[launchd-changes] [22932] trunk/launchd/src
source_changes at macosforge.org
source_changes at macosforge.org
Thu Nov 2 14:06:55 PST 2006
Revision: 22932
http://trac.macosforge.org/projects/launchd/changeset/22932
Author: zarzycki at apple.com
Date: 2006-11-02 14:06:55 -0800 (Thu, 02 Nov 2006)
Log Message:
-----------
Some progress is better than none.
Part one of the per-user (not per-session) launchd concept.
In this, we kick off an per-user launchd (on demand) whenever a user tries to talk directly to the root bootstrap.
Modified Paths:
--------------
trunk/launchd/src/launchd_core_logic.c
trunk/launchd/src/launchd_mig_types.defs
trunk/launchd/src/libbootstrap.c
trunk/launchd/src/libvproc_internal.h
trunk/launchd/src/libvproc_private.h
trunk/launchd/src/protocol_job.defs
Modified: trunk/launchd/src/launchd_core_logic.c
===================================================================
--- trunk/launchd/src/launchd_core_logic.c 2006-11-02 21:22:06 UTC (rev 22931)
+++ trunk/launchd/src/launchd_core_logic.c 2006-11-02 22:06:55 UTC (rev 22932)
@@ -96,7 +96,7 @@
SLIST_ENTRY(machservice) sle;
job_t job;
mach_port_name_t port;
- unsigned int isActive:1, reset:1, recv:1, hide:1, kUNCServer:1, __junk:27;
+ unsigned int isActive:1, reset:1, recv:1, hide:1, kUNCServer:1, must_match_uid:1;
char name[0];
};
@@ -2761,7 +2761,6 @@
goto out_bad2;
}
*serviceport = ms->port;
- ms->isActive = false;
ms->recv = true;
} else {
ms->port = *serviceport;
@@ -3648,6 +3647,71 @@
}
kern_return_t
+job_mig_lookup_per_user_context(job_t j, uid_t which_user, mach_port_t *up_cont)
+{
+ struct ldcred ldc;
+ job_t ji, jbs = root_job;
+
+#if 0
+ jbs = job_get_bs(j);
+#endif
+
+ runtime_get_caller_creds(&ldc);
+
+ if (ldc.uid != 0) {
+ which_user = ldc.uid;
+ }
+
+ if (which_user == 0) {
+ return BOOTSTRAP_NOT_PRIVILEGED;
+ }
+
+ *up_cont = MACH_PORT_NULL;
+
+ SLIST_FOREACH(ji, &jbs->jobs, sle) {
+ if (ji->mach_uid != which_user) {
+ continue;
+ }
+ if (SLIST_EMPTY(&ji->machservices)) {
+ continue;
+ }
+ if (!SLIST_FIRST(&ji->machservices)->must_match_uid) {
+ continue;
+ }
+ break;
+ }
+
+ if (ji == NULL) {
+ struct machservice *ms;
+ char lbuf[1024];
+
+ sprintf(lbuf, "com.apple.launchd.peruser.%u", which_user);
+
+ ji = job_new(jbs, lbuf, "/sbin/launchd", NULL, NULL, 0);
+
+ if (ji == NULL) {
+ return BOOTSTRAP_NO_MEMORY;
+ }
+
+ ji->mach_uid = which_user;
+
+ if ((ms = machservice_new(ji, lbuf, up_cont)) == NULL) {
+ job_remove(ji);
+ return BOOTSTRAP_NO_MEMORY;
+ }
+
+ ms->must_match_uid = true;
+ ms->hide = true;
+
+ job_dispatch(ji, false);
+ }
+
+ *up_cont = machservice_port(SLIST_FIRST(&ji->machservices));
+
+ return 0;
+}
+
+kern_return_t
job_mig_check_in(job_t j, name_t servicename, mach_port_t *serviceportp)
{
static pid_t last_warned_pid = 0;
@@ -3691,9 +3755,19 @@
runtime_get_caller_creds(&ldc);
+#if 0
job_log(j, LOG_NOTICE, "bootstrap_register() is deprecated. PID: %u Service: %s", ldc.pid, servicename);
+#endif
job_log(j, LOG_DEBUG, "Mach service registration attempt: %s", servicename);
+
+ if (j->anonymous && job_get_bs(j)->parent == NULL && ldc.uid != 0 && ldc.uid != getuid()) {
+ if (getpid() == 1) {
+ return VPROC_ERR_TRY_PER_USER;
+ } else {
+ return BOOTSTRAP_NOT_PRIVILEGED;
+ }
+ }
ms = job_lookup_service(j, servicename, false);
@@ -3728,10 +3802,16 @@
runtime_get_caller_creds(&ldc);
+ if (getpid() == 1 && j->anonymous && job_get_bs(j)->parent == NULL && ldc.uid != 0 && ldc.euid != 0) {
+ return VPROC_ERR_TRY_PER_USER;
+ }
+
ms = job_lookup_service(j, servicename, true);
if (ms && machservice_hidden(ms) && !job_active(machservice_job(ms))) {
ms = NULL;
+ } else if (ms && ms->must_match_uid) {
+ ms = NULL;
}
if (ms) {
Modified: trunk/launchd/src/launchd_mig_types.defs
===================================================================
--- trunk/launchd/src/launchd_mig_types.defs 2006-11-02 21:22:06 UTC (rev 22931)
+++ trunk/launchd/src/launchd_mig_types.defs 2006-11-02 22:06:55 UTC (rev 22932)
@@ -24,6 +24,8 @@
*/
type pid_t = integer_t;
+type uid_t = integer_t;
+type gid_t = integer_t;
type get_set_int_key_t = integer_t;
type logmsg_t = c_string[*:2048];
type cmd_t = c_string[512];
Modified: trunk/launchd/src/libbootstrap.c
===================================================================
--- trunk/launchd/src/libbootstrap.c 2006-11-02 21:22:06 UTC (rev 22931)
+++ trunk/launchd/src/libbootstrap.c 2006-11-02 22:06:55 UTC (rev 22932)
@@ -21,6 +21,9 @@
#include "config.h"
#include "libbootstrap_public.h"
+#include "libvproc_public.h"
+#include "libvproc_private.h"
+
#include <mach/mach.h>
#include <mach/vm_map.h>
@@ -63,7 +66,18 @@
kern_return_t
bootstrap_register(mach_port_t bp, name_t service_name, mach_port_t sp)
{
- return vproc_mig_register(bp, service_name, sp);
+ kern_return_t kr = vproc_mig_register(bp, service_name, sp);
+
+ if (kr == VPROC_ERR_TRY_PER_USER) {
+ mach_port_t puc;
+
+ if (vproc_mig_lookup_per_user_context(bp, 0, &puc) == 0) {
+ kr = vproc_mig_register(puc, service_name, sp);
+ mach_port_deallocate(mach_task_self(), puc);
+ }
+ }
+
+ return kr;
}
kern_return_t
@@ -81,7 +95,21 @@
kern_return_t
bootstrap_look_up(mach_port_t bp, name_t service_name, mach_port_t *sp)
{
- return vproc_mig_look_up(bp, service_name, sp);
+ kern_return_t kr;
+ mach_port_t puc;
+
+ if ((kr = vproc_mig_look_up(bp, service_name, sp)) != VPROC_ERR_TRY_PER_USER) {
+ return kr;
+ }
+
+ if ((kr = vproc_mig_lookup_per_user_context(bp, 0, &puc)) != 0) {
+ return kr;
+ }
+
+ kr = vproc_mig_look_up(puc, service_name, sp);
+ mach_port_deallocate(mach_task_self(), puc);
+
+ return kr;
}
kern_return_t
Modified: trunk/launchd/src/libvproc_internal.h
===================================================================
--- trunk/launchd/src/libvproc_internal.h 2006-11-02 21:22:06 UTC (rev 22931)
+++ trunk/launchd/src/libvproc_internal.h 2006-11-02 22:06:55 UTC (rev 22932)
@@ -37,6 +37,8 @@
#include "launchd_core_logic.h"
#endif
+#define VPROC_ERR_TRY_PER_USER 1099
+
#pragma GCC visibility push(default)
#define SPAWN_HAS_PATH 0x0001
Modified: trunk/launchd/src/libvproc_private.h
===================================================================
--- trunk/launchd/src/libvproc_private.h 2006-11-02 21:22:06 UTC (rev 22931)
+++ trunk/launchd/src/libvproc_private.h 2006-11-02 22:06:55 UTC (rev 22932)
@@ -21,6 +21,7 @@
*/
#include <sys/cdefs.h>
+#include <sys/syslog.h>
#include <stdbool.h>
__BEGIN_DECLS
Modified: trunk/launchd/src/protocol_job.defs
===================================================================
--- trunk/launchd/src/protocol_job.defs 2006-11-02 21:22:06 UTC (rev 22931)
+++ trunk/launchd/src/protocol_job.defs 2006-11-02 22:06:55 UTC (rev 22932)
@@ -37,7 +37,7 @@
routine create_server(
__bs_port : job_t;
__server_cmd : cmd_t;
- __server_uid : natural_t;
+ __server_uid : uid_t;
__on_demand : boolean_t;
out __server_port : mach_port_make_send_t);
@@ -125,3 +125,8 @@
__pri : integer_t;
__err : integer_t;
__msg : logmsg_t);
+
+routine lookup_per_user_context(
+ __bs_port : job_t;
+ __wu : uid_t;
+ out __u_cont : mach_port_t);
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.macosforge.org/pipermail/launchd-changes/attachments/20061102/8140da8c/attachment.html
More information about the launchd-changes
mailing list