+ifndef SDKROOT
+export SDKROOT = /
+endif
+
Project = launchd
Extra_Configure_Flags = --sbindir=/sbin --bindir=/bin --sysconfdir=/private/etc
GnuAfterInstall = launchd_after_install
include $(MAKEFILEPATH)/CoreOS/ReleaseControl/GNUSource.make
Install_Flags = DESTDIR=$(DSTROOT)
+ifeq ($(shell tconf --test TARGET_OS_EMBEDDED),YES)
+Extra_Configure_Flags += --host=none-apple-darwin
+endif
+
launchd_after_install::
ifeq ($(RC_ProjectName),launchd_libs)
-find -d $(DSTROOT) -type f | grep -v /usr/local/lib/system | xargs rm
-find -d $(DSTROOT) -type l | grep -v /usr/local/lib/system | xargs rm
-find -d $(DSTROOT) -type d | grep -v /usr/local/lib/system | xargs rmdir
else
+ifeq ($(shell tconf --test TARGET_OS_EMBEDDED),NO)
mkdir -p $(DSTROOT)/Library/StartupItems
chmod 755 $(DSTROOT)/Library/StartupItems
mkdir -p $(DSTROOT)/System/Library/StartupItems
chmod 755 $(DSTROOT)/System/Library/StartupItems
+endif
rm -rf $(DSTROOT)/usr/local/lib/system
cp $(OBJROOT)/src/launchd $(SYMROOT)
cp $(OBJROOT)/src/launchctl $(SYMROOT)
cp $(OBJROOT)/src/launchproxy $(SYMROOT)
- dsymutil $(SYMROOT)/launchd
- dsymutil $(SYMROOT)/launchctl
- dsymutil $(SYMROOT)/launchproxy
+ -dsymutil $(SYMROOT)/launchd
+ -dsymutil $(SYMROOT)/launchctl
+ -dsymutil $(SYMROOT)/launchproxy
endif
launchd_libs:: install
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
+LIBS_SECURITY = @LIBS_SECURITY@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
+WEAKLIBS_SECURITY = @WEAKLIBS_SECURITY@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
[AMDEP_TRUE="$AMDEP_TRUE" ac_aux_dir="$ac_aux_dir"])
])
-# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005
-# Free Software Foundation, Inc.
-#
-# This file is free software; the Free Software Foundation
-# gives unlimited permission to copy and/or distribute it,
-# with or without modifications, as long as this notice is preserved.
-
-# serial 8
-
-# AM_CONFIG_HEADER is obsolete. It has been replaced by AC_CONFIG_HEADERS.
-AU_DEFUN([AM_CONFIG_HEADER], [AC_CONFIG_HEADERS($@)])
-
# Do all the work for Automake. -*- Autoconf -*-
# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
EGREP
ALLOCA
LIBOBJS
+LIBS_SECURITY
+WEAKLIBS_SECURITY
LIBS_ONLY_TRUE
LIBS_ONLY_FALSE
+DO_EMBEDDED_MAGIC_TRUE
+DO_EMBEDDED_MAGIC_FALSE
LTLIBOBJS'
ac_subst_files=''
ac_precious_vars='build_alias
fi
-for ac_header in stdlib.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
- { echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
-if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-ac_res=`eval echo '${'$as_ac_Header'}'`
- { echo "$as_me:$LINENO: result: $ac_res" >&5
-echo "${ECHO_T}$ac_res" >&6; }
-else
- # Is the header compilable?
-{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (ac_try="$ac_compile"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_compile") 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && {
- test -z "$ac_c_werror_flag" ||
- test ! -s conftest.err
- } && test -s conftest.$ac_objext; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_compiler=no
-fi
-
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6; }
-
-# Is the header present?
-{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (ac_try="$ac_cpp conftest.$ac_ext"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null && {
- test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
- test ! -s conftest.err
- }; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-
-rm -f conftest.err conftest.$ac_ext
-{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6; }
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- ( cat <<\_ASBOX
-## -------------------------------------------------- ##
-## Report this to launchd-bug-reports@group.apple.com ##
-## -------------------------------------------------- ##
-_ASBOX
- ) | sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-{ echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
-if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-ac_res=`eval echo '${'$as_ac_Header'}'`
- { echo "$as_me:$LINENO: result: $ac_res" >&5
-echo "${ECHO_T}$ac_res" >&6; }
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-{ echo "$as_me:$LINENO: checking for GNU libc compatible malloc" >&5
-echo $ECHO_N "checking for GNU libc compatible malloc... $ECHO_C" >&6; }
-if test "${ac_cv_func_malloc_0_nonnull+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test "$cross_compiling" = yes; then
- ac_cv_func_malloc_0_nonnull=no
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#if defined STDC_HEADERS || defined HAVE_STDLIB_H
-# include <stdlib.h>
-#else
-char *malloc ();
-#endif
-
-int
-main ()
-{
-return ! malloc (0);
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest$ac_exeext
-if { (ac_try="$ac_link"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_link") 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_try") 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_func_malloc_0_nonnull=yes
-else
- echo "$as_me: program exited with status $ac_status" >&5
-echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-( exit $ac_status )
-ac_cv_func_malloc_0_nonnull=no
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
-fi
-
-
-fi
-{ echo "$as_me:$LINENO: result: $ac_cv_func_malloc_0_nonnull" >&5
-echo "${ECHO_T}$ac_cv_func_malloc_0_nonnull" >&6; }
-if test $ac_cv_func_malloc_0_nonnull = yes; then
-
-cat >>confdefs.h <<\_ACEOF
-#define HAVE_MALLOC 1
-_ACEOF
-
-else
- cat >>confdefs.h <<\_ACEOF
-#define HAVE_MALLOC 0
-_ACEOF
-
- case " $LIBOBJS " in
- *" malloc.$ac_objext "* ) ;;
- *) LIBOBJS="$LIBOBJS malloc.$ac_objext"
- ;;
-esac
-
-
-cat >>confdefs.h <<\_ACEOF
-#define malloc rpl_malloc
-_ACEOF
-
-fi
-
-
-
-
-for ac_header in stdlib.h unistd.h
+for ac_header in sys/select.h sys/socket.h
do
as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
done
-
-for ac_func in getpagesize
-do
-as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
-{ echo "$as_me:$LINENO: checking for $ac_func" >&5
-echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; }
-if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then
+{ echo "$as_me:$LINENO: checking types of arguments for select" >&5
+echo $ECHO_N "checking types of arguments for select... $ECHO_C" >&6; }
+if test "${ac_cv_func_select_args+set}" = set; then
echo $ECHO_N "(cached) $ECHO_C" >&6
else
- cat >conftest.$ac_ext <<_ACEOF
+ for ac_arg234 in 'fd_set *' 'int *' 'void *'; do
+ for ac_arg1 in 'int' 'size_t' 'unsigned long int' 'unsigned int'; do
+ for ac_arg5 in 'struct timeval *' 'const struct timeval *'; do
+ cat >conftest.$ac_ext <<_ACEOF
/* confdefs.h. */
_ACEOF
cat confdefs.h >>conftest.$ac_ext
cat >>conftest.$ac_ext <<_ACEOF
/* end confdefs.h. */
-/* Define $ac_func to an innocuous variant, in case <limits.h> declares $ac_func.
- For example, HP-UX 11i <limits.h> declares gettimeofday. */
-#define $ac_func innocuous_$ac_func
-
-/* System header to define __stub macros and hopefully few prototypes,
- which can conflict with char $ac_func (); below.
- Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
- <limits.h> exists even on freestanding compilers. */
-
-#ifdef __STDC__
-# include <limits.h>
-#else
-# include <assert.h>
+$ac_includes_default
+#ifdef HAVE_SYS_SELECT_H
+# include <sys/select.h>
#endif
-
-#undef $ac_func
-
-/* Override any GCC internal prototype to avoid an error.
- Use char because int might match the return type of a GCC
- builtin and then its argument prototype would still apply. */
-#ifdef __cplusplus
-extern "C"
-#endif
-char $ac_func ();
-/* The GNU C library defines this for functions which it implements
- to always fail with ENOSYS. Some functions are actually named
- something starting with __ and the normal name is an alias. */
-#if defined __stub_$ac_func || defined __stub___$ac_func
-choke me
-#endif
-
-int
-main ()
-{
-return $ac_func ();
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest.$ac_objext conftest$ac_exeext
-if { (ac_try="$ac_link"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_link") 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && {
- test -z "$ac_c_werror_flag" ||
- test ! -s conftest.err
- } && test -s conftest$ac_exeext &&
- $as_test_x conftest$ac_exeext; then
- eval "$as_ac_var=yes"
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- eval "$as_ac_var=no"
-fi
-
-rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
- conftest$ac_exeext conftest.$ac_ext
-fi
-ac_res=`eval echo '${'$as_ac_var'}'`
- { echo "$as_me:$LINENO: result: $ac_res" >&5
-echo "${ECHO_T}$ac_res" >&6; }
-if test `eval echo '${'$as_ac_var'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-done
-
-{ echo "$as_me:$LINENO: checking for working mmap" >&5
-echo $ECHO_N "checking for working mmap... $ECHO_C" >&6; }
-if test "${ac_cv_func_mmap_fixed_mapped+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test "$cross_compiling" = yes; then
- ac_cv_func_mmap_fixed_mapped=no
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-/* malloc might have been renamed as rpl_malloc. */
-#undef malloc
-
-/* Thanks to Mike Haertel and Jim Avera for this test.
- Here is a matrix of mmap possibilities:
- mmap private not fixed
- mmap private fixed at somewhere currently unmapped
- mmap private fixed at somewhere already mapped
- mmap shared not fixed
- mmap shared fixed at somewhere currently unmapped
- mmap shared fixed at somewhere already mapped
- For private mappings, we should verify that changes cannot be read()
- back from the file, nor mmap's back from the file at a different
- address. (There have been systems where private was not correctly
- implemented like the infamous i386 svr4.0, and systems where the
- VM page cache was not coherent with the file system buffer cache
- like early versions of FreeBSD and possibly contemporary NetBSD.)
- For shared mappings, we should conversely verify that changes get
- propagated back to all the places they're supposed to be.
-
- Grep wants private fixed already mapped.
- The main things grep needs to know about mmap are:
- * does it exist and is it safe to write into the mmap'd area
- * how to use it (BSD variants) */
-
-#include <fcntl.h>
-#include <sys/mman.h>
-
-#if !defined STDC_HEADERS && !defined HAVE_STDLIB_H
-char *malloc ();
-#endif
-
-/* This mess was copied from the GNU getpagesize.h. */
-#ifndef HAVE_GETPAGESIZE
-/* Assume that all systems that can run configure have sys/param.h. */
-# ifndef HAVE_SYS_PARAM_H
-# define HAVE_SYS_PARAM_H 1
-# endif
-
-# ifdef _SC_PAGESIZE
-# define getpagesize() sysconf(_SC_PAGESIZE)
-# else /* no _SC_PAGESIZE */
-# ifdef HAVE_SYS_PARAM_H
-# include <sys/param.h>
-# ifdef EXEC_PAGESIZE
-# define getpagesize() EXEC_PAGESIZE
-# else /* no EXEC_PAGESIZE */
-# ifdef NBPG
-# define getpagesize() NBPG * CLSIZE
-# ifndef CLSIZE
-# define CLSIZE 1
-# endif /* no CLSIZE */
-# else /* no NBPG */
-# ifdef NBPC
-# define getpagesize() NBPC
-# else /* no NBPC */
-# ifdef PAGESIZE
-# define getpagesize() PAGESIZE
-# endif /* PAGESIZE */
-# endif /* no NBPC */
-# endif /* no NBPG */
-# endif /* no EXEC_PAGESIZE */
-# else /* no HAVE_SYS_PARAM_H */
-# define getpagesize() 8192 /* punt totally */
-# endif /* no HAVE_SYS_PARAM_H */
-# endif /* no _SC_PAGESIZE */
-
-#endif /* no HAVE_GETPAGESIZE */
-
-int
-main ()
-{
- char *data, *data2, *data3;
- int i, pagesize;
- int fd;
-
- pagesize = getpagesize ();
-
- /* First, make a file with some known garbage in it. */
- data = (char *) malloc (pagesize);
- if (!data)
- return 1;
- for (i = 0; i < pagesize; ++i)
- *(data + i) = rand ();
- umask (0);
- fd = creat ("conftest.mmap", 0600);
- if (fd < 0)
- return 1;
- if (write (fd, data, pagesize) != pagesize)
- return 1;
- close (fd);
-
- /* Next, try to mmap the file at a fixed address which already has
- something else allocated at it. If we can, also make sure that
- we see the same garbage. */
- fd = open ("conftest.mmap", O_RDWR);
- if (fd < 0)
- return 1;
- data2 = (char *) malloc (2 * pagesize);
- if (!data2)
- return 1;
- data2 += (pagesize - ((long int) data2 & (pagesize - 1))) & (pagesize - 1);
- if (data2 != mmap (data2, pagesize, PROT_READ | PROT_WRITE,
- MAP_PRIVATE | MAP_FIXED, fd, 0L))
- return 1;
- for (i = 0; i < pagesize; ++i)
- if (*(data + i) != *(data2 + i))
- return 1;
-
- /* Finally, make sure that changes to the mapped area do not
- percolate back to the file as seen by read(). (This is a bug on
- some variants of i386 svr4.0.) */
- for (i = 0; i < pagesize; ++i)
- *(data2 + i) = *(data2 + i) + 1;
- data3 = (char *) malloc (pagesize);
- if (!data3)
- return 1;
- if (read (fd, data3, pagesize) != pagesize)
- return 1;
- for (i = 0; i < pagesize; ++i)
- if (*(data + i) != *(data3 + i))
- return 1;
- close (fd);
- return 0;
-}
-_ACEOF
-rm -f conftest$ac_exeext
-if { (ac_try="$ac_link"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_link") 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_try") 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_func_mmap_fixed_mapped=yes
-else
- echo "$as_me: program exited with status $ac_status" >&5
-echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-( exit $ac_status )
-ac_cv_func_mmap_fixed_mapped=no
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
-fi
-
-
-fi
-{ echo "$as_me:$LINENO: result: $ac_cv_func_mmap_fixed_mapped" >&5
-echo "${ECHO_T}$ac_cv_func_mmap_fixed_mapped" >&6; }
-if test $ac_cv_func_mmap_fixed_mapped = yes; then
-
-cat >>confdefs.h <<\_ACEOF
-#define HAVE_MMAP 1
-_ACEOF
-
-fi
-rm -f conftest.mmap
-
-
-for ac_header in stdlib.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
- { echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
-if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-ac_res=`eval echo '${'$as_ac_Header'}'`
- { echo "$as_me:$LINENO: result: $ac_res" >&5
-echo "${ECHO_T}$ac_res" >&6; }
-else
- # Is the header compilable?
-{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (ac_try="$ac_compile"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_compile") 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && {
- test -z "$ac_c_werror_flag" ||
- test ! -s conftest.err
- } && test -s conftest.$ac_objext; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_compiler=no
-fi
-
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6; }
-
-# Is the header present?
-{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (ac_try="$ac_cpp conftest.$ac_ext"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null && {
- test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
- test ! -s conftest.err
- }; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-
-rm -f conftest.err conftest.$ac_ext
-{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6; }
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- ( cat <<\_ASBOX
-## -------------------------------------------------- ##
-## Report this to launchd-bug-reports@group.apple.com ##
-## -------------------------------------------------- ##
-_ASBOX
- ) | sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-{ echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
-if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-ac_res=`eval echo '${'$as_ac_Header'}'`
- { echo "$as_me:$LINENO: result: $ac_res" >&5
-echo "${ECHO_T}$ac_res" >&6; }
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-{ echo "$as_me:$LINENO: checking for GNU libc compatible realloc" >&5
-echo $ECHO_N "checking for GNU libc compatible realloc... $ECHO_C" >&6; }
-if test "${ac_cv_func_realloc_0_nonnull+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- if test "$cross_compiling" = yes; then
- ac_cv_func_realloc_0_nonnull=no
-else
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#if defined STDC_HEADERS || defined HAVE_STDLIB_H
-# include <stdlib.h>
-#else
-char *realloc ();
-#endif
-
-int
-main ()
-{
-return ! realloc (0, 0);
- ;
- return 0;
-}
-_ACEOF
-rm -f conftest$ac_exeext
-if { (ac_try="$ac_link"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_link") 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && { ac_try='./conftest$ac_exeext'
- { (case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_try") 2>&5
- ac_status=$?
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); }; }; then
- ac_cv_func_realloc_0_nonnull=yes
-else
- echo "$as_me: program exited with status $ac_status" >&5
-echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
-( exit $ac_status )
-ac_cv_func_realloc_0_nonnull=no
-fi
-rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext
-fi
-
-
-fi
-{ echo "$as_me:$LINENO: result: $ac_cv_func_realloc_0_nonnull" >&5
-echo "${ECHO_T}$ac_cv_func_realloc_0_nonnull" >&6; }
-if test $ac_cv_func_realloc_0_nonnull = yes; then
-
-cat >>confdefs.h <<\_ACEOF
-#define HAVE_REALLOC 1
-_ACEOF
-
-else
- cat >>confdefs.h <<\_ACEOF
-#define HAVE_REALLOC 0
-_ACEOF
-
- case " $LIBOBJS " in
- *" realloc.$ac_objext "* ) ;;
- *) LIBOBJS="$LIBOBJS realloc.$ac_objext"
- ;;
-esac
-
-
-cat >>confdefs.h <<\_ACEOF
-#define realloc rpl_realloc
-_ACEOF
-
-fi
-
-
-
-
-
-for ac_header in sys/select.h sys/socket.h
-do
-as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh`
-if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
- { echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
-if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-fi
-ac_res=`eval echo '${'$as_ac_Header'}'`
- { echo "$as_me:$LINENO: result: $ac_res" >&5
-echo "${ECHO_T}$ac_res" >&6; }
-else
- # Is the header compilable?
-{ echo "$as_me:$LINENO: checking $ac_header usability" >&5
-echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; }
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#include <$ac_header>
-_ACEOF
-rm -f conftest.$ac_objext
-if { (ac_try="$ac_compile"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_compile") 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } && {
- test -z "$ac_c_werror_flag" ||
- test ! -s conftest.err
- } && test -s conftest.$ac_objext; then
- ac_header_compiler=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_compiler=no
-fi
-
-rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
-{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5
-echo "${ECHO_T}$ac_header_compiler" >&6; }
-
-# Is the header present?
-{ echo "$as_me:$LINENO: checking $ac_header presence" >&5
-echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; }
-cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-#include <$ac_header>
-_ACEOF
-if { (ac_try="$ac_cpp conftest.$ac_ext"
-case "(($ac_try" in
- *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
- *) ac_try_echo=$ac_try;;
-esac
-eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
- (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1
- ac_status=$?
- grep -v '^ *+' conftest.er1 >conftest.err
- rm -f conftest.er1
- cat conftest.err >&5
- echo "$as_me:$LINENO: \$? = $ac_status" >&5
- (exit $ac_status); } >/dev/null && {
- test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
- test ! -s conftest.err
- }; then
- ac_header_preproc=yes
-else
- echo "$as_me: failed program was:" >&5
-sed 's/^/| /' conftest.$ac_ext >&5
-
- ac_header_preproc=no
-fi
-
-rm -f conftest.err conftest.$ac_ext
-{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5
-echo "${ECHO_T}$ac_header_preproc" >&6; }
-
-# So? What about this header?
-case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in
- yes:no: )
- { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5
-echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;}
- ac_header_preproc=yes
- ;;
- no:yes:* )
- { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5
-echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5
-echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5
-echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5
-echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5
-echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;}
- { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5
-echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;}
- ( cat <<\_ASBOX
-## -------------------------------------------------- ##
-## Report this to launchd-bug-reports@group.apple.com ##
-## -------------------------------------------------- ##
-_ASBOX
- ) | sed "s/^/$as_me: WARNING: /" >&2
- ;;
-esac
-{ echo "$as_me:$LINENO: checking for $ac_header" >&5
-echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; }
-if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- eval "$as_ac_Header=\$ac_header_preproc"
-fi
-ac_res=`eval echo '${'$as_ac_Header'}'`
- { echo "$as_me:$LINENO: result: $ac_res" >&5
-echo "${ECHO_T}$ac_res" >&6; }
-
-fi
-if test `eval echo '${'$as_ac_Header'}'` = yes; then
- cat >>confdefs.h <<_ACEOF
-#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1
-_ACEOF
-
-fi
-
-done
-
-{ echo "$as_me:$LINENO: checking types of arguments for select" >&5
-echo $ECHO_N "checking types of arguments for select... $ECHO_C" >&6; }
-if test "${ac_cv_func_select_args+set}" = set; then
- echo $ECHO_N "(cached) $ECHO_C" >&6
-else
- for ac_arg234 in 'fd_set *' 'int *' 'void *'; do
- for ac_arg1 in 'int' 'size_t' 'unsigned long int' 'unsigned int'; do
- for ac_arg5 in 'struct timeval *' 'const struct timeval *'; do
- cat >conftest.$ac_ext <<_ACEOF
-/* confdefs.h. */
-_ACEOF
-cat confdefs.h >>conftest.$ac_ext
-cat >>conftest.$ac_ext <<_ACEOF
-/* end confdefs.h. */
-$ac_includes_default
-#ifdef HAVE_SYS_SELECT_H
-# include <sys/select.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-# include <sys/socket.h>
+#ifdef HAVE_SYS_SOCKET_H
+# include <sys/socket.h>
#endif
int
-for ac_func in atexit dup2 gethostname gettimeofday memmove memset mkdir munmap rmdir select setenv socket strcasecmp strchr strdup strerror strrchr strstr strtol
+
+
+
+for ac_func in atexit dup2 gethostname gettimeofday malloc mmap memmove memset mkdir munmap realloc rmdir select setenv socket strcasecmp strchr strdup strerror strrchr strstr strtol
do
as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh`
{ echo "$as_me:$LINENO: checking for $ac_func" >&5
done
+# check for a Security framework that includes session support
+ac_func_search_save_LIBS=$LIBS
+LIBS="-framework Security $ac_func_search_save_LIBS"
+{ echo "$as_me:$LINENO: checking for SessionCreate" >&5
+echo $ECHO_N "checking for SessionCreate... $ECHO_C" >&6; }
+if test "${ac_cv_func_SessionCreate+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+/* Define SessionCreate to an innocuous variant, in case <limits.h> declares SessionCreate.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define SessionCreate innocuous_SessionCreate
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char SessionCreate (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef SessionCreate
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char SessionCreate ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_SessionCreate || defined __stub___SessionCreate
+choke me
+#endif
+
+int
+main ()
+{
+return SessionCreate ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_func_SessionCreate=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_func_SessionCreate=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_func_SessionCreate" >&5
+echo "${ECHO_T}$ac_cv_func_SessionCreate" >&6; }
+if test $ac_cv_func_SessionCreate = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_SECURITY 1
+_ACEOF
+
+ LIBS_SECURITY="-framework Security"
+
+ WEAKLIBS_SECURITY="-weak_framework Security"
+
+fi
+
+LIBS=$ac_func_search_save_LIBS
+
+# check for seatbelt
+{ echo "$as_me:$LINENO: checking for sandbox_init" >&5
+echo $ECHO_N "checking for sandbox_init... $ECHO_C" >&6; }
+if test "${ac_cv_func_sandbox_init+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+/* Define sandbox_init to an innocuous variant, in case <limits.h> declares sandbox_init.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define sandbox_init innocuous_sandbox_init
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char sandbox_init (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef sandbox_init
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char sandbox_init ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub_sandbox_init || defined __stub___sandbox_init
+choke me
+#endif
+
+int
+main ()
+{
+return sandbox_init ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_func_sandbox_init=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_func_sandbox_init=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_func_sandbox_init" >&5
+echo "${ECHO_T}$ac_cv_func_sandbox_init" >&6; }
+if test $ac_cv_func_sandbox_init = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_SANDBOX 1
+_ACEOF
+
+fi
+
+
+# check for quarantine
+{ echo "$as_me:$LINENO: checking for _qtn_proc_init_with_data" >&5
+echo $ECHO_N "checking for _qtn_proc_init_with_data... $ECHO_C" >&6; }
+if test "${ac_cv_func__qtn_proc_init_with_data+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+/* Define _qtn_proc_init_with_data to an innocuous variant, in case <limits.h> declares _qtn_proc_init_with_data.
+ For example, HP-UX 11i <limits.h> declares gettimeofday. */
+#define _qtn_proc_init_with_data innocuous__qtn_proc_init_with_data
+
+/* System header to define __stub macros and hopefully few prototypes,
+ which can conflict with char _qtn_proc_init_with_data (); below.
+ Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+ <limits.h> exists even on freestanding compilers. */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef _qtn_proc_init_with_data
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char _qtn_proc_init_with_data ();
+/* The GNU C library defines this for functions which it implements
+ to always fail with ENOSYS. Some functions are actually named
+ something starting with __ and the normal name is an alias. */
+#if defined __stub__qtn_proc_init_with_data || defined __stub____qtn_proc_init_with_data
+choke me
+#endif
+
+int
+main ()
+{
+return _qtn_proc_init_with_data ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (ac_try="$ac_link"
+case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+esac
+eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_func__qtn_proc_init_with_data=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_func__qtn_proc_init_with_data=no
+fi
+
+rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+fi
+{ echo "$as_me:$LINENO: result: $ac_cv_func__qtn_proc_init_with_data" >&5
+echo "${ECHO_T}$ac_cv_func__qtn_proc_init_with_data" >&6; }
+if test $ac_cv_func__qtn_proc_init_with_data = yes; then
+
+cat >>confdefs.h <<\_ACEOF
+#define HAVE_QUARANTINE 1
+_ACEOF
+
+fi
+
+
ac_config_files="$ac_config_files Makefile src/Makefile"
LIBS_ONLY_FALSE=
fi
+ if test $(tconf --test TARGET_OS_EMBEDDED) = YES; then
+ DO_EMBEDDED_MAGIC_TRUE=
+ DO_EMBEDDED_MAGIC_FALSE='#'
+else
+ DO_EMBEDDED_MAGIC_TRUE='#'
+ DO_EMBEDDED_MAGIC_FALSE=
+fi
+
+
cat >confcache <<\_ACEOF
# This file is a shell script that caches the results of configure
Usually this means the macro was only invoked conditionally." >&2;}
{ (exit 1); exit 1; }; }
fi
+if test -z "${DO_EMBEDDED_MAGIC_TRUE}" && test -z "${DO_EMBEDDED_MAGIC_FALSE}"; then
+ { { echo "$as_me:$LINENO: error: conditional \"DO_EMBEDDED_MAGIC\" was never defined.
+Usually this means the macro was only invoked conditionally." >&5
+echo "$as_me: error: conditional \"DO_EMBEDDED_MAGIC\" was never defined.
+Usually this means the macro was only invoked conditionally." >&2;}
+ { (exit 1); exit 1; }; }
+fi
: ${CONFIG_STATUS=./config.status}
ac_clean_files_save=$ac_clean_files
EGREP!$EGREP$ac_delim
ALLOCA!$ALLOCA$ac_delim
LIBOBJS!$LIBOBJS$ac_delim
+LIBS_SECURITY!$LIBS_SECURITY$ac_delim
+WEAKLIBS_SECURITY!$WEAKLIBS_SECURITY$ac_delim
LIBS_ONLY_TRUE!$LIBS_ONLY_TRUE$ac_delim
LIBS_ONLY_FALSE!$LIBS_ONLY_FALSE$ac_delim
+DO_EMBEDDED_MAGIC_TRUE!$DO_EMBEDDED_MAGIC_TRUE$ac_delim
+DO_EMBEDDED_MAGIC_FALSE!$DO_EMBEDDED_MAGIC_FALSE$ac_delim
LTLIBOBJS!$LTLIBOBJS$ac_delim
_ACEOF
- if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 84; then
+ if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 88; then
break
elif $ac_last_try; then
{ { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
# -*- Autoconf -*-
# Process this file with autoconf to produce a configure script.
-AC_PREREQ(2.59)
+AC_PREREQ(2.61)
AC_INIT([launchd],[1.0],[launchd-bug-reports@group.apple.com])
AC_CONFIG_SRCDIR([src/launchd.c])
AM_INIT_AUTOMAKE
-AM_CONFIG_HEADER([src/config.h])
+AC_CONFIG_HEADERS([src/config.h])
# Checks for programs.
AC_PROG_CC
AC_PROG_GCC_TRADITIONAL
AC_FUNC_LSTAT
AC_FUNC_LSTAT_FOLLOWS_SLASHED_SYMLINK
-AC_FUNC_MALLOC
AC_FUNC_MKTIME
-AC_FUNC_MMAP
-AC_FUNC_REALLOC
AC_FUNC_SELECT_ARGTYPES
AC_TYPE_SIGNAL
AC_FUNC_STAT
-AC_CHECK_FUNCS([atexit dup2 gethostname gettimeofday memmove memset mkdir munmap rmdir select setenv socket strcasecmp strchr strdup strerror strrchr strstr strtol])
+AC_CHECK_FUNCS([atexit dup2 gethostname gettimeofday malloc mmap memmove memset mkdir munmap realloc rmdir select setenv socket strcasecmp strchr strdup strerror strrchr strstr strtol])
+
+# check for a Security framework that includes session support
+ac_func_search_save_LIBS=$LIBS
+LIBS="-framework Security $ac_func_search_save_LIBS"
+AC_CHECK_FUNC([SessionCreate],
+ [AC_DEFINE(HAVE_SECURITY, 1, [Define to 1 if you have the Security framework])
+ AC_SUBST(LIBS_SECURITY,"-framework Security")
+ AC_SUBST(WEAKLIBS_SECURITY,"-weak_framework Security")])
+LIBS=$ac_func_search_save_LIBS
+
+# check for seatbelt
+AC_CHECK_FUNC([sandbox_init],[AC_DEFINE(HAVE_SANDBOX, 1, [Define to 1 if you have the sandbox library])])
+
+# check for quarantine
+AC_CHECK_FUNC([_qtn_proc_init_with_data],[AC_DEFINE(HAVE_QUARANTINE, 1, [Define to 1 if you have the quarantine library])])
AC_CONFIG_FILES([Makefile
src/Makefile])
AM_CONDITIONAL(LIBS_ONLY, test "$RC_ProjectName" = launchd_libs)
+AM_CONDITIONAL(DO_EMBEDDED_MAGIC, test $(tconf --test TARGET_OS_EMBEDDED) = YES)
+
AC_OUTPUT
-AM_CFLAGS = -no-cpp-precomp -F/System/Library/PrivateFrameworks -Wall -Wextra -Waggregate-return -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror -D__MigTypeCheck=1 -fvisibility=hidden -Dmig_external=__private_extern__
+AM_CFLAGS = -no-cpp-precomp -isysroot $(SDKROOT) -F$(SDKROOT)/System/Library/PrivateFrameworks -Wall -Wextra -Waggregate-return -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror -D__MigTypeCheck=1 -fvisibility=hidden -Dmig_external=__private_extern__
+
+AM_LDFLAGS = -Wl,-syslibroot,$(SDKROOT)
CLEANFILES = protocol_vproc.h protocol_vprocServer.c protocol_vprocUser.c protocol_vprocServer.h \
launchd_internal.h launchd_internalServer.h launchd_internalServer.c launchd_internalUser.c \
else
bin_PROGRAMS = launchctl wait4path
+if DO_EMBEDDED_MAGIC
+sbin_PROGRAMS = launchd
+else
sbin_PROGRAMS = launchd SystemStarter
+endif
libexec_PROGRAMS = launchproxy
sysconf_DATA = hostconfig rc.common rc.netboot
-launchctl_CFLAGS = $(AM_CFLAGS) -I/System/Library/Frameworks/System.framework/PrivateHeaders
-launchctl_LDFLAGS = -framework CoreFoundation -framework IOKit -framework Security -weak_library /usr/lib/libedit.dylib
+launchctl_CFLAGS = $(AM_CFLAGS) -I$(SDKROOT)/System/Library/Frameworks/System.framework/PrivateHeaders
+launchctl_LDFLAGS = $(AM_LDFLAGS) -framework CoreFoundation -framework IOKit $(LIBS_SECURITY) -weak_library /usr/lib/libedit.dylib
+if DO_EMBEDDED_MAGIC
+else
SystemStarter_CFLAGS = -mdynamic-no-pic $(AM_CFLAGS)
-SystemStarter_LDFLAGS = -framework CoreFoundation -framework IOKit
+SystemStarter_LDFLAGS = $(AM_LDFLAGS) -framework CoreFoundation -framework IOKit
SystemStarter_SOURCES = StartupItems.c IPC.c SystemStarter.c
+endif
launchd_CFLAGS = -mdynamic-no-pic $(AM_CFLAGS) -Wno-unused-parameter
-launchd_LDFLAGS = -lbsm
+launchd_LDFLAGS = $(AM_LDFLAGS) -lbsm
launchd_SOURCES = launchd.c launchd_core_logic.c launchd_unix_ipc.c protocol_vprocServer.c notifyServer.c launchd_internalUser.c launchd_internalServer.c job_replyUser.c launchd_runtime.c launchd_runtime_kill.c mach_excServer.c
launchd_runtime.c:: notifyServer.h launchd_internal.h mach_excServer.h
launchd_core_logic.c:: protocol_vproc.h job_reply.h protocol_vprocServer.h
-launchproxy_LDFLAGS = -weak_framework Security
+launchproxy_LDFLAGS = $(AM_LDFLAGS) $(WEAKLIBS_SECURITY)
notifyServer.c notifyServer.h: /usr/include/mach/notify.defs
mig $(MIGFLAGS) -header /dev/null -user /dev/null -sheader notifyServer.h /usr/include/mach/notify.defs
man5_MANS = launchd.plist.5 launchd.conf.5
+if DO_EMBEDDED_MAGIC
+man8_MANS = launchd.8 launchproxy.8
+else
man8_MANS = StartupItemContext.8 SystemStarter.8 rc.8 launchd.8 launchproxy.8
+endif
install-data-hook:
mkdir -p $(DESTDIR)/usr/libexec
mkdir -p $(DESTDIR)/Library/LaunchAgents
mkdir -p $(DESTDIR)/System/Library/LaunchAgents
mkdir -p $(DESTDIR)/System/Library/LaunchDaemons
- cp $(srcdir)/StartupItemContext $(DESTDIR)/usr/libexec
cp $(srcdir)/liblaunch_public.h $(DESTDIR)/usr/include/launch.h
cp $(srcdir)/libvproc_public.h $(DESTDIR)/usr/include/vproc.h
cp $(srcdir)/libbootstrap_public.h $(DESTDIR)/usr/include/servers/bootstrap.h
cp $(srcdir)/liblaunch_private.h $(DESTDIR)/usr/local/include/launch_priv.h
cp $(srcdir)/libvproc_private.h $(DESTDIR)/usr/local/include/vproc_priv.h
cp $(srcdir)/reboot2.h $(DESTDIR)/usr/local/include/reboot2.h
+if DO_EMBEDDED_MAGIC
+else
+ cp $(srcdir)/StartupItemContext $(DESTDIR)/usr/libexec
cp $(srcdir)/com.apple.SystemStarter.plist $(DESTDIR)/System/Library/LaunchDaemons
+endif
endif
PRE_UNINSTALL = :
POST_UNINSTALL = :
@LIBS_ONLY_FALSE@bin_PROGRAMS = launchctl$(EXEEXT) wait4path$(EXEEXT)
-@LIBS_ONLY_FALSE@sbin_PROGRAMS = launchd$(EXEEXT) \
-@LIBS_ONLY_FALSE@ SystemStarter$(EXEEXT)
+@DO_EMBEDDED_MAGIC_FALSE@@LIBS_ONLY_FALSE@sbin_PROGRAMS = \
+@DO_EMBEDDED_MAGIC_FALSE@@LIBS_ONLY_FALSE@ launchd$(EXEEXT) \
+@DO_EMBEDDED_MAGIC_FALSE@@LIBS_ONLY_FALSE@ SystemStarter$(EXEEXT)
+@DO_EMBEDDED_MAGIC_TRUE@@LIBS_ONLY_FALSE@sbin_PROGRAMS = \
+@DO_EMBEDDED_MAGIC_TRUE@@LIBS_ONLY_FALSE@ launchd$(EXEEXT)
@LIBS_ONLY_FALSE@libexec_PROGRAMS = launchproxy$(EXEEXT)
subdir = src
DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \
sbinPROGRAMS_INSTALL = $(INSTALL_PROGRAM)
PROGRAMS = $(bin_PROGRAMS) $(libexec_PROGRAMS) $(sbin_PROGRAMS)
am__SystemStarter_SOURCES_DIST = StartupItems.c IPC.c SystemStarter.c
-@LIBS_ONLY_FALSE@am_SystemStarter_OBJECTS = \
-@LIBS_ONLY_FALSE@ SystemStarter-StartupItems.$(OBJEXT) \
-@LIBS_ONLY_FALSE@ SystemStarter-IPC.$(OBJEXT) \
-@LIBS_ONLY_FALSE@ SystemStarter-SystemStarter.$(OBJEXT)
+@DO_EMBEDDED_MAGIC_FALSE@@LIBS_ONLY_FALSE@am_SystemStarter_OBJECTS = SystemStarter-StartupItems.$(OBJEXT) \
+@DO_EMBEDDED_MAGIC_FALSE@@LIBS_ONLY_FALSE@ SystemStarter-IPC.$(OBJEXT) \
+@DO_EMBEDDED_MAGIC_FALSE@@LIBS_ONLY_FALSE@ SystemStarter-SystemStarter.$(OBJEXT)
SystemStarter_OBJECTS = $(am_SystemStarter_OBJECTS)
SystemStarter_LDADD = $(LDADD)
SystemStarter_LINK = $(CCLD) $(SystemStarter_CFLAGS) $(CFLAGS) \
LDFLAGS = @LDFLAGS@
LIBOBJS = @LIBOBJS@
LIBS = @LIBS@
+LIBS_SECURITY = @LIBS_SECURITY@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
MKDIR_P = @MKDIR_P@
SHELL = @SHELL@
STRIP = @STRIP@
VERSION = @VERSION@
+WEAKLIBS_SECURITY = @WEAKLIBS_SECURITY@
abs_builddir = @abs_builddir@
abs_srcdir = @abs_srcdir@
abs_top_builddir = @abs_top_builddir@
target_alias = @target_alias@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
-AM_CFLAGS = -no-cpp-precomp -F/System/Library/PrivateFrameworks -Wall -Wextra -Waggregate-return -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror -D__MigTypeCheck=1 -fvisibility=hidden -Dmig_external=__private_extern__
+AM_CFLAGS = -no-cpp-precomp -isysroot $(SDKROOT) -F$(SDKROOT)/System/Library/PrivateFrameworks -Wall -Wextra -Waggregate-return -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror -D__MigTypeCheck=1 -fvisibility=hidden -Dmig_external=__private_extern__
+AM_LDFLAGS = -Wl,-syslibroot,$(SDKROOT)
CLEANFILES = protocol_vproc.h protocol_vprocServer.c protocol_vprocUser.c protocol_vprocServer.h \
launchd_internal.h launchd_internalServer.h launchd_internalServer.c launchd_internalUser.c \
notifyServer.c notifyServer.h job_replyUser.c job_reply.h __version.c mach_excServer.c mach_excServer.h
@LIBS_ONLY_TRUE@liblaunch_profile_a_CFLAGS = -pg -D__DARWIN_NON_CANCELABLE=1 $(AM_CFLAGS)
@LIBS_ONLY_TRUE@liblaunch_profile_a_SOURCES = liblaunch.c libvproc.c libbootstrap.c protocol_vprocUser.c __version.c
@LIBS_ONLY_FALSE@sysconf_DATA = hostconfig rc.common rc.netboot
-@LIBS_ONLY_FALSE@launchctl_CFLAGS = $(AM_CFLAGS) -I/System/Library/Frameworks/System.framework/PrivateHeaders
-@LIBS_ONLY_FALSE@launchctl_LDFLAGS = -framework CoreFoundation -framework IOKit -framework Security -weak_library /usr/lib/libedit.dylib
-@LIBS_ONLY_FALSE@SystemStarter_CFLAGS = -mdynamic-no-pic $(AM_CFLAGS)
-@LIBS_ONLY_FALSE@SystemStarter_LDFLAGS = -framework CoreFoundation -framework IOKit
-@LIBS_ONLY_FALSE@SystemStarter_SOURCES = StartupItems.c IPC.c SystemStarter.c
+@LIBS_ONLY_FALSE@launchctl_CFLAGS = $(AM_CFLAGS) -I$(SDKROOT)/System/Library/Frameworks/System.framework/PrivateHeaders
+@LIBS_ONLY_FALSE@launchctl_LDFLAGS = $(AM_LDFLAGS) -framework CoreFoundation -framework IOKit $(LIBS_SECURITY) -weak_library /usr/lib/libedit.dylib
+@DO_EMBEDDED_MAGIC_FALSE@@LIBS_ONLY_FALSE@SystemStarter_CFLAGS = -mdynamic-no-pic $(AM_CFLAGS)
+@DO_EMBEDDED_MAGIC_FALSE@@LIBS_ONLY_FALSE@SystemStarter_LDFLAGS = $(AM_LDFLAGS) -framework CoreFoundation -framework IOKit
+@DO_EMBEDDED_MAGIC_FALSE@@LIBS_ONLY_FALSE@SystemStarter_SOURCES = StartupItems.c IPC.c SystemStarter.c
@LIBS_ONLY_FALSE@launchd_CFLAGS = -mdynamic-no-pic $(AM_CFLAGS) -Wno-unused-parameter
-@LIBS_ONLY_FALSE@launchd_LDFLAGS = -lbsm
+@LIBS_ONLY_FALSE@launchd_LDFLAGS = $(AM_LDFLAGS) -lbsm
@LIBS_ONLY_FALSE@launchd_SOURCES = launchd.c launchd_core_logic.c launchd_unix_ipc.c protocol_vprocServer.c notifyServer.c launchd_internalUser.c launchd_internalServer.c job_replyUser.c launchd_runtime.c launchd_runtime_kill.c mach_excServer.c
-@LIBS_ONLY_FALSE@launchproxy_LDFLAGS = -weak_framework Security
+@LIBS_ONLY_FALSE@launchproxy_LDFLAGS = $(AM_LDFLAGS) $(WEAKLIBS_SECURITY)
@LIBS_ONLY_FALSE@man1_MANS = wait4path.1 launchctl.1
@LIBS_ONLY_FALSE@man5_MANS = launchd.plist.5 launchd.conf.5
-@LIBS_ONLY_FALSE@man8_MANS = StartupItemContext.8 SystemStarter.8 rc.8 launchd.8 launchproxy.8
+@DO_EMBEDDED_MAGIC_FALSE@@LIBS_ONLY_FALSE@man8_MANS = StartupItemContext.8 SystemStarter.8 rc.8 launchd.8 launchproxy.8
+@DO_EMBEDDED_MAGIC_TRUE@@LIBS_ONLY_FALSE@man8_MANS = launchd.8 launchproxy.8
all: config.h
$(MAKE) $(AM_MAKEFLAGS) all-am
@LIBS_ONLY_FALSE@ mkdir -p $(DESTDIR)/Library/LaunchAgents
@LIBS_ONLY_FALSE@ mkdir -p $(DESTDIR)/System/Library/LaunchAgents
@LIBS_ONLY_FALSE@ mkdir -p $(DESTDIR)/System/Library/LaunchDaemons
-@LIBS_ONLY_FALSE@ cp $(srcdir)/StartupItemContext $(DESTDIR)/usr/libexec
@LIBS_ONLY_FALSE@ cp $(srcdir)/liblaunch_public.h $(DESTDIR)/usr/include/launch.h
@LIBS_ONLY_FALSE@ cp $(srcdir)/libvproc_public.h $(DESTDIR)/usr/include/vproc.h
@LIBS_ONLY_FALSE@ cp $(srcdir)/libbootstrap_public.h $(DESTDIR)/usr/include/servers/bootstrap.h
@LIBS_ONLY_FALSE@ cp $(srcdir)/liblaunch_private.h $(DESTDIR)/usr/local/include/launch_priv.h
@LIBS_ONLY_FALSE@ cp $(srcdir)/libvproc_private.h $(DESTDIR)/usr/local/include/vproc_priv.h
@LIBS_ONLY_FALSE@ cp $(srcdir)/reboot2.h $(DESTDIR)/usr/local/include/reboot2.h
-@LIBS_ONLY_FALSE@ cp $(srcdir)/com.apple.SystemStarter.plist $(DESTDIR)/System/Library/LaunchDaemons
+@DO_EMBEDDED_MAGIC_FALSE@@LIBS_ONLY_FALSE@ cp $(srcdir)/StartupItemContext $(DESTDIR)/usr/libexec
+@DO_EMBEDDED_MAGIC_FALSE@@LIBS_ONLY_FALSE@ cp $(srcdir)/com.apple.SystemStarter.plist $(DESTDIR)/System/Library/LaunchDaemons
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:
/* Define to 1 if the `closedir' function returns void instead of `int'. */
#undef CLOSEDIR_VOID
+/* Define to one of `_getb67', `GETB67', `getb67' for Cray-2 and Cray-YMP
+ systems. This function is required for `alloca.c' support on those systems.
+ */
+#undef CRAY_STACKSEG_END
+
+/* Define to 1 if using `alloca.c'. */
+#undef C_ALLOCA
+
+/* Define to 1 if you have the `alarm' function. */
+#undef HAVE_ALARM
+
+/* Define to 1 if you have `alloca', as a function or macro. */
+#undef HAVE_ALLOCA
+
+/* Define to 1 if you have <alloca.h> and it should be used (not on Ultrix).
+ */
+#undef HAVE_ALLOCA_H
+
+/* Define to 1 if you have the `atexit' function. */
+#undef HAVE_ATEXIT
+
/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR'.
*/
#undef HAVE_DIRENT_H
+/* Define to 1 if you have the `dup2' function. */
+#undef HAVE_DUP2
+
/* Define to 1 if you have the <fcntl.h> header file. */
#undef HAVE_FCNTL_H
/* Define to 1 if you have the `fork' function. */
#undef HAVE_FORK
-/* Define to 1 if you have the `getpagesize' function. */
-#undef HAVE_GETPAGESIZE
+/* Define to 1 if you have the `gethostname' function. */
+#undef HAVE_GETHOSTNAME
+
+/* Define to 1 if you have the `gettimeofday' function. */
+#undef HAVE_GETTIMEOFDAY
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
/* Define to 1 if you have the <limits.h> header file. */
#undef HAVE_LIMITS_H
+/* Define to 1 if `lstat' has the bug that it succeeds when given the
+ zero-length file name argument. */
+#undef HAVE_LSTAT_EMPTY_STRING_BUG
+
/* Define to 1 if you have the <mach/mach.h> header file. */
#undef HAVE_MACH_MACH_H
-/* Define to 1 if your system has a GNU libc compatible `malloc' function, and
- to 0 otherwise. */
+/* Define to 1 if you have the `malloc' function. */
#undef HAVE_MALLOC
/* Define to 1 if you have the `memmove' function. */
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
-/* Define to 1 if you have a working `mmap' system call. */
+/* Define to 1 if you have the `memset' function. */
+#undef HAVE_MEMSET
+
+/* Define to 1 if you have the `mkdir' function. */
+#undef HAVE_MKDIR
+
+/* Define to 1 if you have the `mmap' function. */
#undef HAVE_MMAP
/* Define to 1 if you have the `munmap' function. */
/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR'. */
#undef HAVE_NDIR_H
+/* Define to 1 if you have the <netdb.h> header file. */
+#undef HAVE_NETDB_H
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+#undef HAVE_NETINET_IN_H
+
+/* Define to 1 if you have the <paths.h> header file. */
+#undef HAVE_PATHS_H
+
+/* Define to 1 if you have the quarantine library */
+#undef HAVE_QUARANTINE
+
+/* Define to 1 if you have the `realloc' function. */
+#undef HAVE_REALLOC
+
+/* Define to 1 if you have the `rmdir' function. */
+#undef HAVE_RMDIR
+
+/* Define to 1 if you have the sandbox library */
+#undef HAVE_SANDBOX
+
+/* Define to 1 if you have the Security framework */
+#undef HAVE_SECURITY
+
+/* Define to 1 if you have the `select' function. */
+#undef HAVE_SELECT
+
+/* Define to 1 if you have the `setenv' function. */
+#undef HAVE_SETENV
+
+/* Define to 1 if you have the `socket' function. */
+#undef HAVE_SOCKET
+
/* Define to 1 if `stat' has the bug that it succeeds when given the
zero-length file name argument. */
#undef HAVE_STAT_EMPTY_STRING_BUG
/* Define to 1 if stdbool.h conforms to C99. */
#undef HAVE_STDBOOL_H
+/* Define to 1 if you have the <stddef.h> header file. */
+#undef HAVE_STDDEF_H
+
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
+/* Define to 1 if you have the `strcasecmp' function. */
+#undef HAVE_STRCASECMP
+
+/* Define to 1 if you have the `strchr' function. */
+#undef HAVE_STRCHR
+
+/* Define to 1 if you have the `strdup' function. */
+#undef HAVE_STRDUP
+
/* Define to 1 if you have the `strerror' function. */
#undef HAVE_STRERROR
/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
+/* Define to 1 if you have the `strrchr' function. */
+#undef HAVE_STRRCHR
+
+/* Define to 1 if you have the `strstr' function. */
+#undef HAVE_STRSTR
+
+/* Define to 1 if you have the `strtol' function. */
+#undef HAVE_STRTOL
+
/* Define to 1 if you have the <syslog.h> header file. */
#undef HAVE_SYSLOG_H
*/
#undef HAVE_SYS_DIR_H
+/* Define to 1 if you have the <sys/ioctl.h> header file. */
+#undef HAVE_SYS_IOCTL_H
+
+/* Define to 1 if you have the <sys/mount.h> header file. */
+#undef HAVE_SYS_MOUNT_H
+
/* Define to 1 if you have the <sys/ndir.h> header file, and it defines `DIR'.
*/
#undef HAVE_SYS_NDIR_H
+/* Define to 1 if you have the <sys/param.h> header file. */
+#undef HAVE_SYS_PARAM_H
+
+/* Define to 1 if you have the <sys/select.h> header file. */
+#undef HAVE_SYS_SELECT_H
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+#undef HAVE_SYS_SOCKET_H
+
/* Define to 1 if you have the <sys/stat.h> header file. */
#undef HAVE_SYS_STAT_H
+/* Define to 1 if you have the <sys/time.h> header file. */
+#undef HAVE_SYS_TIME_H
+
/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
/* Define to 1 if you have <sys/wait.h> that is POSIX.1 compatible. */
#undef HAVE_SYS_WAIT_H
+/* Define to 1 if you have the <termios.h> header file. */
+#undef HAVE_TERMIOS_H
+
/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
slash. */
#undef LSTAT_FOLLOWS_SLASHED_SYMLINK
+/* Define to 1 if your C compiler doesn't accept -c and -o together. */
+#undef NO_MINUS_C_MINUS_O
+
/* Name of package */
#undef PACKAGE
/* Define as the return type of signal handlers (`int' or `void'). */
#undef RETSIGTYPE
+/* Define to the type of arg 1 for `select'. */
+#undef SELECT_TYPE_ARG1
+
+/* Define to the type of args 2, 3 and 4 for `select'. */
+#undef SELECT_TYPE_ARG234
+
+/* Define to the type of arg 5 for `select'. */
+#undef SELECT_TYPE_ARG5
+
+/* If using the C implementation of alloca, define if you know the
+ direction of stack growth for your system; otherwise it will be
+ automatically deduced at runtime.
+ STACK_DIRECTION > 0 => grows toward higher addresses
+ STACK_DIRECTION < 0 => grows toward lower addresses
+ STACK_DIRECTION = 0 => direction of growth unknown */
+#undef STACK_DIRECTION
+
/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS
+/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
+#undef TIME_WITH_SYS_TIME
+
+/* Define to 1 if your <sys/time.h> declares `struct tm'. */
+#undef TM_IN_SYS_TIME
+
/* Version number of package */
#undef VERSION
/* Define to `int' if <sys/types.h> doesn't define. */
#undef gid_t
-/* Define to rpl_malloc if the replacement function should be used. */
-#undef malloc
-
/* Define to `int' if <sys/types.h> does not define. */
#undef mode_t
-/* Define to `long' if <sys/types.h> does not define. */
+/* Define to `long int' if <sys/types.h> does not define. */
#undef off_t
/* Define to `int' if <sys/types.h> does not define. */
#undef pid_t
-/* Define to `unsigned' if <sys/types.h> does not define. */
+/* Define to `unsigned int' if <sys/types.h> does not define. */
#undef size_t
/* Define to `int' if <sys/types.h> doesn't define. */
* @APPLE_APACHE_LICENSE_HEADER_END@
*/
-static const char *const __rcs_file_version__ = "$Revision: 23457 $";
+static const char *const __rcs_file_version__ = "$Revision: 23566 $";
#include "liblaunch_public.h"
#include "liblaunch_private.h"
#include <CoreFoundation/CoreFoundation.h>
#include <CoreFoundation/CFPriv.h>
#include <TargetConditionals.h>
-#if !TARGET_OS_EMBEDDED
+#if HAVE_SECURITY
#include <Security/Security.h>
#include <Security/AuthSession.h>
#endif
read_launchd_conf(void)
{
char s[1000], *c, *av[100];
+ const char *file;
size_t len, i;
FILE *f;
- if (!(f = fopen("/etc/launchd.conf", "r"))) {
+ if (getppid() == 1) {
+ file = "/etc/launchd.conf";
+ } else {
+ file = "/etc/launchd-user.conf";
+ }
+
+ if (!(f = fopen(file, "r"))) {
return;
}
assumes(acct("/var/account/acct") != -1);
}
+#if !TARGET_OS_EMBEDDED
if (path_check("/etc/fstab")) {
const char *mount_tool[] = { "mount", "-vat", "nonfs", NULL };
assumes(fwexec(mount_tool, true) != -1);
}
+#endif
if (path_check("/etc/rc.installer_cleanup")) {
const char *rccleanup_tool[] = { _PATH_BSHELL, "/etc/rc.installer_cleanup", "multiuser", NULL };
_vproc_set_global_on_demand(true);
- char *load_launchd_items[] = { "load", "-D", "all", "/etc/mach_init.d", NULL };
+ char *load_launchd_items[] = { "load", "-D", "all", "/etc/mach_init.d",
+#if TARGET_OS_EMBEDDED
+ "/var/mobile/Library/LaunchAgents",
+#endif
+ NULL };
if (is_safeboot()) {
load_launchd_items[2] = "system";
void
do_BootCache_magic(BootCache_action_t what)
{
- const char *bcc_tool[] = { "BootCacheControl", "-f", "/var/db/BootCache.playlist", NULL, NULL };
+ const char *bcc_tool[] = { "/usr/sbin/BootCacheControl", "-f", "/var/db/BootCache.playlist", NULL, NULL };
- if (is_safeboot()) {
+ if (is_safeboot() || !path_check(bcc_tool[0])) {
return;
}
the_argc += 1;
}
-#if !TARGET_OS_EMBEDDED
if (strcasecmp(session_type, VPROCMGR_SESSION_BACKGROUND) == 0) {
+ read_launchd_conf();
+#if HAVE_SECURITY
assumes(SessionCreate(sessionKeepCurrentBootstrap, 0) == 0);
- }
#endif
+ }
return load_and_unload_cmd(the_argc, load_launchd_items);
}
fprintf(stderr, "fsck failed!\n");
/* someday, we should keep booting read-only, but as of today, other sub-systems cannot handle that scenario */
+#if TARGET_OS_EMBEDDED
+ const char *nvram_tool[] = { "/usr/sbin/nvram", "auto-boot=false", NULL };
+ assumes(fwexec(nvram_tool, true) != -1);
+ assumes(reboot(RB_AUTOBOOT) != -1);
+#else
assumes(reboot(RB_HALT) != -1);
+#endif
return;
out:
* assumes(mount(sfs.f_fstypename, "/", MNT_UPDATE, NULL) != -1);
*/
- assumes(fwexec(remount_tool, true) != -1);
+#if TARGET_OS_EMBEDDED
+ if (path_check("/etc/fstab")) {
+ const char *mount_tool[] = { "mount", "-vat", "nonfs", NULL };
+ assumes(fwexec(mount_tool, true) != -1);
+ } else
+#endif
+ {
+ assumes(fwexec(remount_tool, true) != -1);
+ }
fix_bogus_file_metadata();
}
* @APPLE_APACHE_LICENSE_HEADER_END@
*/
-static const char *const __rcs_file_version__ = "$Revision: 23408 $";
+static const char *const __rcs_file_version__ = "$Revision: 23506 $";
#include "config.h"
#include "launchd.h"
+#if HAVE_SECURITY
#include <Security/Authorization.h>
#include <Security/AuthorizationTags.h>
#include <Security/AuthSession.h>
+#endif
#include <sys/types.h>
#include <sys/queue.h>
#include <sys/event.h>
void
launchd_SessionCreate(void)
{
+#if HAVE_SECURITY
OSStatus (*sescr)(SessionCreationFlags flags, SessionAttributeBits attributes);
void *seclib;
}
launchd_assumes(dlclose(seclib) != -1);
}
+#endif
}
void
* @APPLE_APACHE_LICENSE_HEADER_END@
*/
-static const char *const __rcs_file_version__ = "$Revision: 23459 $";
+static const char *const __rcs_file_version__ = "$Revision: 23585 $";
#include "config.h"
#include "launchd_core_logic.h"
+#include <TargetConditionals.h>
#include <mach/mach.h>
#include <mach/mach_error.h>
#include <mach/mach_time.h>
#include <ctype.h>
#include <glob.h>
#include <spawn.h>
+#if HAVE_SANDBOX
#include <sandbox.h>
+#endif
+#if HAVE_QUARANTINE
+#include <quarantine.h>
+#endif
#include "liblaunch_public.h"
#include "liblaunch_private.h"
SLIST_ENTRY(socketgroup) sle;
int *fds;
unsigned int junkfds:1, fd_cnt:31;
- char name[0];
+ union {
+ const char name[0];
+ char name_init[0];
+ };
};
static bool socketgroup_new(job_t j, const char *name, int *fds, unsigned int fd_cnt, bool junkfds);
struct envitem {
SLIST_ENTRY(envitem) sle;
char *value;
- char key[0];
+ union {
+ const char key[0];
+ char key_init[0];
+ };
};
static bool envitem_new(job_t j, const char *k, const char *v, bool global);
static bool limititem_update(job_t j, int w, rlim_t r);
static void limititem_delete(job_t j, struct limititem *li);
static void limititem_setup(launch_data_t obj, const char *key, void *context);
+#if HAVE_SANDBOX
static void seatbelt_setup_flags(launch_data_t obj, const char *key, void *context);
+#endif
typedef enum {
NETWORK_UP = 1,
SLIST_ENTRY(semaphoreitem) sle;
semaphore_reason_t why;
int fd;
- char what[0];
+ union {
+ const char what[0];
+ char what_init[0];
+ };
};
struct semaphoreitem_dict_iter_context {
unsigned int hopefully_first_cnt;
unsigned int normal_active_cnt;
unsigned int sent_stop_to_normal_jobs:1, sent_stop_to_hopefully_last_jobs:1, shutting_down:1, session_initialized:1;
- char name[0];
+ union {
+ const char name[0];
+ char name_init[0];
+ };
};
#define jobmgr_assumes(jm, e) \
static job_t jobmgr_import2(jobmgr_t jm, launch_data_t pload);
static jobmgr_t jobmgr_parent(jobmgr_t jm);
static jobmgr_t jobmgr_do_garbage_collection(jobmgr_t jm);
+static bool jobmgr_label_test(jobmgr_t jm, const char *str);
static void jobmgr_reap_bulk(jobmgr_t jm, struct kevent *kev);
static void jobmgr_log_stray_children(jobmgr_t jm);
static void jobmgr_remove(jobmgr_t jm);
cpu_type_t *j_binpref;
size_t j_binpref_cnt;
mach_port_t j_port;
- mach_port_t wait_reply_port;
+ mach_port_t wait_reply_port; /* we probably should switch to a list of waiters */
uid_t mach_uid;
jobmgr_t mgr;
char **argv;
char *alt_exc_handler;
struct machservice *lastlookup;
unsigned int lastlookup_gennum;
+#if HAVE_SANDBOX
char *seatbelt_profile;
uint64_t seatbelt_flags;
+#endif
+#if HAVE_QUARANTINE
void *quarantine_data;
size_t quarantine_data_sz;
+#endif
pid_t p;
int argc;
int last_exit_status;
currently_ignored:1, forced_peers_to_demand_mode:1, setnice:1, hopefully_exits_last:1, removal_pending:1,
wait4pipe_eof:1, sent_sigkill:1, debug_before_kill:1, weird_bootstrap:1, start_on_mount:1,
per_user:1, hopefully_exits_first:1, deny_unknown_mslookups:1, unload_at_mig_return:1, abandon_pg:1,
- poll_for_vfs_changes:1, internal_exc_handler:1;
+ poll_for_vfs_changes:1, internal_exc_handler:1, deny_job_creation:1;
const char label[0];
};
static size_t our_strhash(const char *s) __attribute__((pure));
static void extract_rcsid_substr(const char *i, char *o, size_t osz);
static void do_first_per_user_launchd_hack(void);
+static size_t get_kern_max_proc(void);
static void do_file_init(void) __attribute__((constructor));
/* file local globals */
+static bool do_apple_internal_magic;
static size_t total_children;
static size_t total_anon_children;
static mach_port_t the_exception_server;
if (j->alt_exc_handler) {
free(j->alt_exc_handler);
}
+#if HAVE_SANDBOX
if (j->seatbelt_profile) {
free(j->seatbelt_profile);
}
+#endif
+#if HAVE_QUARANTINE
if (j->quarantine_data) {
free(j->quarantine_data);
}
+#endif
if (j->j_binpref) {
free(j->j_binpref);
}
where2put = &j->stdoutpath;
} else if (strcasecmp(key, LAUNCH_JOBKEY_STANDARDERRORPATH) == 0) {
where2put = &j->stderrpath;
+#if HAVE_SANDBOX
} else if (strcasecmp(key, LAUNCH_JOBKEY_SANDBOXPROFILE) == 0) {
where2put = &j->seatbelt_profile;
+#endif
}
break;
default:
job_assumes(j, kevent_mod((uintptr_t)&j->start_interval, EVFILT_TIMER, EV_ADD, NOTE_SECONDS, value, j) != -1);
}
+#if HAVE_SANDBOX
} else if (strcasecmp(key, LAUNCH_JOBKEY_SANDBOXFLAGS) == 0) {
j->seatbelt_flags = value;
+#endif
}
break;
switch (key[0]) {
case 'q':
case 'Q':
+#if HAVE_QUARANTINE
if (strcasecmp(key, LAUNCH_JOBKEY_QUARANTINEDATA) == 0) {
size_t tmpsz = launch_data_get_opaque_size(value);
j->quarantine_data_sz = tmpsz;
}
}
+#endif
break;
default:
break;
}
}
+static void
+policy_setup(launch_data_t obj, const char *key, void *context)
+{
+ job_t j = context;
+ bool found_key = false;
+
+ switch (key[0]) {
+ case 'd':
+ case 'D':
+ if (strcasecmp(key, LAUNCH_JOBPOLICY_DENYCREATINGOTHERJOBS) == 0) {
+ j->deny_job_creation = launch_data_get_bool(obj);
+ found_key = true;
+ }
+ break;
+ default:
+ break;
+ }
+
+ if (unlikely(!found_key)) {
+ job_log(j, LOG_WARNING, "Unknown policy: %s", key);
+ }
+}
+
void
job_import_dictionary(job_t j, const char *key, launch_data_t value)
{
launch_data_t tmp;
switch (key[0]) {
+ case 'p':
+ case 'P':
+ if (strcasecmp(key, LAUNCH_JOBKEY_POLICIES) == 0) {
+ launch_data_dict_iterate(value, policy_setup, j);
+ }
+ break;
case 'k':
case 'K':
if (strcasecmp(key, LAUNCH_JOBKEY_KEEPALIVE) == 0) {
calendarinterval_new_from_obj(j, value);
} else if (strcasecmp(key, LAUNCH_JOBKEY_SOFTRESOURCELIMITS) == 0) {
launch_data_dict_iterate(value, limititem_setup, j);
+#if HAVE_SANDBOX
} else if (strcasecmp(key, LAUNCH_JOBKEY_SANDBOXFLAGS) == 0) {
launch_data_dict_iterate(value, seatbelt_setup_flags, j);
+#endif
}
break;
case 'h':
if ((j = job_find(label)) != NULL) {
errno = EEXIST;
return NULL;
- } else if (label[0] == '\0' || (strncasecmp(label, "", strlen("com.apple.launchd")) == 0) ||
- (strtol(label, NULL, 10) != 0)) {
- jobmgr_log(jm, LOG_ERR, "Somebody attempted to use a reserved prefix for a label: %s", label);
- /* the empty string, com.apple.launchd and number prefixes for labels are reserved */
+ } else if (!jobmgr_label_test(jm, label)) {
errno = EINVAL;
return NULL;
}
return j;
}
+bool
+jobmgr_label_test(jobmgr_t jm, const char *str)
+{
+ char *endstr = NULL;
+ const char *ptr;
+
+ if (str[0] == '\0') {
+ jobmgr_log(jm, LOG_ERR, "Empty job labels are not allowed");
+ return false;
+ }
+
+ for (ptr = str; *ptr; ptr++) {
+ if (iscntrl(*ptr)) {
+ jobmgr_log(jm, LOG_ERR, "ASCII control characters are not allowed in job labels. Index: %td Value: 0x%hhx", ptr - str, *ptr);
+ return false;
+ }
+ }
+
+ strtoll(str, &endstr, 0);
+
+ if (str != endstr) {
+ jobmgr_log(jm, LOG_ERR, "Job labels are not allowed to begin with numbers: %s", str);
+ return false;
+ }
+
+ if ((strncasecmp(str, "com.apple.launchd", strlen("com.apple.launchd")) == 0) ||
+ (strncasecmp(str, "com.apple.launchctl", strlen("com.apple.launchctl")) == 0)) {
+ jobmgr_log(jm, LOG_ERR, "Job labels are not allowed to use a reserved prefix: %s", str);
+ return false;
+ }
+
+ return true;
+}
+
job_t
job_find(const char *label)
{
job_log_stray_pg(job_t j)
{
int mib[] = { CTL_KERN, KERN_PROC, KERN_PROC_PGRP, j->p };
- size_t i, kp_cnt, len = 10*1024*1024;
+ size_t i, kp_cnt, len = sizeof(struct kinfo_proc) * get_kern_max_proc();
struct kinfo_proc *kp;
+#if TARGET_OS_EMBEDDED
+ if (!do_apple_internal_magic) {
+ return;
+ }
+#endif
+
if (!job_assumes(j, (kp = malloc(len)) != NULL)) {
return;
}
job_assumes(j, binpref_out_cnt == j->j_binpref_cnt);
}
+#if HAVE_QUARANTINE
if (j->quarantine_data) {
qtn_proc_t qp;
}
}
}
+#endif
+#if HAVE_SANDBOX
if (j->seatbelt_profile) {
char *seatbelt_err_buf = NULL;
goto out_bad;
}
}
+#endif
if (j->prog) {
errno = posix_spawn(&junk_pid, j->inetcompat ? file2exec : j->prog, NULL, &spattr, (char *const*)argv, environ);
job_find_and_blame_pids_with_weird_uids(job_t j)
{
int mib[] = { CTL_KERN, KERN_PROC, KERN_PROC_ALL };
- size_t i, kp_cnt, len = 10*1024*1024;
- struct kinfo_proc *kp = malloc(len);
+ size_t i, kp_cnt, len = sizeof(struct kinfo_proc) * get_kern_max_proc();
+ struct kinfo_proc *kp;
uid_t u = j->mach_uid;
+#if TARGET_OS_EMBEDDED
+ if (!do_apple_internal_magic) {
+ return;
+ }
+#endif
+ kp = malloc(len);
+
if (!job_assumes(j, kp != NULL)) {
return;
}
void
semaphoreitem_watch(job_t j, struct semaphoreitem *si)
{
- char parentdir_path[PATH_MAX], *which_path = si->what;
+ char *parentdir, tmp_path[PATH_MAX];
+ const char *which_path = si->what;
int saved_errno = 0;
int fflags = 0;
-
- strlcpy(parentdir_path, dirname(si->what), sizeof(parentdir_path));
switch (si->why) {
case PATH_EXISTS:
return;
}
+ /* dirname() may modify tmp_path */
+ strlcpy(tmp_path, si->what, sizeof(tmp_path));
+
+ if (!job_assumes(j, (parentdir = dirname(tmp_path)))) {
+ return;
+ }
+
/* See 5321044 for why we do the do-while loop and 5415523 for why ENOENT is checked */
do {
if (si->fd == -1) {
if ((si->fd = _fd(open(which_path, O_EVTONLY|O_NOCTTY))) == -1) {
- which_path = parentdir_path;
+ which_path = parentdir;
si->fd = _fd(open(which_path, O_EVTONLY|O_NOCTTY));
}
}
}
memcpy(sg->fds, fds, fd_cnt * sizeof(int));
- strcpy(sg->name, name);
+ strcpy(sg->name_init, name);
SLIST_INSERT_HEAD(&j->sockets, sg, sle);
return false;
}
- strcpy(ei->key, k);
- ei->value = ei->key + strlen(k) + 1;
+ strcpy(ei->key_init, k);
+ ei->value = ei->key_init + strlen(k) + 1;
strcpy(ei->value, v);
if (global) {
free(li);
}
+#if HAVE_SANDBOX
void
seatbelt_setup_flags(launch_data_t obj, const char *key, void *context)
{
j->seatbelt_flags |= SANDBOX_NAMED;
}
}
+#endif
void
limititem_setup(launch_data_t obj, const char *key, void *context)
} else if (j->removal_pending) {
job_log(j, LOG_DEBUG, "Exited while removal was pending.");
return true;
- } else if (j->mgr->shutting_down) {
+ } else if (j->mgr->shutting_down && (j->hopefully_exits_first || j->mgr->hopefully_first_cnt == 0)) {
job_log(j, LOG_DEBUG, "Exited while shutdown in progress. Processes remaining: %lu/%lu", total_children, total_anon_children);
return true;
} else if (j->legacy_mach_job) {
struct stat sb;
bool good_exit = (WIFEXITED(j->last_exit_status) && WEXITSTATUS(j->last_exit_status) == 0);
+ if (j->mgr->shutting_down) {
+ return false;
+ }
+
/*
* 5066316
*
f = PPC_THREAD_STATE64;
#elif defined(__i386__)
f = x86_THREAD_STATE;
+#elif defined(__arm__)
+ f = ARM_THREAD_STATE;
+#else
+#error "unknown architecture"
#endif
if (target_task) {
jobmgr_log_stray_children(jobmgr_t jm)
{
int mib[] = { CTL_KERN, KERN_PROC, KERN_PROC_ALL };
- size_t i, kp_cnt, len = 10*1024*1024;
+ size_t i, kp_cnt, len = sizeof(struct kinfo_proc) * get_kern_max_proc();
struct kinfo_proc *kp;
+#if TARGET_OS_EMBEDDED
+ if (!do_apple_internal_magic) {
+ return;
+ }
+#endif
if (jm->parentmgr || getpid() != 1) {
return;
}
}
jmr->kqjobmgr_callback = jobmgr_callback;
- strcpy(jmr->name, name ? name : "Under construction");
+ strcpy(jmr->name_init, name ? name : "Under construction");
jmr->req_port = requestorport;
}
if (!name) {
- sprintf(jmr->name, "%u", MACH_PORT_INDEX(jmr->jm_port));
+ sprintf(jmr->name_init, "%u", MACH_PORT_INDEX(jmr->jm_port));
}
/* Sigh... at the moment, MIG has maxsize == sizeof(reply union) */
si->why = why;
if (what) {
- strcpy(si->what, what);
+ strcpy(si->what_init, what);
}
SLIST_INSERT_HEAD(&j->semaphores, si, sle);
return BOOTSTRAP_NO_MEMORY;
}
+ if (unlikely(j->deny_job_creation)) {
+ return BOOTSTRAP_NOT_PRIVILEGED;
+ }
+
runtime_get_caller_creds(&ldc);
job_log(j, LOG_DEBUG, "Server create attempt: %s", server_cmd);
job_log(j, LOG_DEBUG, "%sMach service registration attempt: %s", flags & BOOTSTRAP_PER_PID_SERVICE ? "Per PID " : "", servicename);
+ /* 5641783 for the embedded hack */
+#if !TARGET_OS_EMBEDDED
/*
* From a per-user/session launchd's perspective, SecurityAgent (UID
* 92) is a rogue application (not our UID, not root and not a child of
return BOOTSTRAP_NOT_PRIVILEGED;
}
}
+#endif
ms = jobmgr_lookup_service(j->mgr, servicename, false, flags & BOOTSTRAP_PER_PID_SERVICE ? ldc.pid : 0);
runtime_get_caller_creds(&ldc);
+ /* 5641783 for the embedded hack */
+#if !TARGET_OS_EMBEDDED
if (getpid() == 1 && j->anonymous && job_get_bs(j)->parentmgr == NULL && ldc.uid != 0 && ldc.euid != 0) {
return VPROC_ERR_TRY_PER_USER;
}
+#endif
if (!mspolicy_check(j, servicename, flags & BOOTSTRAP_PER_PID_SERVICE)) {
job_log(j, LOG_NOTICE, "Policy denied Mach service lookup: %s", servicename);
}
jobmgr_log(j->mgr, LOG_DEBUG, "Renaming to: %s", session_type);
- strcpy(j->mgr->name, session_type);
+ strcpy(j->mgr->name_init, session_type);
if (job_assumes(j, (j2 = jobmgr_init_session(j->mgr, session_type, false)))) {
job_assumes(j, job_dispatch(j2, true));
job_log(j, LOG_DEBUG, "Move subset attempt: 0x%x", target_subset);
- kr = _vproc_grab_subset(target_subset, &reqport, &rcvright, &out_obj_array, &l2l_ports, &l2l_port_cnt);
+ errno = kr = _vproc_grab_subset(target_subset, &reqport, &rcvright, &out_obj_array, &l2l_ports, &l2l_port_cnt);
if (!job_assumes(j, kr == 0)) {
goto out;
return BOOTSTRAP_NO_MEMORY;
}
+kern_return_t
+job_mig_embedded_wait(job_t j, name_t targetlabel, integer_t *waitstatus)
+{
+ job_t otherj;
+
+ if (!launchd_assumes(j != NULL)) {
+ return BOOTSTRAP_NO_MEMORY;
+ }
+
+ if (unlikely(!(otherj = job_find(targetlabel)))) {
+ return BOOTSTRAP_UNKNOWN_SERVICE;
+ }
+
+ *waitstatus = j->last_exit_status;
+
+ return 0;
+}
+
+kern_return_t
+job_mig_embedded_kickstart(job_t j, name_t targetlabel, pid_t *out_pid, mach_port_t *out_name_port)
+{
+ struct ldcred ldc;
+ kern_return_t kr;
+ job_t otherj;
+
+ if (!launchd_assumes(j != NULL)) {
+ return BOOTSTRAP_NO_MEMORY;
+ }
+
+ if (unlikely(!(otherj = job_find(targetlabel)))) {
+ return BOOTSTRAP_UNKNOWN_SERVICE;
+ }
+
+ runtime_get_caller_creds(&ldc);
+
+ if (ldc.euid != 0 && ldc.euid != geteuid()
+#if TARGET_OS_EMBEDDED
+ && j->username && otherj->username
+ && strcmp(j->username, otherj->username) != 0
+#endif
+ ) {
+ return BOOTSTRAP_NOT_PRIVILEGED;
+ }
+
+ otherj = job_dispatch(otherj, true);
+
+ if (!job_assumes(j, otherj && otherj->p)) {
+ return BOOTSTRAP_NO_MEMORY;
+ }
+
+ kr = task_name_for_pid(mach_task_self(), otherj->p, out_name_port);
+ if (!job_assumes(j, kr == 0)) {
+ return kr;
+ }
+
+ *out_pid = otherj->p;
+
+ return 0;
+}
+
kern_return_t
job_mig_wait(job_t j, mach_port_t srp, integer_t *waitstatus)
{
job_assumes(j, mspolicy_new(target_j, target_service, flags & BOOTSTRAP_ALLOW_LOOKUP, flags & BOOTSTRAP_PER_PID_SERVICE, false));
} else {
target_j->deny_unknown_mslookups = !(flags & BOOTSTRAP_ALLOW_LOOKUP);
+ target_j->deny_job_creation = (bool)(flags & BOOTSTRAP_DENY_JOB_CREATION);
}
} else {
job_log(j, LOG_WARNING, "Jobs that have policies assigned to them may not set policies.");
return BOOTSTRAP_NO_MEMORY;
}
+ if (unlikely(j->deny_job_creation)) {
+ return BOOTSTRAP_NOT_PRIVILEGED;
+ }
+
if (getpid() == 1 && ldc.euid && ldc.uid) {
job_log(j, LOG_DEBUG, "Punting spawn to per-user-context");
return VPROC_ERR_TRY_PER_USER;
free(w4r);
}
+size_t
+get_kern_max_proc(void)
+{
+ int mib[] = { CTL_KERN, KERN_MAXPROC };
+ int max = 100;
+ size_t max_sz = sizeof(max);
+
+ launchd_assumes(sysctl(mib, 2, &max, &max_sz, NULL, 0) != -1);
+
+ return max;
+}
+
void
do_file_init(void)
{
+ struct stat sb;
+
launchd_assert(mach_timebase_info(&tbi) == 0);
+ if (stat("/AppleInternal", &sb) == 0) {
+ do_apple_internal_magic = true;
+ }
}
* @APPLE_APACHE_LICENSE_HEADER_END@
*/
-static const char *const __rcs_file_version__ = "$Revision: 23459 $";
+static const char *const __rcs_file_version__ = "$Revision: 23528 $";
#include "config.h"
#include "launchd_runtime.h"
FLAGIF(RB_ASKNAME)
else FLAGIF(RB_SINGLE)
else FLAGIF(RB_NOSYNC)
- else FLAGIF(RB_KDB)
else FLAGIF(RB_HALT)
else FLAGIF(RB_INITNAME)
else FLAGIF(RB_DFLTROOT)
#define launchd_assert(e) if (__builtin_constant_p(e)) { char __compile_time_assert__[e ? 1 : -1] __attribute__((unused)); } else if (!launchd_assumes(e)) { abort(); }
+#define likely(x) __builtin_expect((bool)(x), true)
+#define unlikely(x) __builtin_expect((bool)(x), false)
+
void _log_launchd_bug(const char *rcs_rev, const char *path, unsigned int line, const char *test);
typedef void (*kq_callback)(void *, struct kevent *);
* @APPLE_APACHE_LICENSE_HEADER_END@
*/
+#if !defined(__LP64__) && !defined(__arm__)
#define _NONSTD_SOURCE 1
+#define old_kill(x, y) kill(x, y)
+#define old_killpg(x, y) killpg(x, y)
+#else
+/* ??? No blessed way to get the old behavior */
+extern int __kill(int, int, int);
+#define old_kill(x, y) __kill(x, y, 0)
+#define old_killpg(x, y) __kill(-(x), y, 0)
+#endif
#include <signal.h>
#include "launchd_runtime_kill.h"
int
runtime_kill(pid_t pid, int sig)
{
- return kill(pid, sig);
+ return old_kill(pid, sig);
}
int
runtime_killpg(pid_t pgrp, int sig)
{
- return killpg(pgrp, sig);
+ return old_killpg(pgrp, sig);
}
*
* @APPLE_APACHE_LICENSE_HEADER_END@
*/
+#include "config.h"
+#if HAVE_SECURITY
#include <Security/Authorization.h>
#include <Security/AuthorizationTags.h>
#include <Security/AuthSession.h>
+#endif
#include <sys/types.h>
#include <sys/select.h>
#include <sys/event.h>
#include "launch.h"
-#if __GNUC__ >= 4
+#if __GNUC__ >= 4 && HAVE_SECURITY
OSStatus SessionCreate(SessionCreationFlags flags, SessionAttributeBits attributes) __attribute__((weak));
#endif
setpgid(0, 0);
+#if HAVE_SECURITY
if ((tmp = launch_data_dict_lookup(resp, LAUNCH_JOBKEY_SESSIONCREATE)) && launch_data_get_bool(tmp)) {
if (SessionCreate) {
OSStatus scr = SessionCreate(0, 0);
syslog(LOG_NOTICE, "%s: SessionCreate == NULL!", prog);
}
}
+#endif
fcntl(r, F_SETFL, 0);
fcntl(r, F_SETFD, 1);
dup2(r, STDIN_FILENO);
#define BOOTSTRAP_PER_PID_SERVICE 0x1
#define BOOTSTRAP_ALLOW_LOOKUP 0x2
+#define BOOTSTRAP_DENY_JOB_CREATION 0x4
kern_return_t bootstrap_register2(mach_port_t bp, name_t service_name, mach_port_t sp, uint64_t flags);
static launch_data_t launch_msg_internal(launch_data_t d);
static void launch_mach_checkin_service(launch_data_t obj, const char *key, void *context);
+static launch_t in_flight_msg_recv_client;
static pthread_once_t _lc_once = PTHREAD_ONCE_INIT;
static struct _launch_client {
void
launchd_close(launch_t lh, typeof(close) closefunc)
{
+ if (in_flight_msg_recv_client == lh) {
+ in_flight_msg_recv_client = NULL;
+ }
+
if (lh->sendbuf)
free(lh->sendbuf);
if (lh->sendfds)
goto out_bad;
}
+ in_flight_msg_recv_client = lh;
+
cb(rmsg, context);
+ /* launchd and only launchd can call launchd_close() as a part of the callback */
+ if (in_flight_msg_recv_client == NULL) {
+ r = 0;
+ break;
+ }
+
lh->recvlen -= data_offset;
if (lh->recvlen > 0) {
memmove(lh->recvbuf, lh->recvbuf + data_offset, lh->recvlen);
#include <sys/types.h>
#include <launch.h>
#include <unistd.h>
-#include <quarantine.h>
#pragma GCC visibility push(default)
launch_t launchd_fdopen(int);
int launchd_getfd(launch_t);
-void launchd_close(launch_t, typeof(close) closefunc);
+void launchd_close(launch_t, __typeof__(close) closefunc);
launch_data_t launch_data_new_errno(int);
bool launch_data_set_errno(launch_data_t, int);
mach_port_t * spawn_observer_port;
const cpu_type_t * spawn_binpref;
size_t spawn_binpref_cnt;
- qtn_proc_t spawn_quarantine;
+ void * spawn_quarantine;
const char * spawn_seatbelt_profile;
const uint64_t * spawn_seatbelt_flags;
};
#define LAUNCH_JOBKEY_THROTTLEINTERVAL "ThrottleInterval"
#define LAUNCH_JOBKEY_LAUNCHONLYONCE "LaunchOnlyOnce"
#define LAUNCH_JOBKEY_ABANDONPROCESSGROUP "AbandonProcessGroup"
+#define LAUNCH_JOBKEY_POLICIES "Policies"
+
+#define LAUNCH_JOBPOLICY_DENYCREATINGOTHERJOBS "DenyCreatingOtherJobs"
#define LAUNCH_JOBINETDCOMPATIBILITY_WAIT "Wait"
#include <unistd.h>
#include <syslog.h>
#include <pthread.h>
+#if HAVE_QUARANTINE
+#include <quarantine.h>
+#endif
#include "liblaunch_public.h"
#include "liblaunch_private.h"
if (spawn_attrs) switch (struct_version) {
case 2:
+#if HAVE_QUARANTINE
if (spawn_attrs->spawn_quarantine) {
char qbuf[QTN_SERIALIZED_DATA_MAX];
size_t qbuf_sz = QTN_SERIALIZED_DATA_MAX;
launch_data_dict_insert(in_obj, tmp, LAUNCH_JOBKEY_QUARANTINEDATA);
}
}
+#endif
if (spawn_attrs->spawn_seatbelt_profile) {
tmp = launch_data_new_string(spawn_attrs->spawn_seatbelt_profile);
return reboot2;
}
+vproc_err_t
+_vproc_kickstart_by_label(const char *label, pid_t *out_pid, mach_port_t *out_port_name)
+{
+ if (vproc_mig_embedded_kickstart(bootstrap_port, (char *)label, out_pid, out_port_name) == 0) {
+ return NULL;
+ }
+
+ return (vproc_err_t)_vproc_kickstart_by_label;
+}
+
+vproc_err_t
+_vproc_wait_by_label(const char *label, int *out_wstatus)
+{
+ if (vproc_mig_embedded_wait(bootstrap_port, (char *)label, out_wstatus) == 0) {
+ return NULL;
+ }
+
+ return (vproc_err_t)_vproc_wait_by_label;
+}
+
vproc_err_t
_vproc_set_global_on_demand(bool state)
{
vproc_err_t _vprocmgr_log_drain(vproc_t vp, pthread_mutex_t *optional_mutex_around_callback, _vprocmgr_log_drain_callback_t func);
vproc_err_t _vproc_send_signal_by_label(const char *label, int sig);
+vproc_err_t _vproc_kickstart_by_label(const char *label, pid_t *out_pid, mach_port_t *out_port_name);
+vproc_err_t _vproc_wait_by_label(const char *label, int *out_wstatus);
void _vproc_log(int pri, const char *msg, ...) __attribute__((format(printf, 2, 3)));
void _vproc_log_error(int pri, const char *msg, ...) __attribute__((format(printf, 2, 3)));
routine log_forward(
__bs_port : job_t;
__inval : pointer_t);
+
+routine embedded_kickstart(
+ __bs_port : job_t;
+ __label : name_t;
+ out __pid : pid_t;
+ out __name_port : mach_port_t);
+
+routine embedded_wait(
+ __bs_port : job_t;
+ __label : name_t;
+ out __waitval : integer_t);
projects / apple / launchd.git / commitdiff
