Commit 1b931026 authored by Jelte Jansen's avatar Jelte Jansen
Browse files

sync with trunk for merge


git-svn-id: svn://bind10.isc.org/svn/bind10/branches/trac172@2362 e5f2f494-b856-4b98-b285-d166d9295462
parents 0a9730cd 141de43f
53. [bug] zhanglikun
68. [func] zhanglikun
Add options -c(--certificate-chain) to bindctl. Override class
HTTPSConnection to support server certificate validation.
Add support to cmdctl.spec file, now there are three configurable
items for cmdctl: 'key_file', 'cert_file' and 'accounts_file',
all of them can be changed in runtime.
(Trac #127, svn r2357)
67. [func] zhanglikun
Make bindctl's command parser only do minimal check. Parameter
value can be a sequence of non-space characters, or a string
surrounded by quotation marks(these marks can be a part of the
value string in escaped form). Make error message be more
friendly.(if there is some error in parameter's value, the
parameter name will be provided). Refactor function login_to_cmdctl()
in class BindCmdInterpreter: avoid using Exception to catch all
exceptions.
(Trac #220, svn r2356)
66. [bug] each
Check for duplicate RRsets before inserting data into a message
section; this, among other things, will prevent multiple copies
of the same CNAME from showing up when there's a loop. (Trac #69,
svn r2350)
65. [func] shentingting
Added verbose options to exactly what is happening with loadzone.
Added loadzone test suite of different file formats to load.
(Trac #197, #199, #244, #161, #198, #174, #175, svn r2340)
64. [func] jerry
Added python logging framework. It is for testing and experimenting
with logging ideas. Currently, it supports three channels(file,
syslog and stderr) and five levels(debug, info, warning, error and
critical).
(Trac #176, svn r2338)
63. [func] shane
Added initial support for setuid(), using the "-u" flag. This will
be replaced in the future, but for now provides a reasonable
starting point.
(Trac #180, svn r2330)
62. [func] jelte
bin/xfrin: Use the database_file as configured in Auth to transfers
bin/xfrout: Use the database_file as configured in Auth to transfers
61. [bug] jelte
bin/auth: Enable b10-auth to be launched in source tree
(i.e. use a zone database file relative to that)
60. [build] jinmei
Supported SunStudio C++ compiler. Note: gtest still doesn't work.
(Trac #251, svn r2310)
59. [bug] jinmei
lib/datasrc,bin/auth: The authoritative server could return a
SERVFAIL with a partial answer if it finds a data source broken
while looking for an answer. This can happen, for example, if a
zone that doesn't have an NS RR is configured and loaded as a
sqlite3 data source. (Trac #249, r2286)
58. [bug] jinmei
Worked around an interaction issue between ASIO and standard C++
library headers. Without this ASIO didn't work: sometimes the
application crashes, sometimes it blocked in the ASIO module.
(Trac #248, svn r2187, r2190)
57. [func] jinmei
lib/datasrc: used a simpler version of Name::split (change 31) for
better readability. No behavior change. (Trac #200, svn r2159)
56. [func]* jinmei
lib/dns: renamed the library name to libdns++ to avoid confusion
with the same name of library of BIND 9.
(Trac #190, svn r2153)
55. [bug] shane
bin/xfrout: xfrout exception on Ctrl-C now no longer generates
exception for 'Interrupted system call'
(Track #136, svn r2147)
54. [bug] zhanglikun
bin/xfrout: Enable b10-xfrout can be launched in source
code tree.
(Trac #224, svn r2103)
53. [bug] zhanglikun
bin/bindctl: Generate a unique session ID by using
socket.gethostname() instead of socket.gethostbyname(),
since the latter one could make bindctl stall if its own
host name can't be resolved.
(Trac #228, svn r2096)
52. [func] zhanglikun
52. [func] zhanglikun
bin/xfrout: When xfrout is launched, check whether the
socket file is being used by one running xfrout process,
if it is, exit from python. If the file isn't a socket file
......@@ -67,6 +154,10 @@ bind10-devel-20100602 released on June 2, 2010
Renamed libauth to libdatasrc.
38. [bug] zhanglikun
Send command 'shutdown' to Xfrin and Xfrout when boss receive SIGINT.
Remove unused socket file when Xfrout process exits. Make sure Xfrout
exit by itself when it receives SIGINT, instead of being killed by the
signal SIGTERM or SIGKILL sent from boss.
(Trac #135, #151, #134, svn r1797)
37. [build] jinmei
......@@ -127,7 +218,7 @@ bind10-devel-20100421 released on April 21, 2010
24. [func]
Support case-sensitive name compression in MessageRenderer.
(svn r1704)
(Trac #142, svn r1704)
23. [func]
Support a simple name with possible compression. (svn r1701)
......
......@@ -9,11 +9,23 @@ AC_CONFIG_HEADERS([config.h])
# Checks for programs.
AC_PROG_CXX
AC_PROG_CC
AC_PROG_LIBTOOL
# Use C++ language
AC_LANG_CPLUSPLUS
AC_LANG([C++])
# Identify the compiler: this check must be after AC_PROG_CXX and AC_LANG.
AM_CONDITIONAL(USE_GXX, test "X${GXX}" = "Xyes")
AC_CHECK_DECL([__SUNPRO_CC], [SUNCXX="yes"], [SUNCXX="no"])
# OS dependent compiler flags
case "$host" in
*-solaris*)
# Solaris requires special definitions to get some standard libraries
# (e.g. getopt(3)) available with common used header files.
CPPFLAGS="$CPPFLAGS -D_XPG4_2 -D__EXTENSIONS__"
;;
esac
m4_define([_AM_PYTHON_INTERPRETER_LIST], [python python3 python3.1])
AC_ARG_WITH([pythonpath],
......@@ -74,6 +86,12 @@ fi
AC_SUBST(PYTHON_INCLUDES)
AC_SUBST(PYTHON_LDFLAGS)
CPPFLAGS_SAVED="$CPPFLAGS"
CPPFLAGS="$CPPFLAGS ${PYTHON_INCLUDES}"
AC_CHECK_HEADERS([Python.h],, AC_MSG_ERROR([Missing Python.h]))
CPPFLAGS="$CPPFLAGS_SAVED"
# Check for python library (not absolutely mandatory, but needed for
# Boost.Python when we use it. See below.)
LDFLAGS_SAVED="$LDFLAGS"
......@@ -87,8 +105,8 @@ AC_SUBST(PYTHON_LIB)
# TODO: check for _sqlite3.py module
#
# B10_CXXFLAGS is the default C++ compiler flags. This will (and should) be
# Compiler dependent settings: define some mandatory CXXFLAGS here.
# We also use a separate variable B10_CXXFLAGS. This will (and should) be
# used as the default value for each specifc AM_CXXFLAGS:
# AM_CXXFLAGS = $(B10_CXXFLAGS)
# AM_CXXFLAGS += ... # add module specific flags
......@@ -97,17 +115,24 @@ AC_SUBST(PYTHON_LIB)
# gcc's -Wno-XXX option must be specified after -Wall or -Wextra, we cannot
# specify the default warning flags in CXXFLAGS and let specific modules
# "override" the default.
#
B10_CXXFLAGS=
if test "X$GCC" = "Xyes"; then
B10_CXXFLAGS="-g -Wall -Wextra -Wwrite-strings -Woverloaded-virtual -Wno-sign-compare"
CXXFLAGS=-g
werror_ok=0
# SunStudio compiler requires special compiler options for boost
# (http://blogs.sun.com/sga/entry/boost_mini_howto)
if test "$SUNCXX" = "yes"; then
CXXFLAGS="$CXXFLAGS -library=stlport4 -features=tmplife -features=tmplrefstatic"
fi
# gcc specific settings:
if test "X$GXX" = "Xyes"; then
B10_CXXFLAGS="-Wall -Wextra -Wwrite-strings -Woverloaded-virtual -Wno-sign-compare"
UNUSED_PARAM_ATTRIBUTE='__attribute__((unused))'
# Certain versions of gcc (g++) have a bug that incorrectly warns about
# the use of anonymous name spaces even if they're closed in a single
# translation unit. For these versions we have to disable -Werror.
werror_ok=0
CXXFLAGS_SAVED="$CXXFLAGS"
CXXFLAGS="$CXXFLAGS $B10_CXXFLAGS -Werror"
AC_MSG_CHECKING(for in-TU anonymous namespace breakage)
......@@ -118,13 +143,13 @@ namespace isc {class Bar {Foo foo_;};} ],,
B10_CXXFLAGS="$B10_CXXFLAGS -Werror"],
[AC_MSG_RESULT(yes)])
CXXFLAGS="$CXXFLAGS_SAVED"
fi dnl GCC = yes
fi dnl GXX = yes
AM_CONDITIONAL(GCC_WERROR_OK, test $werror_ok = 1)
AC_DEFINE_UNQUOTED(UNUSED_PARAM, $UNUSED_PARAM_ATTRIBUTE, Define to compiler keyword indicating a function argument is intentionally unused)
# produce PIC unless we disable shared libraries. need this for python bindings.
if test $enable_shared != "no" -a "X$GCC" = "Xyes"; then
if test $enable_shared != "no" -a "X$GXX" = "Xyes"; then
B10_CXXFLAGS="$B10_CXXFLAGS -fPIC"
fi
......@@ -213,52 +238,6 @@ AC_SUBST(BOOST_LDFLAGS)
# Check availability of the Boost Python library
AC_MSG_CHECKING([for boost::python library])
AC_ARG_WITH([boost-python],
AC_HELP_STRING([--with-boost-python],
[specify whether to use the boost python library]),
[with_boost_python="$withval"], [with_boost_python="auto"])
if test "$with_boost_python" != "no"; then
if test "$with_boost_python" != "auto" -a "X$PYTHON_LIB" = X; then
AC_MSG_ERROR([Boost.Python requested but python library is not available])
fi
LDFLAGS_SAVED="$LDFLAGS"
LIBS_SAVED="$LIBS"
CPPFLAGS_SAVED="$CPPFLAGS"
CPPFLAGS="$CPPFLAGS $PYTHON_INCLUDES"
for BOOST_TRY_LIB in boost_python boost_python-mt; do
LDFLAGS="$LDFLAGS_SAVED ${BOOST_LDFLAGS} ${PYTHON_LDFLAGS}"
LIBS="$LIBS_SAVED -l${BOOST_TRY_LIB} ${PYTHON_LIB}"
AC_TRY_LINK([#include <boost/python/module.hpp>
using namespace boost::python;
BOOST_PYTHON_MODULE(test) { throw "Boost::Python test."; }],
[ return 0; ],
[ AC_MSG_RESULT(yes)
BOOST_PYTHON_LIB="-l${BOOST_TRY_LIB}"
],[])
if test "X${BOOST_PYTHON_LIB}" != X; then
break
fi
done
LDFLAGS="$LDFLAGS_SAVED"
CPPFLAGS="$CPPFLAGS_SAVED"
LIBS="$LIBS_SAVED"
fi
if test "X${BOOST_PYTHON_LIB}" = X; then
AC_MSG_RESULT(no)
if test "$with_boost_python" = "yes"; then
AC_MSG_ERROR([boost python library is requested but not found])
fi
else
AC_DEFINE(HAVE_BOOST_PYTHON, 1, Define to 1 if boost python library is available)
fi
AM_CONDITIONAL(HAVE_BOOST_PYTHON, test "X${BOOST_PYTHON_LIB}" != X)
AC_SUBST(BOOST_PYTHON_LIB)
#
# Check availability of gtest, which will be used for unit tests.
#
......@@ -310,6 +289,11 @@ AC_SUBST(GTEST_INCLUDES)
AC_SUBST(GTEST_LDFLAGS)
AC_SUBST(GTEST_LDADD)
dnl check for pkg-config itself so we don't try the m4 macro without pkg-config
AC_CHECK_PROG(HAVE_PKG_CONFIG, pkg-config, yes, no)
if test "x$HAVE_PKG_CONFIG" = "xno" ; then
AC_MSG_ERROR(Please install pkg-config)
fi
PKG_CHECK_MODULES(SQLITE, sqlite3 >= 3.3.9, enable_features="$enable_features SQLite3")
# I can't get some of the #include <asio.hpp> right without this
......@@ -359,7 +343,7 @@ fi
# run time performance. Hpefully we can find a better solution or the ASIO
# code will be updated by the time we really need it.
AC_CHECK_HEADERS(sys/devpoll.h, ac_cv_have_devpoll=yes, ac_cv_have_devpoll=no)
if test "X$ac_cv_have_devpoll" = "Xyes" -a "X$GCC" = "Xyes"; then
if test "X$ac_cv_have_devpoll" = "Xyes" -a "X$GXX" = "Xyes"; then
CPPFLAGS="$CPPFLAGS -DASIO_DISABLE_DEV_POLL=1"
fi
......@@ -388,8 +372,11 @@ AC_CONFIG_FILES([Makefile
src/bin/bindctl/Makefile
src/bin/bindctl/tests/Makefile
src/bin/cfgmgr/Makefile
src/bin/cfgmgr/tests/Makefile
src/bin/host/Makefile
src/bin/loadzone/Makefile
src/bin/loadzone/tests/correct/Makefile
src/bin/loadzone/tests/error/Makefile
src/bin/msgq/Makefile
src/bin/msgq/tests/Makefile
src/bin/auth/Makefile
......@@ -408,19 +395,25 @@ AC_CONFIG_FILES([Makefile
src/lib/python/isc/cc/tests/Makefile
src/lib/python/isc/config/Makefile
src/lib/python/isc/config/tests/Makefile
src/lib/python/isc/log/Makefile
src/lib/python/isc/log/tests/Makefile
src/lib/config/Makefile
src/lib/config/tests/Makefile
src/lib/dns/Makefile
src/lib/dns/tests/Makefile
src/lib/dns/python/Makefile
src/lib/dns/python/tests/Makefile
src/lib/exceptions/Makefile
src/lib/datasrc/Makefile
src/lib/datasrc/tests/Makefile
src/lib/xfr/Makefile
])
AC_OUTPUT([src/bin/cfgmgr/b10-cfgmgr.py
src/bin/cfgmgr/tests/b10-cfgmgr_test.py
src/bin/cmdctl/cmdctl.py
src/bin/cmdctl/run_b10-cmdctl.sh
src/bin/cmdctl/tests/cmdctl_test
src/bin/cmdctl/cmdctl.spec.pre
src/bin/xfrin/tests/xfrin_test
src/bin/xfrin/xfrin.py
src/bin/xfrin/xfrin.spec.pre
......@@ -436,6 +429,8 @@ AC_OUTPUT([src/bin/cfgmgr/b10-cfgmgr.py
src/bin/bindctl/bindctl-source.py
src/bin/bindctl/tests/bindctl_test
src/bin/loadzone/run_loadzone.sh
src/bin/loadzone/tests/correct/correct_test.sh
src/bin/loadzone/tests/error/error_test.sh
src/bin/loadzone/b10-loadzone.py
src/bin/usermgr/run_b10-cmdctl-usermgr.sh
src/bin/usermgr/b10-cmdctl-usermgr.py
......@@ -447,6 +442,7 @@ AC_OUTPUT([src/bin/cfgmgr/b10-cfgmgr.py
src/lib/config/tests/data_def_unittests_config.h
src/lib/python/isc/config/tests/config_test
src/lib/python/isc/cc/tests/cc_test
src/lib/python/isc/log/tests/log_test
src/lib/dns/gen-rdatacode.py
src/lib/python/bind10_config.py
src/lib/dns/tests/testdata/gen-wiredata.py
......@@ -462,11 +458,14 @@ AC_OUTPUT([src/bin/cfgmgr/b10-cfgmgr.py
chmod +x src/bin/bindctl/tests/bindctl_test
chmod +x src/bin/bindctl/run_bindctl.sh
chmod +x src/bin/loadzone/run_loadzone.sh
chmod +x src/bin/loadzone/tests/correct/correct_test.sh
chmod +x src/bin/loadzone/tests/error/error_test.sh
chmod +x src/bin/usermgr/run_b10-cmdctl-usermgr.sh
chmod +x src/bin/msgq/run_msgq.sh
chmod +x src/bin/msgq/tests/msgq_test
chmod +x src/lib/dns/gen-rdatacode.py
chmod +x src/lib/dns/tests/testdata/gen-wiredata.py
chmod +x src/lib/dns/python/tests/libdns_python_test
])
AC_OUTPUT
......
......@@ -36,7 +36,10 @@ lib_LIBRARIES = libasio_link.a
libasio_link_a_SOURCES = asio_link.cc asio_link.h
# Note: the ordering matters: -Wno-... must follow -Wextra (defined in
# B10_CXXFLAGS)
libasio_link_a_CXXFLAGS = $(AM_CXXFLAGS) -Wno-unused-parameter
libasio_link_a_CXXFLAGS = $(AM_CXXFLAGS)
if USE_GXX
libasio_link_a_CXXFLAGS += -Wno-unused-parameter
endif
libasio_link_a_CPPFLAGS = $(AM_CPPFLAGS)
BUILT_SOURCES = spec_config.h
......@@ -45,15 +48,13 @@ b10_auth_SOURCES = auth_srv.cc auth_srv.h
b10_auth_SOURCES += common.h
b10_auth_SOURCES += main.cc
b10_auth_LDADD = $(top_builddir)/src/lib/datasrc/.libs/libdatasrc.a
b10_auth_LDADD += $(top_builddir)/src/lib/dns/.libs/libdns.a
b10_auth_LDADD += $(top_builddir)/src/lib/dns/.libs/libdns++.a
b10_auth_LDADD += $(top_builddir)/src/lib/config/.libs/libcfgclient.a
b10_auth_LDADD += $(top_builddir)/src/lib/cc/libcc.a
b10_auth_LDADD += $(top_builddir)/src/lib/cc/.libs/libcc.a
b10_auth_LDADD += $(top_builddir)/src/lib/exceptions/.libs/libexceptions.a
b10_auth_LDADD += $(top_builddir)/src/bin/auth/libasio_link.a
b10_auth_LDADD += $(SQLITE_LIBS)
if HAVE_BOOST_PYTHON
b10_auth_LDADD += $(top_builddir)/src/lib/xfr/.libs/libxfr.a
endif
# TODO: config.h.in is wrong because doesn't honor pkgdatadir
# and can't use @datadir@ because doesn't expand default ${prefix}
......
......@@ -16,6 +16,7 @@
#include <config.h>
#include <unistd.h> // for some IPC/network system calls
#include <asio.hpp>
#include <boost/bind.hpp>
......@@ -23,10 +24,7 @@
#include <dns/message.h>
#include <dns/messagerenderer.h>
#if defined(HAVE_BOOST_PYTHON)
#define USE_XFROUT
#include <xfr/xfrout_client.h>
#endif
#include <asio_link.h>
......@@ -39,15 +37,15 @@ using ip::tcp;
using namespace std;
using namespace isc::dns;
#ifdef USE_XFROUT
using namespace isc::xfr;
#endif
namespace {
// As a short term workaround, we have XFROUT specific code. We should soon
// refactor the code with some abstraction so that we can separate this level
// details from the (AS)IO module.
#ifdef USE_XFROUT
// This was contained in an ifdef USE_XFROUT, but we should really check
// live if we do xfrout
//TODO. The sample way for checking axfr query, the code should be merged to auth server class
bool
check_axfr_query(char* const msg_data, const uint16_t msg_len) {
......@@ -64,11 +62,21 @@ check_axfr_query(char* const msg_data, const uint16_t msg_len) {
}
//TODO. Send the xfr query to xfrout module, the code should be merged to auth server class
//BIGGERTODO: stop using hardcoded install-path locations!
void
dispatch_axfr_query(const int tcp_sock, char const axfr_query[],
const uint16_t query_len)
{
string path(UNIX_SOCKET_FILE);
string path;
if (getenv("B10_FROM_BUILD")) {
path = string(getenv("B10_FROM_BUILD")) + "/auth_xfrout_conn";
} else {
path = UNIX_SOCKET_FILE;
}
if (getenv("B10_FROM_BUILD")) {
path = string(getenv("B10_FROM_BUILD")) + "/auth_xfrout_conn";
}
XfroutClient xfr_client(path);
try {
xfr_client.connect();
......@@ -78,10 +86,9 @@ dispatch_axfr_query(const int tcp_sock, char const axfr_query[],
}
catch (const exception & err) {
//if (verbose_mode)
cerr << "error handle xfr query:" << err.what() << endl;
cerr << "error handle xfr query " << UNIX_SOCKET_FILE << ":" << err.what() << endl;
}
}
#endif
}
namespace asio_link {
......@@ -134,13 +141,11 @@ public:
{
if (!error) {
InputBuffer dnsbuffer(data_, bytes_transferred);
#ifdef USE_XFROUT
if (check_axfr_query(data_, bytes_transferred)) {
dispatch_axfr_query(socket_.native(), data_, bytes_transferred);
// start to get new query ?
start();
} else {
#endif
if (auth_server_->processMessage(dnsbuffer, dns_message_,
response_renderer_, false)) {
responselen_buffer_.writeUint16(
......@@ -154,9 +159,7 @@ public:
} else {
delete this;
}
#ifdef USE_XFROUT
}
#endif
} else {
delete this;
}
......
......@@ -24,7 +24,7 @@ struct IOServiceImpl;
class IOService {
public:
IOService(AuthSrv* auth_server, const char* port,
IOService(AuthSrv* auth_server, const char* const port,
const bool use_ipv4, const bool use_ipv6);
~IOService();
void run();
......
......@@ -243,7 +243,8 @@ AuthSrv::processMessage(InputBuffer& request_buffer, Message& message,
impl_->data_sources_.doQuery(query);
} catch (const Exception& ex) {
if (impl_->verbose_mode_) {
cerr << "[b10-auth] Internal error, returning SERVFAIL: " << ex.what() << endl;
cerr << "[b10-auth] Internal error, returning SERVFAIL: " <<
ex.what() << endl;
}
makeErrorMessage(message, response_renderer, Rcode::SERVFAIL(),
impl_->verbose_mode_);
......@@ -273,9 +274,22 @@ AuthSrvImpl::setDbFile(const isc::data::ElementPtr config) {
bool is_default;
string item("database_file");
ElementPtr value = cs_->getValue(is_default, item);
db_file_ = value->stringValue();
final = Element::createMap();
// If the value is the default, and we are running from
// a specific directory ('from build'), we need to use
// a different value than the default (which may not exist)
// (btw, this should not be done here in the end, i think
// the from-source script should have a check for this,
// but for that we need offline access to config, so for
// now this is a decent solution)
if (is_default && getenv("B10_FROM_BUILD")) {
value = Element::create(string(getenv("B10_FROM_BUILD")) +
"/bind10_zones.sqlite3");
}
final->set(item, value);
db_file_ = value->stringValue();
} else {
return (answer);
}
......
......@@ -148,12 +148,12 @@ main(int argc, char* argv[]) {
io_service = new asio_link::IOService(auth_server, port, use_ipv4,
use_ipv6);
ModuleCCSession cs(specfile, io_service->get_io_service(), my_config_handler, my_command_handler);
ModuleCCSession cs(specfile, io_service->get_io_service(),
my_config_handler, my_command_handler);
auth_server->setConfigSession(&cs);
auth_server->updateConfig(ElementPtr());
cout << "[b10-auth] Server started." << endl;
io_service->run();
} catch (const std::exception& ex) {
......
......@@ -20,9 +20,9 @@ run_unittests_LDFLAGS = $(AM_LDFLAGS) $(GTEST_LDFLAGS)
run_unittests_LDADD = $(GTEST_LDADD)
run_unittests_LDADD += $(SQLITE_LIBS)
run_unittests_LDADD += $(top_builddir)/src/lib/datasrc/.libs/libdatasrc.a
run_unittests_LDADD += $(top_builddir)/src/lib/dns/.libs/libdns.a
run_unittests_LDADD += $(top_builddir)/src/lib/dns/.libs/libdns++.a
run_unittests_LDADD += $(top_builddir)/src/lib/config/.libs/libcfgclient.a
run_unittests_LDADD += $(top_builddir)/src/lib/cc/libcc.a
run_unittests_LDADD += $(top_builddir)/src/lib/cc/.libs/libcc.a
run_unittests_LDADD += $(top_builddir)/src/lib/exceptions/.libs/libexceptions.a
endif
......
......@@ -57,6 +57,9 @@ import time
import select
import random
from optparse import OptionParser, OptionValueError
import io
import pwd
import posix
import isc.cc
......@@ -108,21 +111,38 @@ to avoid being restarted at exactly 10 seconds."""
when = time.time()
return max(when, self.restart_time)
class ProcessInfoError(Exception): pass
class ProcessInfo:
"""Information about a process"""
dev_null = open(os.devnull, "w")
def __init__(self, name, args, env={}, dev_null_stdout=False,
dev_null_stderr=False):
dev_null_stderr=False, uid=None, username=None):
self.name = name
self.args = args
self.env = env
self.dev_null_stdout = dev_null_stdout
self.dev_null_stderr = dev_null_stderr
self.restart_schedule = RestartSchedule()
self.uid = uid
self.username = username
self._spawn()
def _setuid(self):
"""Function used before running a program that needs to run as a
different user."""
if self.uid is not None:
try:
posix.setuid(self.uid)
except OSError as e:
if e.errno == errno.EPERM:
# if we failed to change user due to permission report that
raise ProcessInfoError("Unable to change to user %s (uid %d)" % (self.username, self.uid))
else:
# otherwise simply re-raise whatever error we found
raise
def _spawn(self):
if self.dev_null_stdout:
......@@ -138,14 +158,15 @@ class ProcessInfo:
# on construction (self.env).
spawn_env = os.environ
spawn_env.update(self.env)
if not 'B10_FROM_SOURCE' in os.environ:
if 'B10_FROM_SOURCE' not in os.environ:
spawn_env['PATH'] = "@@LIBEXECDIR@@:" + spawn_env['PATH']
self.process = subprocess.Popen(self.args,
stdin=subprocess.PIPE,
stdout=spawn_stdout,
stderr=spawn_stderr,
close_fds=True,
env=spawn_env,)
env=spawn_env,
preexec_fn=self._setuid)
self.pid = self.process.pid
self.restart_schedule.set_run_start_time()
......@@ -155,7 +176,8 @@ class ProcessInfo:
class BoB:
"""Boss of BIND class."""
def __init__(self, msgq_socket_file=None, auth_port=5300, verbose=False):
def __init__(self, msgq_socket_file=None, auth_port=5300, verbose=False,
setuid=None, username=None):
"""Initialize the Boss of BIND. This is a singleton (only one
can run).
......@@ -171,6 +193,8 @@ class BoB:
self.processes = {}
self.dead_processes = {}
self.runnable = False
self.uid = setuid
self.username = username
def config_handler(self, new_config):
if self.verbose:
......@@ -225,12 +249,14 @@ class BoB:
sys.stdout.write("[bind10] Starting b10-msgq\n")
try:
c_channel = ProcessInfo("b10-msgq", ["b10-msgq"], c_channel_env,
True, not self.verbose)
True, not self.verbose, uid=self.uid,
username=self.username)
except Exception as e:
return "Unable to start b10-msgq; " + str(e)
self.processes[c_channel.pid] = c_channel
if self.verbose:
sys.stdout.write("[bind10] Started b10-msgq (PID %d)\n" % c_channel.pid)
sys.stdout.write("[bind10] Started b10-msgq (PID %d)\n" %
c_channel.pid)
# now connect to the c-channel
cc_connect_start = time.time()
......@@ -250,7 +276,8 @@ class BoB:
sys.stdout.write("[bind10] Starting b10-cfgmgr\n")