osjl688vNI8W2Tx9b3 Eyhi8Tlw==; Received: from [198.137.202.133] (helo=bombadil.infradead.org) by casper.infradead.org with esmtps (Exim 4.89 #1 (Red Hat Linux)) id 1el4g1-00030z-Rh for incoming@patchwork.ozlabs.org; Mon, 12 Feb 2018 03:21:10 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:Subject:Message-Id: Date:To:From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=I+UY6q5VaN1XCFNfMBuMS5w+8xiv1QZ4pMbxEipAhgw=; b=mTQb2a1IQrj0jQ 4T3BmtTuu42S8od7eNUyxgILoBVFjMfxnwBVUwrTS3F/yhlBJKK2VmOJXJvFAz1OObzhbfXdtZevn exEaqtikK2kwBXsMgMPOvPgXV95EMTxCnPKhh3HExe4Z14DLDyJeTH+krT3vUrKi2I/rHjutggJrh Dz/yV5RGrR8od8U4taOcB7PkmxtUVEi8DQHVd7gaW5PRL/C5KvSCfcQU+IYSyn2zhaRjYtJcqBilM 8qIxpjradqSL9JC3zxr4F5ftn0pg+pYzo87BlNqt05rBHljPEdAWiUKzEQWc+CltHK+fsSZdw9J52 duVUz1No+BpBdD/BAZMg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.89 #1 (Red Hat Linux)) id 1el4Nx-0002YK-Fv; Mon, 12 Feb 2018 03:02:29 +0000 Received: from mail-ua0-x244.google.com ([2607:f8b0:400c:c08::244]) by bombadil.infradead.org with esmtps (Exim 4.89 #1 (Red Hat Linux)) id 1el4Nu-0002XK-Ij for lede-dev@lists.infradead.org; Mon, 12 Feb 2018 03:02:27 +0000 Received: by mail-ua0-x244.google.com with SMTP id p12so8636088uad.0 for ; Sun, 11 Feb 2018 19:02:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id; bh=ruCa5Zrtz3AtJ6TRBmRZrGGrlQmpabqLo+A+Lp9W+rI=; b=IPnYkx913qNIGLYz6L+FFyxvnZloDHgQ5fckGvmhyUKMwIYWW2wrFgs9WD6OSv4GSY 3yZv7EoPQ/3N6ulXaLjk3FE+RwaJFqOFu5qQvp8WCqwNPp1uD+PgbT/5ZxaR+XHDNqnV khqqPdvt2AYSBjSyi6jAugS2LmdHxorHkrJqCDLYc4OnwFYm+Ysm8JAQZVB0JOReClrl EMJ9r6l7u5ZZ1pqLeGSEbg/q03yfOe0Q/WajF64Z/qcEZDoRNcrCkvJG1ycqS5qbaskM lglo3mf6AzOFIUBicZIH4O4RLyaOO2BidxcNbimW2ohKFd23wpofIBrwCHK/aMcFjE5p lEMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=ruCa5Zrtz3AtJ6TRBmRZrGGrlQmpabqLo+A+Lp9W+rI=; b=RenVOY7TTHiNC1zuvQQKc18LowfilF1f5y0si2sVtDc/o/ie8LO+zIwHjLaluy5Gjb sncczSOpJ+d5YPnqAHLBGa38vkK/tTLAFKpyXdcqP1eQ7Xnlr7Hs9RhYjNLHCAF/mMjm yUFli7BUyvrAqosww5NU6blFKU0HZB3z7U4oqb3Ie5u0TRLMYRGtAD8JfOhskGnxpox4 ElofkKNO4IhvQJPzjxQVf7cl28gFej528HXHyACe8gn8a/RsoWneKRCXJvrGtmQAcVo6 WZu3VD1jIdKlKWl6+co+7Ftq1+UCX8sA2AnbtWY/6s3EvYDpzypGEbTzBaOOrLBfntZQ D2DQ== X-Gm-Message-State: APf1xPD2QCoHUxyU/SJAXomUIZwrzHmM5iAYs7Gcwbx94Mhy24N+LWRS oqeBBklAa0Hi71FrMAM4sbg= X-Google-Smtp-Source: AH8x227u6OAoFD/beDha2RMYIiP3ayoK3P+StUOzu1HiSBc2tkVVzGoIc3BVW7kswh7xWe9bPdIX1w== X-Received: by 10.159.47.17 with SMTP id x17mr10751152uaj.114.1518404533141; Sun, 11 Feb 2018 19:02:13 -0800 (PST) Received: from titan2.office.mos ([104.238.138.31]) by smtp.gmail.com with ESMTPSA id a12sm1035016uak.41.2018.02.11.19.02.10 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 11 Feb 2018 19:02:12 -0800 (PST) From: Yousong Zhou To: john@phrozen.org Date: Mon, 12 Feb 2018 11:00:24 +0800 Message-Id: <1518404425-50957-1-git-send-email-yszhou4tech@gmail.com> X-Mailer: git-send-email 1.8.3.1 X-Spam-Note: CRM114 invocation failed X-Spam-Score: -2.0 (--) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (-2.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400c:c08:0:0:0:244 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (yszhou4tech[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain Subject: [LEDE-DEV] [PATCH v2][procd 1/2] service: add func for string config change check X-BeenThere: lede-dev@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Yousong Zhou , lede-dev@lists.infradead.org MIME-Version: 1.0 Sender: "Lede-dev" Errors-To: lede-dev-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org To also prepare for following commits introducing more string value change detection Signed-off-by: Yousong Zhou --- service/instance.c | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/service/instance.c b/service/instance.c index 12c2efe..c3f8b56 100644 --- a/service/instance.c +++ b/service/instance.c @@ -588,6 +588,11 @@ instance_restart(struct service_instance *in) uloop_timeout_set(&in->timeout, in->term_timeout * 1000); } +static bool string_changed(const char *a, const char *b) +{ + return !((!a && !b) || (a && b && !strcmp(a, b))); +} + static bool instance_config_changed(struct service_instance *in, struct service_instance *in_new) { @@ -615,14 +620,7 @@ instance_config_changed(struct service_instance *in, struct service_instance *in if (in->gid != in_new->gid) return true; - if (in->pidfile && in_new->pidfile) - if (strcmp(in->pidfile, in_new->pidfile)) - return true; - - if (in->pidfile && !in_new->pidfile) - return true; - - if (!in->pidfile && in_new->pidfile) + if (string_changed(in->pidfile, in_new->pidfile)) return true; if (in->respawn_retry != in_new->respawn_retry) From patchwork Mon Feb 12 03:00:25 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yousong Zhou X-Patchwork-Id: 871860 X-Patchwork-Delegate: blogic@openwrt.org Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=lists.infradead.org (client-ip=2001:8b0:10b:1236::1; helo=casper.infradead.org; envelope-from=lede-dev-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=infradead.org header.i=@infradead.org header.b="CoB6fj2V"; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="HmKFTrw1"; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="BD33T+CS"; dkim-atps=neutral Received: from casper.infradead.org (casper.infradead.org [IPv6:2001:8b0:10b:1236::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3zfrWG5Zqkz9sPk for ; Mon, 12 Feb 2018 14:19:36 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:MIME-Version:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:Subject:References:In-Reply-To:Message-Id:Date:To: From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=oQbw52EmnMMX6Xj8/nRhc9BWOFZ5oE5rND8OmvctlSg=; b=CoB6fj2V5MDtkIOXOGHaV5leBz 9YPkjjeYQ7nA2+IyV1AUVVBesUXjbH9nkxAOG18CYJmOkYXH6ytOvMvKyULmg1oV1iRwMrFDO9pd4 moVzvy1XLjvbMFaIlsp6AHiOrcomcHdGeCkIQ/YbmllToGqLhdpVQEjKhPTyWA8Oei6FFzbwPR/Xj YpBDwntg9obARXidOqK36TOoRIjeYPgh6xFQH5uGblS3BXN1ef1VSXbb+Ctm6uGW9e+3g1M8K+zd/ rbL2D70te4iC6YzXsuYZ/3Hw7uf/F7H3Bv3PcSuge9EVq12gMGxQMDaeHK6sSLvk0ETC2eOZ+3P5T 0B6inT7g==; Received: from [198.137.202.133] (helo=bombadil.infradead.org) by casper.infradead.org with esmtps (Exim 4.89 #1 (Red Hat Linux)) id 1el4eI-0002Ej-4w for incoming@patchwork.ozlabs.org; Mon, 12 Feb 2018 03:19:22 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:MIME-Version:Cc:List-Subscribe: List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:Subject:References: In-Reply-To:Message-Id:Date:To:From:Reply-To:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: List-Owner; bh=oQbw52EmnMMX6Xj8/nRhc9BWOFZ5oE5rND8OmvctlSg=; b=HmKFTrw1VbhxYV L0tEdqlrAZdPnS3f+hmYBHUKE8tON5KITQyyUBd85tyLX1JkgBukQ+B2MKZE1WTBONIheifE2cK0E YS9bBSQRUDVct98MPy54XD6v1aA8Lpj374fQ1pcouzLZhjJfcLj6PkvqDznBGqM2P4sj6PrjKNLYO +PQBCKDlbne3DGIXVLdSDsXAILNOQmjlzcjxL4gWPfN/c5YsK9XPJubglRpd5k/IPByejuWJpzwyX lmSk3gmoN/tNvxJM93OnyfwCqGc3vMDKIdYTTrPnVXOcsS/QicFwTeFNT5hayVfIf4DdNveH1SLQ0 5lVmzk1GKAXWY2kS94Dg==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.89 #1 (Red Hat Linux)) id 1el4O5-0002j3-Iu; Mon, 12 Feb 2018 03:02:37 +0000 Received: from mail-vk0-x242.google.com ([2607:f8b0:400c:c05::242]) by bombadil.infradead.org with esmtps (Exim 4.89 #1 (Red Hat Linux)) id 1el4Nu-0002XL-Ns for lede-dev@lists.infradead.org; Mon, 12 Feb 2018 03:02:27 +0000 Received: by mail-vk0-x242.google.com with SMTP id x203so8027208vkx.10 for ; Sun, 11 Feb 2018 19:02:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=FQHwQGf+0mVf0BotcOmiGXB/Ou/eo2u17Dk8iNhGneg=; b=BD33T+CSCLDuUID80KJ7oequIAOhCtSEmBhIHColxI/f0U91/ymyrkOuWizk1uzbZE nw423Z8LOEQ3ut0fI8CxOB5h66ZSuK9469nXFdVEdrKHfwTl4qkDvobggyUreI2TArdS 0J5yGFib+SdBgCXV5wJEVK0vp6iD1cgJP+RVzhG1OoPSW5zVbZws1qQp1De5GVZ1nzo5 JOWHvv/et7f2LOtg5bsDWYVoeJaxM1vL2BteInyFC9lCXxmheqgpvh3ASkwEqevIfgP7 s4bwzEIRywTn81lAlSGC67X7y6W4kir4NLk1jcQTRMBPRyDRQ8LU8Zru4EkluHvcX8S7 kHbg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=FQHwQGf+0mVf0BotcOmiGXB/Ou/eo2u17Dk8iNhGneg=; b=OKAabfYHvwrTdHlQWNTnpri4ec/CB53zYzxozd245EOovM/kBZqtXDw6Y6sZqR3twY qiSycL39zJBgD/Xaa9L9B6pGoRhcknm5uQa2vQKImv94428q8mOf8eExJvmX21anNXJ7 V3AAD80jjRGp5D8L7524WzBrMBGEHRswIs5tY/P8l7fqfCj5RQneavRW0NCFRThQQBYK gnxEOIo59VNnAGIPaXHrfxn6brZ8L1+YKPTUn2bDmmpi62wDMoPWAWoh8X4i64IX2mDO 9snav6/rMc/gxqEhdV6GDIKS6R+EtfB1o2C+/It4yjOyhgI3cM4sO9D+A8qQprm+QMv1 CXug== X-Gm-Message-State: APf1xPCS4qlWSDI1dAkwC0/Gk59buCigm0k7WgC8Nrya6DFTd/zb9VUN y+yAw9wbYiLY3YCE7UA5kYQ= X-Google-Smtp-Source: AH8x226XSsI69VOl8brKwA7SMTXZXmP0XIJ04+hg6R6fC1tfX8Q+fzr7+tkutoeYarQkUvf5nDxJmA== X-Received: by 10.31.74.67 with SMTP id x64mr2850623vka.69.1518404535195; Sun, 11 Feb 2018 19:02:15 -0800 (PST) Received: from titan2.office.mos ([104.238.138.31]) by smtp.gmail.com with ESMTPSA id a12sm1035016uak.41.2018.02.11.19.02.13 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 11 Feb 2018 19:02:14 -0800 (PST) From: Yousong Zhou To: john@phrozen.org Date: Mon, 12 Feb 2018 11:00:25 +0800 Message-Id: <1518404425-50957-2-git-send-email-yszhou4tech@gmail.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1518404425-50957-1-git-send-email-yszhou4tech@gmail.com> References: <1518404425-50957-1-git-send-email-yszhou4tech@gmail.com> X-Spam-Note: CRM114 invocation failed X-Spam-Score: -2.0 (--) X-Spam-Report: SpamAssassin version 3.4.1 on bombadil.infradead.org summary: Content analysis details: (-2.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [2607:f8b0:400c:c05:0:0:0:242 listed in] [list.dnswl.org] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (yszhou4tech[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -1.9 BAYES_00 BODY: Bayes spam probability is 0 to 1% [score: 0.0000] -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain Subject: [LEDE-DEV] [PATCH v2][procd 2/2] service: initialize supplementary group ids X-BeenThere: lede-dev@lists.infradead.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Yousong Zhou , lede-dev@lists.infradead.org MIME-Version: 1.0 Sender: "Lede-dev" Errors-To: lede-dev-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org We currently only call setgid() with user's primary group id for service instance processes. In the case of a user belong to multiple groups, it's natural to also explicitly initialize their supplementary group ids Fixes FS#988 Signed-off-by: Yousong Zhou --- service/instance.c | 13 ++++++++++++- service/instance.h | 1 + 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/service/instance.c b/service/instance.c index c3f8b56..76573f7 100644 --- a/service/instance.c +++ b/service/instance.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include #include @@ -348,6 +349,10 @@ instance_run(struct service_instance *in, int _stdout, int _stderr) closefd(_stderr); } + if (in->user && in->gid && initgroups(in->user, in->gid)) { + ERROR("failed to initgroups() for user %s: %m\n", in->user); + exit(127); + } if (in->gid && setgid(in->gid)) { ERROR("failed to set group id %d: %m\n", in->gid); exit(127); @@ -614,6 +619,9 @@ instance_config_changed(struct service_instance *in, struct service_instance *in if (in->nice != in_new->nice) return true; + if (string_changed(in->user, in_new->user)) + return true; + if (in->uid != in_new->uid) return true; @@ -863,8 +871,10 @@ instance_config_parse(struct service_instance *in) } if (tb[INSTANCE_ATTR_USER]) { - struct passwd *p = getpwnam(blobmsg_get_string(tb[INSTANCE_ATTR_USER])); + const char *user = blobmsg_get_string(tb[INSTANCE_ATTR_USER]); + struct passwd *p = getpwnam(user); if (p) { + in->user = strdup(user); in->uid = p->pw_uid; in->gid = p->pw_gid; } @@ -983,6 +993,7 @@ instance_free(struct service_instance *in) watch_del(in); instance_config_cleanup(in); free(in->config); + free(in->user); free(in); } diff --git a/service/instance.h b/service/instance.h index bdd14de..771406c 100644 --- a/service/instance.h +++ b/service/instance.h @@ -42,6 +42,7 @@ struct service_instance { int8_t nice; bool valid; + char *user; uid_t uid; gid_t gid;