From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <arseny@altlinux.org>
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
 sa.local.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 T_DKIM_INVALID autolearn=no autolearn_force=no version=3.4.1
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
 d=altlinux.org; s=dkim; h=Subject:In-Reply-To:Content-Type:MIME-Version:
 References:Message-ID:Cc:To:From:Date:Sender:Reply-To:
 Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date:
 Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:
 List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive;
 bh=tcVjDW25Cb9u2cJS8M7GEs1GS7oh/Fp6P9ZB1znw5U0=; b=tqrCA/9cnaj0V0t0zTEbLFlfug
 Al+XA/4dom3UOvgqALFhvUR/NPPOfQ35WdG0IEHtBg4SHFD7YVcfC3c6etRhYHcW9Cqz2OmUyB2XK
 JFCkYQafPWsKVBqg9z0C4rJ6KxroKYN1NNRXzJ0vAnwrO4uM+TtSwZXuYaw+XPmJMFLirdVzWMCCQ
 mM3j9CC+JMnCoZ0LicmRpR6tvIEDo7X3trgUlwbN58d1biJW9jMH4FDklgqBnvvBb+xGt8ZoJvgz/
 yAsu11lFM4uSuVz7/mL0a9ijQd4oMFbRPY/Dk01vYFqX5Tl3+A7p96lHfUggwGZyiwxYNSl0yqQcd
 MFdUwBbA==;
Date: Thu, 17 Sep 2020 16:11:07 +0300
From: Arseny Maslennikov <arseny@altlinux.org>
To: Alex Gladkov <legion@altlinux.ru>,
 ALT Linux Team development discussions <devel@lists.altlinux.org>
Message-ID: <20200917131107.GE286846@cello>
References: <cover.1576183643.git.legion@altlinux.org>
 <2dd521b85103ae35347e548c89b6873a80811206.1576183643.git.legion@altlinux.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="19uQFt6ulqmgNgg1"
Content-Disposition: inline
In-Reply-To: <2dd521b85103ae35347e548c89b6873a80811206.1576183643.git.legion@altlinux.org>
OpenPGP: url=http://grep.cs.msu.ru/~ar/pgp-key.asc
X-SA-Exim-Connect-IP: 10.7.5.179
X-SA-Exim-Mail-From: arseny@altlinux.org
X-SA-Exim-Version: 4.2.1
X-SA-Exim-Scanned: Yes (on mail.cs.msu.ru)
Cc: ldv@altlinux.org
Subject: Re: [devel] [PATCH hasher-priv v1 3/3] Add cgroup support
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux Team development discussions <devel@lists.altlinux.org>
List-Id: ALT Linux Team development discussions <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/devel>,
 <mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
 <mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Sep 2020 13:11:10 -0000
Archived-At: <http://lore.altlinux.org/devel/20200917131107.GE286846@cello/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>


--19uQFt6ulqmgNgg1
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Dec 13, 2019 at 12:42:05PM +0100, Alex Gladkov wrote:
> From: Alexey Gladkov <legion@altlinux.org>
>=20

Could you please explain what you're trying to do with this patch?
Even if it's obvious from the source itself, we still must have an
opportunity to discuss, and a decent explanation should stay in the
project history.

Most likely, it'll turn out we _at least_ have to pass Delegate=3Dyes to
the systemd service:

       Delegate=3D
           Turns on delegation of further resource control
           partitioning to processes of the unit. Units where
           this is enabled may create and manage their own
           private subhierarchy of control groups below the
           control group of the unit itself.
Manual page systemd.resource-control(5): lines 786-791

Do we only support cgroup2 and ignore cgroup1? If yes, great, but
perhaps then we might want to have a setting to not fiddle with cgroup
trees, to support the unfortunate users that have to run Docker and
other garbage.

> Signed-off-by: Alexey Gladkov <legion@altlinux.org>
> ---
>  hasher-priv/Makefile      |   2 +-
>  hasher-priv/caller_task.c |   3 +
>  hasher-priv/cgroup.c      | 119 ++++++++++++++++++++++++++++++++++++++
>  hasher-priv/config.c      |   5 ++
>  hasher-priv/priv.h        |   2 +
>  hasher-priv/server.conf   |   9 +++
>  6 files changed, 139 insertions(+), 1 deletion(-)
>  create mode 100644 hasher-priv/cgroup.c
>=20
> diff --git a/hasher-priv/Makefile b/hasher-priv/Makefile
> index c73216f..e999972 100644
> --- a/hasher-priv/Makefile
> +++ b/hasher-priv/Makefile
> @@ -51,7 +51,7 @@ server_SRC =3D hasher-privd.c \
>  	chdir.c chdiruid.c chid.c child.c chrootuid.c cmdline.c \
>  	config.c fds.c getconf.c getugid.c ipc.c killuid.c io_log.c io_x11.c \
>  	makedev.c mount.c net.c parent.c pass.c pty.c signal.c tty.c \
> -	unshare.c xmalloc.c x11.c
> +	unshare.c xmalloc.c x11.c cgroup.c
>  server_OBJ =3D $(server_SRC:.c=3D.o)
> =20
>  DEP =3D $(SRC:.c=3D.d) $(server_SRC:.c=3D.d)
> diff --git a/hasher-priv/caller_task.c b/hasher-priv/caller_task.c
> index d8f2dd5..722e0a6 100644
> --- a/hasher-priv/caller_task.c
> +++ b/hasher-priv/caller_task.c
> @@ -95,6 +95,9 @@ caller_task(struct task *task)
>  		return pid;
>  	}
> =20
> +	if (join_cgroup() < 0)
> +		exit(rc);
> +
>  	if ((rc =3D reopen_iostreams(task->stdin, task->stdout, task->stderr)) =
< 0)
>  		exit(rc);
> =20
> diff --git a/hasher-priv/cgroup.c b/hasher-priv/cgroup.c
> new file mode 100644
> index 0000000..ac14938
> --- /dev/null
> +++ b/hasher-priv/cgroup.c
> @@ -0,0 +1,119 @@
> +
> +/*
> +  Copyright (C) 2019  Alexey Gladkov <legion@altlinux.org>
> +
> +  The cgroup helper for hasher-privd program.
> +
> +  SPDX-License-Identifier: GPL-2.0-or-later
> +*/
> +
> +#include <sys/param.h>
> +#include <sys/types.h>
> +#include <sys/stat.h>
> +
> +#include <unistd.h>
> +#include <stdio.h>
> +#include <stdarg.h>
> +#include <string.h>
> +#include <fcntl.h>
> +#include <errno.h>
> +
> +#include "logging.h"
> +#include "priv.h"
> +
> +int
> +join_cgroup(void)
> +{
> +	int ret =3D 0;
> +
> +	if (!server_cgroup_template)
> +		return ret;
> +
> +	char cgroup_path[MAXPATHLEN];
> +
> +	size_t i, j, escape;
> +	size_t len =3D strlen(server_cgroup_template);
> +	int fd =3D -1;
> +
> +	i =3D j =3D escape =3D 0;
> +
> +	for (; i < len; i++) {
> +		if (j > sizeof(cgroup_path)) {
> +			err("path too long");
> +			ret =3D -1;
> +			goto fail;
> +		}
> +
> +		if (escape) {
> +			ssize_t n =3D 0;
> +			char *p =3D cgroup_path + j;
> +			size_t sz =3D (size_t) (p - cgroup_path);
> +
> +			switch (server_cgroup_template[i]) {
> +				case 'u':
> +					n =3D snprintf(p, sz, "%s", caller_user);
> +					break;
> +				case 'U':
> +					n =3D snprintf(p, sz, "%u", caller_uid);
> +					break;
> +				case 'G':
> +					n =3D snprintf(p, sz, "%u", caller_gid);
> +					break;
> +				case 'N':
> +					n =3D snprintf(p, sz, "%u", caller_num);
> +					break;
> +				case '%':
> +					n =3D snprintf(p, sz, "%%");
> +					break;
> +			}
> +
> +			if (n <=3D 0) {
> +				err("unable to expand escape sequence: %%%c",
> +				    server_cgroup_template[i]);
> +				ret =3D -1;
> +				goto fail;
> +			}
> +
> +			j +=3D (size_t) n;
> +
> +			escape =3D 0;
> +			continue;
> +
> +		} else if (server_cgroup_template[i] =3D=3D '%') {
> +			escape =3D 1;
> +			continue;
> +
> +		} else if (server_cgroup_template[i] =3D=3D '/' && j > 0) {
> +			cgroup_path[j] =3D '\0';
> +
> +			errno =3D 0;
> +			if (mkdir(cgroup_path, 0755) < 0 && errno !=3D EEXIST) {
> +				err("mkdir: %s: errno=3D%d: %m", cgroup_path, errno);
> +				ret =3D -1;
> +				goto fail;
> +			}
> +		}
> +
> +		cgroup_path[j++] =3D server_cgroup_template[i];
> +	}
> +
> +	cgroup_path[j] =3D '\0';
> +
> +	if ((fd =3D open(cgroup_path, O_CREAT | O_WRONLY | O_CLOEXEC, 0644)) < =
0) {
> +		err("open: %s: %m", cgroup_path);
> +		ret =3D -1;
> +		goto fail;
> +	}
> +
> +	if (dprintf(fd, "%d\n", getpid()) < 0) {
> +		err("dprintf: %s: unable to write pid", cgroup_path);
> +		ret =3D -1;
> +	}
> +fail:
> +	if (fd >=3D 0 && close(fd) < 0) {
> +		err("close: %s: %m", cgroup_path);
> +		ret =3D -1;
> +	}
> +
> +	return ret;
> +}
> diff --git a/hasher-priv/config.c b/hasher-priv/config.c
> index 6b6bdb1..3faf936 100644
> --- a/hasher-priv/config.c
> +++ b/hasher-priv/config.c
> @@ -30,6 +30,7 @@ const char *const *chroot_prefix_list;
>  const char *chroot_prefix_path;
>  const char *change_user1, *change_user2;
>  char *server_control_group =3D NULL;
> +char *server_cgroup_template =3D NULL;
>  char *server_pidfile =3D NULL;
>  const char *term;
>  const char *x11_display, *x11_key;
> @@ -671,6 +672,9 @@ set_server_config(const char *name, const char *value=
, const char *filename)
>  	} else if (!strcasecmp("control_group", name)) {
>  		free(server_control_group);
>  		server_control_group =3D xstrdup(value);
> +	} else if (!strcasecmp("cgroup_template", name)) {
> +		free(server_cgroup_template);
> +		server_cgroup_template =3D xstrdup(value);
>  	} else {
>  		bad_option_name(name, filename);
>  	}
> @@ -771,4 +775,5 @@ free_server_configuration(void)
>  {
>  	free(server_pidfile);
>  	free(server_control_group);
> +	free(server_cgroup_template);
>  }
> diff --git a/hasher-priv/priv.h b/hasher-priv/priv.h
> index f0eb9f9..f29603a 100644
> --- a/hasher-priv/priv.h
> +++ b/hasher-priv/priv.h
> @@ -120,6 +120,7 @@ int     do_chrootuid2(void);
> =20
>  int process_caller_task(int, struct task *);
>  pid_t fork_server(int, uid_t, gid_t, unsigned);
> +int join_cgroup(void);
> =20
>  extern const char *chroot_path;
>  extern const char **chroot_argv;
> @@ -162,6 +163,7 @@ extern work_limit_t wlimit;
>  extern int server_log_priority;
>  extern unsigned long server_session_timeout;
>  extern char *server_control_group;
> +extern char *server_cgroup_template;
>  extern char *server_pidfile;
>  extern gid_t server_gid;
> =20
> diff --git a/hasher-priv/server.conf b/hasher-priv/server.conf
> index 53ea5c3..9e70487 100644
> --- a/hasher-priv/server.conf
> +++ b/hasher-priv/server.conf
> @@ -11,3 +11,12 @@ session_timeout=3D3600
> =20
>  # Allow users of this group to interact with hasher-privd via the contro=
l socket.
>  control_group=3Dhashman
> +
> +# Template for cgroup path to which task handler should be added.
> +#
> +# %u -- Session's user name.
> +# %U -- Session's user numeric ID.
> +# %G -- Session's group numeric ID.
> +# %N -- Session's user number.
> +#
> +#cgroup_template=3D/sys/fs/cgroup2/hasher-priv/%u/cgroup.procs
> --=20
> 2.24.0
>=20
> _______________________________________________
> Devel mailing list
> Devel@lists.altlinux.org
> https://lists.altlinux.org/mailman/listinfo/devel

--19uQFt6ulqmgNgg1
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE56JD3UKTLEu/ddrm9dQjyAYL01AFAl9jYGoACgkQ9dQjyAYL
01CNDQ//bi7sdd0Issh8s6arPG6vrWq1AvvHuhANIQBUzx37eXtWLV7E53U0fSmF
4dUveIYUu/clFiORVeavAHxemZuYqSJL2x4iAov5xaaFYq9nPM4Wp+gAr0Oe561C
GCgYHuizMiVzNV6ojwIA8Yx99nDrfulcZpO+l6rtQ/EshO+NLu6jHGHvpDnEsmpi
prEn/SZtwSfompJ4AnaGBDPFINi8lqEuflQuykxRpqDCMnwpNxH7I1GodzuFO8qd
X1/pJbPAt0msI8QW3THYjdss/3hiHzH9ZkIBNo+QCcXFeOkTVPM+EsnmyWbp0ta+
ElXi3LyuY/1qbbwc9RjPm6cOC5YMYLoMN50lWzbPHHJZbT2dcWVIBVydh7HoZqu0
1nSLPRCxdiJT8wa/6zahQCW818qA2dpTsrQP6n4Xz7s3NOaVpb1NFmq8zceUHKY/
1x4GJR05VS2BX7tML7Gk2XH3RfdpTLinoxokntWtSVlopmFRUsDXrxV2sGekyiTa
6QCqiyto73y0xdAXIrdWfGDWO1oQA8hUfO4vT6undAYRIDBHO4TwvHhfIxnAlh9h
errEMHuO8g2/mBuaBN7G44PoPyqWcryMVGpXv7s56G7R7t5tUa67YR9qtINA8k2n
anSgLwGiZ8Dc750xO+yav+eP9Av2Igs+nlMzGyyGpLTtK43ndBo=
=elfX
-----END PGP SIGNATURE-----

--19uQFt6ulqmgNgg1--