]> git.saurik.com Git - apple/launchd.git/blob - launchd/src/launchctl.c
projects / apple / launchd.git / blob
? search:


f238119535ef8f39ce6d120f77772e544cb205ed
[apple/launchd.git] / launchd / src / launchctl.c
1 /*
2 * Copyright (c) 2005 Apple Computer, Inc. All rights reserved.
3 *
4 * @APPLE_APACHE_LICENSE_HEADER_START@
5 *
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 *
18 * @APPLE_APACHE_LICENSE_HEADER_END@
19 */
20
21 static const char *const __rcs_file_version__ = "$Revision: 23400 $";
22
23 #include "liblaunch_public.h"
24 #include "liblaunch_private.h"
25 #include "libbootstrap_public.h"
26 #include "libvproc_public.h"
27 #include "libvproc_private.h"
28 #include "libvproc_internal.h"
29
30 #include <CoreFoundation/CoreFoundation.h>
31 #include <CoreFoundation/CFPriv.h>
32 #include <TargetConditionals.h>
33 #if !TARGET_OS_EMBEDDED
34 #include <Security/Security.h>
35 #include <Security/AuthSession.h>
36 #endif
37 #include <IOKit/IOKitLib.h>
38 #include <NSSystemDirectories.h>
39 #include <mach/mach.h>
40 #include <sys/types.h>
41 #include <sys/sysctl.h>
42 #include <sys/time.h>
43 #include <sys/sysctl.h>
44 #include <sys/stat.h>
45 #include <sys/socket.h>
46 #include <sys/un.h>
47 #include <sys/fcntl.h>
48 #include <sys/event.h>
49 #include <sys/resource.h>
50 #include <sys/param.h>
51 #include <sys/mount.h>
52 #include <sys/reboot.h>
53 #include <net/if.h>
54 #include <netinet/in.h>
55 #include <netinet/in_var.h>
56 #include <netinet6/nd6.h>
57 #include <unistd.h>
58 #include <dirent.h>
59 #include <libgen.h>
60 #include <pwd.h>
61 #include <stdio.h>
62 #include <stdlib.h>
63 #include <pwd.h>
64 #include <grp.h>
65 #include <netdb.h>
66 #include <syslog.h>
67 #include <glob.h>
68 #include <readline/readline.h>
69 #include <readline/history.h>
70 #include <dns_sd.h>
71 #include <paths.h>
72 #include <utmp.h>
73 #include <utmpx.h>
74 #include <bootfiles.h>
75 #include <sysexits.h>
76 #include <util.h>
77
78
79 #define LAUNCH_SECDIR "/tmp/launch-XXXXXX"
80
81 #define MACHINIT_JOBKEY_ONDEMAND "OnDemand"
82 #define MACHINIT_JOBKEY_SERVICENAME "ServiceName"
83 #define MACHINIT_JOBKEY_COMMAND "Command"
84 #define MACHINIT_JOBKEY_SERVERPORT "ServerPort"
85 #define MACHINIT_JOBKEY_SERVICEPORT "ServicePort"
86
87 #define assumes(e) \
88 (__builtin_expect(!(e), 0) ? _log_launchctl_bug(__rcs_file_version__, __FILE__, __LINE__, #e), false : true)
89
90
91 struct load_unload_state {
92 launch_data_t pass0;
93 launch_data_t pass1;
94 launch_data_t pass2;
95 char *session_type;
96 unsigned int editondisk:1, load:1, forceload:1, __pad:29;
97 };
98
99 static void myCFDictionaryApplyFunction(const void *key, const void *value, void *context);
100 static bool launch_data_array_append(launch_data_t a, launch_data_t o);
101 static void distill_jobs(launch_data_t);
102 static void distill_config_file(launch_data_t);
103 static void sock_dict_cb(launch_data_t what, const char *key, void *context);
104 static void sock_dict_edit_entry(launch_data_t tmp, const char *key, launch_data_t fdarray, launch_data_t thejob);
105 static launch_data_t CF2launch_data(CFTypeRef);
106 static launch_data_t read_plist_file(const char *file, bool editondisk, bool load);
107 static CFPropertyListRef CreateMyPropertyListFromFile(const char *);
108 static void WriteMyPropertyListToFile(CFPropertyListRef, const char *);
109 static bool path_goodness_check(const char *path, bool forceload);
110 static void readpath(const char *, struct load_unload_state *);
111 static void readfile(const char *, struct load_unload_state *);
112 static int _fd(int);
113 static int demux_cmd(int argc, char *const argv[]);
114 static launch_data_t do_rendezvous_magic(const struct addrinfo *res, const char *serv);
115 static void submit_job_pass(launch_data_t jobs);
116 static void submit_mach_jobs(launch_data_t jobs);
117 static void let_go_of_mach_jobs(launch_data_t jobs);
118 static void do_mgroup_join(int fd, int family, int socktype, int protocol, const char *mgroup);
119 static mach_port_t str2bsport(const char *s);
120 static void print_jobs(launch_data_t j, const char *key, void *context);
121 static void print_obj(launch_data_t obj, const char *key, void *context);
122 static bool is_legacy_mach_job(launch_data_t obj);
123 static bool delay_to_second_pass(launch_data_t o);
124 static void delay_to_second_pass2(launch_data_t o, const char *key, void *context);
125 static bool str2lim(const char *buf, rlim_t *res);
126 static const char *lim2str(rlim_t val, char *buf);
127 static const char *num2name(int n);
128 static ssize_t name2num(const char *n);
129 static void unloadjob(launch_data_t job);
130 static void print_key_value(launch_data_t obj, const char *key, void *context);
131 static void print_launchd_env(launch_data_t obj, const char *key, void *context);
132 static void _log_launchctl_bug(const char *rcs_rev, const char *path, unsigned int line, const char *test);
133 static void loopback_setup_ipv4(void);
134 static void loopback_setup_ipv6(void);
135 static pid_t fwexec(const char *const *argv, bool _wait);
136 static void do_potential_fsck(void);
137 static bool path_check(const char *path);
138 static bool is_safeboot(void);
139 static bool is_netboot(void);
140 static void apply_sysctls_from_file(const char *thefile);
141 static void empty_dir(const char *thedir, struct stat *psb);
142 static int touch_file(const char *path, mode_t m);
143 static void do_sysversion_sysctl(void);
144 static void do_application_firewall_magic(int sfd, launch_data_t thejob);
145 static void preheat_page_cache_hack(void);
146 static void do_bootroot_magic(void);
147 static void do_single_user_mode(bool);
148 static bool do_single_user_mode2(void);
149 static void read_launchd_conf(void);
150 static bool job_disabled_logic(launch_data_t obj);
151
152 typedef enum {
153 BOOTCACHE_START = 1,
154 BOOTCACHE_TAG,
155 BOOTCACHE_STOP,
156 } BootCache_action_t;
157
158 static void do_BootCache_magic(BootCache_action_t what);
159
160 static int bootstrap_cmd(int argc, char *const argv[]);
161 static int load_and_unload_cmd(int argc, char *const argv[]);
162 //static int reload_cmd(int argc, char *const argv[]);
163 static int start_stop_remove_cmd(int argc, char *const argv[]);
164 static int submit_cmd(int argc, char *const argv[]);
165 static int list_cmd(int argc, char *const argv[]);
166
167 static int setenv_cmd(int argc, char *const argv[]);
168 static int unsetenv_cmd(int argc, char *const argv[]);
169 static int getenv_and_export_cmd(int argc, char *const argv[]);
170
171 static int limit_cmd(int argc, char *const argv[]);
172 static int stdio_cmd(int argc, char *const argv[]);
173 static int fyi_cmd(int argc, char *const argv[]);
174 static int logupdate_cmd(int argc, char *const argv[]);
175 static int umask_cmd(int argc, char *const argv[]);
176 static int getrusage_cmd(int argc, char *const argv[]);
177 static int bsexec_cmd(int argc, char *const argv[]);
178 static int bslist_cmd(int argc, char *const argv[]);
179
180 static int exit_cmd(int argc, char *const argv[]) __attribute__((noreturn));
181 static int help_cmd(int argc, char *const argv[]);
182
183 static const struct {
184 const char *name;
185 int (*func)(int argc, char *const argv[]);
186 const char *desc;
187 } cmds[] = {
188 { "load", load_and_unload_cmd, "Load configuration files and/or directories" },
189 { "unload", load_and_unload_cmd, "Unload configuration files and/or directories" },
190 // { "reload", reload_cmd, "Reload configuration files and/or directories" },
191 { "start", start_stop_remove_cmd, "Start specified job" },
192 { "stop", start_stop_remove_cmd, "Stop specified job" },
193 { "submit", submit_cmd, "Submit a job from the command line" },
194 { "remove", start_stop_remove_cmd, "Remove specified job" },
195 { "bootstrap", bootstrap_cmd, "Bootstrap launchd" },
196 { "list", list_cmd, "List jobs and information about jobs" },
197 { "setenv", setenv_cmd, "Set an environmental variable in launchd" },
198 { "unsetenv", unsetenv_cmd, "Unset an environmental variable in launchd" },
199 { "getenv", getenv_and_export_cmd, "Get an environmental variable from launchd" },
200 { "export", getenv_and_export_cmd, "Export shell settings from launchd" },
201 { "limit", limit_cmd, "View and adjust launchd resource limits" },
202 { "stdout", stdio_cmd, "Redirect launchd's standard out to the given path" },
203 { "stderr", stdio_cmd, "Redirect launchd's standard error to the given path" },
204 { "shutdown", fyi_cmd, "Prepare for system shutdown" },
205 { "singleuser", fyi_cmd, "Switch to single-user mode" },
206 { "getrusage", getrusage_cmd, "Get resource usage statistics from launchd" },
207 { "log", logupdate_cmd, "Adjust the logging level or mask of launchd" },
208 { "umask", umask_cmd, "Change launchd's umask" },
209 { "bsexec", bsexec_cmd, "Execute a process within a different Mach bootstrap subset" },
210 { "bslist", bslist_cmd, "List Mach bootstrap services and optional servers" },
211 { "exit", exit_cmd, "Exit the interactive invocation of launchctl" },
212 { "quit", exit_cmd, "Quit the interactive invocation of launchctl" },
213 { "help", help_cmd, "This help output" },
214 };
215
216 static bool istty;
217 static bool verbose;
218 static bool is_managed;
219
220 int
221 main(int argc, char *const argv[])
222 {
223 int64_t is_managed_val = 0;
224 char *l;
225
226 if (vproc_swap_integer(NULL, VPROC_GSK_IS_MANAGED, NULL, &is_managed_val) == NULL && is_managed_val) {
227 is_managed = true;
228 }
229
230 if (getuid() == 0 && !is_managed) {
231 mach_port_t root_bs = str2bsport("/");
232 task_set_bootstrap_port(mach_task_self(), root_bs);
233 mach_port_deallocate(mach_task_self(), bootstrap_port);
234 bootstrap_port = root_bs;
235 }
236
237 istty = isatty(STDIN_FILENO);
238
239 argc--, argv++;
240
241 if (argc > 0 && argv[0][0] == '-') {
242 char *flago;
243
244 for (flago = argv[0] + 1; *flago; flago++) {
245 switch (*flago) {
246 case 'v':
247 verbose = true;
248 break;
249 default:
250 fprintf(stderr, "Unknown argument: '-%c'\n", *flago);
251 break;
252 }
253 }
254 argc--, argv++;
255 }
256
257 if (NULL == readline) {
258 fprintf(stderr, "missing library: readline\n");
259 exit(EXIT_FAILURE);
260 }
261
262 if (argc == 0) {
263 while ((l = readline(istty ? "launchd% " : NULL))) {
264 char *inputstring = l, *argv2[100], **ap = argv2;
265 int i = 0;
266
267 while ((*ap = strsep(&inputstring, " \t"))) {
268 if (**ap != '\0') {
269 ap++;
270 i++;
271 }
272 }
273
274 if (i > 0) {
275 demux_cmd(i, argv2);
276 }
277
278 free(l);
279 }
280
281 if (istty) {
282 fputc('\n', stdout);
283 }
284 }
285
286 if (argc > 0) {
287 exit(demux_cmd(argc, argv));
288 }
289
290 exit(EXIT_SUCCESS);
291 }
292
293 int
294 demux_cmd(int argc, char *const argv[])
295 {
296 size_t i;
297
298 optind = 1;
299 optreset = 1;
300
301 for (i = 0; i < (sizeof cmds / sizeof cmds[0]); i++) {
302 if (!strcmp(cmds[i].name, argv[0])) {
303 return cmds[i].func(argc, argv);
304 }
305 }
306
307 fprintf(stderr, "%s: unknown subcommand \"%s\"\n", getprogname(), argv[0]);
308 return 1;
309 }
310
311 void
312 read_launchd_conf(void)
313 {
314 char s[1000], *c, *av[100];
315 size_t len, i;
316 FILE *f;
317
318 if (!(f = fopen("/etc/launchd.conf", "r"))) {
319 return;
320 }
321
322 while ((c = fgets(s, sizeof(s), f))) {
323 len = strlen(c);
324 if (len && c[len - 1] == '\n') {
325 c[len - 1] = '\0';
326 }
327
328 i = 0;
329
330 while ((av[i] = strsep(&c, " \t"))) {
331 if (*(av[i]) != '\0') {
332 i++;
333 }
334 }
335
336 if (i > 0) {
337 demux_cmd(i, av);
338 }
339 }
340
341 fclose(f);
342 }
343
344 int
345 unsetenv_cmd(int argc, char *const argv[])
346 {
347 launch_data_t resp, tmp, msg;
348
349 if (argc != 2) {
350 fprintf(stderr, "%s usage: unsetenv <key>\n", getprogname());
351 return 1;
352 }
353
354 msg = launch_data_alloc(LAUNCH_DATA_DICTIONARY);
355
356 tmp = launch_data_new_string(argv[1]);
357 launch_data_dict_insert(msg, tmp, LAUNCH_KEY_UNSETUSERENVIRONMENT);
358
359 resp = launch_msg(msg);
360
361 launch_data_free(msg);
362
363 if (resp) {
364 launch_data_free(resp);
365 } else {
366 fprintf(stderr, "launch_msg(\"%s\"): %s\n", LAUNCH_KEY_UNSETUSERENVIRONMENT, strerror(errno));
367 }
368
369 return 0;
370 }
371
372 int
373 setenv_cmd(int argc, char *const argv[])
374 {
375 launch_data_t resp, tmp, tmpv, msg;
376
377 if (argc != 3) {
378 fprintf(stderr, "%s usage: setenv <key> <value>\n", getprogname());
379 return 1;
380 }
381
382 msg = launch_data_alloc(LAUNCH_DATA_DICTIONARY);
383 tmp = launch_data_alloc(LAUNCH_DATA_DICTIONARY);
384
385 tmpv = launch_data_new_string(argv[2]);
386 launch_data_dict_insert(tmp, tmpv, argv[1]);
387 launch_data_dict_insert(msg, tmp, LAUNCH_KEY_SETUSERENVIRONMENT);
388
389 resp = launch_msg(msg);
390 launch_data_free(msg);
391
392 if (resp) {
393 launch_data_free(resp);
394 } else {
395 fprintf(stderr, "launch_msg(\"%s\"): %s\n", LAUNCH_KEY_SETUSERENVIRONMENT, strerror(errno));
396 }
397
398 return 0;
399 }
400
401 void
402 print_launchd_env(launch_data_t obj, const char *key, void *context)
403 {
404 bool *is_csh = context;
405
406 /* XXX escape the double quotes */
407 if (*is_csh) {
408 fprintf(stdout, "setenv %s \"%s\";\n", key, launch_data_get_string(obj));
409 } else {
410 fprintf(stdout, "%s=\"%s\"; export %s;\n", key, launch_data_get_string(obj), key);
411 }
412 }
413
414 void
415 print_key_value(launch_data_t obj, const char *key, void *context)
416 {
417 const char *k = context;
418
419 if (!strcmp(key, k)) {
420 fprintf(stdout, "%s\n", launch_data_get_string(obj));
421 }
422 }
423
424 int
425 getenv_and_export_cmd(int argc, char *const argv[])
426 {
427 launch_data_t resp;
428 bool is_csh = false;
429 char *k;
430
431 if (!strcmp(argv[0], "export")) {
432 char *s = getenv("SHELL");
433 if (s) {
434 is_csh = strstr(s, "csh") ? true : false;
435 }
436 } else if (argc != 2) {
437 fprintf(stderr, "%s usage: getenv <key>\n", getprogname());
438 return 1;
439 }
440
441 k = argv[1];
442
443 if (vproc_swap_complex(NULL, VPROC_GSK_ENVIRONMENT, NULL, &resp) == NULL) {
444 if (!strcmp(argv[0], "export")) {
445 launch_data_dict_iterate(resp, print_launchd_env, &is_csh);
446 } else {
447 launch_data_dict_iterate(resp, print_key_value, k);
448 }
449 launch_data_free(resp);
450 return 0;
451 } else {
452 return 1;
453 }
454
455 return 0;
456 }
457
458 void
459 unloadjob(launch_data_t job)
460 {
461 launch_data_t tmps;
462
463 tmps = launch_data_dict_lookup(job, LAUNCH_JOBKEY_LABEL);
464
465 if (!tmps) {
466 fprintf(stderr, "%s: Error: Missing Key: %s\n", getprogname(), LAUNCH_JOBKEY_LABEL);
467 return;
468 }
469
470 if (_vproc_send_signal_by_label(launch_data_get_string(tmps), VPROC_MAGIC_UNLOAD_SIGNAL) != NULL) {
471 fprintf(stderr, "%s: Error unloading: %s\n", getprogname(), launch_data_get_string(tmps));
472 }
473 }
474
475 launch_data_t
476 read_plist_file(const char *file, bool editondisk, bool load)
477 {
478 CFPropertyListRef plist = CreateMyPropertyListFromFile(file);
479 launch_data_t r = NULL;
480
481 if (NULL == plist) {
482 fprintf(stderr, "%s: no plist was returned for: %s\n", getprogname(), file);
483 return NULL;
484 }
485
486 if (editondisk) {
487 if (load) {
488 CFDictionaryRemoveValue((CFMutableDictionaryRef)plist, CFSTR(LAUNCH_JOBKEY_DISABLED));
489 } else {
490 CFDictionarySetValue((CFMutableDictionaryRef)plist, CFSTR(LAUNCH_JOBKEY_DISABLED), kCFBooleanTrue);
491 }
492 WriteMyPropertyListToFile(plist, file);
493 }
494
495 r = CF2launch_data(plist);
496
497 CFRelease(plist);
498
499 return r;
500 }
501
502 void
503 delay_to_second_pass2(launch_data_t o, const char *key, void *context)
504 {
505 bool *res = context;
506 size_t i;
507
508 if (key && 0 == strcmp(key, LAUNCH_JOBSOCKETKEY_BONJOUR)) {
509 *res = true;
510 return;
511 }
512
513 switch (launch_data_get_type(o)) {
514 case LAUNCH_DATA_DICTIONARY:
515 launch_data_dict_iterate(o, delay_to_second_pass2, context);
516 break;
517 case LAUNCH_DATA_ARRAY:
518 for (i = 0; i < launch_data_array_get_count(o); i++) {
519 delay_to_second_pass2(launch_data_array_get_index(o, i), NULL, context);
520 }
521 break;
522 default:
523 break;
524 }
525 }
526
527 bool
528 delay_to_second_pass(launch_data_t o)
529 {
530 bool res = false;
531
532 launch_data_t socks = launch_data_dict_lookup(o, LAUNCH_JOBKEY_SOCKETS);
533
534 if (NULL == socks) {
535 return false;
536 }
537
538 delay_to_second_pass2(socks, NULL, &res);
539
540 return res;
541 }
542
543 void
544 readfile(const char *what, struct load_unload_state *lus)
545 {
546 char ourhostname[1024];
547 launch_data_t tmpd, tmps, thejob, tmpa;
548 bool job_disabled = false;
549 size_t i, c;
550
551 gethostname(ourhostname, sizeof(ourhostname));
552
553 if (NULL == (thejob = read_plist_file(what, lus->editondisk, lus->load))) {
554 fprintf(stderr, "%s: no plist was returned for: %s\n", getprogname(), what);
555 return;
556 }
557
558 if (is_legacy_mach_job(thejob)) {
559 fprintf(stderr, "%s: Please convert the following to launchd: %s\n", getprogname(), what);
560 launch_data_array_append(lus->pass0, thejob);
561 return;
562 }
563
564 if (NULL == launch_data_dict_lookup(thejob, LAUNCH_JOBKEY_LABEL)) {
565 fprintf(stderr, "%s: missing the Label key: %s\n", getprogname(), what);
566 goto out_bad;
567 }
568
569 if (NULL != (tmpa = launch_data_dict_lookup(thejob, LAUNCH_JOBKEY_LIMITLOADFROMHOSTS))) {
570 c = launch_data_array_get_count(tmpa);
571
572 for (i = 0; i < c; i++) {
573 launch_data_t oai = launch_data_array_get_index(tmpa, i);
574 if (!strcasecmp(ourhostname, launch_data_get_string(oai))) {
575 goto out_bad;
576 }
577 }
578 }
579
580 if (NULL != (tmpa = launch_data_dict_lookup(thejob, LAUNCH_JOBKEY_LIMITLOADTOHOSTS))) {
581 c = launch_data_array_get_count(tmpa);
582
583 for (i = 0; i < c; i++) {
584 launch_data_t oai = launch_data_array_get_index(tmpa, i);
585 if (!strcasecmp(ourhostname, launch_data_get_string(oai))) {
586 break;
587 }
588 }
589
590 if (i == c) {
591 goto out_bad;
592 }
593 }
594
595 if (lus->session_type && !(tmpa = launch_data_dict_lookup(thejob, LAUNCH_JOBKEY_LIMITLOADTOSESSIONTYPE))) {
596 tmpa = launch_data_new_string("Aqua");
597 launch_data_dict_insert(thejob, tmpa, LAUNCH_JOBKEY_LIMITLOADTOSESSIONTYPE);
598 }
599
600 if ((tmpa = launch_data_dict_lookup(thejob, LAUNCH_JOBKEY_LIMITLOADTOSESSIONTYPE))) {
601 const char *allowed_session;
602 bool skipjob = true;
603
604 if (lus->session_type) switch (launch_data_get_type(tmpa)) {
605 case LAUNCH_DATA_ARRAY:
606 c = launch_data_array_get_count(tmpa);
607 for (i = 0; i < c; i++) {
608 tmps = launch_data_array_get_index(tmpa, i);
609 allowed_session = launch_data_get_string(tmps);
610 if (strcasecmp(lus->session_type, allowed_session) == 0) {
611 skipjob = false;
612 /* we have to do the following so job_reparent_hack() works within launchd */
613 tmpa = launch_data_new_string(lus->session_type);
614 launch_data_dict_insert(thejob, tmpa, LAUNCH_JOBKEY_LIMITLOADTOSESSIONTYPE);
615 break;
616 }
617 }
618 break;
619 case LAUNCH_DATA_STRING:
620 allowed_session = launch_data_get_string(tmpa);
621 if (strcasecmp(lus->session_type, allowed_session) == 0) {
622 skipjob = false;
623 }
624 break;
625 default:
626 break;
627 }
628
629 if (skipjob) {
630 goto out_bad;
631 }
632 }
633
634 if ((tmpd = launch_data_dict_lookup(thejob, LAUNCH_JOBKEY_DISABLED))) {
635 job_disabled = job_disabled_logic(tmpd);
636 }
637
638 if (lus->forceload) {
639 job_disabled = false;
640 }
641
642 if (job_disabled && lus->load) {
643 goto out_bad;
644 }
645
646 if (delay_to_second_pass(thejob)) {
647 launch_data_array_append(lus->pass2, thejob);
648 } else {
649 launch_data_array_append(lus->pass1, thejob);
650 }
651
652 if (verbose) {
653 fprintf(stdout, "Will load: %s\n", what);
654 }
655
656 return;
657 out_bad:
658 if (verbose) {
659 fprintf(stdout, "Ignored: %s\n", what);
660 }
661 launch_data_free(thejob);
662 }
663
664 static bool
665 sysctl_hw_streq(int mib_slot, const char *str)
666 {
667 char buf[1000];
668 size_t bufsz = sizeof(buf);
669 int mib[] = { CTL_HW, mib_slot };
670
671 if (sysctl(mib, 2, buf, &bufsz, NULL, 0) != -1) {
672 if (strcmp(buf, str) == 0) {
673 return true;
674 }
675 }
676
677 return false;
678 }
679
680 static void
681 job_disabled_dict_logic(launch_data_t obj, const char *key, void *context)
682 {
683 bool *r = context;
684
685 if (launch_data_get_type(obj) != LAUNCH_DATA_STRING) {
686 return;
687 }
688
689 if (strcasecmp(key, LAUNCH_JOBKEY_DISABLED_MACHINETYPE) == 0) {
690 if (sysctl_hw_streq(HW_MACHINE, launch_data_get_string(obj))) {
691 *r = true;
692 }
693 } else if (strcasecmp(key, LAUNCH_JOBKEY_DISABLED_MODELNAME) == 0) {
694 if (sysctl_hw_streq(HW_MODEL, launch_data_get_string(obj))) {
695 *r = true;
696 }
697 }
698 }
699
700 bool
701 job_disabled_logic(launch_data_t obj)
702 {
703 bool r = false;
704
705 switch (launch_data_get_type(obj)) {
706 case LAUNCH_DATA_DICTIONARY:
707 launch_data_dict_iterate(obj, job_disabled_dict_logic, &r);
708 break;
709 case LAUNCH_DATA_BOOL:
710 r = launch_data_get_bool(obj);
711 break;
712 default:
713 break;
714 }
715
716 return r;
717 }
718
719 bool
720 path_goodness_check(const char *path, bool forceload)
721 {
722 struct stat sb;
723
724 if (stat(path, &sb) == -1) {
725 fprintf(stderr, "%s: Couldn't stat(\"%s\"): %s\n", getprogname(), path, strerror(errno));
726 return false;
727 }
728
729 if (forceload) {
730 return true;
731 }
732
733 if (sb.st_mode & (S_IWOTH|S_IWGRP)) {
734 fprintf(stderr, "%s: Dubious permissions on file (skipping): %s\n", getprogname(), path);
735 return false;
736 }
737
738 if (sb.st_uid != 0 && sb.st_uid != getuid()) {
739 fprintf(stderr, "%s: Dubious ownership on file (skipping): %s\n", getprogname(), path);
740 return false;
741 }
742
743 if (!(S_ISREG(sb.st_mode) || S_ISDIR(sb.st_mode))) {
744 fprintf(stderr, "%s: Dubious path. Not a regular file or directory (skipping): %s\n", getprogname(), path);
745 return false;
746 }
747
748 return true;
749 }
750
751 void
752 readpath(const char *what, struct load_unload_state *lus)
753 {
754 char buf[MAXPATHLEN];
755 struct stat sb;
756 struct dirent *de;
757 DIR *d;
758
759 if (!path_goodness_check(what, lus->forceload)) {
760 return;
761 }
762
763 if (stat(what, &sb) == -1) {
764 return;
765 }
766
767 if (S_ISREG(sb.st_mode)) {
768 readfile(what, lus);
769 } else if (S_ISDIR(sb.st_mode)) {
770 if ((d = opendir(what)) == NULL) {
771 fprintf(stderr, "%s: opendir() failed to open the directory\n", getprogname());
772 return;
773 }
774
775 while ((de = readdir(d))) {
776 if ((de->d_name[0] == '.')) {
777 continue;
778 }
779 snprintf(buf, sizeof(buf), "%s/%s", what, de->d_name);
780
781 if (!path_goodness_check(buf, lus->forceload)) {
782 continue;
783 }
784
785 readfile(buf, lus);
786 }
787 closedir(d);
788 }
789 }
790
791 struct distill_context {
792 launch_data_t base;
793 launch_data_t newsockdict;
794 };
795
796 void
797 distill_jobs(launch_data_t jobs)
798 {
799 size_t i, c = launch_data_array_get_count(jobs);
800
801 for (i = 0; i < c; i++)
802 distill_config_file(launch_data_array_get_index(jobs, i));
803 }
804
805 void
806 distill_config_file(launch_data_t id_plist)
807 {
808 struct distill_context dc = { id_plist, NULL };
809 launch_data_t tmp;
810
811 if ((tmp = launch_data_dict_lookup(dc.base, LAUNCH_JOBKEY_SOCKETS))) {
812 dc.newsockdict = launch_data_alloc(LAUNCH_DATA_DICTIONARY);
813 launch_data_dict_iterate(tmp, sock_dict_cb, &dc);
814 launch_data_dict_insert(dc.base, dc.newsockdict, LAUNCH_JOBKEY_SOCKETS);
815 }
816 }
817
818 void
819 sock_dict_cb(launch_data_t what, const char *key, void *context)
820 {
821 struct distill_context *dc = context;
822 launch_data_t fdarray = launch_data_alloc(LAUNCH_DATA_ARRAY);
823
824 launch_data_dict_insert(dc->newsockdict, fdarray, key);
825
826 if (launch_data_get_type(what) == LAUNCH_DATA_DICTIONARY) {
827 sock_dict_edit_entry(what, key, fdarray, dc->base);
828 } else if (launch_data_get_type(what) == LAUNCH_DATA_ARRAY) {
829 launch_data_t tmp;
830 size_t i;
831
832 for (i = 0; i < launch_data_array_get_count(what); i++) {
833 tmp = launch_data_array_get_index(what, i);
834 sock_dict_edit_entry(tmp, key, fdarray, dc->base);
835 }
836 }
837 }
838
839 void
840 sock_dict_edit_entry(launch_data_t tmp, const char *key, launch_data_t fdarray, launch_data_t thejob)
841 {
842 launch_data_t a, val;
843 int sfd, st = SOCK_STREAM;
844 bool passive = true;
845
846 if ((val = launch_data_dict_lookup(tmp, LAUNCH_JOBSOCKETKEY_TYPE))) {
847 if (!strcasecmp(launch_data_get_string(val), "stream")) {
848 st = SOCK_STREAM;
849 } else if (!strcasecmp(launch_data_get_string(val), "dgram")) {
850 st = SOCK_DGRAM;
851 } else if (!strcasecmp(launch_data_get_string(val), "seqpacket")) {
852 st = SOCK_SEQPACKET;
853 }
854 }
855
856 if ((val = launch_data_dict_lookup(tmp, LAUNCH_JOBSOCKETKEY_PASSIVE))) {
857 passive = launch_data_get_bool(val);
858 }
859
860 if ((val = launch_data_dict_lookup(tmp, LAUNCH_JOBSOCKETKEY_SECUREWITHKEY))) {
861 char secdir[] = LAUNCH_SECDIR, buf[1024];
862 launch_data_t uenv = launch_data_dict_lookup(thejob, LAUNCH_JOBKEY_USERENVIRONMENTVARIABLES);
863
864 if (NULL == uenv) {
865 uenv = launch_data_alloc(LAUNCH_DATA_DICTIONARY);
866 launch_data_dict_insert(thejob, uenv, LAUNCH_JOBKEY_USERENVIRONMENTVARIABLES);
867 }
868
869 mkdtemp(secdir);
870
871 sprintf(buf, "%s/%s", secdir, key);
872
873 a = launch_data_new_string(buf);
874 launch_data_dict_insert(tmp, a, LAUNCH_JOBSOCKETKEY_PATHNAME);
875 a = launch_data_new_string(buf);
876 launch_data_dict_insert(uenv, a, launch_data_get_string(val));
877 }
878
879 if ((val = launch_data_dict_lookup(tmp, LAUNCH_JOBSOCKETKEY_PATHNAME))) {
880 struct sockaddr_un sun;
881 mode_t sun_mode = 0;
882 mode_t oldmask;
883 bool setm = false;
884
885 memset(&sun, 0, sizeof(sun));
886
887 sun.sun_family = AF_UNIX;
888
889 strncpy(sun.sun_path, launch_data_get_string(val), sizeof(sun.sun_path));
890
891 if ((sfd = _fd(socket(AF_UNIX, st, 0))) == -1) {
892 return;
893 }
894
895 if ((val = launch_data_dict_lookup(tmp, LAUNCH_JOBSOCKETKEY_PATHMODE))) {
896 sun_mode = (mode_t)launch_data_get_integer(val);
897 setm = true;
898 }
899
900 if (passive) {
901 if (unlink(sun.sun_path) == -1 && errno != ENOENT) {
902 close(sfd);
903 return;
904 }
905 oldmask = umask(S_IRWXG|S_IRWXO);
906 if (bind(sfd, (struct sockaddr *)&sun, sizeof(sun)) == -1) {
907 close(sfd);
908 umask(oldmask);
909 return;
910 }
911 umask(oldmask);
912 if (setm) {
913 chmod(sun.sun_path, sun_mode);
914 }
915 if ((st == SOCK_STREAM || st == SOCK_SEQPACKET) && listen(sfd, SOMAXCONN) == -1) {
916 close(sfd);
917 return;
918 }
919 } else if (connect(sfd, (struct sockaddr *)&sun, sizeof(sun)) == -1) {
920 close(sfd);
921 return;
922 }
923
924 val = launch_data_new_fd(sfd);
925 launch_data_array_append(fdarray, val);
926 } else {
927 launch_data_t rnames = NULL;
928 const char *node = NULL, *serv = NULL, *mgroup = NULL;
929 char servnbuf[50];
930 struct addrinfo hints, *res0, *res;
931 int gerr, sock_opt = 1;
932 bool rendezvous = false;
933
934 memset(&hints, 0, sizeof(hints));
935
936 hints.ai_socktype = st;
937 if (passive) {
938 hints.ai_flags |= AI_PASSIVE;
939 }
940
941 if ((val = launch_data_dict_lookup(tmp, LAUNCH_JOBSOCKETKEY_NODENAME))) {
942 node = launch_data_get_string(val);
943 }
944 if ((val = launch_data_dict_lookup(tmp, LAUNCH_JOBSOCKETKEY_MULTICASTGROUP))) {
945 mgroup = launch_data_get_string(val);
946 }
947 if ((val = launch_data_dict_lookup(tmp, LAUNCH_JOBSOCKETKEY_SERVICENAME))) {
948 if (LAUNCH_DATA_INTEGER == launch_data_get_type(val)) {
949 sprintf(servnbuf, "%lld", launch_data_get_integer(val));
950 serv = servnbuf;
951 } else {
952 serv = launch_data_get_string(val);
953 }
954 }
955 if ((val = launch_data_dict_lookup(tmp, LAUNCH_JOBSOCKETKEY_FAMILY))) {
956 if (!strcasecmp("IPv4", launch_data_get_string(val))) {
957 hints.ai_family = AF_INET;
958 } else if (!strcasecmp("IPv6", launch_data_get_string(val))) {
959 hints.ai_family = AF_INET6;
960 }
961 }
962 if ((val = launch_data_dict_lookup(tmp, LAUNCH_JOBSOCKETKEY_PROTOCOL))) {
963 if (!strcasecmp("TCP", launch_data_get_string(val))) {
964 hints.ai_protocol = IPPROTO_TCP;
965 } else if (!strcasecmp("UDP", launch_data_get_string(val))) {
966 hints.ai_protocol = IPPROTO_UDP;
967 }
968 }
969 if ((rnames = launch_data_dict_lookup(tmp, LAUNCH_JOBSOCKETKEY_BONJOUR))) {
970 rendezvous = true;
971 if (LAUNCH_DATA_BOOL == launch_data_get_type(rnames)) {
972 rendezvous = launch_data_get_bool(rnames);
973 rnames = NULL;
974 }
975 }
976
977 if ((gerr = getaddrinfo(node, serv, &hints, &res0)) != 0) {
978 fprintf(stderr, "getaddrinfo(): %s\n", gai_strerror(gerr));
979 return;
980 }
981
982 for (res = res0; res; res = res->ai_next) {
983 launch_data_t rvs_fd = NULL;
984 if ((sfd = _fd(socket(res->ai_family, res->ai_socktype, res->ai_protocol))) == -1) {
985 fprintf(stderr, "socket(): %s\n", strerror(errno));
986 return;
987 }
988
989 do_application_firewall_magic(sfd, thejob);
990
991 if (hints.ai_flags & AI_PASSIVE) {
992 if (AF_INET6 == res->ai_family && -1 == setsockopt(sfd, IPPROTO_IPV6, IPV6_V6ONLY,
993 (void *)&sock_opt, sizeof(sock_opt))) {
994 fprintf(stderr, "setsockopt(IPV6_V6ONLY): %m");
995 return;
996 }
997 if (mgroup) {
998 if (setsockopt(sfd, SOL_SOCKET, SO_REUSEPORT, (void *)&sock_opt, sizeof(sock_opt)) == -1) {
999 fprintf(stderr, "setsockopt(SO_REUSEPORT): %s\n", strerror(errno));
1000 return;
1001 }
1002 } else {
1003 if (setsockopt(sfd, SOL_SOCKET, SO_REUSEADDR, (void *)&sock_opt, sizeof(sock_opt)) == -1) {
1004 fprintf(stderr, "setsockopt(SO_REUSEADDR): %s\n", strerror(errno));
1005 return;
1006 }
1007 }
1008 if (bind(sfd, res->ai_addr, res->ai_addrlen) == -1) {
1009 fprintf(stderr, "bind(): %s\n", strerror(errno));
1010 return;
1011 }
1012 /* The kernel may have dynamically assigned some part of the
1013 * address. (The port being a common example.)
1014 */
1015 if (getsockname(sfd, res->ai_addr, &res->ai_addrlen) == -1) {
1016 fprintf(stderr, "getsockname(): %s\n", strerror(errno));
1017 return;
1018 }
1019
1020 if (mgroup) {
1021 do_mgroup_join(sfd, res->ai_family, res->ai_socktype, res->ai_protocol, mgroup);
1022 }
1023 if ((res->ai_socktype == SOCK_STREAM || res->ai_socktype == SOCK_SEQPACKET) && listen(sfd, SOMAXCONN) == -1) {
1024 fprintf(stderr, "listen(): %s\n", strerror(errno));
1025 return;
1026 }
1027 if (rendezvous && (res->ai_family == AF_INET || res->ai_family == AF_INET6) &&
1028 (res->ai_socktype == SOCK_STREAM || res->ai_socktype == SOCK_DGRAM)) {
1029 launch_data_t rvs_fds = launch_data_dict_lookup(thejob, LAUNCH_JOBKEY_BONJOURFDS);
1030 if (NULL == rvs_fds) {
1031 rvs_fds = launch_data_alloc(LAUNCH_DATA_ARRAY);
1032 launch_data_dict_insert(thejob, rvs_fds, LAUNCH_JOBKEY_BONJOURFDS);
1033 }
1034 if (NULL == rnames) {
1035 rvs_fd = do_rendezvous_magic(res, serv);
1036 if (rvs_fd) {
1037 launch_data_array_append(rvs_fds, rvs_fd);
1038 }
1039 } else if (LAUNCH_DATA_STRING == launch_data_get_type(rnames)) {
1040 rvs_fd = do_rendezvous_magic(res, launch_data_get_string(rnames));
1041 if (rvs_fd) {
1042 launch_data_array_append(rvs_fds, rvs_fd);
1043 }
1044 } else if (LAUNCH_DATA_ARRAY == launch_data_get_type(rnames)) {
1045 size_t rn_i, rn_ac = launch_data_array_get_count(rnames);
1046
1047 for (rn_i = 0; rn_i < rn_ac; rn_i++) {
1048 launch_data_t rn_tmp = launch_data_array_get_index(rnames, rn_i);
1049
1050 rvs_fd = do_rendezvous_magic(res, launch_data_get_string(rn_tmp));
1051 if (rvs_fd) {
1052 launch_data_array_append(rvs_fds, rvs_fd);
1053 }
1054 }
1055 }
1056 }
1057 } else {
1058 if (connect(sfd, res->ai_addr, res->ai_addrlen) == -1) {
1059 fprintf(stderr, "connect(): %s\n", strerror(errno));
1060 return;
1061 }
1062 }
1063 val = launch_data_new_fd(sfd);
1064 if (rvs_fd) {
1065 /* <rdar://problem/3964648> Launchd should not register the same service more than once */
1066 /* <rdar://problem/3965154> Switch to DNSServiceRegisterAddrInfo() */
1067 rendezvous = false;
1068 }
1069 launch_data_array_append(fdarray, val);
1070 }
1071 }
1072 }
1073
1074 void
1075 do_mgroup_join(int fd, int family, int socktype, int protocol, const char *mgroup)
1076 {
1077 struct addrinfo hints, *res0, *res;
1078 struct ip_mreq mreq;
1079 struct ipv6_mreq m6req;
1080 int gerr;
1081
1082 memset(&hints, 0, sizeof(hints));
1083
1084 hints.ai_flags |= AI_PASSIVE;
1085 hints.ai_family = family;
1086 hints.ai_socktype = socktype;
1087 hints.ai_protocol = protocol;
1088
1089 if ((gerr = getaddrinfo(mgroup, NULL, &hints, &res0)) != 0) {
1090 fprintf(stderr, "getaddrinfo(): %s\n", gai_strerror(gerr));
1091 return;
1092 }
1093
1094 for (res = res0; res; res = res->ai_next) {
1095 if (AF_INET == family) {
1096 memset(&mreq, 0, sizeof(mreq));
1097 mreq.imr_multiaddr = ((struct sockaddr_in *)res->ai_addr)->sin_addr;
1098 if (setsockopt(fd, IPPROTO_IP, IP_ADD_MEMBERSHIP, &mreq, sizeof(mreq)) == -1) {
1099 fprintf(stderr, "setsockopt(IP_ADD_MEMBERSHIP): %s\n", strerror(errno));
1100 continue;
1101 }
1102 break;
1103 } else if (AF_INET6 == family) {
1104 memset(&m6req, 0, sizeof(m6req));
1105 m6req.ipv6mr_multiaddr = ((struct sockaddr_in6 *)res->ai_addr)->sin6_addr;
1106 if (setsockopt(fd, IPPROTO_IPV6, IPV6_JOIN_GROUP, &m6req, sizeof(m6req)) == -1) {
1107 fprintf(stderr, "setsockopt(IPV6_JOIN_GROUP): %s\n", strerror(errno));
1108 continue;
1109 }
1110 break;
1111 } else {
1112 fprintf(stderr, "unknown family during multicast group bind!\n");
1113 break;
1114 }
1115 }
1116
1117 freeaddrinfo(res0);
1118 }
1119
1120
1121 launch_data_t
1122 do_rendezvous_magic(const struct addrinfo *res, const char *serv)
1123 {
1124 struct stat sb;
1125 DNSServiceRef service;
1126 DNSServiceErrorType error;
1127 char rvs_buf[200];
1128 short port;
1129 static int statres = 1;
1130
1131 if (1 == statres) {
1132 statres = stat("/usr/sbin/mDNSResponder", &sb);
1133 }
1134
1135 if (-1 == statres) {
1136 return NULL;
1137 }
1138
1139 sprintf(rvs_buf, "_%s._%s.", serv, res->ai_socktype == SOCK_STREAM ? "tcp" : "udp");
1140
1141 if (res->ai_family == AF_INET) {
1142 port = ((struct sockaddr_in *)res->ai_addr)->sin_port;
1143 } else {
1144 port = ((struct sockaddr_in6 *)res->ai_addr)->sin6_port;
1145 }
1146
1147 error = DNSServiceRegister(&service, 0, 0, NULL, rvs_buf, NULL, NULL, port, 0, NULL, NULL, NULL);
1148
1149 if (error == kDNSServiceErr_NoError) {
1150 return launch_data_new_fd(DNSServiceRefSockFD(service));
1151 }
1152
1153 fprintf(stderr, "DNSServiceRegister(\"%s\"): %d\n", serv, error);
1154 return NULL;
1155 }
1156
1157 CFPropertyListRef
1158 CreateMyPropertyListFromFile(const char *posixfile)
1159 {
1160 CFPropertyListRef propertyList;
1161 CFStringRef errorString;
1162 CFDataRef resourceData;
1163 SInt32 errorCode;
1164 CFURLRef fileURL;
1165
1166 fileURL = CFURLCreateFromFileSystemRepresentation(kCFAllocatorDefault, (const UInt8 *)posixfile, strlen(posixfile), false);
1167 if (!fileURL) {
1168 fprintf(stderr, "%s: CFURLCreateFromFileSystemRepresentation(%s) failed\n", getprogname(), posixfile);
1169 }
1170 if (!CFURLCreateDataAndPropertiesFromResource(kCFAllocatorDefault, fileURL, &resourceData, NULL, NULL, &errorCode)) {
1171 fprintf(stderr, "%s: CFURLCreateDataAndPropertiesFromResource(%s) failed: %d\n", getprogname(), posixfile, (int)errorCode);
1172 }
1173 propertyList = CFPropertyListCreateFromXMLData(kCFAllocatorDefault, resourceData, kCFPropertyListMutableContainers, &errorString);
1174 if (!propertyList) {
1175 fprintf(stderr, "%s: propertyList is NULL\n", getprogname());
1176 }
1177
1178 return propertyList;
1179 }
1180
1181 void
1182 WriteMyPropertyListToFile(CFPropertyListRef plist, const char *posixfile)
1183 {
1184 CFDataRef resourceData;
1185 CFURLRef fileURL;
1186 SInt32 errorCode;
1187
1188 fileURL = CFURLCreateFromFileSystemRepresentation(kCFAllocatorDefault, (const UInt8 *)posixfile, strlen(posixfile), false);
1189 if (!fileURL) {
1190 fprintf(stderr, "%s: CFURLCreateFromFileSystemRepresentation(%s) failed\n", getprogname(), posixfile);
1191 }
1192 resourceData = CFPropertyListCreateXMLData(kCFAllocatorDefault, plist);
1193 if (resourceData == NULL) {
1194 fprintf(stderr, "%s: CFPropertyListCreateXMLData(%s) failed", getprogname(), posixfile);
1195 }
1196 if (!CFURLWriteDataAndPropertiesToResource(fileURL, resourceData, NULL, &errorCode)) {
1197 fprintf(stderr, "%s: CFURLWriteDataAndPropertiesToResource(%s) failed: %d\n", getprogname(), posixfile, (int)errorCode);
1198 }
1199 }
1200
1201 void
1202 myCFDictionaryApplyFunction(const void *key, const void *value, void *context)
1203 {
1204 launch_data_t ik, iw, where = context;
1205
1206 ik = CF2launch_data(key);
1207 iw = CF2launch_data(value);
1208
1209 launch_data_dict_insert(where, iw, launch_data_get_string(ik));
1210 launch_data_free(ik);
1211 }
1212
1213 launch_data_t
1214 CF2launch_data(CFTypeRef cfr)
1215 {
1216 launch_data_t r;
1217 CFTypeID cft = CFGetTypeID(cfr);
1218
1219 if (cft == CFStringGetTypeID()) {
1220 char buf[4096];
1221 CFStringGetCString(cfr, buf, sizeof(buf), kCFStringEncodingUTF8);
1222 r = launch_data_alloc(LAUNCH_DATA_STRING);
1223 launch_data_set_string(r, buf);
1224 } else if (cft == CFBooleanGetTypeID()) {
1225 r = launch_data_alloc(LAUNCH_DATA_BOOL);
1226 launch_data_set_bool(r, CFBooleanGetValue(cfr));
1227 } else if (cft == CFArrayGetTypeID()) {
1228 CFIndex i, ac = CFArrayGetCount(cfr);
1229 r = launch_data_alloc(LAUNCH_DATA_ARRAY);
1230 for (i = 0; i < ac; i++) {
1231 CFTypeRef v = CFArrayGetValueAtIndex(cfr, i);
1232 if (v) {
1233 launch_data_t iv = CF2launch_data(v);
1234 launch_data_array_set_index(r, iv, i);
1235 }
1236 }
1237 } else if (cft == CFDictionaryGetTypeID()) {
1238 r = launch_data_alloc(LAUNCH_DATA_DICTIONARY);
1239 CFDictionaryApplyFunction(cfr, myCFDictionaryApplyFunction, r);
1240 } else if (cft == CFDataGetTypeID()) {
1241 r = launch_data_alloc(LAUNCH_DATA_ARRAY);
1242 launch_data_set_opaque(r, CFDataGetBytePtr(cfr), CFDataGetLength(cfr));
1243 } else if (cft == CFNumberGetTypeID()) {
1244 long long n;
1245 double d;
1246 CFNumberType cfnt = CFNumberGetType(cfr);
1247 switch (cfnt) {
1248 case kCFNumberSInt8Type:
1249 case kCFNumberSInt16Type:
1250 case kCFNumberSInt32Type:
1251 case kCFNumberSInt64Type:
1252 case kCFNumberCharType:
1253 case kCFNumberShortType:
1254 case kCFNumberIntType:
1255 case kCFNumberLongType:
1256 case kCFNumberLongLongType:
1257 CFNumberGetValue(cfr, kCFNumberLongLongType, &n);
1258 r = launch_data_alloc(LAUNCH_DATA_INTEGER);
1259 launch_data_set_integer(r, n);
1260 break;
1261 case kCFNumberFloat32Type:
1262 case kCFNumberFloat64Type:
1263 case kCFNumberFloatType:
1264 case kCFNumberDoubleType:
1265 CFNumberGetValue(cfr, kCFNumberDoubleType, &d);
1266 r = launch_data_alloc(LAUNCH_DATA_REAL);
1267 launch_data_set_real(r, d);
1268 break;
1269 default:
1270 r = NULL;
1271 break;
1272 }
1273 } else {
1274 r = NULL;
1275 }
1276 return r;
1277 }
1278
1279 int
1280 help_cmd(int argc, char *const argv[])
1281 {
1282 FILE *where = stdout;
1283 int l, cmdwidth = 0;
1284 size_t i;
1285
1286 if (argc == 0 || argv == NULL)
1287 where = stderr;
1288
1289 fprintf(where, "usage: %s <subcommand>\n", getprogname());
1290
1291 for (i = 0; i < (sizeof cmds / sizeof cmds[0]); i++) {
1292 l = strlen(cmds[i].name);
1293 if (l > cmdwidth)
1294 cmdwidth = l;
1295 }
1296
1297 for (i = 0; i < (sizeof cmds / sizeof cmds[0]); i++) {
1298 fprintf(where, "\t%-*s\t%s\n", cmdwidth, cmds[i].name, cmds[i].desc);
1299 }
1300
1301 return 0;
1302 }
1303
1304 int
1305 exit_cmd(int argc __attribute__((unused)), char *const argv[] __attribute__((unused)))
1306 {
1307 exit(0);
1308 }
1309
1310 int
1311 _fd(int fd)
1312 {
1313 if (fd >= 0)
1314 fcntl(fd, F_SETFD, 1);
1315 return fd;
1316 }
1317
1318 void
1319 do_single_user_mode(bool sflag)
1320 {
1321 if (sflag) {
1322 while (!do_single_user_mode2()) {
1323 sleep(1);
1324 }
1325 }
1326 }
1327
1328 bool
1329 do_single_user_mode2(void)
1330 {
1331 bool runcom_fsck = true; /* should_fsck(); */
1332 int wstatus;
1333 int fd;
1334 pid_t p;
1335
1336 switch ((p = fork())) {
1337 case -1:
1338 syslog(LOG_ERR, "can't fork single-user shell, trying again: %m");
1339 return false;
1340 case 0:
1341 break;
1342 default:
1343 assumes(waitpid(p, &wstatus, 0) != -1);
1344 if (WIFEXITED(wstatus)) {
1345 if (WEXITSTATUS(wstatus) == EXIT_SUCCESS) {
1346 return true;
1347 } else {
1348 fprintf(stdout, "single user mode: exit status: %d\n", WEXITSTATUS(wstatus));
1349 }
1350 } else {
1351 fprintf(stdout, "single user mode shell: %s\n", strsignal(WTERMSIG(wstatus)));
1352 }
1353 return false;
1354 }
1355
1356 revoke(_PATH_CONSOLE);
1357 if (!assumes((fd = open(_PATH_CONSOLE, O_RDWR)) != -1)) {
1358 _exit(EXIT_FAILURE);
1359 }
1360 if (!assumes(login_tty(fd) != -1)) {
1361 _exit(EXIT_FAILURE);
1362 }
1363 setenv("TERM", "vt100", 1);
1364 if (runcom_fsck) {
1365 fprintf(stdout, "Singleuser boot -- fsck not done\n");
1366 fprintf(stdout, "Root device is mounted read-only\n\n");
1367 fprintf(stdout, "If you want to make modifications to files:\n");
1368 fprintf(stdout, "\t/sbin/fsck -fy\n\t/sbin/mount -uw /\n\n");
1369 fprintf(stdout, "If you wish to boot the system:\n");
1370 fprintf(stdout, "\texit\n\n");
1371 fflush(stdout);
1372 }
1373
1374 execl(_PATH_BSHELL, "-sh", NULL);
1375 syslog(LOG_ERR, "can't exec %s for single user: %m", _PATH_BSHELL);
1376 _exit(EXIT_FAILURE);
1377 }
1378
1379 static void
1380 system_specific_bootstrap(bool sflag)
1381 {
1382 int hnmib[] = { CTL_KERN, KERN_HOSTNAME };
1383 struct kevent kev;
1384 int kq;
1385
1386
1387 do_sysversion_sysctl();
1388
1389 do_single_user_mode(sflag);
1390
1391 assumes((kq = kqueue()) != -1);
1392
1393 EV_SET(&kev, 0, EVFILT_TIMER, EV_ADD|EV_ONESHOT, NOTE_SECONDS, 60, 0);
1394 assumes(kevent(kq, &kev, 1, NULL, 0, NULL) != -1);
1395
1396 EV_SET(&kev, SIGTERM, EVFILT_SIGNAL, EV_ADD, 0, 0, 0);
1397 assumes(kevent(kq, &kev, 1, NULL, 0, NULL) != -1);
1398 assumes(signal(SIGTERM, SIG_IGN) != SIG_ERR);
1399
1400 assumes(sysctl(hnmib, 2, NULL, NULL, "localhost", sizeof("localhost")) != -1);
1401
1402 loopback_setup_ipv4();
1403 loopback_setup_ipv6();
1404
1405 if (path_check("/etc/rc.server")) {
1406 const char *rcserver_tool[] = { _PATH_BSHELL, "/etc/rc.server", NULL };
1407 assumes(fwexec(rcserver_tool, true) != -1);
1408 }
1409
1410 apply_sysctls_from_file("/etc/sysctl.conf");
1411
1412 if (path_check("/etc/rc.cdrom")) {
1413 const char *rccdrom_tool[] = { _PATH_BSHELL, "/etc/rc.cdrom", "multiuser", NULL };
1414 assumes(fwexec(rccdrom_tool, true) != -1);
1415 assumes(reboot(RB_HALT) != -1);
1416 _exit(EXIT_FAILURE);
1417 } else if (is_netboot()) {
1418 const char *rcnetboot_tool[] = { _PATH_BSHELL, "/etc/rc.netboot", "init", NULL };
1419 if (!assumes(fwexec(rcnetboot_tool, true) != -1)) {
1420 assumes(reboot(RB_HALT) != -1);
1421 _exit(EXIT_FAILURE);
1422 }
1423 } else {
1424 do_potential_fsck();
1425 }
1426
1427 read_launchd_conf();
1428
1429 if (path_check("/var/account/acct")) {
1430 assumes(acct("/var/account/acct") != -1);
1431 }
1432
1433 if (path_check("/etc/fstab")) {
1434 const char *mount_tool[] = { "mount", "-vat", "nonfs", NULL };
1435 assumes(fwexec(mount_tool, true) != -1);
1436 }
1437
1438 if (path_check("/etc/rc.installer_cleanup")) {
1439 const char *rccleanup_tool[] = { _PATH_BSHELL, "/etc/rc.installer_cleanup", "multiuser", NULL };
1440 assumes(fwexec(rccleanup_tool, true) != -1);
1441 }
1442
1443 empty_dir(_PATH_VARRUN, NULL);
1444 empty_dir(_PATH_TMP, NULL);
1445 remove(_PATH_NOLOGIN);
1446
1447 if (path_check("/usr/libexec/dirhelper")) {
1448 const char *dirhelper_tool[] = { "/usr/libexec/dirhelper", "-machineBoot", NULL };
1449 assumes(fwexec(dirhelper_tool, true) != -1);
1450 }
1451
1452 assumes(touch_file(_PATH_UTMPX, DEFFILEMODE) != -1);
1453 assumes(touch_file(_PATH_VARRUN "/.systemStarterRunning", DEFFILEMODE) != -1);
1454
1455 if (path_check("/etc/security/rc.audit")) {
1456 const char *audit_tool[] = { _PATH_BSHELL, "/etc/security/rc.audit", NULL };
1457 assumes(fwexec(audit_tool, true) != -1);
1458 }
1459
1460 do_BootCache_magic(BOOTCACHE_START);
1461
1462 preheat_page_cache_hack();
1463
1464 _vproc_set_global_on_demand(true);
1465
1466 char *load_launchd_items[] = { "load", "-D", "all", "/etc/mach_init.d", NULL };
1467
1468 if (is_safeboot()) {
1469 load_launchd_items[2] = "system";
1470 }
1471
1472 assumes(load_and_unload_cmd(4, load_launchd_items) == 0);
1473
1474 /*
1475 * 5066316
1476 *
1477 * We need to revisit this after Leopard ships.
1478 *
1479 * I want a plist defined knob for jobs to give advisory hints that
1480 * will "hopefully" serialize bootstrap. Reasons for doing so include
1481 * pragmatic performance optimizations and attempts to workaround bugs
1482 * in jobs. My current thought is something like what follows.
1483 *
1484 * The BootCache would switch to launchd and add this to the plist:
1485 *
1486 * <key>HopefullyStartsSerially<key>
1487 * <dict>
1488 * <key>ReadyTimeout</key>
1489 * <integer>2</integer>
1490 * </dict>
1491 *
1492 * And kextd would add the following:
1493 *
1494 * <key>HopefullyStartsSerially<key>
1495 * <dict>
1496 * <key>ReadyTimeout</key>
1497 * <integer>5</integer>
1498 * <key>HopefullyStartsAfter</key>
1499 * <string>com.apple.BootCache.daemon</string>
1500 * </dict>
1501 *
1502 *
1503 * Then both the BootCache and kextd could call something like:
1504 *
1505 * vproc_declare_ready_state();
1506 *
1507 * To tell launchd to short circuit the readiness timeout and let the
1508 * next wave of jobs start.
1509 *
1510 * Yes, this mechanism smells a lot like SystemStarter, rc.d and
1511 * friends. I think as long as we document that artificial
1512 * serialization is only advisory and not guaranteed, we should be
1513 * fine. Remember: IPC is the preferred way to serialize operations.
1514 *
1515 */
1516 mach_timespec_t w = { 5, 0 };
1517 IOKitWaitQuiet(kIOMasterPortDefault, &w);
1518
1519 do_BootCache_magic(BOOTCACHE_TAG);
1520
1521 do_bootroot_magic();
1522
1523 _vproc_set_global_on_demand(false);
1524
1525 assumes(kevent(kq, NULL, 0, &kev, 1, NULL) == 1);
1526
1527 do_BootCache_magic(BOOTCACHE_STOP);
1528
1529 assumes(close(kq) != -1);
1530 }
1531
1532 void
1533 do_BootCache_magic(BootCache_action_t what)
1534 {
1535 const char *bcc_tool[] = { "BootCacheControl", "-f", "/var/db/BootCache.playlist", NULL, NULL };
1536
1537 if (is_safeboot()) {
1538 return;
1539 }
1540
1541 switch (what) {
1542 case BOOTCACHE_START:
1543 bcc_tool[3] = "start";
1544 break;
1545 case BOOTCACHE_TAG:
1546 bcc_tool[3] = "tag";
1547 break;
1548 case BOOTCACHE_STOP:
1549 bcc_tool[3] = "stop";
1550 break;
1551 default:
1552 assumes(false);
1553 return;
1554 }
1555
1556 fwexec(bcc_tool, true);
1557 }
1558
1559 int
1560 bootstrap_cmd(int argc, char *const argv[])
1561 {
1562 char *session_type = NULL;
1563 bool sflag = false;
1564 int ch;
1565
1566 while ((ch = getopt(argc, argv, "sS:")) != -1) {
1567 switch (ch) {
1568 case 's':
1569 sflag = true;
1570 break;
1571 case 'S':
1572 session_type = optarg;
1573 break;
1574 case '?':
1575 default:
1576 break;
1577 }
1578 }
1579
1580 optind = 1;
1581 optreset = 1;
1582
1583 if (!session_type) {
1584 fprintf(stderr, "usage: %s bootstrap [-s] -S <session-type>\n", getprogname());
1585 return 1;
1586 }
1587
1588 if (strcasecmp(session_type, "System") == 0) {
1589 system_specific_bootstrap(sflag);
1590 } else {
1591 char *load_launchd_items[] = { "load", "-S", session_type, "-D", "all", NULL, NULL, NULL, NULL };
1592 int the_argc = 5;
1593
1594 if (is_safeboot()) {
1595 load_launchd_items[4] = "system";
1596 }
1597
1598 if (strcasecmp(session_type, VPROCMGR_SESSION_BACKGROUND) == 0 || strcasecmp(session_type, VPROCMGR_SESSION_LOGINWINDOW) == 0) {
1599 load_launchd_items[4] = "system";
1600 if (!is_safeboot()) {
1601 load_launchd_items[5] = "-D";
1602 load_launchd_items[6] = "local";
1603 the_argc += 2;
1604 }
1605 if (strcasecmp(session_type, VPROCMGR_SESSION_LOGINWINDOW) == 0) {
1606 load_launchd_items[the_argc] = "/etc/mach_init_per_login_session.d";
1607 the_argc += 1;
1608 }
1609 } else if (strcasecmp(session_type, VPROCMGR_SESSION_AQUA) == 0) {
1610 load_launchd_items[5] = "/etc/mach_init_per_user.d";
1611 the_argc += 1;
1612 }
1613
1614 #if !TARGET_OS_EMBEDDED
1615 if (strcasecmp(session_type, VPROCMGR_SESSION_BACKGROUND) == 0) {
1616 assumes(SessionCreate(sessionKeepCurrentBootstrap, 0) == 0);
1617 }
1618 #endif
1619
1620 return load_and_unload_cmd(the_argc, load_launchd_items);
1621 }
1622
1623 return 0;
1624 }
1625
1626 int
1627 load_and_unload_cmd(int argc, char *const argv[])
1628 {
1629 NSSearchPathEnumerationState es = 0;
1630 char nspath[PATH_MAX * 2]; /* safe side, we need to append */
1631 bool badopts = false;
1632 struct load_unload_state lus;
1633 size_t i;
1634 int ch;
1635
1636 memset(&lus, 0, sizeof(lus));
1637
1638 if (strcmp(argv[0], "load") == 0) {
1639 lus.load = true;
1640 }
1641
1642 while ((ch = getopt(argc, argv, "wFS:D:")) != -1) {
1643 switch (ch) {
1644 case 'w':
1645 lus.editondisk = true;
1646 break;
1647 case 'F':
1648 lus.forceload = true;
1649 break;
1650 case 'S':
1651 lus.session_type = optarg;
1652 break;
1653 case 'D':
1654 if (strcasecmp(optarg, "all") == 0) {
1655 es |= NSAllDomainsMask;
1656 } else if (strcasecmp(optarg, "user") == 0) {
1657 es |= NSUserDomainMask;
1658 } else if (strcasecmp(optarg, "local") == 0) {
1659 es |= NSLocalDomainMask;
1660 } else if (strcasecmp(optarg, "network") == 0) {
1661 es |= NSNetworkDomainMask;
1662 } else if (strcasecmp(optarg, "system") == 0) {
1663 es |= NSSystemDomainMask;
1664 } else {
1665 badopts = true;
1666 }
1667 break;
1668 case '?':
1669 default:
1670 badopts = true;
1671 break;
1672 }
1673 }
1674 argc -= optind;
1675 argv += optind;
1676
1677 if (lus.session_type == NULL) {
1678 es &= ~NSUserDomainMask;
1679 }
1680
1681 if (argc == 0 && es == 0) {
1682 badopts = true;
1683 }
1684
1685 if (badopts) {
1686 fprintf(stderr, "usage: %s load [-wF] [-D <user|local|network|system|all>] paths...\n", getprogname());
1687 return 1;
1688 }
1689
1690 /* I wish I didn't need to do three passes, but I need to load mDNSResponder and use it too.
1691 * And loading legacy mach init jobs is extra fun.
1692 *
1693 * In later versions of launchd, I hope to load everything in the first pass,
1694 * then do the Bonjour magic on the jobs that need it, and reload them, but for now,
1695 * I haven't thought through the various complexities of reloading jobs, and therefore
1696 * launchd doesn't have reload support right now.
1697 */
1698
1699 lus.pass0 = launch_data_alloc(LAUNCH_DATA_ARRAY);
1700 lus.pass1 = launch_data_alloc(LAUNCH_DATA_ARRAY);
1701 lus.pass2 = launch_data_alloc(LAUNCH_DATA_ARRAY);
1702
1703 es = NSStartSearchPathEnumeration(NSLibraryDirectory, es);
1704
1705 while ((es = NSGetNextSearchPathEnumeration(es, nspath))) {
1706 glob_t g;
1707
1708 if (lus.session_type) {
1709 strcat(nspath, "/LaunchAgents");
1710 } else {
1711 strcat(nspath, "/LaunchDaemons");
1712 }
1713
1714 if (glob(nspath, GLOB_TILDE|GLOB_NOSORT, NULL, &g) == 0) {
1715 for (i = 0; i < g.gl_pathc; i++) {
1716 readpath(g.gl_pathv[i], &lus);
1717 }
1718 globfree(&g);
1719 }
1720 }
1721
1722 for (i = 0; i < (size_t)argc; i++) {
1723 readpath(argv[i], &lus);
1724 }
1725
1726 if (launch_data_array_get_count(lus.pass0) == 0 &&
1727 launch_data_array_get_count(lus.pass1) == 0 &&
1728 launch_data_array_get_count(lus.pass2) == 0) {
1729 if (!is_managed) {
1730 fprintf(stderr, "nothing found to %s\n", lus.load ? "load" : "unload");
1731 }
1732 launch_data_free(lus.pass0);
1733 launch_data_free(lus.pass1);
1734 launch_data_free(lus.pass2);
1735 return is_managed ? 0 : 1;
1736 }
1737
1738 if (lus.load) {
1739 distill_jobs(lus.pass1);
1740 submit_mach_jobs(lus.pass0);
1741 submit_job_pass(lus.pass1);
1742 let_go_of_mach_jobs(lus.pass0);
1743 distill_jobs(lus.pass2);
1744 submit_job_pass(lus.pass2);
1745 } else {
1746 for (i = 0; i < launch_data_array_get_count(lus.pass1); i++) {
1747 unloadjob(launch_data_array_get_index(lus.pass1, i));
1748 }
1749 for (i = 0; i < launch_data_array_get_count(lus.pass2); i++) {
1750 unloadjob(launch_data_array_get_index(lus.pass2, i));
1751 }
1752 }
1753
1754 return 0;
1755 }
1756
1757 void
1758 submit_mach_jobs(launch_data_t jobs)
1759 {
1760 size_t i, c;
1761
1762 c = launch_data_array_get_count(jobs);
1763
1764 for (i = 0; i < c; i++) {
1765 launch_data_t tmp, oai = launch_data_array_get_index(jobs, i);
1766 const char *sn = NULL, *cmd = NULL;
1767 bool d = true;
1768 mach_port_t msr, msv;
1769 kern_return_t kr;
1770 uid_t u = getuid();
1771
1772 if ((tmp = launch_data_dict_lookup(oai, MACHINIT_JOBKEY_ONDEMAND)))
1773 d = launch_data_get_bool(tmp);
1774 if ((tmp = launch_data_dict_lookup(oai, MACHINIT_JOBKEY_SERVICENAME)))
1775 sn = launch_data_get_string(tmp);
1776 if ((tmp = launch_data_dict_lookup(oai, MACHINIT_JOBKEY_COMMAND)))
1777 cmd = launch_data_get_string(tmp);
1778
1779 if ((kr = bootstrap_create_server(bootstrap_port, (char *)cmd, u, d, &msr)) != KERN_SUCCESS) {
1780 fprintf(stderr, "%s: bootstrap_create_server(): %d\n", getprogname(), kr);
1781 continue;
1782 }
1783 if ((kr = bootstrap_create_service(msr, (char*)sn, &msv)) != KERN_SUCCESS) {
1784 fprintf(stderr, "%s: bootstrap_create_service(): %d\n", getprogname(), kr);
1785 mach_port_destroy(mach_task_self(), msr);
1786 continue;
1787 }
1788 launch_data_dict_insert(oai, launch_data_new_machport(msr), MACHINIT_JOBKEY_SERVERPORT);
1789 launch_data_dict_insert(oai, launch_data_new_machport(msv), MACHINIT_JOBKEY_SERVICEPORT);
1790 }
1791 }
1792
1793 void
1794 let_go_of_mach_jobs(launch_data_t jobs)
1795 {
1796 size_t i, c = launch_data_array_get_count(jobs);
1797
1798 for (i = 0; i < c; i++) {
1799 launch_data_t tmp, oai = launch_data_array_get_index(jobs, i);
1800 if ((tmp = launch_data_dict_lookup(oai, MACHINIT_JOBKEY_SERVICEPORT))) {
1801 mach_port_destroy(mach_task_self(), launch_data_get_machport(tmp));
1802 } else {
1803 fprintf(stderr, "%s: ack! missing service port!\n", getprogname());
1804 }
1805 if ((tmp = launch_data_dict_lookup(oai, MACHINIT_JOBKEY_SERVERPORT))) {
1806 mach_port_destroy(mach_task_self(), launch_data_get_machport(tmp));
1807 } else {
1808 fprintf(stderr, "%s: ack! missing server port!\n", getprogname());
1809 }
1810 }
1811 }
1812
1813 void
1814 submit_job_pass(launch_data_t jobs)
1815 {
1816 launch_data_t msg, resp;
1817 size_t i;
1818 int e;
1819
1820 if (launch_data_array_get_count(jobs) == 0)
1821 return;
1822
1823 msg = launch_data_alloc(LAUNCH_DATA_DICTIONARY);
1824
1825 launch_data_dict_insert(msg, jobs, LAUNCH_KEY_SUBMITJOB);
1826
1827 resp = launch_msg(msg);
1828
1829 if (resp) {
1830 switch (launch_data_get_type(resp)) {
1831 case LAUNCH_DATA_ERRNO:
1832 if ((e = launch_data_get_errno(resp)))
1833 fprintf(stderr, "%s\n", strerror(e));
1834 break;
1835 case LAUNCH_DATA_ARRAY:
1836 for (i = 0; i < launch_data_array_get_count(jobs); i++) {
1837 launch_data_t obatind = launch_data_array_get_index(resp, i);
1838 launch_data_t jatind = launch_data_array_get_index(jobs, i);
1839 const char *lab4job = launch_data_get_string(launch_data_dict_lookup(jatind, LAUNCH_JOBKEY_LABEL));
1840 if (LAUNCH_DATA_ERRNO == launch_data_get_type(obatind)) {
1841 e = launch_data_get_errno(obatind);
1842 switch (e) {
1843 case EEXIST:
1844 fprintf(stderr, "%s: %s\n", lab4job, "Already loaded");
1845 break;
1846 case ESRCH:
1847 fprintf(stderr, "%s: %s\n", lab4job, "Not loaded");
1848 break;
1849 default:
1850 fprintf(stderr, "%s: %s\n", lab4job, strerror(e));
1851 case 0:
1852 break;
1853 }
1854 }
1855 }
1856 break;
1857 default:
1858 fprintf(stderr, "unknown respose from launchd!\n");
1859 break;
1860 }
1861 launch_data_free(resp);
1862 } else {
1863 fprintf(stderr, "launch_msg(): %s\n", strerror(errno));
1864 }
1865
1866 launch_data_free(msg);
1867 }
1868
1869 int
1870 start_stop_remove_cmd(int argc, char *const argv[])
1871 {
1872 launch_data_t resp, msg;
1873 const char *lmsgcmd = LAUNCH_KEY_STOPJOB;
1874 int e, r = 0;
1875
1876 if (0 == strcmp(argv[0], "start"))
1877 lmsgcmd = LAUNCH_KEY_STARTJOB;
1878
1879 if (0 == strcmp(argv[0], "remove"))
1880 lmsgcmd = LAUNCH_KEY_REMOVEJOB;
1881
1882 if (argc != 2) {
1883 fprintf(stderr, "usage: %s %s <job label>\n", getprogname(), argv[0]);
1884 return 1;
1885 }
1886
1887 msg = launch_data_alloc(LAUNCH_DATA_DICTIONARY);
1888 launch_data_dict_insert(msg, launch_data_new_string(argv[1]), lmsgcmd);
1889
1890 resp = launch_msg(msg);
1891 launch_data_free(msg);
1892
1893 if (resp == NULL) {
1894 fprintf(stderr, "launch_msg(): %s\n", strerror(errno));
1895 return 1;
1896 } else if (launch_data_get_type(resp) == LAUNCH_DATA_ERRNO) {
1897 if ((e = launch_data_get_errno(resp))) {
1898 fprintf(stderr, "%s %s error: %s\n", getprogname(), argv[0], strerror(e));
1899 r = 1;
1900 }
1901 } else {
1902 fprintf(stderr, "%s %s returned unknown response\n", getprogname(), argv[0]);
1903 r = 1;
1904 }
1905
1906 launch_data_free(resp);
1907 return r;
1908 }
1909
1910 void
1911 print_jobs(launch_data_t j, const char *key __attribute__((unused)), void *context __attribute__((unused)))
1912 {
1913 static size_t depth = 0;
1914 launch_data_t lo = launch_data_dict_lookup(j, LAUNCH_JOBKEY_LABEL);
1915 launch_data_t pido = launch_data_dict_lookup(j, LAUNCH_JOBKEY_PID);
1916 launch_data_t stato = launch_data_dict_lookup(j, LAUNCH_JOBKEY_LASTEXITSTATUS);
1917 const char *label = launch_data_get_string(lo);
1918 size_t i;
1919
1920 if (pido) {
1921 fprintf(stdout, "%lld\t-\t", launch_data_get_integer(pido));
1922 } else if (stato) {
1923 int wstatus = (int)launch_data_get_integer(stato);
1924 if (WIFEXITED(wstatus)) {
1925 fprintf(stdout, "-\t%d\t", WEXITSTATUS(wstatus));
1926 } else if (WIFSIGNALED(wstatus)) {
1927 fprintf(stdout, "-\t-%d\t", WTERMSIG(wstatus));
1928 } else {
1929 fprintf(stdout, "-\t???\t");
1930 }
1931 } else {
1932 fprintf(stdout, "-\t-\t");
1933 }
1934 for (i = 0; i < depth; i++)
1935 fprintf(stdout, "\t");
1936
1937 fprintf(stdout, "%s\n", label);
1938 }
1939
1940 void
1941 print_obj(launch_data_t obj, const char *key, void *context __attribute__((unused)))
1942 {
1943 static size_t indent = 0;
1944 size_t i, c;
1945
1946 for (i = 0; i < indent; i++)
1947 fprintf(stdout, "\t");
1948
1949 if (key)
1950 fprintf(stdout, "\"%s\" = ", key);
1951
1952 switch (launch_data_get_type(obj)) {
1953 case LAUNCH_DATA_STRING:
1954 fprintf(stdout, "\"%s\";\n", launch_data_get_string(obj));
1955 break;
1956 case LAUNCH_DATA_INTEGER:
1957 fprintf(stdout, "%lld;\n", launch_data_get_integer(obj));
1958 break;
1959 case LAUNCH_DATA_REAL:
1960 fprintf(stdout, "%f;\n", launch_data_get_real(obj));
1961 break;
1962 case LAUNCH_DATA_BOOL:
1963 fprintf(stdout, "%s;\n", launch_data_get_bool(obj) ? "true" : "false");
1964 break;
1965 case LAUNCH_DATA_ARRAY:
1966 c = launch_data_array_get_count(obj);
1967 fprintf(stdout, "(\n");
1968 indent++;
1969 for (i = 0; i < c; i++)
1970 print_obj(launch_data_array_get_index(obj, i), NULL, NULL);
1971 indent--;
1972 for (i = 0; i < indent; i++)
1973 fprintf(stdout, "\t");
1974 fprintf(stdout, ");\n");
1975 break;
1976 case LAUNCH_DATA_DICTIONARY:
1977 fprintf(stdout, "{\n");
1978 indent++;
1979 launch_data_dict_iterate(obj, print_obj, NULL);
1980 indent--;
1981 for (i = 0; i < indent; i++)
1982 fprintf(stdout, "\t");
1983 fprintf(stdout, "};\n");
1984 break;
1985 case LAUNCH_DATA_FD:
1986 fprintf(stdout, "file-descriptor-object;\n");
1987 break;
1988 case LAUNCH_DATA_MACHPORT:
1989 fprintf(stdout, "mach-port-object;\n");
1990 break;
1991 default:
1992 fprintf(stdout, "???;\n");
1993 break;
1994 }
1995 }
1996
1997 int
1998 list_cmd(int argc, char *const argv[])
1999 {
2000 launch_data_t resp, msg;
2001 int r = 0;
2002
2003 if (argc > 2) {
2004 fprintf(stderr, "usage: %s list [label]\n", getprogname());
2005 return 1;
2006 } else if (argc == 2) {
2007 msg = launch_data_alloc(LAUNCH_DATA_DICTIONARY);
2008 launch_data_dict_insert(msg, launch_data_new_string(argv[1]), LAUNCH_KEY_GETJOB);
2009 } else if (vproc_swap_complex(NULL, VPROC_GSK_ALLJOBS, NULL, &resp) == NULL) {
2010 fprintf(stdout, "PID\tStatus\tLabel\n");
2011 launch_data_dict_iterate(resp, print_jobs, NULL);
2012 launch_data_free(resp);
2013 return 0;
2014 } else {
2015 return 1;
2016 }
2017
2018 resp = launch_msg(msg);
2019 launch_data_free(msg);
2020
2021 if (resp == NULL) {
2022 fprintf(stderr, "launch_msg(): %s\n", strerror(errno));
2023 return 1;
2024 } else if (launch_data_get_type(resp) == LAUNCH_DATA_DICTIONARY) {
2025 print_obj(resp, NULL, NULL);
2026 } else {
2027 fprintf(stderr, "%s %s returned unknown response\n", getprogname(), argv[0]);
2028 r = 1;
2029 }
2030
2031 launch_data_free(resp);
2032
2033 return r;
2034 }
2035
2036 int
2037 stdio_cmd(int argc __attribute__((unused)), char *const argv[])
2038 {
2039 fprintf(stderr, "%s %s: This sub-command no longer does anything\n", getprogname(), argv[0]);
2040 return 1;
2041 }
2042
2043 int
2044 fyi_cmd(int argc, char *const argv[])
2045 {
2046 launch_data_t resp, msg;
2047 const char *lmsgk = NULL;
2048 int e, r = 0;
2049
2050 if (argc != 1) {
2051 fprintf(stderr, "usage: %s %s\n", getprogname(), argv[0]);
2052 return 1;
2053 }
2054
2055 if (!strcmp(argv[0], "shutdown")) {
2056 lmsgk = LAUNCH_KEY_SHUTDOWN;
2057 } else if (!strcmp(argv[0], "singleuser")) {
2058 lmsgk = LAUNCH_KEY_SINGLEUSER;
2059 } else {
2060 return 1;
2061 }
2062
2063 msg = launch_data_new_string(lmsgk);
2064 resp = launch_msg(msg);
2065 launch_data_free(msg);
2066
2067 if (resp == NULL) {
2068 fprintf(stderr, "launch_msg(): %s\n", strerror(errno));
2069 return 1;
2070 } else if (launch_data_get_type(resp) == LAUNCH_DATA_ERRNO) {
2071 if ((e = launch_data_get_errno(resp))) {
2072 fprintf(stderr, "%s %s error: %s\n", getprogname(), argv[0], strerror(e));
2073 r = 1;
2074 }
2075 } else {
2076 fprintf(stderr, "%s %s returned unknown response\n", getprogname(), argv[0]);
2077 r = 1;
2078 }
2079
2080 launch_data_free(resp);
2081
2082 return r;
2083 }
2084
2085 int
2086 logupdate_cmd(int argc, char *const argv[])
2087 {
2088 int64_t inval, outval;
2089 int i, j, m = 0;
2090 bool badargs = false, maskmode = false, onlymode = false, levelmode = false;
2091 static const struct {
2092 const char *name;
2093 int level;
2094 } logtbl[] = {
2095 { "debug", LOG_DEBUG },
2096 { "info", LOG_INFO },
2097 { "notice", LOG_NOTICE },
2098 { "warning", LOG_WARNING },
2099 { "error", LOG_ERR },
2100 { "critical", LOG_CRIT },
2101 { "alert", LOG_ALERT },
2102 { "emergency", LOG_EMERG },
2103 };
2104 int logtblsz = sizeof logtbl / sizeof logtbl[0];
2105
2106 if (argc >= 2) {
2107 if (!strcmp(argv[1], "mask"))
2108 maskmode = true;
2109 else if (!strcmp(argv[1], "only"))
2110 onlymode = true;
2111 else if (!strcmp(argv[1], "level"))
2112 levelmode = true;
2113 else
2114 badargs = true;
2115 }
2116
2117 if (maskmode)
2118 m = LOG_UPTO(LOG_DEBUG);
2119
2120 if (argc > 2 && (maskmode || onlymode)) {
2121 for (i = 2; i < argc; i++) {
2122 for (j = 0; j < logtblsz; j++) {
2123 if (!strcmp(argv[i], logtbl[j].name)) {
2124 if (maskmode)
2125 m &= ~(LOG_MASK(logtbl[j].level));
2126 else
2127 m |= LOG_MASK(logtbl[j].level);
2128 break;
2129 }
2130 }
2131 if (j == logtblsz) {
2132 badargs = true;
2133 break;
2134 }
2135 }
2136 } else if (argc > 2 && levelmode) {
2137 for (j = 0; j < logtblsz; j++) {
2138 if (!strcmp(argv[2], logtbl[j].name)) {
2139 m = LOG_UPTO(logtbl[j].level);
2140 break;
2141 }
2142 }
2143 if (j == logtblsz)
2144 badargs = true;
2145 } else if (argc != 1) {
2146 badargs = true;
2147 }
2148
2149 if (badargs) {
2150 fprintf(stderr, "usage: %s [[mask loglevels...] | [only loglevels...] [level loglevel]]\n", getprogname());
2151 return 1;
2152 }
2153
2154 inval = m;
2155
2156 if (vproc_swap_integer(NULL, VPROC_GSK_GLOBAL_LOG_MASK, argc != 1 ? &inval : NULL, &outval) == NULL) {
2157 if (argc == 1) {
2158 for (j = 0; j < logtblsz; j++) {
2159 if (outval & LOG_MASK(logtbl[j].level)) {
2160 fprintf(stdout, "%s ", logtbl[j].name);
2161 }
2162 }
2163 fprintf(stdout, "\n");
2164 }
2165 return 0;
2166 } else {
2167 return 1;
2168 }
2169 }
2170
2171 static const struct {
2172 const char *name;
2173 int lim;
2174 } limlookup[] = {
2175 { "cpu", RLIMIT_CPU },
2176 { "filesize", RLIMIT_FSIZE },
2177 { "data", RLIMIT_DATA },
2178 { "stack", RLIMIT_STACK },
2179 { "core", RLIMIT_CORE },
2180 { "rss", RLIMIT_RSS },
2181 { "memlock", RLIMIT_MEMLOCK },
2182 { "maxproc", RLIMIT_NPROC },
2183 { "maxfiles", RLIMIT_NOFILE }
2184 };
2185
2186 static const size_t limlookupcnt = sizeof limlookup / sizeof limlookup[0];
2187
2188 ssize_t
2189 name2num(const char *n)
2190 {
2191 size_t i;
2192
2193 for (i = 0; i < limlookupcnt; i++) {
2194 if (!strcmp(limlookup[i].name, n)) {
2195 return limlookup[i].lim;
2196 }
2197 }
2198 return -1;
2199 }
2200
2201 const char *
2202 num2name(int n)
2203 {
2204 size_t i;
2205
2206 for (i = 0; i < limlookupcnt; i++) {
2207 if (limlookup[i].lim == n)
2208 return limlookup[i].name;
2209 }
2210 return NULL;
2211 }
2212
2213 const char *
2214 lim2str(rlim_t val, char *buf)
2215 {
2216 if (val == RLIM_INFINITY)
2217 strcpy(buf, "unlimited");
2218 else
2219 sprintf(buf, "%lld", val);
2220 return buf;
2221 }
2222
2223 bool
2224 str2lim(const char *buf, rlim_t *res)
2225 {
2226 char *endptr;
2227 *res = strtoll(buf, &endptr, 10);
2228 if (!strcmp(buf, "unlimited")) {
2229 *res = RLIM_INFINITY;
2230 return false;
2231 } else if (*endptr == '\0') {
2232 return false;
2233 }
2234 return true;
2235 }
2236
2237 int
2238 limit_cmd(int argc __attribute__((unused)), char *const argv[])
2239 {
2240 char slimstr[100];
2241 char hlimstr[100];
2242 struct rlimit *lmts = NULL;
2243 launch_data_t resp, resp1 = NULL, msg, tmp;
2244 int r = 0;
2245 size_t i, lsz = -1;
2246 ssize_t which = 0;
2247 rlim_t slim = -1, hlim = -1;
2248 bool badargs = false;
2249
2250 if (argc > 4)
2251 badargs = true;
2252
2253 if (argc >= 3 && str2lim(argv[2], &slim))
2254 badargs = true;
2255 else
2256 hlim = slim;
2257
2258 if (argc == 4 && str2lim(argv[3], &hlim))
2259 badargs = true;
2260
2261 if (argc >= 2 && -1 == (which = name2num(argv[1])))
2262 badargs = true;
2263
2264 if (badargs) {
2265 fprintf(stderr, "usage: %s %s [", getprogname(), argv[0]);
2266 for (i = 0; i < limlookupcnt; i++)
2267 fprintf(stderr, "%s %s", limlookup[i].name, (i + 1) == limlookupcnt ? "" : "| ");
2268 fprintf(stderr, "[both | soft hard]]\n");
2269 return 1;
2270 }
2271
2272 msg = launch_data_new_string(LAUNCH_KEY_GETRESOURCELIMITS);
2273 resp = launch_msg(msg);
2274 launch_data_free(msg);
2275
2276 if (resp == NULL) {
2277 fprintf(stderr, "launch_msg(): %s\n", strerror(errno));
2278 return 1;
2279 } else if (launch_data_get_type(resp) == LAUNCH_DATA_OPAQUE) {
2280 lmts = launch_data_get_opaque(resp);
2281 lsz = launch_data_get_opaque_size(resp);
2282 if (argc <= 2) {
2283 for (i = 0; i < (lsz / sizeof(struct rlimit)); i++) {
2284 if (argc == 2 && (size_t)which != i)
2285 continue;
2286 fprintf(stdout, "\t%-12s%-15s%-15s\n", num2name(i),
2287 lim2str(lmts[i].rlim_cur, slimstr),
2288 lim2str(lmts[i].rlim_max, hlimstr));
2289 }
2290 }
2291 } else if (launch_data_get_type(resp) == LAUNCH_DATA_STRING) {
2292 fprintf(stderr, "%s %s error: %s\n", getprogname(), argv[0], launch_data_get_string(resp));
2293 r = 1;
2294 } else {
2295 fprintf(stderr, "%s %s returned unknown response\n", getprogname(), argv[0]);
2296 r = 1;
2297 }
2298
2299 if (argc <= 2 || r != 0) {
2300 launch_data_free(resp);
2301 return r;
2302 } else {
2303 resp1 = resp;
2304 }
2305
2306 lmts[which].rlim_cur = slim;
2307 lmts[which].rlim_max = hlim;
2308
2309 msg = launch_data_alloc(LAUNCH_DATA_DICTIONARY);
2310 tmp = launch_data_new_opaque(lmts, lsz);
2311 launch_data_dict_insert(msg, tmp, LAUNCH_KEY_SETRESOURCELIMITS);
2312 resp = launch_msg(msg);
2313 launch_data_free(msg);
2314
2315 if (resp == NULL) {
2316 fprintf(stderr, "launch_msg(): %s\n", strerror(errno));
2317 return 1;
2318 } else if (launch_data_get_type(resp) == LAUNCH_DATA_STRING) {
2319 fprintf(stderr, "%s %s error: %s\n", getprogname(), argv[0], launch_data_get_string(resp));
2320 r = 1;
2321 } else if (launch_data_get_type(resp) != LAUNCH_DATA_OPAQUE) {
2322 fprintf(stderr, "%s %s returned unknown response\n", getprogname(), argv[0]);
2323 r = 1;
2324 }
2325
2326 launch_data_free(resp);
2327 launch_data_free(resp1);
2328
2329 return r;
2330 }
2331
2332 int
2333 umask_cmd(int argc, char *const argv[])
2334 {
2335 bool badargs = false;
2336 char *endptr;
2337 long m = 0;
2338 int64_t inval, outval;
2339
2340 if (argc == 2) {
2341 m = strtol(argv[1], &endptr, 8);
2342 if (*endptr != '\0' || m > 0777)
2343 badargs = true;
2344 }
2345
2346 if (argc > 2 || badargs) {
2347 fprintf(stderr, "usage: %s %s <mask>\n", getprogname(), argv[0]);
2348 return 1;
2349 }
2350
2351 inval = m;
2352
2353 if (vproc_swap_integer(NULL, VPROC_GSK_GLOBAL_UMASK, argc == 2 ? &inval : NULL, &outval) == NULL) {
2354 if (argc == 1) {
2355 fprintf(stdout, "%o\n", (unsigned int)outval);
2356 }
2357 return 0;
2358 } else {
2359 return 1;
2360 }
2361 }
2362
2363 int
2364 submit_cmd(int argc, char *const argv[])
2365 {
2366 launch_data_t msg = launch_data_alloc(LAUNCH_DATA_DICTIONARY);
2367 launch_data_t job = launch_data_alloc(LAUNCH_DATA_DICTIONARY);
2368 launch_data_t resp, largv = launch_data_alloc(LAUNCH_DATA_ARRAY);
2369 int ch, i, r = 0;
2370
2371 launch_data_dict_insert(job, launch_data_new_bool(false), LAUNCH_JOBKEY_ONDEMAND);
2372
2373 while ((ch = getopt(argc, argv, "l:p:o:e:")) != -1) {
2374 switch (ch) {
2375 case 'l':
2376 launch_data_dict_insert(job, launch_data_new_string(optarg), LAUNCH_JOBKEY_LABEL);
2377 break;
2378 case 'p':
2379 launch_data_dict_insert(job, launch_data_new_string(optarg), LAUNCH_JOBKEY_PROGRAM);
2380 break;
2381 case 'o':
2382 launch_data_dict_insert(job, launch_data_new_string(optarg), LAUNCH_JOBKEY_STANDARDOUTPATH);
2383 break;
2384 case 'e':
2385 launch_data_dict_insert(job, launch_data_new_string(optarg), LAUNCH_JOBKEY_STANDARDERRORPATH);
2386 break;
2387 default:
2388 fprintf(stderr, "usage: %s submit ...\n", getprogname());
2389 return 1;
2390 }
2391 }
2392 argc -= optind;
2393 argv += optind;
2394
2395 for (i = 0; argv[i]; i++) {
2396 launch_data_array_append(largv, launch_data_new_string(argv[i]));
2397 }
2398
2399 launch_data_dict_insert(job, largv, LAUNCH_JOBKEY_PROGRAMARGUMENTS);
2400
2401 launch_data_dict_insert(msg, job, LAUNCH_KEY_SUBMITJOB);
2402
2403 resp = launch_msg(msg);
2404 launch_data_free(msg);
2405
2406 if (resp == NULL) {
2407 fprintf(stderr, "launch_msg(): %s\n", strerror(errno));
2408 return 1;
2409 } else if (launch_data_get_type(resp) == LAUNCH_DATA_ERRNO) {
2410 errno = launch_data_get_errno(resp);
2411 if (errno) {
2412 fprintf(stderr, "%s %s error: %s\n", getprogname(), argv[0], strerror(errno));
2413 r = 1;
2414 }
2415 } else {
2416 fprintf(stderr, "%s %s error: %s\n", getprogname(), argv[0], "unknown response");
2417 }
2418
2419 launch_data_free(resp);
2420
2421 return r;
2422 }
2423
2424 int
2425 getrusage_cmd(int argc, char *const argv[])
2426 {
2427 launch_data_t resp, msg;
2428 bool badargs = false;
2429 int r = 0;
2430
2431 if (argc != 2)
2432 badargs = true;
2433 else if (strcmp(argv[1], "self") && strcmp(argv[1], "children"))
2434 badargs = true;
2435
2436 if (badargs) {
2437 fprintf(stderr, "usage: %s %s self | children\n", getprogname(), argv[0]);
2438 return 1;
2439 }
2440
2441 if (!strcmp(argv[1], "self")) {
2442 msg = launch_data_new_string(LAUNCH_KEY_GETRUSAGESELF);
2443 } else {
2444 msg = launch_data_new_string(LAUNCH_KEY_GETRUSAGECHILDREN);
2445 }
2446
2447 resp = launch_msg(msg);
2448 launch_data_free(msg);
2449
2450 if (resp == NULL) {
2451 fprintf(stderr, "launch_msg(): %s\n", strerror(errno));
2452 return 1;
2453 } else if (launch_data_get_type(resp) == LAUNCH_DATA_ERRNO) {
2454 fprintf(stderr, "%s %s error: %s\n", getprogname(), argv[0], strerror(launch_data_get_errno(resp)));
2455 r = 1;
2456 } else if (launch_data_get_type(resp) == LAUNCH_DATA_OPAQUE) {
2457 struct rusage *rusage = launch_data_get_opaque(resp);
2458 fprintf(stdout, "\t%-10f\tuser time used\n",
2459 (double)rusage->ru_utime.tv_sec + (double)rusage->ru_utime.tv_usec / (double)1000000);
2460 fprintf(stdout, "\t%-10f\tsystem time used\n",
2461 (double)rusage->ru_stime.tv_sec + (double)rusage->ru_stime.tv_usec / (double)1000000);
2462 fprintf(stdout, "\t%-10ld\tmax resident set size\n", rusage->ru_maxrss);
2463 fprintf(stdout, "\t%-10ld\tshared text memory size\n", rusage->ru_ixrss);
2464 fprintf(stdout, "\t%-10ld\tunshared data size\n", rusage->ru_idrss);
2465 fprintf(stdout, "\t%-10ld\tunshared stack size\n", rusage->ru_isrss);
2466 fprintf(stdout, "\t%-10ld\tpage reclaims\n", rusage->ru_minflt);
2467 fprintf(stdout, "\t%-10ld\tpage faults\n", rusage->ru_majflt);
2468 fprintf(stdout, "\t%-10ld\tswaps\n", rusage->ru_nswap);
2469 fprintf(stdout, "\t%-10ld\tblock input operations\n", rusage->ru_inblock);
2470 fprintf(stdout, "\t%-10ld\tblock output operations\n", rusage->ru_oublock);
2471 fprintf(stdout, "\t%-10ld\tmessages sent\n", rusage->ru_msgsnd);
2472 fprintf(stdout, "\t%-10ld\tmessages received\n", rusage->ru_msgrcv);
2473 fprintf(stdout, "\t%-10ld\tsignals received\n", rusage->ru_nsignals);
2474 fprintf(stdout, "\t%-10ld\tvoluntary context switches\n", rusage->ru_nvcsw);
2475 fprintf(stdout, "\t%-10ld\tinvoluntary context switches\n", rusage->ru_nivcsw);
2476 } else {
2477 fprintf(stderr, "%s %s returned unknown response\n", getprogname(), argv[0]);
2478 r = 1;
2479 }
2480
2481 launch_data_free(resp);
2482
2483 return r;
2484 }
2485
2486 bool
2487 launch_data_array_append(launch_data_t a, launch_data_t o)
2488 {
2489 size_t offt = launch_data_array_get_count(a);
2490
2491 return launch_data_array_set_index(a, o, offt);
2492 }
2493
2494 mach_port_t
2495 str2bsport(const char *s)
2496 {
2497 bool getrootbs = strcmp(s, "/") == 0;
2498 mach_port_t last_bport, bport = bootstrap_port;
2499 task_t task = mach_task_self();
2500 kern_return_t result;
2501
2502 if (strcmp(s, "..") == 0 || getrootbs) {
2503 do {
2504 last_bport = bport;
2505 result = bootstrap_parent(last_bport, &bport);
2506
2507 if (result == BOOTSTRAP_NOT_PRIVILEGED) {
2508 fprintf(stderr, "Permission denied\n");
2509 return 1;
2510 } else if (result != BOOTSTRAP_SUCCESS) {
2511 fprintf(stderr, "bootstrap_parent() %d\n", result);
2512 return 1;
2513 }
2514 } while (getrootbs && last_bport != bport);
2515 } else {
2516 int pid = atoi(s);
2517
2518 result = task_for_pid(mach_task_self(), pid, &task);
2519
2520 if (result != KERN_SUCCESS) {
2521 fprintf(stderr, "task_for_pid() %s\n", mach_error_string(result));
2522 return 1;
2523 }
2524
2525 result = task_get_bootstrap_port(task, &bport);
2526
2527 if (result != KERN_SUCCESS) {
2528 fprintf(stderr, "Couldn't get bootstrap port: %s\n", mach_error_string(result));
2529 return 1;
2530 }
2531 }
2532
2533 return bport;
2534 }
2535
2536 int
2537 bsexec_cmd(int argc, char *const argv[])
2538 {
2539 kern_return_t result;
2540 mach_port_t bport;
2541
2542 if (argc < 3) {
2543 fprintf(stderr, "usage: %s bsexec <PID> prog...\n", getprogname());
2544 return 1;
2545 }
2546
2547 bport = str2bsport(argv[1]);
2548
2549 result = task_set_bootstrap_port(mach_task_self(), bport);
2550
2551 if (result != KERN_SUCCESS) {
2552 fprintf(stderr, "Couldn't switch to new bootstrap port: %s\n", mach_error_string(result));
2553 return 1;
2554 }
2555
2556 setgid(getgid());
2557 setuid(getuid());
2558
2559 if (fwexec((const char *const *)argv + 2, true) == -1) {
2560 fprintf(stderr, "%s bsexec failed: %s\n", getprogname(), strerror(errno));
2561 return 1;
2562 }
2563
2564 return 0;
2565 }
2566
2567 int
2568 bslist_cmd(int argc, char *const argv[])
2569 {
2570 kern_return_t result;
2571 mach_port_t bport = bootstrap_port;
2572 name_array_t service_names;
2573 mach_msg_type_number_t service_cnt, service_active_cnt;
2574 bootstrap_status_array_t service_actives;
2575 unsigned int i;
2576
2577 if (argc == 2)
2578 bport = str2bsport(argv[1]);
2579
2580 if (bport == MACH_PORT_NULL) {
2581 fprintf(stderr, "Invalid bootstrap port\n");
2582 return 1;
2583 }
2584
2585 result = bootstrap_info(bport, &service_names, &service_cnt, &service_actives, &service_active_cnt);
2586 if (result != BOOTSTRAP_SUCCESS) {
2587 fprintf(stderr, "bootstrap_info(): %d\n", result);
2588 return 1;
2589 }
2590
2591 #define bport_state(x) (((x) == BOOTSTRAP_STATUS_ACTIVE) ? "A" : ((x) == BOOTSTRAP_STATUS_ON_DEMAND) ? "D" : "I")
2592
2593 for (i = 0; i < service_cnt ; i++)
2594 fprintf(stdout, "%-3s%s\n", bport_state((service_actives[i])), service_names[i]);
2595
2596 return 0;
2597 }
2598
2599 bool
2600 is_legacy_mach_job(launch_data_t obj)
2601 {
2602 bool has_servicename = launch_data_dict_lookup(obj, MACHINIT_JOBKEY_SERVICENAME);
2603 bool has_command = launch_data_dict_lookup(obj, MACHINIT_JOBKEY_COMMAND);
2604 bool has_label = launch_data_dict_lookup(obj, LAUNCH_JOBKEY_LABEL);
2605
2606 return has_command && has_servicename && !has_label;
2607 }
2608
2609 void
2610 _log_launchctl_bug(const char *rcs_rev, const char *path, unsigned int line, const char *test)
2611 {
2612 int saved_errno = errno;
2613 char buf[100];
2614 const char *file = strrchr(path, '/');
2615 char *rcs_rev_tmp = strchr(rcs_rev, ' ');
2616
2617 if (!file) {
2618 file = path;
2619 } else {
2620 file += 1;
2621 }
2622
2623 if (!rcs_rev_tmp) {
2624 strlcpy(buf, rcs_rev, sizeof(buf));
2625 } else {
2626 strlcpy(buf, rcs_rev_tmp + 1, sizeof(buf));
2627 rcs_rev_tmp = strchr(buf, ' ');
2628 if (rcs_rev_tmp)
2629 *rcs_rev_tmp = '\0';
2630 }
2631
2632 fprintf(stderr, "Bug: %s:%u (%s):%u: %s\n", file, line, buf, saved_errno, test);
2633 }
2634
2635 void
2636 loopback_setup_ipv4(void)
2637 {
2638 struct ifaliasreq ifra;
2639 struct ifreq ifr;
2640 int s;
2641
2642 memset(&ifr, 0, sizeof(ifr));
2643 strcpy(ifr.ifr_name, "lo0");
2644
2645 if ((s = socket(AF_INET, SOCK_DGRAM, 0)) == -1)
2646 return;
2647
2648 if (assumes(ioctl(s, SIOCGIFFLAGS, &ifr) != -1)) {
2649 ifr.ifr_flags |= IFF_UP;
2650 assumes(ioctl(s, SIOCSIFFLAGS, &ifr) != -1);
2651 }
2652
2653 memset(&ifra, 0, sizeof(ifra));
2654 strcpy(ifra.ifra_name, "lo0");
2655 ((struct sockaddr_in *)&ifra.ifra_addr)->sin_family = AF_INET;
2656 ((struct sockaddr_in *)&ifra.ifra_addr)->sin_addr.s_addr = htonl(INADDR_LOOPBACK);
2657 ((struct sockaddr_in *)&ifra.ifra_addr)->sin_len = sizeof(struct sockaddr_in);
2658 ((struct sockaddr_in *)&ifra.ifra_mask)->sin_family = AF_INET;
2659 ((struct sockaddr_in *)&ifra.ifra_mask)->sin_addr.s_addr = htonl(IN_CLASSA_NET);
2660 ((struct sockaddr_in *)&ifra.ifra_mask)->sin_len = sizeof(struct sockaddr_in);
2661
2662 assumes(ioctl(s, SIOCAIFADDR, &ifra) != -1);
2663
2664 assumes(close(s) == 0);
2665 }
2666
2667 void
2668 loopback_setup_ipv6(void)
2669 {
2670 struct in6_aliasreq ifra6;
2671 struct ifreq ifr;
2672 int s6;
2673
2674 memset(&ifr, 0, sizeof(ifr));
2675 strcpy(ifr.ifr_name, "lo0");
2676
2677 if ((s6 = socket(AF_INET6, SOCK_DGRAM, 0)) == -1)
2678 return;
2679
2680 memset(&ifr, 0, sizeof(ifr));
2681 strcpy(ifr.ifr_name, "lo0");
2682
2683 if (assumes(ioctl(s6, SIOCGIFFLAGS, &ifr) != -1)) {
2684 ifr.ifr_flags |= IFF_UP;
2685 assumes(ioctl(s6, SIOCSIFFLAGS, &ifr) != -1);
2686 }
2687
2688 memset(&ifra6, 0, sizeof(ifra6));
2689 strcpy(ifra6.ifra_name, "lo0");
2690
2691 ifra6.ifra_addr.sin6_family = AF_INET6;
2692 ifra6.ifra_addr.sin6_addr = in6addr_loopback;
2693 ifra6.ifra_addr.sin6_len = sizeof(struct sockaddr_in6);
2694 ifra6.ifra_prefixmask.sin6_family = AF_INET6;
2695 memset(&ifra6.ifra_prefixmask.sin6_addr, 0xff, sizeof(struct in6_addr));
2696 ifra6.ifra_prefixmask.sin6_len = sizeof(struct sockaddr_in6);
2697 ifra6.ifra_lifetime.ia6t_vltime = ND6_INFINITE_LIFETIME;
2698 ifra6.ifra_lifetime.ia6t_pltime = ND6_INFINITE_LIFETIME;
2699
2700 assumes(ioctl(s6, SIOCAIFADDR_IN6, &ifra6) != -1);
2701
2702 assumes(close(s6) == 0);
2703 }
2704
2705 pid_t
2706 fwexec(const char *const *argv, bool _wait)
2707 {
2708 int wstatus;
2709 pid_t p;
2710
2711 switch ((p = fork())) {
2712 case -1:
2713 break;
2714 case 0:
2715 if (!_wait) {
2716 setsid();
2717 }
2718 execvp(argv[0], (char *const *)argv);
2719 _exit(EXIT_FAILURE);
2720 break;
2721 default:
2722 if (!_wait)
2723 return p;
2724 if (p == waitpid(p, &wstatus, 0)) {
2725 if (WIFEXITED(wstatus) && WEXITSTATUS(wstatus) == EXIT_SUCCESS)
2726 return p;
2727 }
2728 break;
2729 }
2730
2731 return -1;
2732 }
2733
2734 void
2735 do_potential_fsck(void)
2736 {
2737 const char *safe_fsck_tool[] = { "fsck", "-fy", NULL };
2738 const char *fsck_tool[] = { "fsck", "-p", NULL };
2739 const char *remount_tool[] = { "mount", "-uw", "/", NULL };
2740 struct statfs sfs;
2741
2742 if (!assumes(statfs("/", &sfs) != -1)) {
2743 return;
2744 }
2745
2746 if (!(sfs.f_flags & MNT_RDONLY)) {
2747 return;
2748 }
2749
2750 if (!is_safeboot()) {
2751 #if 0
2752 /* We have disabled this block for now. We need to revisit this optimization after Leopard. */
2753 if (sfs.f_flags & MNT_JOURNALED) {
2754 goto out;
2755 }
2756 #endif
2757
2758 if (fwexec(fsck_tool, true) != -1) {
2759 goto out;
2760 }
2761 }
2762
2763 if (fwexec(safe_fsck_tool, true) != -1) {
2764 goto out;
2765 }
2766
2767 fprintf(stderr, "fsck failed! Leaving the root file system read-only...\n");
2768
2769 return;
2770 out:
2771 /*
2772 * Once this is fixed:
2773 *
2774 * <rdar://problem/3948774> Mount flag updates should be possible with NULL as the forth argument to mount()
2775 *
2776 * We can then do this one system call instead of calling out a full blown process.
2777 *
2778 * assumes(mount(sfs.f_fstypename, "/", MNT_UPDATE, NULL) != -1);
2779 */
2780
2781 assumes(fwexec(remount_tool, true) != -1);
2782 }
2783
2784 bool
2785 path_check(const char *path)
2786 {
2787 struct stat sb;
2788
2789 if (stat(path, &sb) == 0)
2790 return true;
2791 return false;
2792 }
2793
2794 bool
2795 is_safeboot(void)
2796 {
2797 int sbmib[] = { CTL_KERN, KERN_SAFEBOOT };
2798 uint32_t sb = 0;
2799 size_t sbsz = sizeof(sb);
2800
2801 if (!assumes(sysctl(sbmib, 2, &sb, &sbsz, NULL, 0) == 0))
2802 return false;
2803
2804 return (bool)sb;
2805 }
2806
2807 bool
2808 is_netboot(void)
2809 {
2810 int nbmib[] = { CTL_KERN, KERN_NETBOOT };
2811 uint32_t nb = 0;
2812 size_t nbsz = sizeof(nb);
2813
2814 if (!assumes(sysctl(nbmib, 2, &nb, &nbsz, NULL, 0) == 0))
2815 return false;
2816
2817 return (bool)nb;
2818 }
2819
2820 void
2821 empty_dir(const char *thedir, struct stat *psb)
2822 {
2823 struct dirent *de;
2824 struct stat psb2;
2825 DIR *od;
2826 int currend_dir_fd;
2827
2828 if (!psb) {
2829 psb = &psb2;
2830 if (!assumes(lstat(thedir, psb) != -1)) {
2831 return;
2832 }
2833 }
2834
2835 if (!assumes((currend_dir_fd = open(".", 0)) != -1)) {
2836 return;
2837 }
2838
2839 if (!assumes(chdir(thedir) != -1)) {
2840 goto out;
2841 }
2842
2843 if (!assumes(od = opendir("."))) {
2844 goto out;
2845 }
2846
2847 while ((de = readdir(od))) {
2848 struct stat sb;
2849
2850 if (strcmp(de->d_name, ".") == 0) {
2851 continue;
2852 }
2853
2854 if (strcmp(de->d_name, "..") == 0) {
2855 continue;
2856 }
2857
2858 if (!assumes(lstat(de->d_name, &sb) != -1)) {
2859 continue;
2860 }
2861
2862 if (psb->st_dev != sb.st_dev) {
2863 assumes(unmount(de->d_name, MNT_FORCE) != -1);
2864
2865 /* Let's lstat() again to see if the unmount() worked and what was under it */
2866 if (!assumes(lstat(de->d_name, &sb) != -1)) {
2867 continue;
2868 }
2869
2870 if (!assumes(psb->st_dev == sb.st_dev)) {
2871 continue;
2872 }
2873 }
2874
2875 if (S_ISDIR(sb.st_mode)) {
2876 empty_dir(de->d_name, &sb);
2877 }
2878
2879 assumes(lchflags(de->d_name, 0) != -1);
2880 assumes(remove(de->d_name) != -1);
2881 }
2882
2883 assumes(closedir(od) != -1);
2884
2885 out:
2886 assumes(fchdir(currend_dir_fd) != -1);
2887 assumes(close(currend_dir_fd) != -1);
2888 }
2889
2890 int
2891 touch_file(const char *path, mode_t m)
2892 {
2893 int fd = open(path, O_CREAT, m);
2894
2895 if (fd == -1)
2896 return -1;
2897
2898 return close(fd);
2899 }
2900
2901 void
2902 apply_sysctls_from_file(const char *thefile)
2903 {
2904 const char *sysctl_tool[] = { "sysctl", "-w", NULL, NULL };
2905 size_t ln_len = 0;
2906 char *val, *tmpstr;
2907 FILE *sf;
2908
2909 if (!(sf = fopen(thefile, "r")))
2910 return;
2911
2912 while ((val = fgetln(sf, &ln_len))) {
2913 if (ln_len == 0) {
2914 continue;
2915 }
2916 if (!assumes((tmpstr = malloc(ln_len + 1)) != NULL)) {
2917 continue;
2918 }
2919 memcpy(tmpstr, val, ln_len);
2920 tmpstr[ln_len] = 0;
2921 val = tmpstr;
2922
2923 if (val[ln_len - 1] == '\n' || val[ln_len - 1] == '\r') {
2924 val[ln_len - 1] = '\0';
2925 }
2926
2927 while (*val && isspace(*val))
2928 val++;
2929 if (*val == '\0' || *val == '#') {
2930 goto skip_sysctl_tool;
2931 }
2932 sysctl_tool[2] = val;
2933 assumes(fwexec(sysctl_tool, true) != -1);
2934 skip_sysctl_tool:
2935 free(tmpstr);
2936 }
2937
2938 assumes(fclose(sf) == 0);
2939 }
2940
2941 void
2942 do_sysversion_sysctl(void)
2943 {
2944 int mib[] = { CTL_KERN, KERN_OSVERSION };
2945 CFDictionaryRef versdict;
2946 CFStringRef buildvers;
2947 char buf[1024];
2948 size_t bufsz = sizeof(buf);
2949
2950 /* <rdar://problem/4477682> ER: launchd should set kern.osversion very early in boot */
2951
2952 if (sysctl(mib, 2, buf, &bufsz, NULL, 0) == -1) {
2953 fprintf(stderr, "sysctl(): %s\n", strerror(errno));
2954 return;
2955 }
2956
2957 if (buf[0] != '\0') {
2958 return;
2959 }
2960
2961 if (!assumes((versdict = _CFCopySystemVersionDictionary()))) {
2962 return;
2963 }
2964
2965 if (assumes((buildvers = CFDictionaryGetValue(versdict, _kCFSystemVersionBuildVersionKey)))) {
2966 CFStringGetCString(buildvers, buf, sizeof(buf), kCFStringEncodingUTF8);
2967
2968 assumes(sysctl(mib, 2, NULL, 0, buf, strlen(buf) + 1) != -1);
2969 }
2970
2971 CFRelease(versdict);
2972 }
2973
2974 void
2975 do_application_firewall_magic(int sfd, launch_data_t thejob)
2976 {
2977 const char *prog = NULL, *partialprog = NULL;
2978 char *path, *pathtmp, **pathstmp;
2979 char *paths[100];
2980 launch_data_t tmp;
2981
2982 /*
2983 * Sigh...
2984 * <rdar://problem/4684434> setsockopt() with the executable path as the argument
2985 */
2986
2987 if ((tmp = launch_data_dict_lookup(thejob, LAUNCH_JOBKEY_PROGRAM))) {
2988 prog = launch_data_get_string(tmp);
2989 }
2990
2991 if (!prog) {
2992 if ((tmp = launch_data_dict_lookup(thejob, LAUNCH_JOBKEY_PROGRAMARGUMENTS))) {
2993 if ((tmp = launch_data_array_get_index(tmp, 0))) {
2994 if (assumes((partialprog = launch_data_get_string(tmp)) != NULL)) {
2995 if (partialprog[0] == '/') {
2996 prog = partialprog;
2997 }
2998 }
2999 }
3000 }
3001 }
3002
3003 if (!prog) {
3004 pathtmp = path = strdup(getenv("PATH"));
3005
3006 pathstmp = paths;
3007
3008 while ((*pathstmp = strsep(&pathtmp, ":"))) {
3009 if (**pathstmp != '\0') {
3010 pathstmp++;
3011 }
3012 }
3013
3014 free(path);
3015 pathtmp = alloca(MAXPATHLEN);
3016
3017 pathstmp = paths;
3018
3019 for (; *pathstmp; pathstmp++) {
3020 snprintf(pathtmp, MAXPATHLEN, "%s/%s", *pathstmp, partialprog);
3021 if (path_check(pathtmp)) {
3022 prog = pathtmp;
3023 break;
3024 }
3025 }
3026 }
3027
3028 if (assumes(prog != NULL)) {
3029 /* The networking team has asked us to ignore the failure of this API if errno == ENOPROTOOPT */
3030 assumes(setsockopt(sfd, SOL_SOCKET, SO_EXECPATH, prog, strlen(prog) + 1) != -1 || errno == ENOPROTOOPT);
3031 }
3032 }
3033
3034
3035 void
3036 preheat_page_cache_hack(void)
3037 {
3038 struct dirent *de;
3039 DIR *thedir;
3040
3041 /* Disable this hack for now */
3042 return;
3043
3044 if ((thedir = opendir("/etc/preheat_at_boot")) == NULL) {
3045 return;
3046 }
3047
3048 while ((de = readdir(thedir))) {
3049 struct stat sb;
3050 void *junkbuf;
3051 int fd;
3052
3053 if (de->d_name[0] == '.') {
3054 continue;
3055 }
3056
3057 if ((fd = open(de->d_name, O_RDONLY)) == -1) {
3058 continue;
3059 }
3060
3061 if (fstat(fd, &sb) != -1) {
3062 if ((sb.st_size < 10*1024*1024) && (junkbuf = malloc((size_t)sb.st_size)) != NULL) {
3063 assumes(read(fd, junkbuf, (size_t)sb.st_size) == (ssize_t)sb.st_size);
3064 free(junkbuf);
3065 }
3066 }
3067
3068 close(fd);
3069 }
3070
3071 closedir(thedir);
3072 }
3073
3074
3075 void
3076 do_bootroot_magic(void)
3077 {
3078 const char *kextcache_tool[] = { "kextcache", "-U", "/", NULL };
3079 CFTypeRef bootrootProp;
3080 io_service_t chosen;
3081 int wstatus;
3082 pid_t p;
3083
3084 chosen = IORegistryEntryFromPath(kIOMasterPortDefault, "IODeviceTree:/chosen");
3085
3086 if (!assumes(chosen)) {
3087 return;
3088 }
3089
3090 bootrootProp = IORegistryEntryCreateCFProperty(chosen, CFSTR(kBootRootActiveKey), kCFAllocatorDefault, 0);
3091
3092 IOObjectRelease(chosen);
3093
3094 if (!bootrootProp) {
3095 return;
3096 }
3097
3098 CFRelease(bootrootProp);
3099
3100 if (!assumes((p = fwexec(kextcache_tool, false)) != -1)) {
3101 return;
3102 }
3103
3104 if (!assumes(waitpid(p, &wstatus, 0) != -1)) {
3105 return;
3106 }
3107
3108 if (WIFEXITED(wstatus) && WEXITSTATUS(wstatus) == EX_OSFILE) {
3109 assumes(reboot(RB_AUTOBOOT) != -1);
3110 }
3111 }
mirror of launchd