587 Commits

Author SHA1 Message Date
Guy Helmer
fde4439701 Set the O_CLOEXEC flag when opening the pidfile to avoid leaking the
file descriptor via exec(3).

Now that daemon(8) has been fixed to resolve the issue noted by trociny,
the consensus is that this change should be OK.
2012-02-20 13:59:24 +00:00
Ed Schouten
e6ad3d22f4 Detect file modification properly by using tv_nsec.
POSIX 2008 standardizes st_mtim, meaning we can simply use nanosecond
precision to detect file modification.

MFC after:	2 weeks
2012-02-10 13:40:32 +00:00
Eitan Adler
0bdc3ecf11 Fix NULL ptr dereference in setusercontext if pwd is null,
LOGIN_SETPRIORITY is set, and setting the priority (rtprio or
setpriority) fails.

PR:		kern/164238
Submitted by:	Alexander Wittig <alexander@wittig.name>
Reviewed by:	des
Approved by:	cperciva
MFC after:	1 month
2012-02-09 21:06:47 +00:00
Pawel Jakub Dawidek
cc1ddd46b2 Add a comment to the example that pidfile_* functions can handle pfh being NULL.
MFC after:	3 days
2012-02-08 08:49:30 +00:00
Pawel Jakub Dawidek
7f8d054f8a Note that calling pidfile_write(3) multiple times is fine.
MFC after:	3 days
2012-02-08 08:43:41 +00:00
Guy Helmer
000d6ce285 Using the O_CLOEXEC flag on open(2) caused the pidfile lock to be lost
when the child process execs daemon's target program thanks to flock(2)
semantics. So, we apparently have to leak the open pidfile's file
descriptor to keep the lock for the pidfile(3) functions to work properly.

Test case demonstrated by trociny:

ref8-amd64:/home/trociny% uname -r
8.2-STABLE
ref8-amd64:/home/trociny% daemon -p /tmp/sleep.pid sleep 10
ref8-amd64:/home/trociny% daemon -p /tmp/sleep.pid sleep 10
daemon: process already running, pid: 19799

kopusha:~% uname -r
10.0-CURRENT
kopusha:~% daemon -p /tmp/sleep.pid sleep 10
kopusha:~% daemon -p /tmp/sleep.pid sleep 10
kopusha:~%
2012-02-06 14:11:24 +00:00
Guy Helmer
0e4b06c859 Consensus between bde and pjd seemed to be that if the function names
are lined up, then any * after a long type should appear after the
type instead of being in front of the function name on the following
line.
2012-01-26 20:40:22 +00:00
Guy Helmer
56db75745d Make the comments consistent (capitalization, punctuation, and
format).

Requested by bde
2012-01-26 20:35:01 +00:00
Guy Helmer
edd38b5148 Restore the parenthesis that are necessary around the constant values.
Requested by bde.
2012-01-26 20:33:08 +00:00
Guy Helmer
5c005f0000 Remove unnecessary includes from these libutil man pages.
Requested by bde (as was the previous commit).
2012-01-16 21:25:41 +00:00
Guy Helmer
34775f8907 Fix more disorder in prototypes and constants.
Fix header comments for each section of constants.
Fix whitespace in #define lines.
Fix unnecessary parenthesis in constants.
2012-01-16 21:19:23 +00:00
Guy Helmer
47b3924be0 Move struct pidfh definition into pidfile.c, and leave a forward declaration
for pidfh in libutil.h in its place.
This allows us to hide the contents of the pidfh structure, and also
allowed removal of the "#ifdef _SYS_PARAM_H" guard from around the
pidfile_* function prototypes.

Suggested by pjd.
2012-01-12 22:49:36 +00:00
Guy Helmer
72c131535d Fix disorder in MAN and MLINKS lists.
Requested by bde.
2012-01-12 15:45:08 +00:00
Guy Helmer
8afc5005d8 More prototype formatting fixes, struct member formatting fixes,
and namespace fix for property_find() prototype.

Provided by bde.
2012-01-12 14:40:25 +00:00
Guy Helmer
50636e133d pidfile_open() no longer uses fcntl() to set the close-on-exec flag. 2012-01-12 14:13:49 +00:00
Guy Helmer
744c415775 Fix prototype formatting (indentation, long lines, and continued lines).
Requested by bde.
2012-01-11 22:45:15 +00:00
Guy Helmer
a8cada5425 Fix namespace issues with prototype parameter names.
Add missing prototype parameter names.

Requested by bde.
2012-01-11 22:33:41 +00:00
Guy Helmer
46719410f3 Fix forward structure declaration and prototype disorder.
Requested by bde.
2012-01-11 22:12:45 +00:00
Guy Helmer
656b6da7e3 jilles pointed out that O_CLOEXEC could be used in the open(2) flags
rather than using fcntl(2) later, and in addition to saving a system
call, removes a possible race with fork/exec from threads or signal
handlers.
2012-01-11 16:35:26 +00:00
Pawel Jakub Dawidek
9de091f2ef Constify arguments. 2012-01-11 00:31:04 +00:00
Guy Helmer
bd4df56c71 Add link for pidfile_fileno.3 to pidfile.3 - thanks again pjd! 2012-01-10 22:22:35 +00:00
Guy Helmer
4a25aa061a Style fixes courtesy of pjd. 2012-01-10 21:47:58 +00:00
Guy Helmer
719060e911 Document that pidfile_open() now sets the FD_CLOEXEC flag on the open
file descriptor, and that errors can be returned as a result of the
fcntl(2) system call.
2012-01-10 21:39:43 +00:00
Guy Helmer
f295618d06 Add pidfile_fileno() to obtain the file descriptor for an open
pidfile.
2012-01-10 19:53:25 +00:00
Guy Helmer
0dc6d4d19c Set the FD_CLOEXEC flag on the open pidfile file descriptor.
Discussed with: pjd, des
2012-01-10 18:43:27 +00:00
Ulrich Spörlein
bf3f9db657 Convert files to UTF-8 and add some copyright markers where missing. 2012-01-07 16:13:56 +00:00
Baptiste Daroussin
a9e4a4780a Add new pw_make_v7 to make a passwd line (in v7 format) out of a struct passwd
while here, fix missing parentheses of the return statement of pw_make.

Approved by:	des (mentor)
2012-01-05 10:40:24 +00:00
Ed Schouten
b3608ae18f Replace index() and rindex() calls with strchr() and strrchr().
The index() and rindex() functions were marked LEGACY in the 2001
revision of POSIX and were subsequently removed from the 2008 revision.
The strchr() and strrchr() functions are part of the C standard.

This makes the source code a lot more consistent, as most of these C
files also call into other str*() routines. In fact, about a dozen
already perform strchr() calls.
2012-01-03 18:51:58 +00:00
Baptiste Daroussin
1926f2f6fa Modify pw_copy:
- if pw is NULL and oldpw is not NULL then the oldpw is deleted
- if pw->pw_name != oldpw->pw_name but pw->pw_uid == oldpw->pw_uid
then it renames the user

add new gr_* functions so now gr_util API is similar to pw_util API,
this allow to manipulate groups in a safe way.

Reviewed by:	des
Approved by:	des
MFC after:	1 month
2011-12-15 22:07:36 +00:00
Pawel Jakub Dawidek
e8cc80c0a0 In pidfile_open(), if the pidfile is locked, but empty (PID is not stored yet)
and the caller requested other process' PID by passing non-NULL pidptr
argument, we will wait at most 100ms for the PID to show up in the file and if
it won't, we will store -1 in *pidptr.

From now on, pidfile_open() function never sets errno to EAGAIN on failure.

In collaboration with:	des
MFC after:		1 week
2011-10-16 21:30:15 +00:00
Edward Tomasz Napierala
55f0bfbadc Add missing "swapuse" resource limit. 2011-07-09 08:42:23 +00:00
Stanislav Sedov
0daf62d9f5 - Commit work from libprocstat project. These patches add support for runtime
file and processes information retrieval from the running kernel via sysctl
  in the form of new library, libprocstat.  The library also supports KVM backend
  for analyzing memory crash dumps.  Both procstat(1) and fstat(1) utilities have
  been modified to take advantage of the library (as the bonus point the fstat(1)
  utility no longer need superuser privileges to operate), and the procstat(1)
  utility is now able to display information from memory dumps as well.

  The newly introduced fuser(1) utility also uses this library and able to operate
  via sysctl and kvm backends.

  The library is by no means complete (e.g. KVM backend is missing vnode name
  resolution routines, and there're no manpages for the library itself) so I
  plan to improve it further.  I'm commiting it so it will get wider exposure
  and review.

  We won't be able to MFC this work as it relies on changes in HEAD, which
  was introduced some time ago, that break kernel ABI.  OTOH we may be able
  to merge the library with KVM backend if we really need it there.

Discussed with:	rwatson
2011-05-12 10:11:39 +00:00
David E. O'Brien
b928a692c2 Don't duplicate define the stdint types. 2011-05-05 14:45:24 +00:00
Xin LI
7d14df1a2d Add support for IEE/IEC (and now also SI) power of two notions of
prefixes (Ki, Mi, Gi...) for humanize_number(3).

Note that applications has to pass HN_IEC_PREFIXES to use this
feature for backward compatibility reasons.

Reviewed by:	arundel
MFC after:	2 weeks
2011-04-12 22:48:03 +00:00
Sergey Kandaurov
c6b2aa689a Add missing resource limits:
- RLIMIT_NPTS
- RLIMIT_SWAP

MFC after:	1 week
2011-03-24 16:06:57 +00:00
Xin LI
a699e14f45 humanize_number(3) multiply the input number by 100, which could cause an
integer overflow when the input is very large (for example, 100 Pi would
become about 10 Ei which exceeded signed int64_t).

Solve this issue by splitting the division into two parts and avoid the
multiplication.

PR:		bin/146205
Reviewed by:	arundel
MFC after:	1 month
2011-03-23 22:08:01 +00:00
Glen Barber
5f2e9efbf9 s/buffer/buf as is used in the code.
Submitted by:	arundel (via doc@)
MFC after:	3 days
2011-03-21 23:59:20 +00:00
Pawel Jakub Dawidek
fdf6b12d1c expand_number() needs uint64_t, declare it here if not already declared.
MFC after:	3 days
2011-03-06 17:46:06 +00:00
Edward Tomasz Napierala
ffa5101067 Mention setloginclass(2) in login_class(3). 2011-03-06 08:56:44 +00:00
Edward Tomasz Napierala
2bfc50bc4f Add two new system calls, setloginclass(2) and getloginclass(2). This makes
it possible for the kernel to track login class the process is assigned to,
which is required for RCTL.  This change also make setusercontext(3) call
setloginclass(2) and makes it possible to retrieve current login class using
id(1).

Reviewed by:	kib (as part of a larger patch)
2011-03-05 12:40:35 +00:00
Ulrich Spörlein
0d9deed52c mdoc: drop redundant .Pp and .LP calls
They have no effect when coming in pairs, or before .Bl/.Bd
2010-10-08 12:40:16 +00:00
Dag-Erling Smørgrav
b8370f59bd UTFize my name. 2010-08-22 11:48:32 +00:00
Joel Dahl
c2025a7660 Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while
translating these manual pages.  Minor corrections by me.

Submitted by:	Nobuyuki Koganemaru <n-kogane@syd.odn.ne.jp>
2010-08-16 15:18:30 +00:00
Dag-Erling Smørgrav
35305a8dc1 In setusercontext(), do not apply user settings unless running as the
user in question (usually but not necessarily because we were called
with LOGIN_SETUSER).  This plugs a hole where users could raise their
resource limits and expand their CPU mask.

MFC after:	3 weeks
2010-08-16 11:32:20 +00:00
Dag-Erling Smørgrav
f4fda7679a Old patch I had lying around: clean up and use stpcpy(3) instead of
sprintf(3).
2010-08-16 11:22:12 +00:00
Dag-Erling Smørgrav
a2e0c5ae31 Further simplify the code, and update the manpage.
Submitted by:	Christoph Mallon <christoph.mallon@gmx.de>
2010-08-15 18:32:06 +00:00
Dag-Erling Smørgrav
b6fbd4d50d no-op commit to note that the example given in the previous commit is
a very bad one, since the shift does not actually overflow.  This is
a better example (assuming uint64_t = unsigned long long):

  ~0LLU >> 9             =   0x7fffffffffffffLLU
  ~0LLU >> 9 << 10       = 0xfffffffffffffc00LLU
  ~0LLU >> 9 << 10 >> 10 =   0x3fffffffffffffLLU
2010-08-15 14:55:32 +00:00
Dag-Erling Smørgrav
1035d74025 Fix the overflow test. It is possible for the result of an
overflowing shift to be larger than the original value, e.g.

         (uint64_t)1 << 53 = 0x20000000000000
 ((uint64_t)1 << 53) << 10 = 0x8000000000000000
2010-08-15 14:50:03 +00:00
Dag-Erling Smørgrav
bbb2703b4f Simplify expand_number() by combining the (unrolled) loop with the
switch.  Since expand_number() does not accept negative numbers, switch
from int64_t to uint64_t; this makes it easier to check for overflow.

MFC after:	3 weeks
2010-08-14 14:34:36 +00:00
Joel Dahl
f6ac23919b Fix typos and spelling mistakes. 2010-08-06 14:33:42 +00:00