chromeos/process.cc - Issue 6865041: libchromeos: Support setting uid/gid of child processes in process.h

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: chromeos/process.cc

Issue 6865041: libchromeos: Support setting uid/gid of child processes in process.h (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/common.git@master

Patch Set: improve comments Created 9 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: chromeos/process.cc

diff --git a/chromeos/process.cc b/chromeos/process.cc

index 54d9a9ff8462ba80b843ee8c9e1f449489f289d6..ff044ba74991bfcf51bcf0d8ea17f43ae832daaa 100644

--- a/chromeos/process.cc

+++ b/chromeos/process.cc

@@ -8,6 +8,7 @@

#include <sys/types.h>

#include <sys/wait.h>

#include <fcntl.h>

+#include <unistd.h>

#include <map>

@@ -30,7 +31,7 @@ bool Process::ProcessExists(pid_t pid) {

return file_util::DirectoryExists(FilePath(StringPrintf("/proc/%d", pid)));

}

-ProcessImpl::ProcessImpl() : pid_(0) {

+ProcessImpl::ProcessImpl() : pid_(0), uid_(-1), gid_(-1) {

}

ProcessImpl::~ProcessImpl() {

@@ -51,6 +52,14 @@ void ProcessImpl::RedirectUsingPipe(int child_fd, bool is_input) {

pipe_map_[child_fd] = info;

}

+void ProcessImpl::SetUid(uid_t uid) {

+ uid_ = uid;

+void ProcessImpl::SetGid(gid_t gid) {

+ gid_ = gid;

int ProcessImpl::GetPipe(int child_fd) {

PipeMap::iterator i = pipe_map_.find(child_fd);

if (i == pipe_map_.end())

@@ -144,7 +153,7 @@ bool ProcessImpl::Start() {

LOG(ERROR) << "Could not create " << output_file_

<< ": " << saved_errno;

// Avoid exit() to avoid atexit handlers from parent.

- _exit(127);

+ _exit(kErrorExitStatus);

}

HANDLE_EINTR(dup2(output_handle, STDOUT_FILENO));

HANDLE_EINTR(dup2(output_handle, STDERR_FILENO));

@@ -154,10 +163,20 @@ bool ProcessImpl::Start() {

HANDLE_EINTR(close(output_handle));

}

+ if (uid_ >= 0 && setresuid(uid_, uid_, uid_) < 0) {

+ int saved_errno = errno;

+ LOG(ERROR) << "Unable to set UID to " << uid_ << ": " << saved_errno;

+ _exit(kErrorExitStatus);

+ }

+ if (gid_ >= 0 && setresgid(gid_, gid_, gid_) < 0) {

+ int saved_errno = errno;

+ LOG(ERROR) << "Unable to set GID to " << gid_ << ": " << saved_errno;

+ _exit(kErrorExitStatus);

+ }

execv(argv[0], &argv[0]);

saved_errno = errno;

LOG(ERROR) << "Exec of " << argv[0] << " failed: " << saved_errno;

- _exit(127);

+ _exit(kErrorExitStatus);

} else {

// Still executing inside the parent process with known child pid.

arguments_.clear();

« no previous file with comments | « chromeos/process.h ('k') | chromeos/process_mock.h » ('j') | no next file with comments »