src/core/execute.h

	execute.h revision 7b52a628f8b43ba521c302a7f32bccf9d0dc8bfd
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster#pragma once
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster/***
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster  This file is part of systemd.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster  Copyright 2010 Lennart Poettering
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster  systemd is free software; you can redistribute it and/or modify it
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster  under the terms of the GNU Lesser General Public License as published by
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster  the Free Software Foundation; either version 2.1 of the License, or
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster  (at your option) any later version.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster  systemd is distributed in the hope that it will be useful, but
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster  WITHOUT ANY WARRANTY; without even the implied warranty of
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster  Lesser General Public License for more details.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster  You should have received a copy of the GNU Lesser General Public License
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster  along with systemd; If not, see <http://www.gnu.org/licenses/>.
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster***/
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fostertypedef struct ExecStatus ExecStatus;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fostertypedef struct ExecCommand ExecCommand;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fostertypedef struct ExecContext ExecContext;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fostertypedef struct ExecRuntime ExecRuntime;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster#include <linux/types.h>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster#include <sys/time.h>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster#include <sys/resource.h>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster#include <sys/capability.h>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster#include <stdbool.h>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster#include <stdio.h>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster#include <sched.h>
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster#include "list.h"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster#include "util.h"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster#include "fdset.h"
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fostertypedef enum ExecInput {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_INPUT_NULL,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_INPUT_TTY,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_INPUT_TTY_FORCE,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_INPUT_TTY_FAIL,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_INPUT_SOCKET,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        _EXEC_INPUT_MAX,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        _EXEC_INPUT_INVALID = -1
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster} ExecInput;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fostertypedef enum ExecOutput {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_OUTPUT_INHERIT,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_OUTPUT_NULL,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_OUTPUT_TTY,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_OUTPUT_SYSLOG,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_OUTPUT_SYSLOG_AND_CONSOLE,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_OUTPUT_KMSG,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_OUTPUT_KMSG_AND_CONSOLE,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_OUTPUT_JOURNAL,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        EXEC_OUTPUT_SOCKET,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        _EXEC_OUTPUT_MAX,
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        _EXEC_OUTPUT_INVALID = -1
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster} ExecOutput;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterstruct ExecStatus {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        dual_timestamp start_timestamp;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        dual_timestamp exit_timestamp;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        pid_t pid;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int code;     /* as in siginfo_t::si_code */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int status;   /* as in sigingo_t::si_status */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster};
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterstruct ExecCommand {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char *path;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char **argv;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        ExecStatus exec_status;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        LIST_FIELDS(ExecCommand, command); /* useful for chaining commands */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        bool ignore;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster};
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterstruct ExecRuntime {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int n_ref;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char *tmp_dir;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char *var_tmp_dir;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int netns_storage_socket[2];
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster};
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Fosterstruct ExecContext {
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char **environment;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char **environment_files;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        struct rlimit *rlimit[RLIMIT_NLIMITS];
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char *working_directory, *root_directory;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        mode_t umask;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int oom_score_adjust;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int nice;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int ioprio;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int cpu_sched_policy;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        int cpu_sched_priority;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        cpu_set_t *cpuset;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        unsigned cpuset_ncpus;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        ExecInput std_input;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        ExecOutput std_output;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        ExecOutput std_error;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        nsec_t timer_slack_nsec;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char *tcpwrap_name;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char *tty_path;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        bool tty_reset;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        bool tty_vhangup;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        bool tty_vt_disallocate;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        bool ignore_sigpipe;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        /* Since resolving these names might might involve socket
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         * connections and we don't want to deadlock ourselves these
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         * names are resolved on execution only and in the child
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster         * process. */
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char *user;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char *group;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char **supplementary_groups;
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster
8af80418ba1ec431c8027fa9668e5678658d3611Allan Foster        char *pam_name;

        char *utmp_id;

        char *selinux_context;

        char **read_write_dirs, **read_only_dirs, **inaccessible_dirs;
        unsigned long mount_flags;

        uint64_t capability_bounding_set_drop;

        cap_t capabilities;
        int secure_bits;

        int syslog_priority;
        char *syslog_identifier;
        bool syslog_level_prefix;

        bool cpu_sched_reset_on_fork;
        bool non_blocking;
        bool private_tmp;
        bool private_network;
        bool private_devices;

        bool no_new_privileges;

        /* This is not exposed to the user but available
         * internally. We need it to make sure that whenever we spawn
         * /bin/mount it is run in the same process group as us so
         * that the autofs logic detects that it belongs to us and we
         * don't enter a trigger loop. */
        bool same_pgrp;

        uint32_t *syscall_filter;

        bool oom_score_adjust_set:1;
        bool nice_set:1;
        bool ioprio_set:1;
        bool cpu_sched_set:1;
};

#include "cgroup.h"

int exec_spawn(ExecCommand *command,
               char **argv,
               ExecContext *context,
               int fds[], unsigned n_fds,
               char **environment,
               bool apply_permissions,
               bool apply_chroot,
               bool apply_tty_stdin,
               bool confirm_spawn,
               CGroupControllerMask cgroup_mask,
               const char *cgroup_path,
               const char *unit_id,
               usec_t watchdog_usec,
               int pipe_fd[2],
               ExecRuntime *runtime,
               pid_t *ret);

void exec_command_done(ExecCommand *c);
void exec_command_done_array(ExecCommand *c, unsigned n);

void exec_command_free_list(ExecCommand *c);
void exec_command_free_array(ExecCommand **c, unsigned n);

char *exec_command_line(char **argv);

void exec_command_dump(ExecCommand *c, FILE *f, const char *prefix);
void exec_command_dump_list(ExecCommand *c, FILE *f, const char *prefix);
void exec_command_append_list(ExecCommand **l, ExecCommand *e);
int exec_command_set(ExecCommand *c, const char *path, ...);

void exec_context_init(ExecContext *c);
void exec_context_done(ExecContext *c);
void exec_context_dump(ExecContext *c, FILE* f, const char *prefix);

int exec_context_load_environment(const ExecContext *c, char ***l);

bool exec_context_may_touch_console(ExecContext *c);

void exec_status_start(ExecStatus *s, pid_t pid);
void exec_status_exit(ExecStatus *s, ExecContext *context, pid_t pid, int code, int status);
void exec_status_dump(ExecStatus *s, FILE *f, const char *prefix);

int exec_runtime_make(ExecRuntime **rt, ExecContext *c, const char *id);
ExecRuntime *exec_runtime_ref(ExecRuntime *r);
ExecRuntime *exec_runtime_unref(ExecRuntime *r);

int exec_runtime_serialize(ExecRuntime *rt, Unit *u, FILE *f, FDSet *fds);
int exec_runtime_deserialize_item(ExecRuntime **rt, Unit *u, const char *key, const char *value, FDSet *fds);

void exec_runtime_destroy(ExecRuntime *rt);

const char* exec_output_to_string(ExecOutput i) _const_;
ExecOutput exec_output_from_string(const char *s) _pure_;

const char* exec_input_to_string(ExecInput i) _const_;
ExecInput exec_input_from_string(const char *s) _pure_;