AgeCommit message (Collapse)AuthorFilesLines
2016-07-28Fix xattr performanceseebs/xattr_performanceseebs4-10/+21
When deleting files, we *do* know the inode and attribute, most of the time, so we pass those in whenever possible. The full purge of unmatched xattrs should not happen when the correct dev/ino are believed to be known. Signed-off-by: Seebs <seebs@seebs.net>
2016-07-08pseudo 1.8.1pseudo-1.8.1PSEUDO_1_8_1Richard Purdie2-1/+7
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2016-07-05Fix segfault and data loss in pseudo_dbJoshua Lock1-4/+0
Don't call sqlite3_finalize() on the static sqlite3_stmt scan as we reuse it later. The sqlite3_reset() and sqlite4_clear_bindings() calls are sufficient to reset the prepared statement and reusing the sqlite3_stmt that has had sqlite3_finalize() on it results in segfaults and data loss. Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
2016-07-05Remove stray , in log_tables SQLJoshua Lock1-1/+1
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
2016-07-05Mark ports/unix/subports executableJoshua Lock1-0/+0
Signed-off-by: Joshua Lock <joshua.g.lock@intel.com>
2016-05-18better handling of missing real_foo functionsPeter Seebach10-4/+70
So a recent change to ld.so behavior revealed that pseudo was not always correctly detecting that a function hadn't been found by the RTLD_NEXT search. This only happened for functions which genuinely didn't exist and wouldn't get called (like mknod on Linux, which is actually always done as an inline function that calls __xmknod), but when the diagnostics started showing up, it broke things. Fix it so the diagnostics would have shown up when things were originally broken, also fix the resulting diagnostics. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2016-05-18fix initializer warnings in pseudo_db.cPeter Seebach1-2/+2
2016-05-121.8.0 branchpseudo-1.8.0PSEUDO_1_8_0Peter Seebach2-1/+2
These changes are enough to justify a .1 upgrade.
2016-05-12respect $(LDFLAGS)Peter Seebach2-4/+7
Respect environment-set $(LDFLAGS). Fix provided by kergoth, I'm just merging it.
2016-03-25xattr work: handle deletes and renamesPeter Seebach2-46/+256
Handle various ways that a dev/ino pair can cease to have files and thus need to cease to have xattrs. Also handle weird stuff like moving a file across filesystems when it was one of multiple links to an inode with extended attributes.
2016-03-25rework extended attribute support in databasePeter Seebach5-106/+141
extended attributes are a property of inodes, not paths. There can be multiple file database entries for a single inode, so switch to using inodes rather than paths. Still to-do: Delete them when deleting the last file with a given device and inode.
2016-03-25actually handle remove_xattr correctlyPeter Seebach2-0/+5
The variable name is required but wasn't being extracted from the client's message, resulting in xattr removal never working. This does not fully address some deeper problems with the xattr implementation, but at least the common removal case works.
2016-03-11set default umask in serverPeter Seebach2-0/+8
The pseudo server should probably always run with 022 umask so the sockets, database files, and such get created with sane modes.
2016-03-10add wrapper for bindPeter Seebach4-0/+42
Since the pseudo socket is actually created by a call to bind, the bind call could create a file, which means it needs to record a database entry.
2016-03-09make bash stop bullying mePeter Seebach6-28/+66
So we had this really strange problem where, sometimes but not always, pseudo would have strange problems on startup, where the pseudo server would end up running under pseudo. And this produced the most fascinating thing, which was: unsetenv("LD_PRELOAD"); assert(getenv("LD_PRELOAD") == NULL); for (int i = 0; environ[i]; ++i) { assert(strncmp(environ[i], "LD_PRELOAD=", 11)); } (pseudocode untested) This would crash on the environ search. Because getenv() was not searching environ. WHAT. So it turns out, *bash overrides getenv, setenv, and so on*. Under those names. Hiding the glibc ones. And this creates horrible problems if you assumed that your code could call those functions and expect them to work. So as a workaround, pseudo now uses dlsym to find getenv, etc., from glibc, and invokes those directly if possible. Also the client now uses unwrapped fork/exec for spawning the server, which cleans up the behavior of that code quite a bit.
2016-03-02pseudo client spawning cleanupPeter Seebach2-20/+54
Improved/simplified logic for the client spawning servers, to make it (I hope) easier to see what it's trying to do and when. Also clearer diagnostics about what may have gone wrong, and I don't check the pid file unless there's a problem.
2016-03-02Server launch rework continued, probably finishedPeter Seebach9-35/+54
Server process now waits for its forked child when daemonizing, allowing us to yield meaningful exit status. Lock is now taken by the child, since it has a way to tell the parent about the exit status. (We send SIGUSR1 to the server to cause the wait loop to stop when the client is ready to go.) This allows us to switch to fcntl locking, which should in theory allow us to run with the pseudo directory NFS-mounted. Woot! Also mark a couple of overly spammy messages as PDBGF_VERBOSE to reduce the volume of uninteresting dup spam when looking at client behaviors. Client now uses execve to spawn server to work around a very strange behavior of unsetenv. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2016-03-01Server launch reworking.Peter Seebach5-102/+249
This is the big overhaul to have the server provide meaningful exit status to clients. In the process, I discovered that the server was running with signals blocked if launched by a client, which is not a good thing, and prevented this from working as intended. Still looking to see why more than one server spawn seems to happen.
2016-02-24Various logging and cleanupPeter Seebach6-21/+62
Improve event logging a little bit more, increase default event log size, reduce retries (we shouldn't need that many if nothing's wrong), and make the server log timestamps during database cleanup, since I'm suspicious of that as a possible source of delays. Also cause server to emit a useful exit status if it can't get a lock, and client to check server exit status when spawning server.
2016-02-23Add event loggerPeter Seebach6-23/+207
For debugging the client/server startup, add an event logger to allow better recording of events that we may, or may not, want to dump out listings of later.
2016-02-23Improve logfile handlingPeter Seebach5-9/+23
For sound reasons, the server wants to be sure no client is on fd 2. However, the client shouldn't force the pseudo log file to be fd 2; it should leave stderr alone when a log file is specified.
2016-02-091.7.5 branchpseudo-1.7.5PSEUDO_1_7_5Peter Seebach2-1/+4
Recent fixes mostly to do with race conditions on server respawn, also some xattr tweaks.
2016-02-08improve abort handlingPeter Seebach3-2/+10
First, if aborting, display message even when no debugging is set, because that's probably a big deal. Second, if you use "pseudo <cmd>", try to die with the same signal that killed the child process, if it died from a signal rather than exiting cleanly. (You can't just pass the exit status out in that case, because exit(N) doesn't work for N outside the range of non-signal exit statuses.)
2016-02-08pseudo_client.c: rework of startup logic in clientPeter Seebach2-39/+47
There's a possible race condition if multiple clients try to start while the server's down, especially if it's shutting down and thus holding a lock but ignoring them. Logic altered to retry more often, at greater intervals. Also, we are fine with being unable to spawn the server, because that can happen if another client spawned it successfully. So we just retry sending the message in a bit if we couldn't spawn a server, or immediately if we could. (Because "could" spawn a server includes successfully communicating with the newly-spawned server; the server-side code makes sure that the child process won't exit before we expect such attempts to work, even if they take a while.)
2016-02-08pseudo_server.c: increase "short" timeout, improve logic for shutdownsPeter Seebach2-7/+10
Only cancel shutdown if a client showed up. Change timeout from 1 second to 3 seconds, so it gets at least one time through the loop.
2016-02-08pseudo.c: don't shutdown after command without -S.Peter Seebach2-2/+8
The automatic shutdown immediately after running a command seems to be causing more problems than it's worth, so now it requires an explicit -S.
2016-02-05pseudo_client.c: retry after a couple of millisecondsPeter Seebach2-4/+10
Race conditions exist when the server shutdown takes long enough for three attempts to access the server to fail. Solution: Add a slight delay to the retry. Delay is variable (using getpid()%5). (Not "random" because I have no evidence that the process the client is running in will have seeded RNG, and I don't want to seed it and possibly screw them up).
2016-02-05pseudo_db.c: sort xattrsPeter Seebach2-1/+2
Apparently some things rely on the assumption that listxattr returns extended attributes in sorted orders.
2016-02-05pseudo_server.c: new clients cancel a shutdown requestPeter Seebach2-1/+7
If a SHUTDOWN message has caused us to set the "die_peacefully" flag, but there are new clients waiting, cancel the shutdown.
2016-02-05pseudo_client.c: don't abort on failure to start serverPeter Seebach2-6/+4
In some cases, there can be a race with multiple clients trying to start a server at once, and they should just retry their messages, rather than aborting. I haven't been able to consistently reproduce this, so it's not very well tested, but it seems reasonable.
2016-01-22Fix mknod(...) with no file type bitsPeter Seebach4-2/+18
mknod(2) automatically defaults to S_IFREG if not given an explicit file type, so pseudo should too. Otherwise, GNU tar can (for some reason, it mostly does this when extracting xattrs?) invoke mknod instead of open with O_CREAT to create a file, and just provide the permission bits, and pseudo creates a "weird file" with no type bits in the database, which is unhelpful. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-09-22f*open*: Use more-correct mode.pseudo-1.7.4PSEUDO_1_7_4Peter Seebach6-6/+9
The f{re,}open{64,} functions use a default mode of 0666 & ~umask, and defaulting to 0600 for the post-open chmod was breaking some use cases. Problem and solution identified by Ross Burton, I just made the local copy of the patch. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-09-04pseudo 1.7.3pseudo-1.7.3PSEUDO_1_7_3Peter Seebach2-1/+2
So fchmodat(..., AT_SYMLINK_NOFOLLOW) isn't valid, and could result in mkdirat/mkfifoat setting errno on success, which is mostly harmless except for one or two programs which consider a non-zero errno to be proof of failure. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-09-04Don't have mkdirat set errno unintentionallyPeter Seebach3-2/+10
mkdirat() was calling real_fchmodat with invalid arguments (it turns out that AT_SYMLINK_NOFOLLOW is both irrelevant and forbidden by Linux), and the wrapper function did not restore errno to its previous value. This breaks localedef, because localedef is unconditionally storing the value of errno after a mkdir *whether or not the mkdir failed*, which is almost certainly wrong. Similar issue with mkfifoat. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-09-04Add return value printing to wrappersPeter Seebach3-2/+33
I never did this because how could you do it generically, then a friend who is better at Python gave me an idea for a way to do it, and now wrapper debugging prints return values, not just errno values, in most-to-all cases. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-09-031.7.2 branchpseudo-1.7.2PSEUDO_1_7_2Peter Seebach2-1/+2
And another branch, for 1.7.2, because I think that'll be the last of it. Hah. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-09-03Finish (I hope) working around 0700 umasks.Peter Seebach8-5/+17
There's some changes to allow things to work even if umask is 0700; originally this was just regarded as a broken state, but it became necessary to fix it in order for the xattrdb code to work, only the fix could result in files having a raw filesystem mode that lacked execute bits it should have had. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-09-02pseudo 1.7.1pseudo-1.7.1PSEUDO_1_7_1Peter Seebach2-1/+5
Two little bug fixes. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-09-01realpath: allocate memory when null pointer givenPeter Seebach2-1/+3
When I trimmed the spurious free()s for the new lower-allocation path strategy, I forgot to look for cases where I was relying on the allocation, such as realpath(path, NULL). Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-09-01Don't use bare lstat.Peter Seebach3-8/+13
lstat can fail on XFS if the inode number won't fit in a 32-bit value. Use base_lstat. Also, just in case, don't call it if it's not initialized yet (which should never happen). Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-08-241.7.0 branchpseudo-1.7.0PSEUDO_1_7_0Peter Seebach1-0/+1
Performance cleanups including the experimental xattrdb feature. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-08-24Small cleanups in passingPeter Seebach4-42/+24
gcc is better about warnings and spotted variables being assigned but not used. Clever gcc. Cleaned up the old bits. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-08-24Some extra debugging bits.Peter Seebach3-3/+20
Add some debug messages useful for tracking down xattr behaviors. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-08-24xattrdb bug fixesPeter Seebach10-27/+82
When xattr emulation is used to store extended attributes, dummy entries get made in the db using whatever UID/GID were in the real stat buffer if no entry already existed. Change these to -1, and treat -1 uid/gid as a missing entry for stat purposes. xattrdb was not merging existing uid/gid values. Change this by loading existing values to merge them in when executing chown/chmod commands. Newly-created files could end up with a filesystem mode of 0 if you used umask, but this breaks xattrdb. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-08-21Mark dummy entries as dummiesPeter Seebach1-1/+21
When setting an extended attribute using the database, we create a dummy entry for the file (so there will be a file row corresponding to that path name for later lookups). But this entry was coming in with host UID/GID values in some cases. Instead, use -1 uid/gid, and have STAT report those as failures rather than as existing values. (Other cases should not be copying them. I think.) Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-08-21Clean up some const stuffPeter Seebach5-5/+5
Dropping the alloc from file paths meant that pseudo_exec_path could end up just returning its original argument, which was const-qualified, meaning its return should also be const-qualified. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-08-21Reduce unused message sendingPeter Seebach3-4/+19
OP_OPEN and OP_EXEC are used only when logging. The server can now tell the client (in response to initial ping) whether or not it is logging, and if it isn't, the client doesn't send those messages. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-08-21New option: Use extended attributes to store db values.Peter Seebach10-30/+242
This is a moderately experimental feature which stores values in an extended attribute called 'user.pseudo_data' instead of in the database. Still missing: Database<->filesystem synchronization for this. For at least some workloads, this can dramatically improve performance. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-08-20Drop the allocation in pseudo_fix_path/pseudo_root_path/etc.Peter Seebach16-86/+41
Instead of allocating (and then freeing) these paths all the time, use a rotating selection of buffers of fixed but probably large enough size (the same size that would have been the maximum anyway in general). With the exception of fts_open, there's no likely way to end up needing more than two or three such paths at a time. fts_open dups the paths since it could have a large number and need them for a while. This dramatically reduces (in principle) the amount of allocation and especially reallocation going on. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>
2015-08-20Initial profiling implementation.Peter Seebach18-67/+408
A partially-implemented profiler for client time, which basically just inserts (optional) gettimeofday calls in various places and stashes data in a flat file containing one data block per pid. Signed-off-by: Peter Seebach <peter.seebach@windriver.com>