2 The software in this package is distributed under the GNU General
3 Public License version 2 (with a special exception described below).
5 A copy of GNU General Public License (GPL) is included in this distribution,
6 in the file COPYING.GPL.
8 As a special exception, if other files instantiate templates or use macros
9 or inline functions from this file, or you compile this file and link it
10 with other works to produce a work based on this file, this file
11 does not by itself cause the resulting work to be covered
12 by the GNU General Public License.
14 However the source code for this file must still be made available
15 in accordance with section (3) of the GNU General Public License.
17 This exception does not invalidate any other reasons why a work based
18 on this file might be covered by the GNU General Public License.
20 /***************************************************************************
21 * Copyright (C) 2008 by Intra2net AG - Thomas Jarosch *
22 ***************************************************************************/
23 #include <sys/types.h>
33 #include "daemonfunc.hpp"
34 #include "stringfunc.hxx"
35 #include "filefunc.hxx"
46 * Fork into the background.
54 throw runtime_error("fork() failed");
61 // pid==0 -> child process: continue
65 * Drop root privileges
66 * @param username User to become. Don't change user if empty
67 * @param group Group to become. Don't change group if empty
68 * @param get_group_from_user Get group GID from user information if group is empty.
69 * @return true if all is fine, false otherwise
71 bool drop_root_privileges(const std::string &username,
72 const std::string &group, bool get_group_from_user)
76 Group my_group(group);
77 if (!my_group.is_valid())
80 if (setgid((my_group.Gid)))
84 if (!username.empty())
86 User my_user(username);
87 if (!my_user.is_valid())
90 if (get_group_from_user && group.empty())
92 if (setgid((my_user.Gid)))
96 // Initialize additional groups the user is a member of
97 if (initgroups(username.c_str(), getgid()) == -1)
100 if (setuid(my_user.Uid))
107 static const char *const EXE_DELETED_MARKER = " (deleted)";
109 /** @brief Remove the deletion marker from a binary name, if applicable.
111 * @param exe Binary name as obtained from ``/proc/$PID/exe``.
113 * @return The input binary name with a trailing `` (deleted)`` removed.
118 * […] If the pathname has been unlinked, the symbolic link will
119 * contain the string '(deleted)' appended to the original pathname.
121 * Which introduces an ambiguity if the path of the actual binary ends in
124 static inline std::string
125 strip_deleted_marker (const std::string &exe)
127 if (exe.size () <= sizeof (*EXE_DELETED_MARKER)) {
128 /* This binary name can’t possibly contain a deleted marker. */
132 const size_t found = exe.rfind (EXE_DELETED_MARKER);
133 if (found == std::string::npos) {
134 /* Input does not contain the deleted marker. */
138 return exe.substr (0, found);
142 * @brief determine the pids for a given program
143 * @param[in] name name (or full path) of the binary
144 * @param[out] result the pids associated with the name.
145 * @return @a true if the function performed without errors.
147 * Walk though the /proc/\<pid\>'s and search for the name.
149 * @note Since this function uses /proc, it's system specific. Currently:
152 * @todo check cmdline and stat in /proc/\<pid\> dir for the searched name.
154 bool pid_of(const std::string& name, std::vector< pid_t >& result)
156 std::vector< std::string > entries;
157 std::vector< pid_t > fuzz1_result;
158 std::vector< pid_t > fuzz2_result;
161 if (name.empty()) return false;
162 if (!get_dir("/proc", entries)) return false;
164 for (std::vector< std::string >::const_iterator it= entries.begin();
169 if (! string_to<pid_t>(*it, pid)) continue;
170 std::string base_path= std::string("/proc/") + *it;
171 std::string exe_path= base_path + "/exe";
172 I2n::Stat stat(exe_path, false);
173 if (not stat or not stat.is_link()) continue;
174 std::string real_exe= read_link(exe_path);
175 if (!real_exe.empty())
177 // we got the path of the exe
178 if (real_exe == name || strip_deleted_marker (real_exe) == name)
180 result.push_back( pid );
184 std::string proc_stat= read_file( base_path + "/stat");
185 if (proc_stat.empty()) continue; // process vanished
187 //TODO some more fuzz tests here?! (cmdline, stat(us))
189 real_exe = basename (real_exe);
190 if (real_exe == name || strip_deleted_marker (real_exe) == name)
192 fuzz2_result.push_back(pid);
198 // we haven't got the path of the exe
199 // this can happen e.g. with processes owned by other users
200 // -> parse the commandline instead
201 std::string cmdline = read_file(base_path + "/cmdline");
202 if (cmdline.empty()) continue;
204 // in /proc/*/cmdline, the parameters are split by nullbytes, we only care for the first parameter
205 if (cmdline.find('\0') != string::npos)
206 cmdline.erase(cmdline.find('\0'));
210 result.push_back( pid );
214 if (basename(cmdline) == name)
216 fuzz2_result.push_back(pid);
223 result.swap(fuzz1_result);
227 result.swap(fuzz2_result);
230 } // eo pidOf(const std::string&,std::vector< pid_t >&)
233 * @brief establish a new session for the current process.
235 * @return the id of the new session.
237 * This wraps setsid(2); to be called from a child process after forking.
238 * Raises ``runtime_error`` if the call fails.
240 pid_t create_session (void)
245 if ((sid = setsid ()) == -1)
247 throw std::runtime_error
249 "create_session: setsid() returned an error ("
250 + I2n::to_string (errno)
251 + "): " + strerror (errno));