-/* ====================================================================
- * The Apache Software License, Version 1.1
+/* Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
*
- * Copyright (c) 2000 The Apache Software Foundation. All rights
- * reserved.
+ * http://www.apache.org/licenses/LICENSE-2.0
*
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * 3. The end-user documentation included with the redistribution,
- * if any, must include the following acknowledgment:
- * "This product includes software developed by the
- * Apache Software Foundation (http://www.apache.org/)."
- * Alternately, this acknowledgment may appear in the software itself,
- * if and wherever such third-party acknowledgments normally appear.
- *
- * 4. The names "Apache" and "Apache Software Foundation" must
- * not be used to endorse or promote products derived from this
- * software without prior written permission. For written
- * permission, please contact apache@apache.org.
- *
- * 5. Products derived from this software may not be called "Apache",
- * nor may "Apache" appear in their name, without prior written
- * permission of the Apache Software Foundation.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
- * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- * DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR
- * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
- * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
- * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
- * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
- * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * @file unixd.h
+ * @brief common stuff that unix MPMs will want
*
- * Portions of this software are based upon public domain software
- * originally written at the National Center for Supercomputing Applications,
- * University of Illinois, Urbana-Champaign.
+ * @addtogroup APACHE_OS_UNIX
+ * @{
*/
#ifndef UNIXD_H
#define UNIXD_H
#include "httpd.h"
+#include "http_config.h"
+#include "ap_listen.h"
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_SYS_RESOURCE_H
#include <sys/resource.h>
+#endif
+#include "apr_hooks.h"
+#include "apr_thread_proc.h"
+#include "apr_proc_mutex.h"
+#include "apr_global_mutex.h"
+
+#include <pwd.h>
+#include <grp.h>
+#if APR_HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_IPC_H
+#include <sys/ipc.h>
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct {
+ uid_t uid;
+ gid_t gid;
+ int userdir;
+} ap_unix_identity_t;
+
+AP_DECLARE_HOOK(ap_unix_identity_t *, get_suexec_identity,(const request_rec *r))
-/* common stuff that unix MPMs will want */
/* Default user name and group name. These may be specified as numbers by
* placing a # before a number */
#endif
typedef struct {
- char *user_name;
+ const char *user_name;
uid_t user_id;
gid_t group_id;
+ int suexec_enabled;
+ const char *chroot_dir;
+ const char *suexec_disabled_reason; /* suitable msg if !suexec_enabled */
} unixd_config_rec;
-extern unixd_config_rec unixd_config;
-
-void unixd_detach(void);
-int unixd_setup_child(void);
-void unixd_pre_config(void);
-const char *unixd_set_user(cmd_parms *cmd, void *dummy, char *arg);
-const char *unixd_set_group(cmd_parms *cmd, void *dummy, char *arg);
-#if defined(RLIMIT_CPU) || defined(RLIMIT_DATA) || defined(RLIMIT_VMEM) || \
- defined(RLIMIT_NPROC) || defined(RLIMIT_AS)
-API_EXPORT(void) unixd_set_rlimit(cmd_parms *cmd, struct rlimit **plimit,
- const char *arg, const char * arg2, int type);
-#endif
-
-/* Information on signals for the various platforms */
+AP_DECLARE_DATA extern unixd_config_rec ap_unixd_config;
-#if defined(NSIG)
-#define NumSIG NSIG
-#elif defined(_NSIG)
-#define NumSIG _NSIG
-#elif defined(__NSIG)
-#define NumSIG __NSIG
-#else
-#define NumSIG 33 /* breaks on OS/390 with < 33; 32 is o.k. for most */
+#if defined(RLIMIT_CPU) || defined(RLIMIT_DATA) || defined(RLIMIT_VMEM) || defined(RLIMIT_NPROC) || defined(RLIMIT_AS)
+AP_DECLARE(void) ap_unixd_set_rlimit(cmd_parms *cmd, struct rlimit **plimit,
+ const char *arg,
+ const char * arg2, int type);
#endif
-#ifdef SYS_SIGLIST /* platform has sys_siglist[] */
-#define INIT_SIGLIST() /* nothing */
-#elif defined(SYS_SIGLIST_DECLARED) /* from autoconf */
-#define INIT_SIGLIST() /* nothing */
-#define SYS_SIGLIST sys_siglist
-#else
-#define NEED_AP_SYS_SIGLIST
-extern const char *ap_sys_siglist[NumSIG];
-#define SYS_SIGLIST ap_sys_siglist
-void unixd_siglist_init(void);
-#define INIT_SIGLIST() unixd_siglist_init();
-#endif /* platform has sys_siglist[] */
+/**
+ * One of the functions to set mutex permissions should be called in
+ * the parent process on platforms that switch identity when the
+ * server is started as root.
+ * If the child init logic is performed before switching identity
+ * (e.g., MPM setup for an accept mutex), it should only be called
+ * for SysV semaphores. Otherwise, it is safe to call it for all
+ * mutex types.
+ */
+AP_DECLARE(apr_status_t) ap_unixd_set_proc_mutex_perms(apr_proc_mutex_t *pmutex);
+AP_DECLARE(apr_status_t) ap_unixd_set_global_mutex_perms(apr_global_mutex_t *gmutex);
+AP_DECLARE(apr_status_t) ap_unixd_accept(void **accepted, ap_listen_rec *lr, apr_pool_t *ptrans);
#ifdef HAVE_KILLPG
-#define unixd_killpg(x, y) (killpg ((x), (y)))
+#define ap_unixd_killpg(x, y) (killpg ((x), (y)))
+#define ap_os_killpg(x, y) (killpg ((x), (y)))
#else /* HAVE_KILLPG */
-#define unixd_killpg(x, y) (kill (-(x), (y)))
+#define ap_unixd_killpg(x, y) (kill (-(x), (y)))
+#define ap_os_killpg(x, y) (kill (-(x), (y)))
#endif /* HAVE_KILLPG */
-#define UNIX_DAEMON_COMMANDS \
-{ "User", unixd_set_user, NULL, RSRC_CONF, TAKE1, \
- "Effective user id for this server"}, \
-{ "Group", unixd_set_group, NULL, RSRC_CONF, TAKE1, \
- "Effective group id for this server"}, \
+#ifdef __cplusplus
+}
+#endif
#endif
+/** @} */
projects / apache / blobdiff