debian/0000775000000000000000000000000012443707264007201 5ustar debian/libcgmanager-dev.install0000664000000000000000000000012412317626565013761 0ustar usr/lib/*/pkgconfig/libcgmanager.pc usr/include/cgmanager usr/lib/*/libcgmanager.so debian/cgmanager-utils.dirs0000664000000000000000000000001012317626565013141 0ustar usr/bin debian/tests/0000775000000000000000000000000012317653305010337 5ustar debian/tests/exercise0000775000000000000000000000010012317626565012073 0ustar #!/bin/sh set -eu cd /usr/share/cgmanager/tests/ ./runtests.sh debian/tests/control0000664000000000000000000000012212317626565011745 0ustar Tests: exercise Depends: cgmanager, dbus, @ Restrictions: needs-root allow-stderr debian/cgmanager-utils.manpages0000664000000000000000000000000612317626565014000 0ustar cgm.1 debian/watch0000664000000000000000000000012112317626565010230 0ustar version=3 http://cgmanager.linuxcontainers.org/downloads cgmanager-(.*)\.tar\.gz debian/cgmanager.dirs0000664000000000000000000000000512317626565012007 0ustar sbin debian/cgmanager-utils.install0000664000000000000000000000001712317626565013655 0ustar bin/* usr/bin/ debian/compat0000664000000000000000000000000212317626565010403 0ustar 9 debian/rules0000775000000000000000000000162312317626565010267 0ustar #!/usr/bin/make -f # -*- makefile -*- export DEB_BUILD_HARDENING = 1 DEB_DH_INSTALLINIT_ARGS = --upstart-only DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 %: dh $@ --with autotools_dev --with autoreconf override_dh_autoreconf: [ -e m4 ] || mkdir m4 dh_autoreconf override_dh_auto_configure: dh_auto_configure -- --exec-prefix= override_dh_install: mkdir -p $(CURDIR)/debian/tmp/lib/$(DEB_HOST_MULTIARCH) mv $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libcgmanager.so.* \ $(CURDIR)/debian/tmp/lib/$(DEB_HOST_MULTIARCH)/ for i in $(CURDIR)/debian/tmp/usr/lib/$(DEB_HOST_MULTIARCH)/libcgmanager.so ; do \ dest=$$(readlink $$i) ; \ rm -f $$i ; \ ln -s /lib/$(DEB_HOST_MULTIARCH)/$$dest $$i ; \ done dh_install dh_installinit -pcgmanager --name=cgmanager dh_installinit -pcgmanager --name=cgproxy debian/changelog0000664000000000000000000003220212443702142011040 0ustar cgmanager (0.24-0ubuntu7.1) trusty-security; urgency=medium * SECURITY UPDATE: Cross-cgroup resource control bypass. - debian/patches/0001-make-sure-to-check-cgroup-hierarchy.patch, modify cgmanager.c to verify that requests are allowed under the caller's cgroup. - CVE-2014-1425 -- Seth Arnold Mon, 15 Dec 2014 17:01:08 -0800 cgmanager (0.24-0ubuntu7) trusty-proposed; urgency=medium [ Michael Terry ] * debian/patches/0007-fix-crash-on-free.patch: (LP: #1322798) - Fix possible crash when freeing an IO channel -- Serge Hallyn Tue, 27 May 2014 12:33:21 -0500 cgmanager (0.24-0ubuntu6) trusty-proposed; urgency=low * 0002-exit-on-startup-error: Don't proceed to accept client connections if we failed to connect to the server. (LP: #1317693) * 0003-proxy-wait-2-seconds-for-server-reply: do not wait indefinately for replies from the cgmanager, as it may have crashed. (LP: #1317623) * 0004-Implement-getpidcgroupabs.patch: Provide a way for clients to query absolute paths which can be used with MovePidAbs (LP: #1315052) * 0005-get_controller_path-use-the-is_same_controller-helpe.patch: Fix handling of name=systemd so that containers can be properly entered into the proper cgroup. (LP: #1315521) * 0006-cgm-make-all-also-reference-name-systemd.patch: make cgm all also act on the name=systemd container (LP: #1317687) -- Serge Hallyn Thu, 08 May 2014 18:02:50 -0500 cgmanager (0.24-0ubuntu5) trusty; urgency=medium * Add a 'stop on' to the upstart jobs (LP: #1307008) -- Serge Hallyn Mon, 14 Apr 2014 00:13:44 -0500 cgmanager (0.24-0ubuntu4) trusty; urgency=medium * debian/control: drop Vcs-Git field, which was pointing to the upstream branch, not packaging branch. -- Serge Hallyn Wed, 09 Apr 2014 23:13:03 -0500 cgmanager (0.24-0ubuntu3) trusty; urgency=medium * Use SIGSTOP as a way to tell upstart that we are ready to accept queries, this fixes a race condition. (LP: #1302174) * Emit cgmanager-ready once all the required daemons have been spawned and are ready for requests. (LP: #1302174) * Always kill cgproxy when spawning cgmanager, this is required to allow proper restart/respawning on systems using both daemons. (LP: #1302174) -- Stéphane Graber Fri, 04 Apr 2014 21:04:43 -0400 cgmanager (0.24-0ubuntu2) trusty; urgency=medium [ Serge Hallyn ] * move libraries from /usr/lib into /lib (LP: #1301544) * debian/control: - remove ${shlibs:Depends} from cgmanager-utils, cgmanager-tests and libcgmanager-devel * Makefile.am: - add -shared to AM_LDFLAGS - add AM_LDFLAGS to libcgmanager's ldflags [ Stéphane Graber ] * Add adt support. -- Serge Hallyn Wed, 02 Apr 2014 13:59:03 -0500 cgmanager (0.24-0ubuntu1) trusty; urgency=medium * Sync upstream relase v0.24 - Includes RemoveOnEmpty method (LP: #1281683) -- Serge Hallyn Mon, 31 Mar 2014 14:00:53 -0500 cgmanager (0.23-0ubuntu2) trusty; urgency=medium * debian/control: fix description of cgmanager-utils package. * debian/*.upstart: hard-code /sbin/ into the exec paths to avoid accidentally running old binaries not shipped with the package. * libcgmanager-dev.install: install libcgmanager.so -- Serge Hallyn Tue, 25 Mar 2014 10:15:14 -0500 cgmanager (0.23-0ubuntu1) trusty; urgency=medium * Pull upstream release v0.23 - all patches are upstream, drop from debian/patches/ - fix memory leak in scm handlers (LP: #1296804) - add a simple to use client tool (LP: #1295227) * debian/control: fix weak library dev dependency. * add cgmanager-utils package containing cgm client script -- Serge Hallyn Mon, 24 Mar 2014 11:56:04 -0500 cgmanager (0.20-0ubuntu5) trusty; urgency=medium * proxy: reconnect to cgmanager after disconnection (LP: #1294419) * print function name in most error messages -- Serge Hallyn Wed, 19 Mar 2014 00:18:56 -0500 cgmanager (0.20-0ubuntu4) trusty; urgency=medium * d/p/0003-set_value-only-check-write-access-rights.patch: fix wrong refusals to set cgroup values (LP: #1293647) -- Serge Hallyn Mon, 17 Mar 2014 11:38:19 -0500 cgmanager (0.20-0ubuntu3) trusty; urgency=medium * Implement ListChildren method to list child cgroups (LP: #1285900) -- Serge Hallyn Thu, 27 Feb 2014 16:51:30 -0600 cgmanager (0.20-0ubuntu2) trusty; urgency=medium * limit depth of cgroups (LP: #1284872) -- Serge Hallyn Wed, 26 Feb 2014 10:41:27 -0600 cgmanager (0.20-0ubuntu1) trusty; urgency=medium * Merge upstream v0.20 -- Serge Hallyn Mon, 24 Feb 2014 16:38:37 -0600 cgmanager (0.19-0ubuntu7) trusty; urgency=medium * 0006-cgproxy-remove-proxydir-if-it-exists.patch - this fixes startup of the proxy on the host itself, which is needed on older kernels. (update it to rmdir rather than unlink the directory) -- Serge Hallyn Fri, 21 Feb 2014 23:41:54 -0600 cgmanager (0.19-0ubuntu6) trusty; urgency=medium * 0005-allow-passing-in-extra-mounts.patch * debian/cgmanager.cgmanager.upstart: add '-m name=systemd' to mount the systemd cgroup for logind's use. -- Serge Hallyn Mon, 17 Feb 2014 16:48:14 -0600 cgmanager (0.19-0ubuntu5) trusty; urgency=medium * debian/control: add dependency on libdbus-1-dev to libcgmanager-dev -- Serge Hallyn Thu, 13 Feb 2014 15:06:34 -0600 cgmanager (0.19-0ubuntu4) trusty; urgency=medium * debian/rules: make sure to create m4 before calling autoreconf. * debian/control: make libcgmanager-dev Depend on nih-dbus-tool and libcgmanager0 * debian/cgmanager.cgmanager.upstart: also start on virtual-filesystems so as to start correctly in precise. -- Serge Hallyn Thu, 06 Feb 2014 16:27:15 -0600 cgmanager (0.19-0ubuntu3) trusty; urgency=medium * add 0004-add-.spec-for-rpm-build-minor-packaging-fixes.patch to move include file to /usr/include/cgmanager * debian/rules: don't hand-install pkgconfig * libcgmanager-dev.install: fix location of pkgconfig and /usr/include/cgmanager. -- Serge Hallyn Wed, 05 Feb 2014 15:40:35 -0600 cgmanager (0.19-0ubuntu2) trusty; urgency=medium * add upstream patch 0003-proxy-support-running-in-top-namespace.patch so proxy can run in initial namespace on old kernels * add cgproxy upstart job to run on host on old kernels, thanks to stgraber. -- Serge Hallyn Wed, 05 Feb 2014 10:40:07 -0600 cgmanager (0.19-0ubuntu1) trusty; urgency=medium * Merge upstream v0.19 * Add upstream patch to introduce manual pages. -- Serge Hallyn Mon, 03 Feb 2014 16:50:26 -0600 cgmanager (0.18-0ubuntu1) trusty; urgency=medium * Merge upstream v0.18. -- Serge Hallyn Fri, 31 Jan 2014 15:04:29 +0000 cgmanager (0.17-0ubuntu2) trusty; urgency=medium * cherrypick d/p/0001-cgmanager_chown-pass-a-valid-pid.patch from upstream to fix broken chown through proxy. -- Serge Hallyn Tue, 28 Jan 2014 17:28:35 +0000 cgmanager (0.17-0ubuntu1) trusty; urgency=medium * Merge upstream 0.17. -- Serge Hallyn Tue, 28 Jan 2014 10:58:02 +0000 cgmanager (0.16-0ubuntu3) trusty; urgency=medium * d/p/0006-hostuid_to_ns-don-t-dabble-with-1-uid_ts.patch. This also allows root in a user ns to chown a cgroup owned by a uid mapped into the namespace. -- Serge Hallyn Fri, 24 Jan 2014 00:04:58 -0600 cgmanager (0.16-0ubuntu2) trusty; urgency=medium * Add patches from upstream; particularly to more robustly handle nih_errors. -- Serge Hallyn Thu, 23 Jan 2014 18:31:04 -0600 cgmanager (0.16-0ubuntu1) trusty; urgency=medium * Initial upload to the archive * Merge upstream v0.16. - change &existed return value in create and remove methods: "no" is now -1 not 0. -- Serge Hallyn Mon, 20 Jan 2014 18:46:11 -0600 cgmanager (0.15-3) trusty; urgency=medium * upstart: - fix syntax error - optionally call /etc/default/cgmanager to source options (namely --debug) * 0004-formality-explicitly-call-existed-an-int32_t.patch -- Serge Hallyn Fri, 17 Jan 2014 12:17:08 -0600 cgmanager (0.15-2) trusty; urgency=medium * Add patches from upstream: - 0001-Fixes-for-Coverity-identified-issues.patch - 0002-address-pid-wraparound-in-hostuid_to_ns.patch - 0003-set_value-start-a-trivial-files-blacklist.patch -- Serge Hallyn Fri, 17 Jan 2014 11:35:22 -0600 cgmanager (0.15-1) trusty; urgency=medium [ Serge Hallyn ] * Merge new upstream tag 0.15 * d/cgmanager.upstart: don't rely on dbus-send [ Stéphane Graber] * fix lintian errors * fix licensing -- Serge Hallyn Fri, 17 Jan 2014 10:05:07 -0600 cgmanager (0.14-2) trusty; urgency=medium * define a -dbg package. -- Serge Hallyn Thu, 16 Jan 2014 14:22:45 -0600 cgmanager (0.14-1) trusty; urgency=medium * Merge new upstream tag 0.14, with lots of bugfixes. All tests now pass on host and in a userns container through proxy. -- Serge Hallyn Thu, 16 Jan 2014 12:28:02 -0600 cgmanager (0.13-1) trusty; urgency=medium * merge new upstream tag 0.13. * This implements Remove. -- Serge Hallyn Tue, 14 Jan 2014 17:26:47 -0600 cgmanager (0.12-1) trusty; urgency=medium * merge new upstream tag 0.12. * add a 'existed' output paramater to Create and CreateScm methods. -- Serge Hallyn Tue, 14 Jan 2014 13:18:58 -0600 cgmanager (0.11-5) trusty; urgency=medium * d/p/0001-add-CreateExclusive-method.patch: add CreateExclusive which fails if the requested cgroup exists. -- Serge Hallyn Mon, 13 Jan 2014 20:18:17 -0600 cgmanager (0.11-4) trusty; urgency=medium * install libcgmanager.pc and cgmanager.h -- Serge Hallyn Mon, 13 Jan 2014 16:02:36 -0600 cgmanager (0.11-3) trusty; urgency=medium * fix typo in upstart script (s/bin/sbin/) -- Serge Hallyn Mon, 13 Jan 2014 15:47:04 -0600 cgmanager (0.11-2) trusty; urgency=medium * d/libcgmanager-dev.install: fix the destination path for libcgmanager.h -- Serge Hallyn Mon, 13 Jan 2014 13:40:59 -0600 cgmanager (0.11-1) trusty; urgency=medium * Merge new upstream tag 0.11, which removes the &ok dbus parameter. -- Serge Hallyn Mon, 13 Jan 2014 12:08:52 -0600 cgmanager (0.10-2) trusty; urgency=medium * upstart: don't run if cgmanager has been removed. -- Serge Hallyn Fri, 10 Jan 2014 23:06:56 -0600 cgmanager (0.10-1) trusty; urgency=medium * Merge new upstream tag 0.10. -- Serge Hallyn Fri, 10 Jan 2014 16:20:00 -0600 cgmanager (0.03-4) trusty; urgency=medium * make tests executable -- Serge Hallyn Wed, 08 Jan 2014 13:28:15 -0600 cgmanager (0.03-3) trusty; urgency=medium * Install tests and libcgmanager.pc. -- Serge Hallyn Wed, 08 Jan 2014 11:09:03 -0600 cgmanager (0.03-2) trusty; urgency=medium * Fix upstart job to handle set -e. -- Serge Hallyn Tue, 07 Jan 2014 14:49:16 -0600 cgmanager (0.03-1) trusty; urgency=medium * Re-sync github tree, remove quilt patches * Move cgmanager socket to /sys/ * Add upstart job. -- Serge Hallyn Tue, 07 Jan 2014 13:21:39 -0600 cgmanager (0.02-2) trusty; urgency=medium * add upstream patch to move cgmanager to sbin * d/rules: set prefix to / * d/cgmanager.install: install sbin/* -- Serge Hallyn Tue, 07 Jan 2014 11:43:03 -0600 cgmanager (0.02-1) trusty; urgency=medium * Switch to autoconf -- Serge Hallyn Mon, 06 Jan 2014 16:32:03 -0600 cgmanager (0.01-5) trusty; urgency=medium * import upstream patch to have make install create $(DESTDIR)/usr/bin -- Serge Hallyn Fri, 03 Jan 2014 17:11:50 -0600 cgmanager (0.01-4) trusty; urgency=medium * apply 0001-add-a-cgmanager-client.so.patch (from upstream). Next we should add a library package. -- Serge Hallyn Fri, 03 Jan 2014 16:46:43 -0600 cgmanager (0.01-3) trusty; urgency=medium * d/control: add a few more build-deps. -- Serge Hallyn Fri, 03 Jan 2014 16:21:52 -0600 cgmanager (0.01-2) trusty; urgency=medium * d/control: add nih-dbus-tool and libdbus-1-dev to build-deps -- Serge Hallyn Fri, 03 Jan 2014 15:14:42 -0600 cgmanager (0.01-1) trusty; urgency=low * Initial release -- Serge Hallyn Fri, 03 Jan 2014 14:12:07 -0600 debian/cgmanager.cgproxy.upstart0000664000000000000000000000152712322666675014256 0ustar description "cgroup management proxy" author "Serge Hallyn " respawn expect stop emits cgmanager-ready # in trusty /sys/fs/cgroup will be mounted for us. # prior to saucy, we would need to start on mounted # MOUNTPOINT=/sys, and mount /sys/fs/cgroup ourselves start on started cgmanager stop on runlevel [06] # to get debug output into /var/log/upstart/cgproxy.log, create/edit # /etc/default/cgmanager and set cgmanager_opts="--debug" env cgmanager_opts="" env NESTED="no" pre-start script # check whether we should start if [ -e /proc/self/ns/pid ] && [ "$NESTED" = "no" ]; then initctl emit -n cgmanager-ready { stop; exit 0; } fi end script script [ -r /etc/default/cgmanager ] && . /etc/default/cgmanager exec /sbin/cgproxy --sigstop $cgmanager_opts end script post-start exec initctl emit -n cgmanager-ready debian/cgmanager.cgmanager.upstart0000664000000000000000000000222112322666654014474 0ustar description "cgroup management daemon" author "Serge Hallyn " respawn expect stop # in trusty /sys/fs/cgroup will be mounted for us. # prior to saucy, we would need to start on mounted # MOUNTPOINT=/sys, and mount /sys/fs/cgroup ourselves start on mounted MOUNTPOINT=/sys/fs/cgroup or virtual-filesystems stop on runlevel [06] # to get debug output into /var/log/upstart/cgmanager.log, create/edit # /etc/default/cgmanager and set cgmanager_opts="--debug" env cgmanager_opts="" # unbound subsystems cgmanager should mount. If you need to add more, # make the list comma-separated, for instance: # env cgm_extra_mounts="-m name=systemd,name=yyy" env cgm_extra_mounts="-m name=systemd" pre-start script # Kill any existing cgproxy. This is required to allow proper # respawning of cgmanager. stop cgproxy >/dev/null 2>&1 || true # check whether we should start a cgproxy or a cgmanager if cgproxy --check-master; then start cgproxy NESTED=yes || true && { stop; exit 0; } fi end script script [ -r /etc/default/cgmanager ] && . /etc/default/cgmanager exec /sbin/cgmanager --sigstop $cgmanager_opts $cgm_extra_mounts end script debian/cgmanager.install0000664000000000000000000000000512317626565012514 0ustar sbin debian/cgmanager.manpages0000664000000000000000000000002612317626565012644 0ustar cgmanager.8 cgproxy.8 debian/source/0000775000000000000000000000000012317653305010475 5ustar debian/source/format0000664000000000000000000000001412317626565011713 0ustar 3.0 (quilt) debian/cgmanager-tests.install0000664000000000000000000000003212317626565013654 0ustar usr/share/cgmanager/tests debian/cgmanager.lintian-overrides0000664000000000000000000000027412317626565014514 0ustar postrm-does-not-call-updaterc.d-for-init.d-script etc/init.d/cgmanager init.d-script-not-marked-as-conffile etc/init.d/cgmanager init.d-script-not-included-in-package etc/init.d/cgmanager debian/copyright0000664000000000000000000000437012317626565011144 0ustar Format: http://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: cgmanager Upstream-Contact: cgmanager-devel@lists.linuxcontainers.org Source: http://cgmanager.linuxcontainers.org/downloads Files: * Copyright: 2013-2014 Stéphane Graber 2013-2014 Serge Hallyn 2014 James Hunt 2014 S.Çağlar Onur License: GPL-2 Files: access_checks.c access_checks.h fs.c fs.h Copyright: 2013-2014 Serge Hallyn 2007-2008 IBM Corp. License: LGPL-2.1+ License: GPL-2 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. . This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. . You should have received a copy of the GNU General Public License along with this program. If not, see . On Debian systems, the complete text of the GNU General Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". License: LGPL-2.1+ This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. . This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. . You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA . On Debian systems, the full text of the GNU Lesser General Public License version 2.1 can be found in the file `/usr/share/common-licenses/LGPL-2.1'. debian/libcgmanager0.install0000664000000000000000000000003012317626565013261 0ustar lib/*/libcgmanager.so.* debian/control0000664000000000000000000000457412321415151010600 0ustar Source: cgmanager Section: admin Priority: optional Maintainer: Serge Hallyn Build-Depends: autotools-dev, debhelper (>= 9), dh-autoreconf, hardening-wrapper, help2man, libdbus-1-dev, libnih-dbus-dev, libnih-dev, libtool, nih-dbus-tool, pkg-config, Standards-Version: 3.9.5 Homepage: http://cgmanager.linuxcontainers.org/ XS-Testsuite: autopkgtest Package: cgmanager Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Suggests: cgmanager-utils Description: Central cgroup manager daemon cgmanager provides a central cgroup manager daemon and a per-namespace manager proxy, allowing users and programs to administrate cgroups through D-Bus requests. . This package contains the cgroup management daemon and proxy. Package: cgmanager-utils Architecture: any Depends: cgmanager, dbus, ${misc:Depends} Description: Central cgroup manager daemon (utilities) cgmanager provides a central cgroup manager daemon and a per-namespace manager proxy, allowing users and programs to administrate cgroups through D-Bus requests. . This package contains cgmanager-related utilities. Package: cgmanager-tests Architecture: any Depends: cgmanager, ${misc:Depends} Description: Central cgroup manager daemon (tests) cgmanager provides a central cgroup manager daemon and a per-namespace manager proxy, allowing users and programs to administrate cgroups through D-Bus requests. . This package contains the test scripts. Package: libcgmanager0 Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Multi-Arch: same Description: Central cgroup manager daemon (client library) cgmanager provides a central cgroup manager daemon and a per-namespace manager proxy, allowing users and programs to administrate cgroups through D-Bus requests. . This package contains the shared library. Package: libcgmanager-dev Section: libdevel Architecture: any Multi-Arch: same Depends: ${misc:Depends}, libcgmanager0 (= ${binary:Version}), libdbus-1-dev, libnih-dbus-dev Description: Central cgroup manager daemon (dev) cgmanager provides a central cgroup manager daemon and a per-namespace manager proxy, allowing users and programs to administrate cgroups through D-Bus requests. . This package contains the static library and C header files needed for developing software using libcgmanager. debian/patches/0000775000000000000000000000000012443707264010630 5ustar debian/patches/0001-Add-sigstop-support.patch0000664000000000000000000000505712317626613016124 0ustar From 061440458d8fcf3983ece16cf4d5f1a0d9d5fee6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Graber?= Date: Fri, 4 Apr 2014 13:11:37 -0400 Subject: [PATCH] Add --sigstop support MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is used to indicate that the service is ready so that upstart and possibly some other systems can then have depending services start. --daemon does something similar, however calling it prevents log message from being logged. Signed-off-by: Stéphane Graber Signed-off-by: Serge Hallyn --- cgmanager-proxy.c | 5 +++++ cgmanager.c | 5 +++++ frontend.c | 1 + frontend.h | 1 + 4 files changed, 12 insertions(+) diff --git a/cgmanager-proxy.c b/cgmanager-proxy.c index 075c13f..35d797d 100644 --- a/cgmanager-proxy.c +++ b/cgmanager-proxy.c @@ -948,6 +948,8 @@ out: static NihOption options[] = { { 0, "daemon", N_("Detach and run in the background"), NULL, NULL, &daemonise, NULL }, + { 0, "sigstop", N_("Raise SIGSTOP when ready"), + NULL, NULL, &sigstop, NULL }, { 0, "check-master", N_("Check whether cgmanager is running"), NULL, NULL, &checkmaster, NULL }, @@ -1030,6 +1032,9 @@ main (int argc, char *argv[]) exit(1); } + if (sigstop) + raise(SIGSTOP); + ret = nih_main_loop (); /* Destroy any PID file we may have created */ diff --git a/cgmanager.c b/cgmanager.c index b3567ff..bb1ba5c 100644 --- a/cgmanager.c +++ b/cgmanager.c @@ -739,6 +739,8 @@ static NihOption options[] = { NULL, "subsystems to mount", NULL, my_setter }, { 0, "daemon", N_("Detach and run in the background"), NULL, NULL, &daemonise, NULL }, + { 0, "sigstop", N_("Raise SIGSTOP when ready"), + NULL, NULL, &sigstop, NULL }, NIH_OPTION_LAST }; @@ -884,6 +886,9 @@ main (int argc, char *argv[]) } } + if (sigstop) + raise(SIGSTOP); + ret = nih_main_loop (); /* Destroy any PID file we may have created */ diff --git a/frontend.c b/frontend.c index c575d5f..036594c 100644 --- a/frontend.c +++ b/frontend.c @@ -24,6 +24,7 @@ #include int daemonise = FALSE; +int sigstop = FALSE; bool setns_pid_supported = false; unsigned long mypidns; bool setns_user_supported = false; diff --git a/frontend.h b/frontend.h index c8ce4ae..144fd07 100644 --- a/frontend.h +++ b/frontend.h @@ -69,6 +69,7 @@ **/ #ifndef __frontend_c extern int daemonise; +extern int sigstop; extern bool setns_pid_supported; extern unsigned long mypidns; extern bool setns_user_supported; -- 1.9.1 debian/patches/0004-Implement-getpidcgroupabs.patch0000664000000000000000000003672212332747512017353 0ustar From f39bc253dd0f536543fdac99cf63424389cbb1d0 Mon Sep 17 00:00:00 2001 From: Serge Hallyn Date: Wed, 30 Apr 2014 23:30:20 -0500 Subject: [PATCH 2/3] Implement getpidcgroupabs This returns the cgroup path of another task relative to the cgproxy if used, or else the full path as seen by the cgmanager. This path can then be fed to movepidabs. This can be used by lxc-attach to re-attach to a container's cgroup even if the user's new login shell is in a different cgroup session than that under which the container was started. Signed-off-by: Serge Hallyn --- cgm | 9 +++ cgmanager-proxy.c | 61 ++++++++++++++ cgmanager.c | 33 ++++++++ frontend.c | 163 ++++++++++++++++++++++++++++++++------ frontend.h | 4 + org.linuxcontainers.cgmanager.xml | 12 +++ tests/test22.sh | 38 +++++++++ 7 files changed, 295 insertions(+), 25 deletions(-) create mode 100644 tests/test22.sh Index: cgmanager-0.24/cgm =================================================================== --- cgmanager-0.24.orig/cgm 2014-05-08 13:39:03.773408001 -0500 +++ cgmanager-0.24/cgm 2014-05-08 13:39:03.753408001 -0500 @@ -35,6 +35,8 @@ echo echo " $me getpidcgroup pid" echo + echo " $me getpidcgroupabs pid" + echo echo " $me movepid pid" echo echo " $me getvalue file" @@ -136,6 +138,13 @@ dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.GetPidCgroup string:$2 int32:$3 exit $? ;; + getpidcgroupabs) + if [ $# -lt 3 ]; then + usage $0 + fi + dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.GetPidCgroupAbs string:$2 int32:$3 + exit $? + ;; movepid) if [ $# -lt 4 ]; then usage $0 Index: cgmanager-0.24/cgmanager-proxy.c =================================================================== --- cgmanager-0.24.orig/cgmanager-proxy.c 2014-05-08 13:39:03.773408001 -0500 +++ cgmanager-0.24/cgmanager-proxy.c 2014-05-08 13:39:03.753408001 -0500 @@ -302,6 +302,56 @@ return ret; } +int get_pid_cgroup_abs_main (void *parent, const char *controller, + struct ucred p, struct ucred r, struct ucred v, char **output) +{ + DBusMessage *message; + DBusMessageIter iter; + int sv[2], ret = -1; + char s[MAXPATHLEN] = { 0 }; + + if (memcmp(&p, &r, sizeof(struct ucred)) != 0) { + nih_error("%s: proxy != requestor", __func__); + return -1; + } + + if (!(message = start_dbus_request("GetPidCgroupAbsScm", sv))) { + nih_error("%s: error starting dbus request", __func__); + return -1; + } + + dbus_message_iter_init_append(message, &iter); + if (!dbus_message_iter_append_basic (&iter, + DBUS_TYPE_STRING, + &controller)) { + dbus_message_unref(message); + nih_error("%s: out of memory", __func__); + goto out; + } + if (! dbus_message_iter_append_basic (&iter, DBUS_TYPE_UNIX_FD, &sv[1])) { + dbus_message_unref(message); + nih_error("%s: out of memory", __func__); + goto out; + } + + if (!complete_dbus_request(message, sv, &r, &v)) { + nih_error("%s: error completing dbus request", __func__); + goto out; + } + + if (proxyrecv(sv[0], s, MAXPATHLEN-1) <= 0) + nih_error("%s: Error reading result from cgmanager", + __func__); + else { + *output = NIH_MUST( nih_strdup(parent, s) ); + ret = 0; + } +out: + close(sv[0]); + close(sv[1]); + return ret; +} + int do_move_pid_main (const char *controller, const char *cgroup, struct ucred p, struct ucred r, struct ucred v, const char *cmd) @@ -375,10 +425,21 @@ int move_pid_abs_main (const char *controller, const char *cgroup, struct ucred p, struct ucred r, struct ucred v) { +#if 0 + /* + * We used to enforce that r must be root. However that's + * overly restrictive. + * Cgmanager ensures that r must have write access to the + * tasks file. That seems sufficient. However if it is deemed + * insufficient, we can ensure that r's user or group id own + * all parent directories up to a common parent, from v.cgroup + * to the requested cgroup. THIS CODE does NOT do that. + */ if (r.uid) { nih_error("%s: uid %u tried to escape", __func__, r.uid); return -1; } +#endif if (!sane_cgroup(cgroup)) { nih_error("%s: unsafe cgroup", __func__); return -1; Index: cgmanager-0.24/cgmanager.c =================================================================== --- cgmanager-0.24.orig/cgmanager.c 2014-05-08 13:39:03.773408001 -0500 +++ cgmanager-0.24/cgmanager.c 2014-05-08 13:39:03.753408001 -0500 @@ -60,6 +60,39 @@ return 0; } +/* GetPidCgroupAbs */ +int get_pid_cgroup_abs_main(void *parent, const char *controller,struct ucred p, + struct ucred r, struct ucred v, char **output) +{ + char rcgpath[MAXPATHLEN], vcgpath[MAXPATHLEN]; + + // Get p's current cgroup in rcgpath + if (!compute_pid_cgroup(p.pid, controller, "", rcgpath, NULL)) { + nih_error("%s: Could not determine the requestor cgroup", __func__); + return -1; + } + + // Get v's cgroup in vcgpath + if (!compute_pid_cgroup(v.pid, controller, "", vcgpath, NULL)) { + nih_error("%s: Could not determine the victim cgroup", __func__); + return -1; + } + + // Make sure v's cgroup is under p's + int rlen = strlen(rcgpath); + if (strncmp(rcgpath, vcgpath, rlen) != 0) { + nih_error("%s: v (%d)'s cgroup is not below p (%d)'s", __func__, + v.pid, p.pid); + return -1; + } + if (strlen(vcgpath) == rlen) + *output = NIH_MUST (nih_strdup(parent, "/") ); + else + *output = NIH_MUST (nih_strdup(parent, vcgpath + rlen) ); + + return 0; +} + static bool victim_under_proxy_cgroup(char *rcgpath, pid_t v, const char *controller) { Index: cgmanager-0.24/frontend.c =================================================================== --- cgmanager-0.24.orig/frontend.c 2014-05-08 13:39:03.773408001 -0500 +++ cgmanager-0.24/frontend.c 2014-05-08 13:39:03.763408001 -0500 @@ -77,27 +77,6 @@ return d; } -#if 0 -static const char *req_type_to_str(enum req_type r) -{ - switch(r) { - case REQ_TYPE_GET_PID: return "get_pid"; - case REQ_TYPE_MOVE_PID: return "move_pid"; - case REQ_TYPE_MOVE_PID_ABS: return "move_pid"; - case REQ_TYPE_CREATE: return "create"; - case REQ_TYPE_CHOWN: return "chown"; - case REQ_TYPE_GET_VALUE: return "get_value"; - case REQ_TYPE_SET_VALUE: return "set_value"; - case REQ_TYPE_REMOVE: return "remove"; - case REQ_TYPE_GET_TASKS: return "get_tasks"; - case REQ_TYPE_CHMOD: return "chmod"; - case REQ_TYPE_LIST_CHILDREN: return "list_children"; - case REQ_TYPE_REMOVE_ON_EMPTY: return "remove_on_empty"; - default: return "invalid"; - } -} -#endif - /* * All Scm-enhanced transactions take at least one SCM cred, * the requestor's. Some require a second SCM cred to identify @@ -107,6 +86,7 @@ { switch (t) { case REQ_TYPE_GET_PID: + case REQ_TYPE_GET_PID_ABS: case REQ_TYPE_MOVE_PID: case REQ_TYPE_MOVE_PID_ABS: case REQ_TYPE_CHOWN: @@ -120,10 +100,6 @@ { struct scm_sock_data *d = data; NihError *error = nih_error_get (); -#if 0 - nih_info("got an error, type %s", req_type_to_str(d->type)); - nih_info("error %s", strerror(error->number)); -#endif nih_free(error); d->fd = -1; } @@ -182,6 +158,7 @@ switch (data->type) { case REQ_TYPE_GET_PID: get_pid_scm_complete(data); break; + case REQ_TYPE_GET_PID_ABS: get_pid_abs_scm_complete(data); break; case REQ_TYPE_MOVE_PID: move_pid_scm_complete(data); break; case REQ_TYPE_MOVE_PID_ABS: move_pid_abs_scm_complete(data); break; case REQ_TYPE_CREATE: create_scm_complete(data); break; @@ -316,6 +293,140 @@ if (ret) { nih_dbus_error_raise_printf (DBUS_ERROR_INVALID_ARGS, "invalid request"); + return -1; + } + return 0; +} + +void get_pid_abs_scm_complete(struct scm_sock_data *data) +{ + // output will be nih_alloced with data as parent, and therefore + // freed when data is freed. + char *output = NULL; + int ret; + + ret = get_pid_cgroup_abs_main(data, data->controller, data->pcred, + data->rcred, data->vcred, &output); + if (ret == 0) + ret = write(data->fd, output, strlen(output)+1); + else + // Let the client know it failed + ret = write(data->fd, &data->rcred, 0); + if (ret < 0) + nih_error("GetPidCgroupAbsScm: Error writing final result to client: %s", + strerror(errno)); +} + +/* + * This is one of the dbus callbacks. + * Caller requests the cgroup of @pid in a given @controller, relative + * to the proxy's + */ +int cgmanager_get_pid_cgroup_abs_scm (void *data, NihDBusMessage *message, + const char *controller, int sockfd) +{ + struct scm_sock_data *d; + + d = alloc_scm_sock_data(message, sockfd, REQ_TYPE_GET_PID_ABS); + if (!d) + return -1; + d->controller = NIH_MUST( nih_strdup(d, controller) ); + + if (!nih_io_reopen(NULL, sockfd, NIH_IO_MESSAGE, + (NihIoReader) sock_scm_reader, + (NihIoCloseHandler) scm_sock_close, + scm_sock_error_handler, d)) { + NihError *error = nih_error_steal (); + nih_dbus_error_raise_printf (DBUS_ERROR_INVALID_ARGS, + "Failed queue scm message: %s", error->message); + nih_free(error); + return -1; + } + + if (!kick_fd_client(sockfd)) { + nih_dbus_error_raise_printf (DBUS_ERROR_INVALID_ARGS, + "Error writing to client: %s", strerror(errno)); + return -1; + } + return 0; +} + +/* GetPidCgroup */ +/* + * This is one of the dbus callbacks. + * Caller requests the cgroup of @pid in a given @controller relative + * to the proxy's + */ +int cgmanager_get_pid_cgroup_abs (void *data, NihDBusMessage *message, + const char *controller, int plain_pid, char **output) +{ + int fd = 0, ret; + struct ucred rcred, vcred; + socklen_t len; + + if (message == NULL) { + nih_dbus_error_raise_printf (DBUS_ERROR_INVALID_ARGS, + "message was null"); + return -1; + } + + if (!dbus_connection_get_socket(message->connection, &fd)) { + nih_dbus_error_raise_printf (DBUS_ERROR_INVALID_ARGS, + "Could not get client socket."); + return -1; + } + + len = sizeof(struct ucred); + if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &rcred, &len) < 0) { + nih_dbus_error_raise_printf (DBUS_ERROR_INVALID_ARGS, + "Could not get peer cred: %s", + strerror(errno)); + return -1; + } + + nih_info (_("GetPidCgroupAbs: Client fd is: %d (pid=%d, uid=%u, gid=%u)"), + fd, rcred.pid, rcred.uid, rcred.gid); + + /* + * getpidcgroup results cannot make sense as the pid is not + * translated. Note that on an old enough kernel we cannot detect + * this situation. In that case we allow it - it will confuse the + * caller, but cause no harm + */ + if (!is_same_pidns(rcred.pid)) { + nih_dbus_error_raise_printf (DBUS_ERROR_INVALID_ARGS, + "GetPidCgroupAbs called from non-init namespace"); + return -1; + } + vcred.uid = 0; + vcred.gid = 0; + vcred.pid = plain_pid; + +#ifdef CGMANAGER + /* + * A plain dbus request to escape cgroup root was made by a root + * owned task in cgmanager's namespace. We will send ourselves as the + * proxy. + */ + struct ucred mycred = { + .pid = getpid(), + .uid = getuid(), + .gid = getgid() + }; +#else + /* + * This is the !CGMANAGER case. We are in the proxy. We don't + * support chained proxying anyway, so it is simple - the requestor + * is the proxy at this point; then we will proxy the call on to + * the cgmanager + */ +#define mycred rcred +#endif + + ret = get_pid_cgroup_abs_main(message, controller, mycred, rcred, vcred, output); + if (ret) { + nih_dbus_error_raise_printf (DBUS_ERROR_INVALID_ARGS, + "invalid request"); return -1; } return 0; Index: cgmanager-0.24/frontend.h =================================================================== --- cgmanager-0.24.orig/frontend.h 2014-05-08 13:39:03.773408001 -0500 +++ cgmanager-0.24/frontend.h 2014-05-08 13:39:03.763408001 -0500 @@ -105,11 +105,15 @@ REQ_TYPE_MOVE_PID_ABS, REQ_TYPE_LIST_CHILDREN, REQ_TYPE_REMOVE_ON_EMPTY, + REQ_TYPE_GET_PID_ABS, }; int get_pid_cgroup_main(void *parent, const char *controller, struct ucred p, struct ucred r, struct ucred v, char **output); void get_pid_scm_complete(struct scm_sock_data *data); +int get_pid_cgroup_abs_main(void *parent, const char *controller, + struct ucred p, struct ucred r, struct ucred v, char **output); +void get_pid_abs_scm_complete(struct scm_sock_data *data); int move_pid_main(const char *controller, const char *cgroup, struct ucred p, struct ucred r, struct ucred v); void move_pid_scm_complete(struct scm_sock_data *data); Index: cgmanager-0.24/org.linuxcontainers.cgmanager.xml =================================================================== --- cgmanager-0.24.orig/org.linuxcontainers.cgmanager.xml 2014-05-08 13:39:03.773408001 -0500 +++ cgmanager-0.24/org.linuxcontainers.cgmanager.xml 2014-05-08 13:39:03.763408001 -0500 @@ -44,6 +44,18 @@ + + + + + + + + + + + + Index: cgmanager-0.24/tests/test22.sh =================================================================== --- /dev/null 1970-01-01 00:00:00.000000000 +0000 +++ cgmanager-0.24/tests/test22.sh 2014-05-08 13:39:03.763408001 -0500 @@ -0,0 +1,38 @@ +#!/bin/bash + +echo "Test 22: getpidcgroupabs" + +cg="test22_cg" + +dotest() { + mount --move /sys/fs/cgroup /mnt || { echo "move mount not allowed; aborting test"; exit 0; } + mount -t tmpfs none /sys/fs/cgroup + mkdir /sys/fs/cgroup/cgmanager + touch /sys/fs/cgroup/cgmanager/sock + mount --bind /mnt/cgmanager/sock /sys/fs/cgroup/cgmanager/sock + cgproxy & + ppid=$! + sleep 20 & + spid=$! + cgm create memory ab + dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Create string:memory string:$cg + dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.MovePid string:memory string:$cg int32:$spid + dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.MovePid string:memory string:$cg int32:$$ + p=`dbus-send --print-reply=literal --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.GetPidCgroup string:memory int32:$spid` + absp=`dbus-send --print-reply=literal --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.GetPidCgroupAbs string:memory int32:$spid` + kill -9 $ppid + kill -9 $spid + echo "p is .$p." + echo "absp is .$absp." + if [ "$p$cg" != "$absp" ]; then + echo "test 22 failed" + exit 1 + fi +} + +if [ $# -eq 1 ]; then + dotest + echo "test 22 passed" +else + unshare -m $0 unshared +fi debian/patches/0001-make-sure-to-check-cgroup-hierarchy.patch0000664000000000000000000001152712443707031021062 0ustar From 6267916d4ea939794e0583cd8b08bd0b9594a6e2 Mon Sep 17 00:00:00 2001 From: Serge Hallyn Date: Wed, 26 Nov 2014 01:00:10 -0600 Subject: [PATCH 1/1] make sure to check cgroup hierarchy Some cases weren't doing that, although at least those were still checking for proper ownership. Signed-off-by: Serge Hallyn --- cgmanager.c | 68 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 64 insertions(+), 4 deletions(-) Index: b/cgmanager.c =================================================================== --- a/cgmanager.c +++ b/cgmanager.c @@ -411,13 +411,20 @@ int get_value_main(void *parent, const char *controller, const char *cgroup, const char *key, struct ucred p, struct ucred r, char **value) { - char path[MAXPATHLEN]; + char pcgpath[MAXPATHLEN], path[MAXPATHLEN]; if (!sane_cgroup(cgroup)) { nih_error("%s: unsafe cgroup", __func__); return -1; } + // Get p's current cgroup in pcgpath + if (!compute_pid_cgroup(p.pid, controller, "", pcgpath, NULL)) { + nih_error("%s: Could not determine the proxy's cgroup for %s", + __func__, controller); + return -1; + } + if (!compute_pid_cgroup(r.pid, controller, cgroup, path, NULL)) { nih_error("%s: Could not determine the requested cgroup", __func__); return -1; @@ -429,6 +436,14 @@ return -1; } + // Make sure target cgroup is under proxy's + int plen = strlen(pcgpath); + if (strncmp(pcgpath, path, plen) != 0) { + nih_error("%s: target cgroup is not below r (%d)'s", __func__, + r.pid); + return -1; + } + /* append the filename */ if (strlen(path) + strlen(key) + 2 > MAXPATHLEN) { nih_error("%s: filename too long for cgroup %s key %s", __func__, path, key); @@ -460,18 +475,33 @@ struct ucred r) { - char path[MAXPATHLEN]; + char pcgpath[MAXPATHLEN], path[MAXPATHLEN]; if (!sane_cgroup(cgroup)) { nih_error("%s: unsafe cgroup", __func__); return -1; } + // Get p's current cgroup in pcgpath + if (!compute_pid_cgroup(p.pid, controller, "", pcgpath, NULL)) { + nih_error("%s: Could not determine the proxy's cgroup for %s", + __func__, controller); + return -1; + } + if (!compute_pid_cgroup(r.pid, controller, cgroup, path, NULL)) { nih_error("%s: Could not determine the requested cgroup", __func__); return -1; } + // Make sure target cgroup is under proxy's + int plen = strlen(pcgpath); + if (strncmp(pcgpath, path, plen) != 0) { + nih_error("%s: target cgroup is not below r (%d)'s", __func__, + r.pid); + return -1; + } + /* Check access rights to the cgroup directory */ if (!may_access(r.pid, r.uid, r.gid, path, O_RDONLY)) { nih_error("%s: Pid %d may not access %s\n", __func__, r.pid, path); @@ -642,7 +672,7 @@ int get_tasks_main(void *parent, const char *controller, const char *cgroup, struct ucred p, struct ucred r, int32_t **pids) { - char path[MAXPATHLEN]; + char pcgpath[MAXPATHLEN], path[MAXPATHLEN]; const char *key = "tasks"; if (!sane_cgroup(cgroup)) { @@ -650,11 +680,26 @@ return -1; } + // Get p's current cgroup in pcgpath + if (!compute_pid_cgroup(p.pid, controller, "", pcgpath, NULL)) { + nih_error("%s: Could not determine the proxy's cgroup for %s", + __func__, controller); + return -1; + } + if (!compute_pid_cgroup(r.pid, controller, cgroup, path, NULL)) { nih_error("%s: Could not determine the requested cgroup", __func__); return -1; } + // Make sure target cgroup is under proxy's + int plen = strlen(pcgpath); + if (strncmp(pcgpath, path, plen) != 0) { + nih_error("%s: target cgroup is not below r (%d)'s", __func__, + r.pid); + return -1; + } + /* Check access rights to the cgroup directory */ if (!may_access(r.pid, r.uid, r.gid, path, O_RDONLY)) { nih_error("%s: Pid %d may not access %s\n", __func__, r.pid, path); @@ -676,7 +721,7 @@ int list_children_main(void *parent, const char *controller, const char *cgroup, struct ucred p, struct ucred r, char ***output) { - char path[MAXPATHLEN]; + char pcgpath[MAXPATHLEN], path[MAXPATHLEN]; *output = NULL; if (!sane_cgroup(cgroup)) { @@ -684,11 +729,26 @@ return -1; } + // Get p's current cgroup in pcgpath + if (!compute_pid_cgroup(p.pid, controller, "", pcgpath, NULL)) { + nih_error("%s: Could not determine the proxy's cgroup for %s", + __func__, controller); + return -1; + } + if (!compute_pid_cgroup(r.pid, controller, cgroup, path, NULL)) { nih_error("%s: Could not determine the requested cgroup", __func__); return -1; } + // Make sure target cgroup is under proxy's + int plen = strlen(pcgpath); + if (strncmp(pcgpath, path, plen) != 0) { + nih_error("%s: target cgroup is not below r (%d)'s", __func__, + r.pid); + return -1; + } + /* Check access rights to the cgroup directory */ if (!may_access(r.pid, r.uid, r.gid, path, O_RDONLY)) { nih_error("%s: Pid %d may not access %s\n", __func__, r.pid, path); debian/patches/0006-cgm-make-all-also-reference-name-systemd.patch0000664000000000000000000000556312333007344021756 0ustar From f46964231d98c0400bbf2dd61072d8b734f913f5 Mon Sep 17 00:00:00 2001 From: Serge Hallyn Date: Thu, 8 May 2014 17:56:46 -0500 Subject: [PATCH 1/1] cgm: make 'all' also reference name=systemd Signed-off-by: Serge Hallyn --- cgm | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) Index: cgmanager-0.24/cgm =================================================================== --- cgmanager-0.24.orig/cgm 2014-05-08 18:10:25.973408000 -0500 +++ cgmanager-0.24/cgm 2014-05-08 18:10:25.953408000 -0500 @@ -84,7 +84,7 @@ usage $0 fi if [ "$2" = "all" ]; then - for cg in `awk '!/^#/ { print $1 }' /proc/cgroups`; do + for cg in `cut -d : -f 2 /proc/self/cgroup`; do dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Remove string:$cg string:$3 int32:1 done else @@ -97,7 +97,7 @@ usage $0 fi if [ "$2" = "all" ]; then - for cg in `awk '!/^#/ { print $1 }' /proc/cgroups`; do + for cg in `cut -d : -f 2 /proc/self/cgroup`; do dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Create string:$cg string:$3 done else @@ -110,7 +110,7 @@ usage $0 fi if [ "$2" = "all" ]; then - for cg in `awk '!/^#/ { print $1 }' /proc/cgroups`; do + for cg in `cut -d : -f 2 /proc/self/cgroup`; do dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Chown string:$cg string:$3 int32:$4 int32:$5 done else @@ -123,7 +123,7 @@ usage $0 fi if [ "$2" = "all" ]; then - for cg in `awk '!/^#/ { print $1 }' /proc/cgroups`; do + for cg in `cut -d : -f 2 /proc/self/cgroup`; do dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.Chmod string:$cg string:$3 int32:$4 done else @@ -150,7 +150,7 @@ usage $0 fi if [ "$2" = "all" ]; then - for cg in `awk '!/^#/ { print $1 }' /proc/cgroups`; do + for cg in `cut -d : -f 2 /proc/self/cgroup`; do dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.MovePid string:$cg string:$3 int32:$4 done else @@ -184,7 +184,7 @@ usage $0 fi if [ "$2" = "all" ]; then - for cg in `awk '!/^#/ { print $1 }' /proc/cgroups`; do + for cg in `cut -d : -f 2 /proc/self/cgroup`; do dbus-send --print-reply --address=unix:path=/sys/fs/cgroup/cgmanager/sock --type=method_call /org/linuxcontainers/cgmanager org.linuxcontainers.cgmanager0_0.RemoveOnEmpty string:$cg string:$3 done else debian/patches/makefile-shared0000664000000000000000000000205712317626565013604 0ustar Index: cgmanager-0.24/Makefile.am =================================================================== --- cgmanager-0.24.orig/Makefile.am 2014-04-02 14:31:41.000000000 -0500 +++ cgmanager-0.24/Makefile.am 2014-04-02 14:39:25.059601582 -0500 @@ -9,7 +9,7 @@ LIBCGMANAGER_VERSION_DOTTED = $(VERSION_ AM_CFLAGS = -Wall -ggdb -D_GNU_SOURCE -DSBINDIR=\"$(SBINDIR)\" AM_CFLAGS += $(DBUS_CFLAGS) $(NIH_CFLAGS) $(NIH_DBUS_CFLAGS) -AM_LDFLAGS = $(DBUS_LIBS) $(NIH_LIBS) $(NIH_DBUS_LIBS) +AM_LDFLAGS = $(DBUS_LIBS) $(NIH_LIBS) $(NIH_DBUS_LIBS) -shared client_files_OUTPUTS = cgmanager-client.c cgmanager-client.h manager_files_OUTPUTS = org.linuxcontainers.cgmanager.c org.linuxcontainers.cgmanager.h @@ -81,7 +81,7 @@ libcgmanager_la_SOURCES = \ org.linuxcontainers.cgmanager.xml libcgmanager_la_CFLAGS = -fPIC -DPIC $(DBUS_CFLAGS) $(NIH_CFLAGS) $(NIH_DBUS_CFLAGS) libcgmanager_la_LDFLAGS = -E \ - -version-info $(LIBCGMANAGER_VERSION) + -version-info $(LIBCGMANAGER_VERSION) $(AM_LDFLAGS) libcgmanager_la_LIBADD = \ $(DBUS_LIBS) $(NIH_CFLAGS) $(NIH_DBUS_CFLAGS) debian/patches/0005-get_controller_path-use-the-is_same_controller-helpe.patch0000664000000000000000000000253412333007321024602 0ustar From 47a4b887faa82fb265fad92a8f22fda85bb73654 Mon Sep 17 00:00:00 2001 From: Serge Hallyn Date: Fri, 2 May 2014 13:25:23 -0500 Subject: [PATCH 1/1] get_controller_path: use the is_same_controller helper Since we store 'systemd' rather than 'name=system', we need to use the helper to account for this when the user requests an action against name=systemd. (Requiring the user to use 'system' seems bogus) Signed-off-by: Serge Hallyn --- fs.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: cgmanager-0.24/fs.c =================================================================== --- cgmanager-0.24.orig/fs.c 2014-05-08 18:02:46.993408001 -0500 +++ cgmanager-0.24/fs.c 2014-05-08 18:02:46.973408001 -0500 @@ -594,7 +594,7 @@ int i; for (i=0; i Date: Tue Apr 29 10:17:42 2014 -0500 cgmanager-proxy: wait up to 2 seconds for reply from server We previously waited indefinately, which causes a hang if the server crashes. Signed-off-by: Serge Hallyn Index: cgmanager-0.24/cgmanager-proxy.c =================================================================== --- cgmanager-0.24.orig/cgmanager-proxy.c 2014-05-08 13:39:00.163408001 -0500 +++ cgmanager-0.24/cgmanager-proxy.c 2014-05-08 13:39:00.143408001 -0500 @@ -45,6 +45,22 @@ return false; } +/* wait up to 2 seconds for a reply from cgmanager */ +static int proxyrecv(int sockfd, void *buf, size_t len) +{ + struct timeval tv; + fd_set rfds; + + FD_ZERO(&rfds); + FD_SET(sockfd, &rfds); + tv.tv_sec = 2; + tv.tv_usec = 0; + + if (select(sockfd+1, &rfds, NULL, NULL, &tv) < 0) + return -1; + return recv(sockfd, buf, len, MSG_DONTWAIT); +} + static void cgm_dbus_disconnected(DBusConnection *connection); int setup_proxy(void) @@ -208,7 +224,7 @@ dbus_connection_flush(server_conn); dbus_message_unref(message); - if (recv(sv[0], buf, 1, 0) != 1) { + if (proxyrecv(sv[0], buf, 1) != 1) { nih_error("%s: Error getting reply from server over socketpair", __func__); return false; @@ -222,7 +238,7 @@ if (!vcred) // this request only requires one scm_credential return true; - if (recv(sv[0], buf, 1, 0) != 1) { + if (proxyrecv(sv[0], buf, 1) != 1) { nih_error("%s: Error getting reply from server over socketpair", __func__); return false; @@ -273,8 +289,7 @@ goto out; } - // TODO - switch to nih_io_message_recv? - if (recv(sv[0], s, MAXPATHLEN-1, 0) <= 0) + if (proxyrecv(sv[0], s, MAXPATHLEN-1) <= 0) nih_error("%s: Error reading result from cgmanager", __func__); else { @@ -334,7 +349,7 @@ goto out; } - if (recv(sv[0], buf, 1, 0) == 1 && *buf == '1') + if (proxyrecv(sv[0], buf, 1) == 1 && *buf == '1') ret = 0; out: close(sv[0]); @@ -416,7 +431,7 @@ goto out; } - if (recv(sv[0], buf, 1, 0) == 1 && (*buf == '1' || *buf == '2')) + if (proxyrecv(sv[0], buf, 1) == 1 && (*buf == '1' || *buf == '2')) ret = 0; *existed = *buf == '2' ? 1 : -1; out: @@ -470,7 +485,7 @@ goto out; } - if (recv(sv[0], buf, 1, 0) == 1 && *buf == '1') + if (proxyrecv(sv[0], buf, 1) == 1 && *buf == '1') ret = 0; out: close(sv[0]); @@ -533,7 +548,7 @@ goto out; } - if (recv(sv[0], buf, 1, 0) == 1 && *buf == '1') + if (proxyrecv(sv[0], buf, 1) == 1 && *buf == '1') ret = 0; out: close(sv[0]); @@ -591,7 +606,7 @@ goto out; } - if (recv(sv[0], output, MAXPATHLEN, 0) <= 0) { + if (proxyrecv(sv[0], output, MAXPATHLEN) <= 0) { nih_error("%s: Failed reading string from cgmanager: %s", __func__, strerror(errno)); } else { @@ -660,7 +675,7 @@ goto out; } - if (recv(sv[0], buf, 1, 0) == 1 && *buf == '1') + if (proxyrecv(sv[0], buf, 1) == 1 && *buf == '1') ret = 0; out: close(sv[0]); @@ -718,7 +733,7 @@ goto out; } - if (recv(sv[0], buf, 1, 0) == 1 && (*buf == '1' || *buf == '2')) + if (proxyrecv(sv[0], buf, 1) == 1 && (*buf == '1' || *buf == '2')) ret = 0; *existed = *buf == '2' ? 1 : -1; out: @@ -773,7 +788,7 @@ nih_error("%s: error completing dbus request", __func__); goto out; } - if (recv(sv[0], &nrpids, sizeof(uint32_t), 0) != sizeof(uint32_t)) + if (proxyrecv(sv[0], &nrpids, sizeof(uint32_t)) != sizeof(uint32_t)) goto out; if (nrpids == -1) { nih_error("%s: bad cgroup: %s:%s", __func__, controller, cgroup); @@ -852,7 +867,7 @@ goto out; } - if (recv(sv[0], &nrkids, sizeof(int32_t), 0) != sizeof(int32_t)) + if (proxyrecv(sv[0], &nrkids, sizeof(int32_t)) != sizeof(int32_t)) goto out; if (nrkids == 0) { ret = 0; @@ -863,7 +878,7 @@ ret = -1; goto out; } - if (recv(sv[0], &len, sizeof(uint32_t), 0) != sizeof(uint32_t)) + if (proxyrecv(sv[0], &len, sizeof(uint32_t)) != sizeof(uint32_t)) goto out; paths = nih_alloc(NULL, len); @@ -932,7 +947,7 @@ goto out; } - if (recv(sv[0], buf, 1, 0) == 1 && (*buf == '1')) + if (proxyrecv(sv[0], buf, 1) == 1 && (*buf == '1')) ret = 0; out: close(sv[0]); debian/patches/series0000664000000000000000000000053212443702170012034 0ustar makefile-shared 0001-Add-sigstop-support.patch 0002-exit-on-startup-error 0003-proxy-wait-2-seconds-for-server-reply 0004-Implement-getpidcgroupabs.patch 0005-get_controller_path-use-the-is_same_controller-helpe.patch 0006-cgm-make-all-also-reference-name-systemd.patch 0007-fix-crash-on-free.patch 0001-make-sure-to-check-cgroup-hierarchy.patch debian/patches/0002-exit-on-startup-error0000664000000000000000000000103612332744120015331 0ustar Description: return error if server connection failed to open Author: James Hunt Forwarded: yes Index: cgmanager-0.24/cgmanager-proxy.c =================================================================== --- cgmanager-0.24.orig/cgmanager-proxy.c 2014-05-08 13:07:38.000000000 -0500 +++ cgmanager-0.24/cgmanager-proxy.c 2014-05-08 13:08:23.733408000 -0500 @@ -114,6 +114,7 @@ nih_fatal("Failed to open connection to %s: %s", CGPROXY_DBUS_PATH, err->message); nih_free(err); + return -1; } return 0; } debian/patches/0007-fix-crash-on-free.patch0000664000000000000000000000110312341146137015436 0ustar Index: cgmanager-0.24/frontend.c =================================================================== --- cgmanager-0.24.orig/frontend.c 2014-05-27 12:33:15.542324083 -0500 +++ cgmanager-0.24/frontend.c 2014-05-27 12:33:15.534324083 -0500 @@ -108,10 +108,14 @@ static void scm_sock_close (struct scm_s { nih_assert (data); nih_assert (io); + + nih_free (io); + + // Only delete data struct after io, because freeing io may call methods + // like error_handler that use this data struct. if (data->fd != -1) close (data->fd); nih_free (data); - nih_free (io); } /*