Deleted
Added
nxt_process.c (1997:a8a3f1d243ee) | nxt_process.c (1998:c8790d2a89bb) |
---|---|
1 2/* 3 * Copyright (C) Igor Sysoev 4 * Copyright (C) NGINX, Inc. 5 */ 6 7#include <nxt_main.h> | 1 2/* 3 * Copyright (C) Igor Sysoev 4 * Copyright (C) NGINX, Inc. 5 */ 6 7#include <nxt_main.h> |
8#include <nxt_main_process.h> | |
9 10#if (NXT_HAVE_CLONE) 11#include <nxt_clone.h> 12#endif 13 14#include <signal.h> 15 16#if (NXT_HAVE_PR_SET_NO_NEW_PRIVS) 17#include <sys/prctl.h> 18#endif 19 | 8 9#if (NXT_HAVE_CLONE) 10#include <nxt_clone.h> 11#endif 12 13#include <signal.h> 14 15#if (NXT_HAVE_PR_SET_NO_NEW_PRIVS) 16#include <sys/prctl.h> 17#endif 18 |
19 20#if (NXT_HAVE_CLONE) && (NXT_HAVE_CLONE_NEWPID) 21#define nxt_is_pid_isolated(process) \ 22 nxt_is_clone_flag_set(process->isolation.clone.flags, NEWPID) 23#else 24#define nxt_is_pid_isolated(process) \ 25 (0) 26#endif 27 28 |
|
20static nxt_pid_t nxt_process_create(nxt_task_t *task, nxt_process_t *process); | 29static nxt_pid_t nxt_process_create(nxt_task_t *task, nxt_process_t *process); |
30static nxt_int_t nxt_process_do_start(nxt_task_t *task, nxt_process_t *process); 31static nxt_int_t nxt_process_whoami(nxt_task_t *task, nxt_process_t *process); |
|
21static nxt_int_t nxt_process_setup(nxt_task_t *task, nxt_process_t *process); 22static nxt_int_t nxt_process_child_fixup(nxt_task_t *task, 23 nxt_process_t *process); | 32static nxt_int_t nxt_process_setup(nxt_task_t *task, nxt_process_t *process); 33static nxt_int_t nxt_process_child_fixup(nxt_task_t *task, 34 nxt_process_t *process); |
35static void nxt_process_whoami_ok(nxt_task_t *task, nxt_port_recv_msg_t *msg, 36 void *data); 37static void nxt_process_whoami_error(nxt_task_t *task, nxt_port_recv_msg_t *msg, 38 void *data); |
|
24static nxt_int_t nxt_process_send_created(nxt_task_t *task, 25 nxt_process_t *process); 26static nxt_int_t nxt_process_send_ready(nxt_task_t *task, 27 nxt_process_t *process); 28static void nxt_process_created_ok(nxt_task_t *task, nxt_port_recv_msg_t *msg, 29 void *data); 30static void nxt_process_created_error(nxt_task_t *task, 31 nxt_port_recv_msg_t *msg, void *data); --- 7 unchanged lines hidden (view full) --- 39 40/* A cached process effective uid */ 41nxt_uid_t nxt_euid; 42 43/* A cached process effective gid */ 44nxt_gid_t nxt_egid; 45 46nxt_bool_t nxt_proc_conn_matrix[NXT_PROCESS_MAX][NXT_PROCESS_MAX] = { | 39static nxt_int_t nxt_process_send_created(nxt_task_t *task, 40 nxt_process_t *process); 41static nxt_int_t nxt_process_send_ready(nxt_task_t *task, 42 nxt_process_t *process); 43static void nxt_process_created_ok(nxt_task_t *task, nxt_port_recv_msg_t *msg, 44 void *data); 45static void nxt_process_created_error(nxt_task_t *task, 46 nxt_port_recv_msg_t *msg, void *data); --- 7 unchanged lines hidden (view full) --- 54 55/* A cached process effective uid */ 56nxt_uid_t nxt_euid; 57 58/* A cached process effective gid */ 59nxt_gid_t nxt_egid; 60 61nxt_bool_t nxt_proc_conn_matrix[NXT_PROCESS_MAX][NXT_PROCESS_MAX] = { |
47 { 1, 1, 1, 1, 1 }, 48 { 1, 0, 0, 0, 0 }, 49 { 1, 0, 0, 1, 0 }, 50 { 1, 0, 1, 0, 1 }, 51 { 1, 0, 0, 1, 0 }, | 62 { 1, 1, 1, 1, 1, 1 }, 63 { 1, 0, 0, 0, 0, 0 }, 64 { 1, 0, 0, 1, 0, 0 }, 65 { 1, 0, 1, 1, 1, 1 }, 66 { 1, 0, 0, 1, 0, 0 }, 67 { 1, 0, 0, 1, 0, 0 }, |
52}; 53 54nxt_bool_t nxt_proc_remove_notify_matrix[NXT_PROCESS_MAX][NXT_PROCESS_MAX] = { | 68}; 69 70nxt_bool_t nxt_proc_remove_notify_matrix[NXT_PROCESS_MAX][NXT_PROCESS_MAX] = { |
55 { 0, 0, 0, 0, 0 }, 56 { 0, 0, 0, 0, 0 }, 57 { 0, 0, 0, 1, 0 }, 58 { 0, 0, 1, 0, 1 }, 59 { 0, 0, 0, 1, 0 }, | 71 { 0, 0, 0, 0, 0, 0 }, 72 { 0, 0, 0, 0, 0, 0 }, 73 { 0, 0, 0, 1, 0, 0 }, 74 { 0, 0, 1, 0, 1, 1 }, 75 { 0, 0, 0, 1, 0, 0 }, 76 { 1, 0, 0, 1, 0, 0 }, |
60}; 61 62 | 77}; 78 79 |
80static const nxt_port_handlers_t nxt_process_whoami_port_handlers = { 81 .quit = nxt_signal_quit_handler, 82 .rpc_ready = nxt_port_rpc_handler, 83 .rpc_error = nxt_port_rpc_handler, 84}; 85 86 |
|
63nxt_process_t * 64nxt_process_new(nxt_runtime_t *rt) 65{ 66 nxt_process_t *process; 67 68 process = nxt_mp_zalloc(rt->mem_pool, sizeof(nxt_process_t) 69 + sizeof(nxt_process_init_t)); 70 71 if (nxt_slow_path(process == NULL)) { 72 return NULL; 73 } 74 75 nxt_queue_init(&process->ports); 76 77 nxt_thread_mutex_create(&process->incoming.mutex); 78 79 process->use_count = 1; 80 | 87nxt_process_t * 88nxt_process_new(nxt_runtime_t *rt) 89{ 90 nxt_process_t *process; 91 92 process = nxt_mp_zalloc(rt->mem_pool, sizeof(nxt_process_t) 93 + sizeof(nxt_process_init_t)); 94 95 if (nxt_slow_path(process == NULL)) { 96 return NULL; 97 } 98 99 nxt_queue_init(&process->ports); 100 101 nxt_thread_mutex_create(&process->incoming.mutex); 102 103 process->use_count = 1; 104 |
105 nxt_queue_init(&process->children); 106 |
|
81 return process; 82} 83 84 85void 86nxt_process_use(nxt_task_t *task, nxt_process_t *process, int i) 87{ 88 process->use_count += i; --- 14 unchanged lines hidden (view full) --- 103 104 rt = task->thread->runtime; 105 106 process = nxt_process_new(rt); 107 if (nxt_slow_path(process == NULL)) { 108 return NXT_ERROR; 109 } 110 | 107 return process; 108} 109 110 111void 112nxt_process_use(nxt_task_t *task, nxt_process_t *process, int i) 113{ 114 process->use_count += i; --- 14 unchanged lines hidden (view full) --- 129 130 rt = task->thread->runtime; 131 132 process = nxt_process_new(rt); 133 if (nxt_slow_path(process == NULL)) { 134 return NXT_ERROR; 135 } 136 |
137 process->parent_port = rt->port_by_type[rt->type]; 138 |
|
111 process->name = init.name; 112 process->user_cred = &rt->user_cred; 113 114 pinit = nxt_process_init(process); 115 *pinit = init; 116 117 ret = nxt_process_start(task, process); 118 if (nxt_slow_path(ret == NXT_ERROR)) { --- 53 unchanged lines hidden (view full) --- 172 /* The child process: return to the event engine work queue loop. */ 173 174 nxt_process_use(task, process, -1); 175 176 ret = NXT_AGAIN; 177 break; 178 179 default: | 139 process->name = init.name; 140 process->user_cred = &rt->user_cred; 141 142 pinit = nxt_process_init(process); 143 *pinit = init; 144 145 ret = nxt_process_start(task, process); 146 if (nxt_slow_path(ret == NXT_ERROR)) { --- 53 unchanged lines hidden (view full) --- 200 /* The child process: return to the event engine work queue loop. */ 201 202 nxt_process_use(task, process, -1); 203 204 ret = NXT_AGAIN; 205 break; 206 207 default: |
180 /* The main process created a new process. */ | 208 /* The parent process created a new process. */ |
181 182 nxt_process_use(task, process, -1); 183 184 nxt_port_read_close(port); 185 nxt_port_write_enable(task, port); 186 187 ret = NXT_OK; 188 break; --- 22 unchanged lines hidden (view full) --- 211{ 212 nxt_process_t *p; 213 nxt_runtime_t *rt; 214 nxt_process_init_t *init; 215 nxt_process_type_t ptype; 216 217 init = nxt_process_init(process); 218 | 209 210 nxt_process_use(task, process, -1); 211 212 nxt_port_read_close(port); 213 nxt_port_write_enable(task, port); 214 215 ret = NXT_OK; 216 break; --- 22 unchanged lines hidden (view full) --- 239{ 240 nxt_process_t *p; 241 nxt_runtime_t *rt; 242 nxt_process_init_t *init; 243 nxt_process_type_t ptype; 244 245 init = nxt_process_init(process); 246 |
247 nxt_ppid = nxt_pid; 248 |
|
219 nxt_pid = nxt_getpid(); 220 221 process->pid = nxt_pid; | 249 nxt_pid = nxt_getpid(); 250 251 process->pid = nxt_pid; |
252 process->isolated_pid = nxt_pid; |
|
222 223 /* Clean inherited cached thread tid. */ 224 task->thread->tid = 0; 225 | 253 254 /* Clean inherited cached thread tid. */ 255 task->thread->tid = 0; 256 |
226#if (NXT_HAVE_CLONE && NXT_HAVE_CLONE_NEWPID) 227 if (nxt_is_clone_flag_set(process->isolation.clone.flags, NEWPID)) { 228 ssize_t pidsz; 229 char procpid[10]; 230 231 nxt_debug(task, "%s isolated pid is %d", process->name, nxt_pid); 232 233 pidsz = readlink("/proc/self", procpid, sizeof(procpid)); 234 235 if (nxt_slow_path(pidsz < 0 || pidsz >= (ssize_t) sizeof(procpid))) { 236 nxt_alert(task, "failed to read real pid from /proc/self"); 237 return NXT_ERROR; 238 } 239 240 procpid[pidsz] = '\0'; 241 242 nxt_pid = (nxt_pid_t) strtol(procpid, NULL, 10); 243 244 nxt_assert(nxt_pid > 0 && nxt_errno != ERANGE); 245 246 process->pid = nxt_pid; 247 task->thread->tid = nxt_pid; 248 249 nxt_debug(task, "%s real pid is %d", process->name, nxt_pid); 250 } 251 252#endif 253 | |
254 ptype = init->type; 255 256 nxt_port_reset_next_id(); 257 258 nxt_event_engine_thread_adopt(task->thread->engine); 259 260 rt = task->thread->runtime; 261 262 /* Remove not ready processes. */ 263 nxt_runtime_process_each(rt, p) { 264 | 257 ptype = init->type; 258 259 nxt_port_reset_next_id(); 260 261 nxt_event_engine_thread_adopt(task->thread->engine); 262 263 rt = task->thread->runtime; 264 265 /* Remove not ready processes. */ 266 nxt_runtime_process_each(rt, p) { 267 |
265 if (nxt_proc_conn_matrix[ptype][nxt_process_type(p)] == 0) { | 268 if (nxt_proc_conn_matrix[ptype][nxt_process_type(p)] == 0 269 && p->pid != nxt_ppid) /* Always keep parent's port. */ 270 { |
266 nxt_debug(task, "remove not required process %PI", p->pid); 267 268 nxt_process_close_ports(task, p); 269 270 continue; 271 } 272 273 if (p->state != NXT_PROCESS_STATE_READY) { --- 36 unchanged lines hidden (view full) --- 310 /* Child. */ 311 312 ret = nxt_process_child_fixup(task, process); 313 if (nxt_slow_path(ret != NXT_OK)) { 314 nxt_process_quit(task, 1); 315 return -1; 316 } 317 | 271 nxt_debug(task, "remove not required process %PI", p->pid); 272 273 nxt_process_close_ports(task, p); 274 275 continue; 276 } 277 278 if (p->state != NXT_PROCESS_STATE_READY) { --- 36 unchanged lines hidden (view full) --- 315 /* Child. */ 316 317 ret = nxt_process_child_fixup(task, process); 318 if (nxt_slow_path(ret != NXT_OK)) { 319 nxt_process_quit(task, 1); 320 return -1; 321 } 322 |
318 nxt_runtime_process_add(task, process); 319 320 if (nxt_slow_path(nxt_process_setup(task, process) != NXT_OK)) { | 323 ret = nxt_process_setup(task, process); 324 if (nxt_slow_path(ret != NXT_OK)) { |
321 nxt_process_quit(task, 1); 322 } 323 324 /* 325 * Explicitly return 0 to notice the caller function this is the child. 326 * The caller must return to the event engine work queue loop. 327 */ 328 return 0; 329 } 330 331 /* Parent. */ 332 333#if (NXT_HAVE_CLONE) 334 nxt_debug(task, "clone(%s): %PI", process->name, pid); 335#else 336 nxt_debug(task, "fork(%s): %PI", process->name, pid); 337#endif 338 339 process->pid = pid; | 325 nxt_process_quit(task, 1); 326 } 327 328 /* 329 * Explicitly return 0 to notice the caller function this is the child. 330 * The caller must return to the event engine work queue loop. 331 */ 332 return 0; 333 } 334 335 /* Parent. */ 336 337#if (NXT_HAVE_CLONE) 338 nxt_debug(task, "clone(%s): %PI", process->name, pid); 339#else 340 nxt_debug(task, "fork(%s): %PI", process->name, pid); 341#endif 342 343 process->pid = pid; |
344 process->isolated_pid = pid; |
|
340 341 nxt_runtime_process_add(task, process); 342 343 return pid; 344} 345 346 347static nxt_int_t 348nxt_process_setup(nxt_task_t *task, nxt_process_t *process) 349{ 350 nxt_int_t ret; | 345 346 nxt_runtime_process_add(task, process); 347 348 return pid; 349} 350 351 352static nxt_int_t 353nxt_process_setup(nxt_task_t *task, nxt_process_t *process) 354{ 355 nxt_int_t ret; |
351 nxt_port_t *port, *main_port; | |
352 nxt_thread_t *thread; 353 nxt_runtime_t *rt; 354 nxt_process_init_t *init; 355 nxt_event_engine_t *engine; 356 const nxt_event_interface_t *interface; 357 358 init = nxt_process_init(process); 359 --- 23 unchanged lines hidden (view full) --- 383 } 384 385 ret = nxt_runtime_thread_pool_create(thread, rt, rt->auxiliary_threads, 386 60000 * 1000000LL); 387 if (nxt_slow_path(ret != NXT_OK)) { 388 return NXT_ERROR; 389 } 390 | 356 nxt_thread_t *thread; 357 nxt_runtime_t *rt; 358 nxt_process_init_t *init; 359 nxt_event_engine_t *engine; 360 const nxt_event_interface_t *interface; 361 362 init = nxt_process_init(process); 363 --- 23 unchanged lines hidden (view full) --- 387 } 388 389 ret = nxt_runtime_thread_pool_create(thread, rt, rt->auxiliary_threads, 390 60000 * 1000000LL); 391 if (nxt_slow_path(ret != NXT_OK)) { 392 return NXT_ERROR; 393 } 394 |
391 main_port = rt->port_by_type[NXT_PROCESS_MAIN]; | 395 nxt_port_read_close(process->parent_port); 396 nxt_port_write_enable(task, process->parent_port); |
392 | 397 |
393 nxt_port_read_close(main_port); 394 nxt_port_write_enable(task, main_port); | 398 /* 399 * If the parent process is already isolated, rt->pid_isolation is already 400 * set to 1 at this point. 401 */ 402 if (nxt_is_pid_isolated(process)) { 403 rt->is_pid_isolated = 1; 404 } |
395 | 405 |
406 if (rt->is_pid_isolated 407 || process->parent_port != rt->port_by_type[NXT_PROCESS_MAIN]) 408 { 409 ret = nxt_process_whoami(task, process); 410 411 } else { 412 ret = nxt_process_do_start(task, process); 413 } 414 415 return ret; 416} 417 418 419static nxt_int_t 420nxt_process_do_start(nxt_task_t *task, nxt_process_t *process) 421{ 422 nxt_int_t ret; 423 nxt_port_t *port; 424 nxt_process_init_t *init; 425 426 nxt_runtime_process_add(task, process); 427 428 init = nxt_process_init(process); |
|
396 port = nxt_process_port_first(process); 397 398 nxt_port_enable(task, port, init->port_handlers); 399 400 ret = init->setup(task, process); | 429 port = nxt_process_port_first(process); 430 431 nxt_port_enable(task, port, init->port_handlers); 432 433 ret = init->setup(task, process); |
401 | |
402 if (nxt_slow_path(ret != NXT_OK)) { 403 return NXT_ERROR; 404 } 405 406 switch (process->state) { 407 408 case NXT_PROCESS_STATE_CREATED: 409 ret = nxt_process_send_created(task, process); --- 20 unchanged lines hidden (view full) --- 430 nxt_alert(task, "%s failed to start", process->name); 431 } 432 433 return ret; 434} 435 436 437static nxt_int_t | 434 if (nxt_slow_path(ret != NXT_OK)) { 435 return NXT_ERROR; 436 } 437 438 switch (process->state) { 439 440 case NXT_PROCESS_STATE_CREATED: 441 ret = nxt_process_send_created(task, process); --- 20 unchanged lines hidden (view full) --- 462 nxt_alert(task, "%s failed to start", process->name); 463 } 464 465 return ret; 466} 467 468 469static nxt_int_t |
470nxt_process_whoami(nxt_task_t *task, nxt_process_t *process) 471{ 472 uint32_t stream; 473 nxt_fd_t fd; 474 nxt_buf_t *buf; 475 nxt_int_t ret; 476 nxt_port_t *my_port, *main_port; 477 nxt_runtime_t *rt; 478 479 rt = task->thread->runtime; 480 481 my_port = nxt_process_port_first(process); 482 main_port = rt->port_by_type[NXT_PROCESS_MAIN]; 483 484 nxt_assert(my_port != NULL && main_port != NULL); 485 486 nxt_port_enable(task, my_port, &nxt_process_whoami_port_handlers); 487 488 buf = nxt_buf_mem_alloc(main_port->mem_pool, sizeof(nxt_pid_t), 0); 489 if (nxt_slow_path(buf == NULL)) { 490 return NXT_ERROR; 491 } 492 493 buf->mem.free = nxt_cpymem(buf->mem.free, &nxt_ppid, sizeof(nxt_pid_t)); 494 495 stream = nxt_port_rpc_register_handler(task, my_port, 496 nxt_process_whoami_ok, 497 nxt_process_whoami_error, 498 main_port->pid, process); 499 if (nxt_slow_path(stream == 0)) { 500 nxt_mp_free(main_port->mem_pool, buf); 501 502 return NXT_ERROR; 503 } 504 505 fd = (process->parent_port != main_port) ? my_port->pair[1] : -1; 506 507 ret = nxt_port_socket_write(task, main_port, NXT_PORT_MSG_WHOAMI, 508 fd, stream, my_port->id, buf); 509 510 if (nxt_slow_path(ret != NXT_OK)) { 511 nxt_alert(task, "%s failed to send WHOAMI message", process->name); 512 nxt_port_rpc_cancel(task, my_port, stream); 513 nxt_mp_free(main_port->mem_pool, buf); 514 515 return NXT_ERROR; 516 } 517 518 return NXT_OK; 519} 520 521 522static void 523nxt_process_whoami_ok(nxt_task_t *task, nxt_port_recv_msg_t *msg, void *data) 524{ 525 nxt_pid_t pid, isolated_pid; 526 nxt_buf_t *buf; 527 nxt_port_t *port; 528 nxt_process_t *process; 529 nxt_runtime_t *rt; 530 531 process = data; 532 533 buf = msg->buf; 534 535 nxt_assert(nxt_buf_used_size(buf) == sizeof(nxt_pid_t)); 536 537 nxt_memcpy(&pid, buf->mem.pos, sizeof(nxt_pid_t)); 538 539 isolated_pid = nxt_pid; 540 541 if (isolated_pid != pid) { 542 nxt_pid = pid; 543 process->pid = pid; 544 545 nxt_process_port_each(process, port) { 546 port->pid = pid; 547 } nxt_process_port_loop; 548 } 549 550 rt = task->thread->runtime; 551 552 if (process->parent_port != rt->port_by_type[NXT_PROCESS_MAIN]) { 553 port = process->parent_port; 554 555 (void) nxt_port_socket_write(task, port, NXT_PORT_MSG_PROCESS_CREATED, 556 -1, 0, 0, NULL); 557 558 nxt_log(task, NXT_LOG_INFO, "%s started", process->name); 559 } 560 561 if (nxt_slow_path(nxt_process_do_start(task, process) != NXT_OK)) { 562 nxt_process_quit(task, 1); 563 } 564} 565 566 567static void 568nxt_process_whoami_error(nxt_task_t *task, nxt_port_recv_msg_t *msg, void *data) 569{ 570 nxt_alert(task, "WHOAMI error"); 571 572 nxt_process_quit(task, 1); 573} 574 575 576static nxt_int_t |
|
438nxt_process_send_created(nxt_task_t *task, nxt_process_t *process) 439{ 440 uint32_t stream; 441 nxt_int_t ret; 442 nxt_port_t *my_port, *main_port; 443 nxt_runtime_t *rt; 444 445 nxt_assert(process->state == NXT_PROCESS_STATE_CREATED); --- 32 unchanged lines hidden (view full) --- 478static void 479nxt_process_created_ok(nxt_task_t *task, nxt_port_recv_msg_t *msg, void *data) 480{ 481 nxt_int_t ret; 482 nxt_process_t *process; 483 nxt_process_init_t *init; 484 485 process = data; | 577nxt_process_send_created(nxt_task_t *task, nxt_process_t *process) 578{ 579 uint32_t stream; 580 nxt_int_t ret; 581 nxt_port_t *my_port, *main_port; 582 nxt_runtime_t *rt; 583 584 nxt_assert(process->state == NXT_PROCESS_STATE_CREATED); --- 32 unchanged lines hidden (view full) --- 617static void 618nxt_process_created_ok(nxt_task_t *task, nxt_port_recv_msg_t *msg, void *data) 619{ 620 nxt_int_t ret; 621 nxt_process_t *process; 622 nxt_process_init_t *init; 623 624 process = data; |
625 626 process->state = NXT_PROCESS_STATE_READY; 627 |
|
486 init = nxt_process_init(process); 487 488 ret = nxt_process_apply_creds(task, process); 489 if (nxt_slow_path(ret != NXT_OK)) { 490 goto fail; 491 } 492 493 nxt_log(task, NXT_LOG_INFO, "%s started", process->name); 494 | 628 init = nxt_process_init(process); 629 630 ret = nxt_process_apply_creds(task, process); 631 if (nxt_slow_path(ret != NXT_OK)) { 632 goto fail; 633 } 634 635 nxt_log(task, NXT_LOG_INFO, "%s started", process->name); 636 |
637 ret = nxt_process_send_ready(task, process); 638 if (nxt_slow_path(ret != NXT_OK)) { 639 goto fail; 640 } 641 |
|
495 ret = init->start(task, &process->data); 496 | 642 ret = init->start(task, &process->data); 643 |
497fail: | 644 if (nxt_process_type(process) != NXT_PROCESS_PROTOTYPE) { 645 nxt_port_write_close(nxt_process_port_first(process)); 646 } |
498 | 647 |
499 nxt_process_quit(task, ret == NXT_OK ? 0 : 1); | 648 if (nxt_fast_path(ret == NXT_OK)) { 649 return; 650 } 651 652fail: 653 nxt_process_quit(task, 1); |
500} 501 502 503static void 504nxt_process_created_error(nxt_task_t *task, nxt_port_recv_msg_t *msg, 505 void *data) 506{ 507 nxt_process_t *process; --- 71 unchanged lines hidden (view full) --- 579 nxt_runtime_t *rt; 580 581 rt = task->thread->runtime; 582 583 cap_setid = rt->capabilities.setid; 584 585#if (NXT_HAVE_CLONE && NXT_HAVE_CLONE_NEWUSER) 586 if (!cap_setid | 654} 655 656 657static void 658nxt_process_created_error(nxt_task_t *task, nxt_port_recv_msg_t *msg, 659 void *data) 660{ 661 nxt_process_t *process; --- 71 unchanged lines hidden (view full) --- 733 nxt_runtime_t *rt; 734 735 rt = task->thread->runtime; 736 737 cap_setid = rt->capabilities.setid; 738 739#if (NXT_HAVE_CLONE && NXT_HAVE_CLONE_NEWUSER) 740 if (!cap_setid |
587 && nxt_is_clone_flag_set(process->isolation.clone.flags, NEWUSER)) { | 741 && nxt_is_clone_flag_set(process->isolation.clone.flags, NEWUSER)) 742 { |
588 cap_setid = 1; 589 } 590#endif 591 592 if (cap_setid) { 593 ret = nxt_credential_setgids(task, process->user_cred); 594 if (nxt_slow_path(ret != NXT_OK)) { 595 return NXT_ERROR; --- 16 unchanged lines hidden (view full) --- 612 613 return NXT_OK; 614} 615 616 617static nxt_int_t 618nxt_process_send_ready(nxt_task_t *task, nxt_process_t *process) 619{ | 743 cap_setid = 1; 744 } 745#endif 746 747 if (cap_setid) { 748 ret = nxt_credential_setgids(task, process->user_cred); 749 if (nxt_slow_path(ret != NXT_OK)) { 750 return NXT_ERROR; --- 16 unchanged lines hidden (view full) --- 767 768 return NXT_OK; 769} 770 771 772static nxt_int_t 773nxt_process_send_ready(nxt_task_t *task, nxt_process_t *process) 774{ |
620 nxt_int_t ret; 621 nxt_port_t *main_port; 622 nxt_runtime_t *rt; | 775 nxt_int_t ret; |
623 | 776 |
624 rt = task->thread->runtime; 625 626 main_port = rt->port_by_type[NXT_PROCESS_MAIN]; 627 628 nxt_assert(main_port != NULL); 629 630 ret = nxt_port_socket_write(task, main_port, NXT_PORT_MSG_PROCESS_READY, | 777 ret = nxt_port_socket_write(task, process->parent_port, 778 NXT_PORT_MSG_PROCESS_READY, |
631 -1, process->stream, 0, NULL); 632 633 if (nxt_slow_path(ret != NXT_OK)) { 634 nxt_alert(task, "%s failed to send READY message", process->name); 635 return NXT_ERROR; 636 } 637 638 nxt_debug(task, "%s sent ready", process->name); --- 270 unchanged lines hidden --- | 779 -1, process->stream, 0, NULL); 780 781 if (nxt_slow_path(ret != NXT_OK)) { 782 nxt_alert(task, "%s failed to send READY message", process->name); 783 return NXT_ERROR; 784 } 785 786 nxt_debug(task, "%s sent ready", process->name); --- 270 unchanged lines hidden --- |