5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright 2012 Milan Jurik. All rights reserved.
25 */
26
27 #include <stdio.h>
28 #include <stdlib.h>
29 #include <synch.h>
30 #include <thread.h>
31 #include <string.h>
32 #include <errno.h>
33 #include <dlfcn.h>
34 #include <door.h>
35 #include <libscf.h>
36 #include <ucred.h>
37 #include <sys/varargs.h>
38 #include <signal.h>
39 #include <unistd.h>
40 #include <sys/types.h>
41 #include <dirent.h>
42 #include <sys/proc.h>
43 #include <procfs.h>
44 #include <sys/stat.h>
408 NULL, 0, NULL, 0, NULL);
409
410 /* Close door because the other side exited. */
411 (void) close(fd);
412
413 _NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
414 (me, "door (%d) monitor exited (rc = %d)\n", fd, ret);
415
416 return (ret);
417 }
418
419 /*ARGSUSED*/
420 static void *
421 forker_monitor(
422 void *arg)
423 {
424 pid_t fpid;
425 char *fmri;
426 char *me = "forker_monitor";
427
428 /* wait until forker exits */
429 fpid = forker_pid;
430 (void) selfcred_pulse(forking_door);
431
432 _NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
433 (me, "forker (pid = %d) exited or crashed, "
434 "killing all child processes\n", fpid);
435
436 (void) mutex_lock(&forking_lock);
437 forking_door = -1;
438 forker_pid = -1;
439 (void) mutex_unlock(&forking_lock);
440
441 /* forker exited/crashed, kill all the child processes */
442 _nscd_kill_all_children();
443
444 /* restart forker */
445 _NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
446 (me, "restarting the forker ...\n");
447
1449 info.pr_uid == uid && info.pr_euid == euid)
1450 return (0);
1451 else
1452 return (1);
1453 }
1454
1455
1456 /*
1457 * FUNCTION: check_user_process
1458 */
1459 /*ARGSUSED*/
1460 static void *
1461 check_user_process(void *arg)
1462 {
1463
1464 DIR *dp;
1465 struct dirent *ep;
1466 int found;
1467 char *me = "check_user_process";
1468
1469 for (;;) {
1470 (void) sleep(60);
1471
1472 found = 0;
1473
1474 /*
1475 * search the /proc directory and look at each process
1476 */
1477 if ((dp = opendir("/proc")) == NULL) {
1478 _NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_ERROR)
1479 (me, "unable to open the /proc directory\n");
1480 continue;
1481 }
1482
1483 /* for each active process */
1484 while (ep = readdir(dp)) {
1485 if (ep->d_name[0] == '.') /* skip . and .. */
1486 continue;
1487 if (check_uid(ep->d_name) == 0) {
1488 found = 1;
|
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright (c) 2006, 2010, Oracle and/or its affiliates. All rights reserved.
24 * Copyright 2012 Milan Jurik. All rights reserved.
25 * Copyright 2018 Joyent Inc.
26 */
27
28 #include <stdio.h>
29 #include <stdlib.h>
30 #include <synch.h>
31 #include <thread.h>
32 #include <string.h>
33 #include <errno.h>
34 #include <dlfcn.h>
35 #include <door.h>
36 #include <libscf.h>
37 #include <ucred.h>
38 #include <sys/varargs.h>
39 #include <signal.h>
40 #include <unistd.h>
41 #include <sys/types.h>
42 #include <dirent.h>
43 #include <sys/proc.h>
44 #include <procfs.h>
45 #include <sys/stat.h>
409 NULL, 0, NULL, 0, NULL);
410
411 /* Close door because the other side exited. */
412 (void) close(fd);
413
414 _NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
415 (me, "door (%d) monitor exited (rc = %d)\n", fd, ret);
416
417 return (ret);
418 }
419
420 /*ARGSUSED*/
421 static void *
422 forker_monitor(
423 void *arg)
424 {
425 pid_t fpid;
426 char *fmri;
427 char *me = "forker_monitor";
428
429 (void) thr_setname(thr_self(), me);
430
431 /* wait until forker exits */
432 fpid = forker_pid;
433 (void) selfcred_pulse(forking_door);
434
435 _NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
436 (me, "forker (pid = %d) exited or crashed, "
437 "killing all child processes\n", fpid);
438
439 (void) mutex_lock(&forking_lock);
440 forking_door = -1;
441 forker_pid = -1;
442 (void) mutex_unlock(&forking_lock);
443
444 /* forker exited/crashed, kill all the child processes */
445 _nscd_kill_all_children();
446
447 /* restart forker */
448 _NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_DEBUG)
449 (me, "restarting the forker ...\n");
450
1452 info.pr_uid == uid && info.pr_euid == euid)
1453 return (0);
1454 else
1455 return (1);
1456 }
1457
1458
1459 /*
1460 * FUNCTION: check_user_process
1461 */
1462 /*ARGSUSED*/
1463 static void *
1464 check_user_process(void *arg)
1465 {
1466
1467 DIR *dp;
1468 struct dirent *ep;
1469 int found;
1470 char *me = "check_user_process";
1471
1472 (void) thr_setname(thr_self(), me);
1473
1474 for (;;) {
1475 (void) sleep(60);
1476
1477 found = 0;
1478
1479 /*
1480 * search the /proc directory and look at each process
1481 */
1482 if ((dp = opendir("/proc")) == NULL) {
1483 _NSCD_LOG(NSCD_LOG_SELF_CRED, NSCD_LOG_LEVEL_ERROR)
1484 (me, "unable to open the /proc directory\n");
1485 continue;
1486 }
1487
1488 /* for each active process */
1489 while (ep = readdir(dp)) {
1490 if (ep->d_name[0] == '.') /* skip . and .. */
1491 continue;
1492 if (check_uid(ep->d_name) == 0) {
1493 found = 1;
|