Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
aboutsummaryrefslogtreecommitdiff
path: root/libsbutil/sbutil.h
Commit message (Collapse)AuthorAgeFilesLines
* libsandbox: avoid mixing stderr & output pipesMike Frysinger2015-12-201-0/+1
| | | | | | | | | | | | The various debug helpers were changed to write out to a dedicated message path, but some of the trace code still uses stderr directly. When mixing these methods, the direct prints would sometimes be lost. Convert the few users to a new raw print function so they all route through the same file. We might want to extract this a bit more out in the future so it's easier to write to them, but this should be fine for now. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* libsbutil: add helpers for reading config options (w/out env export)Mike Frysinger2015-09-261-0/+2
| | | | | | | | | All sandbox settings thus far have been for libsandbox.so to process. With newer features though, we have settings that might only apply to the main sandbox program. Add some helper functions for parsing out those settings (which a later commit will utilize). Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* libsbutil: gnulib: import modules for canonicalize_filename_modeMike Frysinger2015-09-201-0/+3
| | | | | | | | | | | | | | | | | | | | | | This lays the groundwork for fixing handling of broken symlinks. The gnulib code is hand imported because using the gnulib tool imports a ton of code we do not want. Only the bare minimum is imported so we can use the canonicalize_filename_mode function. This function is needed to canonicalize symlinks that are ultimately broken. The current sandbox/C library code only supports two modes: (1) dereference a single symlink (2) dereference *all* symlinks, but only if all links are valid For sandbox, we need to know the final path a symlink points to even if that path doesn't (yet) exist. Note: This commit doesn't actually fix the bug, just brings in the functions we need to do so. URL: https://bugs.gentoo.org/540828 Reported-by: Rick Farina <zerochaos@gentoo.org> Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* sandbox: use a non-shell var for the message pathMike Frysinger2013-03-031-1/+1
| | | | | | | | | | | | | | | | | By allowing the SANDBOX_MESSAGE_PATH var to be stored in the shell environment and then modified on the fly, we run into a fun edge case with the PM. When a phase has finished running, it saves the current environment. When the next phase runs, it loads the env from the previous run. Since the message path var can contain a pid, the previous run will no longer be valid. Since we want this to simply be a way for the active sandbox to pass information to the active libsandbox.so's, there's no need to use an env var that the shell can save/reload. As such, use a variable name that the shell will skip. Non-shell programs have no problem with this. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* libsandbox: clean up open file handles in parent tracing processMike Frysinger2012-06-231-0/+1
| | | | | | | | | | | | | | Currently, if a non-static app sets up a pipe (with cloexec enabled) and executes a static app, the handle to that pipe is left open in the parent process. This causes trouble when the parent is waiting for that to be closed immediately. Since none of the fds in the forked parent process matter to us, we can just go ahead and clean up all fds before we start tracing the child. URL: http://bugs.gentoo.org/364877 Reported-by: Victor Stinner <victor.stinner@haypocalc.com> Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* environ: add set variants to env_is_{on,off}Mike Frysinger2013-02-221-0/+2
| | | | | | | | In some situations, we want to know the tristate of "is on", "is off", and "is set" instead of just lumping the "is not set" case in with "is off". Add some helpers for that. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* add a new message env varMike Frysinger2013-02-241-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | This is used whenever sandbox wants to display an informational message. For example, early notification of a path violation, or debugging output. We can't just pop open an fd and pass that around as apps consider that leakage and will often break assumptions in terms of free fds. Or apps that start up and cleanse all of their open fds. So instead, we just pass around an env var that holds the full path to the file we want will write to. Since these messages are infrequent (compared to overall runtime), opening/writing/closing the path every time is fine. This also avoids all the problems associated with using external portage helpers for writing messages. A follow up commit will take care of the situation where apps (such as scons) attempt to also cleanse the env before forking. URL: http://bugs.gentoo.org/278761 URL: http://bugs.gentoo.org/431638 Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* delete unused sandbox env varsMike Frysinger2013-02-241-7/+0
| | | | | | Nothing uses or cares about these vars, so punt them. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* environ: add a new is_env_var helper for checking var namesMike Frysinger2013-02-241-3/+6
| | | | | | | This is laying the ground work for processing more vars in the future than just LD_PRELOAD. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* sb_gdb: improve gdb integrationMike Frysinger2012-12-241-0/+5
| | | | | | | | | | | | | | | | Add a dedicated entry point for connecting gdb to make it easy to connect gdb at arbitrary points (ala printf style debugging). This also smooths a lot of the common steps when automatically launching gdb such as making sure the process is closer to the crash point when the user takes over control of gdb. Finally, switch to using clone rather than fork since the latter relies on the C lib's fork which implicitly can grab locks. If we're crashing in the middle of a func that already holds those locks, the fork call will hang indefinitely on us. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* sandbox: allow log files to fallback to tmpdirMike Frysinger2012-12-241-2/+2
| | | | | | | | Since non-root users typically do not have write access to /var/log, allow it to fallback to standard tmpdirs. This makes testing locally a lot easier. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* significantly overhaul output helpersMike Frysinger2012-06-231-11/+28
| | | | | | | | | | | | | | | | | | | | There are a few major points we want to hit here: - have all output from libsandbox go through portage helpers when we are in the portage environment so that output is properly logged - convert SB_E{info,warn,error} to sb_e{info,warn,error} to match style of other functions and cut down on confusion - move all abort/output helpers to libsbutil so it can be used in all source trees and not just by libsandbox - migrate all abort points to the centralized sb_ebort helper Unfortunately, it's not terribly easy to untangle these into separate patches, but hopefully this shouldn't be too messy as much of it is mechanical: move funcs between files, and change the name of funcs that get called. URL: http://bugs.gentoo.org/278761 Reported-by: Mounir Lamouri <volkmar@gentoo.org> Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* libsandbox: create more defines for gcc attributesMike Frysinger2012-06-231-4/+4
| | | | Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* sandbox: drop beep supportMike Frysinger2012-06-231-3/+0
| | | | | | | | Almost no one has beep support turned on anymore, and ebeep in the main tree has been deprecated (meaning it wasn't found useful while building packages). So punt support for it from sandbox too. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* libsandbox: push down constructor initMike Frysinger2012-03-051-1/+1
| | | | | | | | | | | | | | Since every consumer of sb_open gets a copy of the sbio_open data, push the init of this into the .data section of the respective consumers to avoid the runtime overhead. This just leaves sandbox_lib setup in the constructor function, but that is only needed by the execve wrapper, so push down init of that to the existing sb_init logic which happens before our execve wrapper gets used. URL: http://bugs.gentoo.org/404013 Reported-by: Mike Gilbert <floppym@gentoo.org> Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* libsbutil: kill off confusing SB_WRITE macroMike Frysinger2009-08-251-9/+0
| | | | | | | The SB_WRITE() macro makes using sb_write() confusing, so convert the two small users and kill it off. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* setup local sandbox.d for running tests to avoid /etc/sandbox.dMike Frysinger2009-04-261-0/+1
| | | | | | | Always use local sandbox.d copy to avoid random /etc/sandbox.d issues like it doesn't exist, or has permission problems, or anything else. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* sandbox: stop denying /etc/ld.so.preloadMike Frysinger2009-03-311-1/+0
| | | | | | | | The very old method of loading sandbox was via ld.so.preload, so it was added to default deny list. However, that's long dead, and since it does not conflict with LD_PRELOAD, no point in preventing access. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* libsandbox: add an eqawarn() funcMike Frysinger2009-03-181-0/+1
| | | | | | | | Break out most of the QA static ELF warning code into a new eqawarn() func. This way we can handle dynamic stuff like calling portage's eqawarn func to handle dirty details like logging. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* libsandbox: dump exec QA static notice to /dev/ttyMike Frysinger2009-03-111-0/+1
| | | | | | | | | | Rather than dump the QA static notice to stderr when trying to execute a static binary, write directly to /dev/tty. This prevents breaking things like testsuites that validate the exact stderr output. URL: http://bugs.gentoo.org/261957 Signed-off-by: Mike Frysinger <vapier@gentoo.org> Reported-by: Kent Fredric <kentfredric@gmail.com>
* bump common macros up to localdecls.h so tests can use themMike Frysinger2009-03-091-13/+0
| | | | Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* sandbox: delete the testing var after installv1.4Mike Frysinger2009-03-081-0/+3
| | | | | | | We don't want people to bypass normal mechanisms with the testing var, so zero out the name when installing the sandbox binary. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* tests: get scripts working in sandbox.shMike Frysinger2009-02-081-0/+1
| | | | | | | | | Make sure we source the local sandbox.{bashrc,conf} and we always make the helper functions available when testing even if we aren't interactive. Now we can run `make check` and test the local version of sandbox even when we are running under another sandbox env. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* sandbox: remove unused /var/tmp dir handlingMike Frysinger2009-02-011-1/+0
| | | | Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* libsbutil: setup {offsetof,MIN,MAX} helper macros if they dont existMike Frysinger2009-01-291-0/+11
| | | | Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* libsandbox: optimize!Mike Frysinger2008-12-311-0/+2
| | | | | | | Kill off string operations where unnecessary, and convert the sets of prefixes to arrays that we can iterate over. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* libsbutil: cleanup x* memory functionsMike Frysinger2008-12-311-0/+19
| | | | | | | | Pull the x* memory functions out of rcscripts and into libsbutil and change their style to match the rest of sbutil. Also add xzalloc() and xstrdup(), and convert pointless strndup() usage to strdup(). Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* sp_printf: make sure all output goes to stderrMike Frysinger2008-11-281-4/+4
| | | | | | | All output (even "normal" messages) have to go to stderr so we don't inadvertently break shell scripts that are being passed via stdout. Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* unify SB_E{INFO,WARN,ERROR} functions and have them call the internal ↵Mike Frysinger2008-11-161-32/+7
| | | | | | sb_printf function Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* libsbutil: simple custom printf() replacementMike Frysinger2008-11-161-9/+19
| | | | Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* headers.h: consolidate all random system includes into one fileMike Frysinger2008-11-091-4/+1
| | | | Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* cleanup whitespace and comments -- no functional changesMike Frysinger2008-11-091-18/+2
| | | | Signed-off-by: Mike Frysinger <vapier@gentoo.org>
* Move wrappers out of libsandbox.c. Move IO functions toMartin Schlemmer2006-07-101-0/+19
| | | | | | libsbutil. Signed-off-by: Martin Schlemmer <azarah@gentoo.org>
* Start moving libsandbox only related stuff out of libsbutil.Martin Schlemmer2006-07-091-4/+0
| | | | Signed-off-by: Martin Schlemmer <azarah@gentoo.org>
* Remove file_length(), and rather use rc_get_size().Martin Schlemmer2006-07-091-1/+0
| | | | Signed-off-by: Martin Schlemmer <azarah@gentoo.org>
* As we are using a symbol map for libsandbox, its no longer neededMartin Schlemmer2006-07-091-0/+133
to have all the internal functions static, and thus we can break things out a bit and make the source layout more sane. Start by moving librcutil to libsbutil, and adding all the defines and helper functions needed by both libsandbox and sandbox. Signed-off-by: Martin Schlemmer <azarah@gentoo.org>