ziggi/cworker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

at work

Browse Source
This commit is contained in:
Oleg Borodin
2023-08-15 08:35:06 +02:00
parent 00bd68d09f
commit 6b110ddc15
14 changed files with 411 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
Makefile
View File

@@ -873,7 +873,7 @@ uninstall-am: uninstall-sbinPROGRAMS
$(CC) -I. -pthread $(CPPFLAGS) $(CFLAGS) -c -o $@ $<
run: $(sbin_PROGRAMS)
./cworker
./cworker --port=9002
test: $(bin_TESTS)
@for test in $(bin_TESTS); do \

2
Makefile.am
View File

@@ -35,7 +35,7 @@ common_SOURCES = \
rcache.h
run: $(sbin_PROGRAMS)
./cworker
./cworker --port=9002
if HAVE_VALGRIND
VALGRIND_OPT = --tool=memcheck

2
Makefile.in
View File

@@ -873,7 +873,7 @@ uninstall-am: uninstall-sbinPROGRAMS
$(CC) -I. -pthread $(CPPFLAGS) $(CFLAGS) -c -o $@ $<
run: $(sbin_PROGRAMS)
./cworker
./cworker --port=9002
test: $(bin_TESTS)
@for test in $(bin_TESTS); do \

16
README.md Normal file
View File

@@ -0,0 +1,16 @@
#cworker mini framework
Минималисткий набор для создания сетевого или локального сервиса
с использованием только C (взамен ранее написанного и утерянного).
Цель: создание системных сервисов
В наличии:
* cflexer/cfparser - разбор конфигурационого файла
* cllexer/clparser - разбор опций коммандной строки
* jlexer/jparser - разбор json описания (пока только key-value)
* rcache - буферизованное чтение из открытого дескриптора
* cworker - каркас сетевого сервиса
В разработке.

19
clparser.c
View File

@@ -7,7 +7,7 @@
#include <stdlib.h>
#include <stdio.h>
#include <logger.h>
#include <clparser.h>
#define INIT_BSIZE 64
@@ -155,19 +155,32 @@ int clparser_parse(clparser_t * parser, char** argv, int argc) {
for (int i = 0; i < parser->bindsize; i++) {
if (strcmp(parser->bindarr[i].key, key) == 0) {
switch (parser->bindarr[i].type) {
case CLTYPE_INT:{
case CLVALTYPE_INT:{
char* eptr = NULL;
*(int *)(parser->bindarr[i].ref) = (int)strtol(val, &eptr, 10);
free(key);
free(val);
break;
}
case CLTYPE_STR:{
case CLVALTYPE_STR:{
*(char **)(parser->bindarr[i].ref) = strcopy(val);
free(key);
free(val);
break;
}
case CLVALTYPE_BOOL:{
*(bool*)(parser->bindarr[i].ref) = false;
if (strcmp(val, "true") == 0) {
*(bool*)(parser->bindarr[i].ref) = true;
} else if (strcmp(val, "false") == 0) {
*(bool*)(parser->bindarr[i].ref) = false;
} else {
log_error("wrong boolean key value: %s = %s", key, val);
}
free(key);
free(val);
break;
}
}
}
}

5
clparser.h
View File

@@ -19,8 +19,9 @@ typedef struct {
int bindsize;
} clparser_t;
#define CLTYPE_INT 1
#define CLTYPE_STR 2
#define CLVALTYPE_INT 1
#define CLVALTYPE_STR 2
#define CLVALTYPE_BOOL 3
void clparser_init(clparser_t* parser, cllexer_t* lexer);
void clparser_bind(clparser_t* parser, int type, char* key, void* ref);

4
clparser_test.c
View File

@@ -28,8 +28,8 @@ int main(void) {
int id = 0;
char* name = "";
clparser_bind(&parser, CLTYPE_INT, "id", (void *)&id);
clparser_bind(&parser, CLTYPE_STR, "name", (void *)&name);
clparser_bind(&parser, CLVALTYPE_INT, "id", (void *)&id);
clparser_bind(&parser, CLVALTYPE_STR, "name", (void *)&name);
if (clparser_parse(&parser, &argv[1], argc - 1) < 0) {
printf("parse args error\n");

41
cworker.c
View File

@@ -9,6 +9,8 @@
#include <logger.h>
#include <fcntl.h>
#include <cllexer.h>
#include <clparser.h>
#include <cflexer.h>
#include <cfparser.h>
#include <massert.h>
@@ -31,12 +33,12 @@ int cworker_readconf(cworker_t* worker) {
cflexer_init(&lexer, &cache);
cfparser_init(&parser, &lexer);
if (cfparser_parse(&parser)) {
log_error("parse args error\n");
if (cfparser_parse(&parser) < 0) {
log_error("parse config error\n");
return -1;
}
cfparser_bind(&parser, CFVALTYPE_STR, "port", (void *)&(worker->port));
cfparser_bind(&parser, CFVALTYPE_INT, "port", (void *)&(worker->port));
cfparser_destroy(&parser);
cflexer_destroy(&lexer);
@@ -45,16 +47,45 @@ int cworker_readconf(cworker_t* worker) {
return 0;
}
int cworker_init(cworker_t* worker) {
int cworker_readopts(cworker_t* worker, char** argv, int argc) {
log_debug("reading options");
cllexer_t lexer;
clparser_t parser;
cllexer_init(&lexer);
clparser_init(&parser, &lexer);
clparser_bind(&parser, CLVALTYPE_INT, "port", (void *)&(worker->port));
if (clparser_parse(&parser, &argv[1], argc - 1) < 0) {
log_error("parse args error\n");
return -1;
}
return 0;
}
const int64_t default_port = 9701;
int cworker_init(cworker_t* worker, char** argv, int argc) {
log_debug("init service");
worker->port = 9701;
worker->port = default_port;
if (cworker_readconf(worker) < 0) {
log_error("reading config error\n");
return -1;
}
if (cworker_readopts(worker, argv, argc) < 0) {
log_error("reading config error\n");
return -1;
}
log_debug("port: %d", worker->port);
return 0;
}

2
cworker.conf
View File

@@ -0,0 +1,2 @@
port = 9001 # listen port

3
cworker.h
View File

@@ -8,7 +8,8 @@ typedef struct {
int64_t port;
} cworker_t;
int cworker_init(cworker_t* worker);
int cworker_init(cworker_t* worker, char** argv, int argc);
int cworker_detach(cworker_t* worker);
int cworker_configure(cworker_t* worker);
int cworker_build(cworker_t* worker);

4
main.c
View File

@@ -13,7 +13,7 @@
int main(int argc, char **argv) {
cworker_t worker;
if (cworker_init(&worker) < 0) {
if (cworker_init(&worker, argv, argc) < 0) {
log_error("cannot init service");
return 1;
}
@@ -29,7 +29,7 @@ int main(int argc, char **argv) {
log_error("cannot build service");
return 1;
}
if (cworker_build(&worker) < 0) {
if (cworker_run(&worker) < 0) {
log_error("cannot run service");
return 1;
}

187
works/exec01.c Normal file
View File

@@ -0,0 +1,187 @@
/*
*
* Copyright 2023 Oleg Borodin <borodin@unix7.org>
*
*/
#include <stdio.h>
#include <sys/param.h>
#include <sys/jail.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
#include <sys/sysctl.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <err.h>
#include <errno.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
//#include <sys/types.h>
//#include <sys/socket.h>
//#include <ifaddrs.h>
//#include <sys/types.h>
//#include <sys/sysctl.h>
//#include <vm/vm_param.h>
//#include <sys/user.h>
#include <sys/wait.h>
char* _gethostname(void) {
size_t len;
char* res = NULL;
char* mibstr = "kern.hostname";
sysctlbyname(mibstr, NULL, &len, NULL, 0);
res = malloc(len);
sysctlbyname(mibstr, res, &len, NULL, 0);
return res;
}
int getintsysctl(char* mibname) {
int res = 0;
size_t size = sizeof(int);
sysctlbyname(mibname, &res, &size, NULL, 0);
return res;
}
int setintsysctl(char* mibname, int val) {
int res = 0;
sysctlbyname(mibname, NULL, NULL, &val, sizeof(int));
return res;
}
int run() {
pid_t childpid;
int pstdout[2];
if (pipe(pstdout) < 0) {
return -errno;
}
int pstderr[2];
if (pipe(pstderr) < 0) {
return -errno;
}
//if (chroot("./newroot/") != 0) {
//printf("child chroot error\n");
//return 0;
//}
if((childpid = fork()) < 0) {
return -errno;
}
if (childpid == 0) {
/* child */
printf("#1 child %d\n", getpid());
setintsysctl("security.jail.set_hostname_allowed", 0);
setintsysctl("security.jail.set_hostname_allowed", 0);
setintsysctl("security.jail.sysvipc_allowed", 0);
setintsysctl("security.jail.allow_raw_sockets", 0);
setintsysctl("security.jail.chflags_allowed", 0);
setintsysctl("security.jail.mount_allowed", 0);
setintsysctl("security.jail.socket_unixiproute_only", 0);
close(pstdout[0]);
close(pstderr[0]);
dup2(pstdout[1], STDOUT_FILENO);
dup2(pstderr[1], STDERR_FILENO);
printf("#2 child %d\n", getpid());
//if (chroot("./newroot/") != 0) {
// printf("child chroot error\n");
// return 0;
//}
//char cmd[] = "./newroot/foo";
//char cmd[] = "/bin/ls";
//char *const params[] = { cmd, NULL};
//if (execv(cmd, params) < 0) {
// printf("child exec error\n");
// return 0;
//};
struct in_addr inaddr;
inet_pton(AF_INET, "192.168.52.7", &inaddr);
struct jail j = {
.version = JAIL_API_VERSION,
.path = "./newroot",
.hostname = "localhost",
.jailname = "test",
.ip4s = 1,
.ip6s = 0,
.ip4 = &inaddr,
.ip6 = NULL
};
int id = jail(&j);
if (id < 0) {
printf("cannon jail process, error: %s\n", strerror(errno));
exit(1);
}
printf("jailed = %d\n", getintsysctl("security.jail.jailed"));
printf("jid = %d\n", id);
//char* newhostname = "foohost";
// if (sethostname(newhostname, strlen(newhostname)) < 0) {
// printf("hostname don't set, error: %s\n", strerror(errno));
//}
char hostname[NAME_MAX];
gethostname(hostname, NAME_MAX);
printf("host = %s\n", hostname);
//lsif();
setgid(1000);
setuid(1000);
char* cmd = "./foo";
execl(cmd, cmd, NULL);
} else {
/* parent */
printf("parent %d\n", getpid());
close(pstdout[1]);
close(pstderr[1]);
char buffer[16];
int n = 0;
while ((n = read(pstdout[0], buffer, sizeof(buffer) - 1)) != 0) {
buffer[n] = '\0';
printf("%s", buffer);
}
}
int status = 0;
waitpid(childpid, &status, 0);
return 0;
}
int main(int argc, char **argv) {
if (run() < 0) {
printf("run error\n");
return 1;
}
return 0;
}

121
works/exec02.c Normal file
View File

@@ -0,0 +1,121 @@
/*
*
* Copyright 2023 Oleg Borodin <borodin@unix7.org>
*
*/
#include <stdio.h>
#include <sys/param.h>
#include <sys/jail.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/socket.h>
#include <sys/sysctl.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <err.h>
#include <errno.h>
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
//#include <sys/types.h>
//#include <sys/socket.h>
//#include <ifaddrs.h>
//#include <sys/types.h>
//#include <sys/sysctl.h>
//#include <vm/vm_param.h>
//#include <sys/user.h>
#include <sys/wait.h>
int copy(int srcfd, int dstfd) {
char buffer[1024];
int n = 0;
while ((n = read(srcfd, buffer, sizeof(buffer) - 1)) != 0) {
buffer[n] = '\0';
write(dstfd, buffer, n);
}
return 0;
}
int exec() {
char* cmd = "/foo1";
char* basepath = "./newroot";
char* v4addr = "192.168.52.7";
char* hostname = "localhost";
char* logpath = "output.log";
int logfd;
if ((logfd = open(logpath, O_RDWR|O_CREAT|O_TRUNC, S_IRUSR|S_IWUSR)) < 0) {
return -errno;
}
pid_t childpid = 0;
int stdoutfd[2];
if (pipe(stdoutfd) < 0) {
return -errno;
}
if((childpid = fork()) < 0) {
return -errno;
}
if (childpid == 0) {
/* child */
close(stdoutfd[0]);
dup2(stdoutfd[1], STDOUT_FILENO);
dup2(stdoutfd[1], STDERR_FILENO);
struct in_addr inaddr;
inet_pton(AF_INET, v4addr, &inaddr);
struct jail j = {
.version = JAIL_API_VERSION,
.path = basepath,
.hostname = hostname,
.jailname = "test",
.ip4s = 1,
.ip6s = 0,
.ip4 = &inaddr,
.ip6 = NULL
};
int id = 0;
if ((id = jail(&j)) < 0) {
return -1;
}
if (execl(cmd, cmd, NULL) < 0) {
return -1;
}
} else {
/* parent */
close(stdoutfd[1]);
if (copy(stdoutfd[0], logfd) < 0) {
return -1;
}
}
return 0;
}
int main(int argc, char **argv) {
if (exec() < 0) {
return 1;
}
return 0;
}

21
works/newroot/foo.go Normal file
View File

@@ -0,0 +1,21 @@
package main
import (
"fmt"
"time"
"os"
)
func main() {
var i int
for {
i++
time.Sleep(1 * time.Second)
wd, _ := os.Getwd()
fmt.Printf("hello %s\n", wd)
if i > 20 {
goto exit
}
}
exit:
}