aboutsummaryrefslogtreecommitdiffstats
path: root/guts
AgeCommit message (Collapse)AuthorFilesLines
2014-04-21update copyright datePeter Seebach1-1/+1
2013-02-16allow pseudo to force asynchronous behaviorPeter Seebach1-1/+1
The openembedded build, at least with RPM or SMART, is heavily affected by the cost of calling fsync or fdatasync on package databases all the time. Gosh, wouldn't it be nice if we could suppress that without making dozens of highly intrusive and risky changes into RPM, various database packages, and so on? Yes, yes it would. If only there were a program which could intercept system calls and change their behavior! Enter --enable-force-async. There are now wrappers for fsync, fdatasync, and a few related functions. If --enable-force-async is set, these wrappers instantly return 0, even if PSEUDO_DISABLED is set. And with any luck, bitbake will now perform a bit better. Credit for this insight goes to Richard Purdie. I've reimplemented this to add the configure option, and make the fsync suppression work even when PSEUDO_DISABLED is set.
2011-03-25Merge in ports workPeter Seebach138-3468/+0
This is a spiffied-up rebase of a bunch of intermediate changes, presented as a whole because it is, surprisingly, less confusing that way. The basic idea is to separate the guts code into categories ranging from generic stuff that can be the same everywhere and specific variants. The big scary one is the Darwin support, which actually seems to run okay on 64-bit OS X 10.6. (No other variants were tested.) The other example given is support for the old clone() syscall on RHEL 4, which affects some wrlinux use cases. There's a few minor cleanup bits here, such as a function with inconsistent calling conventions, but nothing really exciting.
2011-02-08Expand paths on exec.Peter Seebach3-3/+9
This is fussy, because we have to actually do the path search ourselves as best we can to handle unqualified paths. The result, though, is more meaningful logs. Along the way, fix some bitrot in the comments in pseudo_fix_path and friends.
2010-12-16Restructure wrapfuncs.cMark Hatle2-29/+18
Restructure wrapfuncs.c in an attempt to improve PSEUDO_DISABLED=1 performance. Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
2010-12-13Further amend the system to enable/disable sudo during fork/exec.Mark Hatle5-6/+12
2010-12-09: * (mhatle) Add doc/program_flow to attempt to explain startup/running * (mhatle) guts/* minor cleanup * (mhatle) Reorganize into a new constructor for libpseudo ONLY pseudo main() now manually calls the util init new / revised init for client, wrappers and utils * (mhatle) Add central "reinit" function * (mhatle) Add manul execv* functions * (mhatle) rename pseudo_populate_wrappers to pseudo_check_wrappers Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
2010-12-132010-12-08:Mark Hatle3-2/+41
* (mhatle) Add guts/clone.c to cleanup the clone support * (mhatle) guts/clone.c only run setupenv and reinit when NOT PSEUDO_RELOADED * (mhatle) guts/execve.c whitespace fixe * (mhatle) guts/fork.c similar to guts/clone.c change * (mhatle) pseudo_client.c add reinit function * (mhatle) pseudo_client.c revise client reset, include code from pseudo_wrappers.c * (mhatle) pseudo_server.c move the pid writing to the parent * (mhatle) pseudo_wrappers.c clone cleanup and populate cleanup Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
2010-12-07This is a merge of several commits from a tree which turned out toPeter Seebach2-6/+27
be out of sync in a very inconvenient way. Changes include: * Some whitespace fixes, also move the pseudo_variables definition into pseudo_util.c since it's not used anywhere else. * Further improvements in the fork() support: We now recognize both positive and negative forms of PSEUDO_DISABLED, so we can distinguish between "it was removed from the environment by env -i" (restore the old value) and "it was intentionally turned off" (the new value wins). * clone(2) support. This is a little primitive, and programs might still fail horribly due to clone's semantics, but at least it's there and passes easy test cases. Plus a big patch from Mark Hatle: Cleanup fork/clone and PSEUDO_DISABLED guts/fork.c: * cleanup function and make it more robust * be sure to call pseudo_setupenv prior to pseudo_client_reset to match exec behavior pseudo_wrappers.c: * fix mismatched type in execl_to_v call via typecast * Simplify fork call via single call to wrap_fork() * be sure to save pseudo_disabled * be sure to call pseudo_setupenv prior to pseudo_client_reset to match exec behavior tests: * Add a test of whether pseudo can be disabled/enabled on a fork. Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
2010-12-02Major shift: Fix execl*(), allow enabling/disabling pseudo withPeter Seebach4-145/+0
an environment variable across fork(). This does a couple of things. One is, move the fork/vfork and execl* functions out of the standard wrapper environment. Having done that, the execl*() wrappers are rewritten so they can use real_execv*() when running in antimagic mode. This allows us to run pseudo entirely in antimagic mode. Which is handy, because we also add support for enabling/disabling antimagic mode in the child process on a fork, using an additional hook for this in the pseudo_client_init() routine. The redone fork() wrapper now calls pseudo_client_init() in the child process after a successful fork even if it's in antimagic mode already. This is not yet well-tested.
2010-10-11Add the other *xattr() wrappers (all ENOTSUP) for consistency.Peter Seebach13-13/+132
Note that this replaces an existing getxattr() wrapper which canonicalized pathnames for use in a chroot() environment. The need for that to work in some possible future may require us to revisit this.
2010-10-06Add the fsetxattr wrapper to return ENOTSUPMark Hatle1-0/+15
Current versions of gnu coreutils 'cp' were attempting to set permissions using fsetxattr. As a workaround, we need to return ENOTSUP so that it falls back to using fchmod, which pseudo does know how to wrap. Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
2010-09-16The exec*() functions were inconsistent about the name of their firstPeter Seebach5-9/+25
argument -- which turns out to be a problem, as this controls the canonicalization. The upshot is that some invocations of symlinks were corrupting $0.
2010-09-08Fix mkfifoat() to not always failPeter Seebach1-1/+2
mknodat() uses a dev_t * argument, not a dev_t argument, so the 0 passed into wrap___xmknodat() by wrap_mkfifoat() is an invalid argument rather than an unused but valid zero. Change mkfifoat to create a dummy dev_t and pass its address.
2010-09-02Wait, the man page says we give ERANGE for that, not ENAMETOOLONG.Peter Seebach1-2/+2
... Also, make that error message a debugging message, since that's a normal and legitimate use case.
2010-08-31Fix an error message which was mostly-harmless but still clearly aPeter Seebach1-1/+1
flaw in the code. Yes, Virginia, your printf arguments must match their format strings, and size_t is not the same thing as int.
2010-08-25Initial attempt at fixing problems with SIGCHLD being blockedseebs3-1/+12
in processes started under pseudo.
2010-08-17Draft one effort at making unlink more robust and fixing an obviousseebs3-55/+41
bug in the speculative-unlink operation. The intent is to mark and then confirm or cancel the delete. This removes the quirk where we tried to stash old database entries, which didn't handle directories anyway; "rmdir non-empty-directory" is a bit too common a case to dismiss as unthinkable.
2010-08-16A few minor fixes:seebs3-0/+36
Fixed a couple of allocation issues, corrected an off-by-one error in environment setup.
2010-08-12Fix for libpseudo.so when using $(SUFFIX), correct a note in guts/README.seebs1-1/+3
2010-08-11Document new variables.Peter Seebach1-1/+2
2010-08-11Enable local variable cacheMark Hatle3-6/+21
Add local variable cache via get_value and set_value. The local cache is setup at constructor time (or soon after). Rewrite the pseudo_setupenv and pseudo_dropenv routines, add a new pseudo_setupenvp and pseudo_dropenvp as well to handle the execve cases. We can now successfully use /usr/bin/env -i env and get pseudo values back!
2010-08-11Enable execl, execle, execlp, execv, and execvp wrappersMark Hatle5-0/+122
We wrap all of the execs so that we can ensure the environment is properly configured prior to the exec running. handle ... for the new execl* wrappers Add a test for the new execl* ... handling.
2010-06-21Add mkstemp64(). Also, check in the man page for the NOSYMLINKEXPPeter Seebach2-0/+48
feature.
2010-06-02Provide a hook to disable symlink "fixing".Peter Seebach1-1/+1
In fakechroot, which pseudo tries to match the functionality of, the default behavior when creating a symlink with an absolute target is to prepend the chroot path, so that underlying syscalls will get the right file. It is necessary to be able to disable this behavior to create target filesystems in some cases. To that end, support a new environment variable, PSEUDO_NOSYMLINKEXP, which disables that behavior.
2010-05-17Add getxattr/lgetxattr. Note that we don't need to supportPeter Seebach2-0/+28
fgetxattr, since it doesn't use a path name.
2010-05-04Finish fixing execve()Peter Seebach1-1/+1
execve() needs to use -1 for both fd and dirfd; the 0 dirfd was causing various spurious warnings, as well as misidentifying "exec" as "execat" in client logs.
2010-04-30Miscellaneous cleanup.Peter Seebach4-0/+11
Address a couple of compiler warnings, add a couple of signals to the list of caught signals, etcetera.
2010-04-27Fix link(), improve startup performance.Peter Seebach1-1/+5
Stop vacuuming the logs database under normal usage -- it's expensive and slow, and not useful. Make link(2) "correctly" (following Linux, rather than POSIX) link to a symlink rather than to the file the symlink links to.
2010-04-26Handle execve() betterPeter Seebach2-3/+7
You can't use setenv() to modify the environment that will be passed to a child process through execve()... Also, fix the setupenv() to use PSEUDO_SUFFIX if defined. Use execve() to spawn child processes, so we can use setupenv() and dropenv().
2010-04-26Remove obsolete symlink stuff from fxstatat.Peter Seebach1-16/+0
2010-04-26Handle rename(3) across devices.Peter Seebach1-12/+29
When you rename across devices, inode can change. Until now, pseudo had no tools for handling a change in inode, but this is clearly a legitimate case.
2010-04-26Reduce race condition for unlinks.Peter Seebach3-12/+51
If multiple clients are active at once, the following could occur: * Client #1 unlinks file A * Client #2 creates file B, which reuses A's inode * Client #2 sends request to server * Client #1 sends request to server * Processing client #2's request creates a mismatch warning for file A/B. * Processing client #1's request creates a mismatch warning too. Note that this can happen even if Client #2 sends its request later, as there's no intrinsic guarantee of the order in which requests are processed; any SINGLE client is presumably executing operations in order, but multiple clients aren't. Fixing this in rmdir, unlink, and rename.
2010-04-26Miscellaneous fixes:Peter Seebach10-6/+33
* Add lckpwdf/ulckpwdf to guts/README * Remove arguments from function pointer arguments. While in theory the compar function pointer has always taken "const struct dirent **", some systems (many) have declared it instead as taking "const void *". For now, just omit the types; a pointer to function taking unknown arguments is a compatible type, and we never call the functions, we just pass them to something else. * Handle readlinkat() on systems without *at functions * Fix pseudo_etc_file (spotted by "fortify") When O_CREAT can be a flag, 0600 mode is needed. While we're at it, remove a bogus dummy open. * Fix mkdtemp() Was returning the address of the internal buffer rather than the user-provided buffer. Also fixed a typo in an error message. * Don't call fgetgrent_r() with a null FILE *. * A couple of other typo-type fixes.
2010-04-26Add lckpwdf()/ulckpwdf().Peter Seebach2-0/+48
It's not enough to rely on the usual chroot() stuff affecting the file open, not least because these use the glibc-internal __open which is not currently intercepted, but also because we want to use the PSEUDO_PASSWD path when that's set but there's no chroot(). There's some extra magic in pseudo_etc_file to support these operations, since they can legitimately create a file rather than opening an existing one.
2010-04-05Make glob work.Peter Seebach3-14/+47
Moved readlink fixup into a general-purpose function for removing chroot prefixes.
2010-03-30Fix copyright information.Peter Seebach121-0/+363
Corporate policy is that each module should have a copyright notice.
2010-03-30Implement getgroups(), so id(1) will work.Peter Seebach2-4/+14
Document some limitations of getgroups()/setgroups().
2010-03-29Add password/group call emulation.Peter Seebach22-2/+402
This is a first pass at handling password/group calls, allowing the use of custom password/group files. In particular, when chroot()ed to a particular directory, pseudo picks files in that directory by default, to improve support for the typical use case where pseudo uses chroot() only to jump into a virtual target filesystem.
2010-03-26Add support for intercepting execve()Peter Seebach2-0/+18
This allows us to track execution, although the tracking for it requires some additional thought -- the basic assumption is that we don't want to canonicalize names into the chroot() directory, but since all the filename canonicalization assumes that we want this, that will take some sneaking. It's a little useful as is, though, so I'm running with it.
2010-03-26Track file open flagsPeter Seebach28-53/+53
This patch adds support for checking whether a file was opened for reading, writing, or both, as well as tracking append flags. It is not very well tested. This is preparation for improved host contamination checking.
2010-03-26Updates: Enable additional warnings, fix a number of things.Peter Seebach9-79/+40
None of them seem to have been genuine problems, but it's prettier now, and some were questionable.
2010-03-26Use NULL instead of 0Peter Seebach2-2/+2
Not that it changes anything, but by convention we like to use NULL, not 0, to express a null pointer.
2010-03-25initial chroot() supportPeter Seebach36-28/+636
Add chroot() and a large number of things needed to make it work. The list of intercepted calls is large but not exhaustive.
2010-03-24Prep for chroot handling:Peter Seebach30-61/+168
* Improve makewrappers handling of function pointer arguments. * Regenerate wrappers when makewrappers is touched. * Move path resolution from pseudo_client_op into wrapper functions. * Eliminate dependency on PATH_MAX. * Related cleanup, such as tracking CWD better, and using the tracked value for getcwd().
2010-03-16initial public releasePeter Seebach67-0/+1755