nxt_process.c (1997:a8a3f1d243ee) nxt_process.c (1998:c8790d2a89bb)
1
2/*
3 * Copyright (C) Igor Sysoev
4 * Copyright (C) NGINX, Inc.
5 */
6
7#include <nxt_main.h>
1
2/*
3 * Copyright (C) Igor Sysoev
4 * Copyright (C) NGINX, Inc.
5 */
6
7#include <nxt_main.h>
8#include <nxt_main_process.h>
9
10#if (NXT_HAVE_CLONE)
11#include <nxt_clone.h>
12#endif
13
14#include <signal.h>
15
16#if (NXT_HAVE_PR_SET_NO_NEW_PRIVS)
17#include <sys/prctl.h>
18#endif
19
8
9#if (NXT_HAVE_CLONE)
10#include <nxt_clone.h>
11#endif
12
13#include <signal.h>
14
15#if (NXT_HAVE_PR_SET_NO_NEW_PRIVS)
16#include <sys/prctl.h>
17#endif
18
19
20#if (NXT_HAVE_CLONE) && (NXT_HAVE_CLONE_NEWPID)
21#define nxt_is_pid_isolated(process) \
22 nxt_is_clone_flag_set(process->isolation.clone.flags, NEWPID)
23#else
24#define nxt_is_pid_isolated(process) \
25 (0)
26#endif
27
28
20static nxt_pid_t nxt_process_create(nxt_task_t *task, nxt_process_t *process);
29static nxt_pid_t nxt_process_create(nxt_task_t *task, nxt_process_t *process);
30static nxt_int_t nxt_process_do_start(nxt_task_t *task, nxt_process_t *process);
31static nxt_int_t nxt_process_whoami(nxt_task_t *task, nxt_process_t *process);
21static nxt_int_t nxt_process_setup(nxt_task_t *task, nxt_process_t *process);
22static nxt_int_t nxt_process_child_fixup(nxt_task_t *task,
23 nxt_process_t *process);
32static nxt_int_t nxt_process_setup(nxt_task_t *task, nxt_process_t *process);
33static nxt_int_t nxt_process_child_fixup(nxt_task_t *task,
34 nxt_process_t *process);
35static void nxt_process_whoami_ok(nxt_task_t *task, nxt_port_recv_msg_t *msg,
36 void *data);
37static void nxt_process_whoami_error(nxt_task_t *task, nxt_port_recv_msg_t *msg,
38 void *data);
24static nxt_int_t nxt_process_send_created(nxt_task_t *task,
25 nxt_process_t *process);
26static nxt_int_t nxt_process_send_ready(nxt_task_t *task,
27 nxt_process_t *process);
28static void nxt_process_created_ok(nxt_task_t *task, nxt_port_recv_msg_t *msg,
29 void *data);
30static void nxt_process_created_error(nxt_task_t *task,
31 nxt_port_recv_msg_t *msg, void *data);

--- 7 unchanged lines hidden (view full) ---

39
40/* A cached process effective uid */
41nxt_uid_t nxt_euid;
42
43/* A cached process effective gid */
44nxt_gid_t nxt_egid;
45
46nxt_bool_t nxt_proc_conn_matrix[NXT_PROCESS_MAX][NXT_PROCESS_MAX] = {
39static nxt_int_t nxt_process_send_created(nxt_task_t *task,
40 nxt_process_t *process);
41static nxt_int_t nxt_process_send_ready(nxt_task_t *task,
42 nxt_process_t *process);
43static void nxt_process_created_ok(nxt_task_t *task, nxt_port_recv_msg_t *msg,
44 void *data);
45static void nxt_process_created_error(nxt_task_t *task,
46 nxt_port_recv_msg_t *msg, void *data);

--- 7 unchanged lines hidden (view full) ---

54
55/* A cached process effective uid */
56nxt_uid_t nxt_euid;
57
58/* A cached process effective gid */
59nxt_gid_t nxt_egid;
60
61nxt_bool_t nxt_proc_conn_matrix[NXT_PROCESS_MAX][NXT_PROCESS_MAX] = {
47 { 1, 1, 1, 1, 1 },
48 { 1, 0, 0, 0, 0 },
49 { 1, 0, 0, 1, 0 },
50 { 1, 0, 1, 0, 1 },
51 { 1, 0, 0, 1, 0 },
62 { 1, 1, 1, 1, 1, 1 },
63 { 1, 0, 0, 0, 0, 0 },
64 { 1, 0, 0, 1, 0, 0 },
65 { 1, 0, 1, 1, 1, 1 },
66 { 1, 0, 0, 1, 0, 0 },
67 { 1, 0, 0, 1, 0, 0 },
52};
53
54nxt_bool_t nxt_proc_remove_notify_matrix[NXT_PROCESS_MAX][NXT_PROCESS_MAX] = {
68};
69
70nxt_bool_t nxt_proc_remove_notify_matrix[NXT_PROCESS_MAX][NXT_PROCESS_MAX] = {
55 { 0, 0, 0, 0, 0 },
56 { 0, 0, 0, 0, 0 },
57 { 0, 0, 0, 1, 0 },
58 { 0, 0, 1, 0, 1 },
59 { 0, 0, 0, 1, 0 },
71 { 0, 0, 0, 0, 0, 0 },
72 { 0, 0, 0, 0, 0, 0 },
73 { 0, 0, 0, 1, 0, 0 },
74 { 0, 0, 1, 0, 1, 1 },
75 { 0, 0, 0, 1, 0, 0 },
76 { 1, 0, 0, 1, 0, 0 },
60};
61
62
77};
78
79
80static const nxt_port_handlers_t nxt_process_whoami_port_handlers = {
81 .quit = nxt_signal_quit_handler,
82 .rpc_ready = nxt_port_rpc_handler,
83 .rpc_error = nxt_port_rpc_handler,
84};
85
86
63nxt_process_t *
64nxt_process_new(nxt_runtime_t *rt)
65{
66 nxt_process_t *process;
67
68 process = nxt_mp_zalloc(rt->mem_pool, sizeof(nxt_process_t)
69 + sizeof(nxt_process_init_t));
70
71 if (nxt_slow_path(process == NULL)) {
72 return NULL;
73 }
74
75 nxt_queue_init(&process->ports);
76
77 nxt_thread_mutex_create(&process->incoming.mutex);
78
79 process->use_count = 1;
80
87nxt_process_t *
88nxt_process_new(nxt_runtime_t *rt)
89{
90 nxt_process_t *process;
91
92 process = nxt_mp_zalloc(rt->mem_pool, sizeof(nxt_process_t)
93 + sizeof(nxt_process_init_t));
94
95 if (nxt_slow_path(process == NULL)) {
96 return NULL;
97 }
98
99 nxt_queue_init(&process->ports);
100
101 nxt_thread_mutex_create(&process->incoming.mutex);
102
103 process->use_count = 1;
104
105 nxt_queue_init(&process->children);
106
81 return process;
82}
83
84
85void
86nxt_process_use(nxt_task_t *task, nxt_process_t *process, int i)
87{
88 process->use_count += i;

--- 14 unchanged lines hidden (view full) ---

103
104 rt = task->thread->runtime;
105
106 process = nxt_process_new(rt);
107 if (nxt_slow_path(process == NULL)) {
108 return NXT_ERROR;
109 }
110
107 return process;
108}
109
110
111void
112nxt_process_use(nxt_task_t *task, nxt_process_t *process, int i)
113{
114 process->use_count += i;

--- 14 unchanged lines hidden (view full) ---

129
130 rt = task->thread->runtime;
131
132 process = nxt_process_new(rt);
133 if (nxt_slow_path(process == NULL)) {
134 return NXT_ERROR;
135 }
136
137 process->parent_port = rt->port_by_type[rt->type];
138
111 process->name = init.name;
112 process->user_cred = &rt->user_cred;
113
114 pinit = nxt_process_init(process);
115 *pinit = init;
116
117 ret = nxt_process_start(task, process);
118 if (nxt_slow_path(ret == NXT_ERROR)) {

--- 53 unchanged lines hidden (view full) ---

172 /* The child process: return to the event engine work queue loop. */
173
174 nxt_process_use(task, process, -1);
175
176 ret = NXT_AGAIN;
177 break;
178
179 default:
139 process->name = init.name;
140 process->user_cred = &rt->user_cred;
141
142 pinit = nxt_process_init(process);
143 *pinit = init;
144
145 ret = nxt_process_start(task, process);
146 if (nxt_slow_path(ret == NXT_ERROR)) {

--- 53 unchanged lines hidden (view full) ---

200 /* The child process: return to the event engine work queue loop. */
201
202 nxt_process_use(task, process, -1);
203
204 ret = NXT_AGAIN;
205 break;
206
207 default:
180 /* The main process created a new process. */
208 /* The parent process created a new process. */
181
182 nxt_process_use(task, process, -1);
183
184 nxt_port_read_close(port);
185 nxt_port_write_enable(task, port);
186
187 ret = NXT_OK;
188 break;

--- 22 unchanged lines hidden (view full) ---

211{
212 nxt_process_t *p;
213 nxt_runtime_t *rt;
214 nxt_process_init_t *init;
215 nxt_process_type_t ptype;
216
217 init = nxt_process_init(process);
218
209
210 nxt_process_use(task, process, -1);
211
212 nxt_port_read_close(port);
213 nxt_port_write_enable(task, port);
214
215 ret = NXT_OK;
216 break;

--- 22 unchanged lines hidden (view full) ---

239{
240 nxt_process_t *p;
241 nxt_runtime_t *rt;
242 nxt_process_init_t *init;
243 nxt_process_type_t ptype;
244
245 init = nxt_process_init(process);
246
247 nxt_ppid = nxt_pid;
248
219 nxt_pid = nxt_getpid();
220
221 process->pid = nxt_pid;
249 nxt_pid = nxt_getpid();
250
251 process->pid = nxt_pid;
252 process->isolated_pid = nxt_pid;
222
223 /* Clean inherited cached thread tid. */
224 task->thread->tid = 0;
225
253
254 /* Clean inherited cached thread tid. */
255 task->thread->tid = 0;
256
226#if (NXT_HAVE_CLONE && NXT_HAVE_CLONE_NEWPID)
227 if (nxt_is_clone_flag_set(process->isolation.clone.flags, NEWPID)) {
228 ssize_t pidsz;
229 char procpid[10];
230
231 nxt_debug(task, "%s isolated pid is %d", process->name, nxt_pid);
232
233 pidsz = readlink("/proc/self", procpid, sizeof(procpid));
234
235 if (nxt_slow_path(pidsz < 0 || pidsz >= (ssize_t) sizeof(procpid))) {
236 nxt_alert(task, "failed to read real pid from /proc/self");
237 return NXT_ERROR;
238 }
239
240 procpid[pidsz] = '\0';
241
242 nxt_pid = (nxt_pid_t) strtol(procpid, NULL, 10);
243
244 nxt_assert(nxt_pid > 0 && nxt_errno != ERANGE);
245
246 process->pid = nxt_pid;
247 task->thread->tid = nxt_pid;
248
249 nxt_debug(task, "%s real pid is %d", process->name, nxt_pid);
250 }
251
252#endif
253
254 ptype = init->type;
255
256 nxt_port_reset_next_id();
257
258 nxt_event_engine_thread_adopt(task->thread->engine);
259
260 rt = task->thread->runtime;
261
262 /* Remove not ready processes. */
263 nxt_runtime_process_each(rt, p) {
264
257 ptype = init->type;
258
259 nxt_port_reset_next_id();
260
261 nxt_event_engine_thread_adopt(task->thread->engine);
262
263 rt = task->thread->runtime;
264
265 /* Remove not ready processes. */
266 nxt_runtime_process_each(rt, p) {
267
265 if (nxt_proc_conn_matrix[ptype][nxt_process_type(p)] == 0) {
268 if (nxt_proc_conn_matrix[ptype][nxt_process_type(p)] == 0
269 && p->pid != nxt_ppid) /* Always keep parent's port. */
270 {
266 nxt_debug(task, "remove not required process %PI", p->pid);
267
268 nxt_process_close_ports(task, p);
269
270 continue;
271 }
272
273 if (p->state != NXT_PROCESS_STATE_READY) {

--- 36 unchanged lines hidden (view full) ---

310 /* Child. */
311
312 ret = nxt_process_child_fixup(task, process);
313 if (nxt_slow_path(ret != NXT_OK)) {
314 nxt_process_quit(task, 1);
315 return -1;
316 }
317
271 nxt_debug(task, "remove not required process %PI", p->pid);
272
273 nxt_process_close_ports(task, p);
274
275 continue;
276 }
277
278 if (p->state != NXT_PROCESS_STATE_READY) {

--- 36 unchanged lines hidden (view full) ---

315 /* Child. */
316
317 ret = nxt_process_child_fixup(task, process);
318 if (nxt_slow_path(ret != NXT_OK)) {
319 nxt_process_quit(task, 1);
320 return -1;
321 }
322
318 nxt_runtime_process_add(task, process);
319
320 if (nxt_slow_path(nxt_process_setup(task, process) != NXT_OK)) {
323 ret = nxt_process_setup(task, process);
324 if (nxt_slow_path(ret != NXT_OK)) {
321 nxt_process_quit(task, 1);
322 }
323
324 /*
325 * Explicitly return 0 to notice the caller function this is the child.
326 * The caller must return to the event engine work queue loop.
327 */
328 return 0;
329 }
330
331 /* Parent. */
332
333#if (NXT_HAVE_CLONE)
334 nxt_debug(task, "clone(%s): %PI", process->name, pid);
335#else
336 nxt_debug(task, "fork(%s): %PI", process->name, pid);
337#endif
338
339 process->pid = pid;
325 nxt_process_quit(task, 1);
326 }
327
328 /*
329 * Explicitly return 0 to notice the caller function this is the child.
330 * The caller must return to the event engine work queue loop.
331 */
332 return 0;
333 }
334
335 /* Parent. */
336
337#if (NXT_HAVE_CLONE)
338 nxt_debug(task, "clone(%s): %PI", process->name, pid);
339#else
340 nxt_debug(task, "fork(%s): %PI", process->name, pid);
341#endif
342
343 process->pid = pid;
344 process->isolated_pid = pid;
340
341 nxt_runtime_process_add(task, process);
342
343 return pid;
344}
345
346
347static nxt_int_t
348nxt_process_setup(nxt_task_t *task, nxt_process_t *process)
349{
350 nxt_int_t ret;
345
346 nxt_runtime_process_add(task, process);
347
348 return pid;
349}
350
351
352static nxt_int_t
353nxt_process_setup(nxt_task_t *task, nxt_process_t *process)
354{
355 nxt_int_t ret;
351 nxt_port_t *port, *main_port;
352 nxt_thread_t *thread;
353 nxt_runtime_t *rt;
354 nxt_process_init_t *init;
355 nxt_event_engine_t *engine;
356 const nxt_event_interface_t *interface;
357
358 init = nxt_process_init(process);
359

--- 23 unchanged lines hidden (view full) ---

383 }
384
385 ret = nxt_runtime_thread_pool_create(thread, rt, rt->auxiliary_threads,
386 60000 * 1000000LL);
387 if (nxt_slow_path(ret != NXT_OK)) {
388 return NXT_ERROR;
389 }
390
356 nxt_thread_t *thread;
357 nxt_runtime_t *rt;
358 nxt_process_init_t *init;
359 nxt_event_engine_t *engine;
360 const nxt_event_interface_t *interface;
361
362 init = nxt_process_init(process);
363

--- 23 unchanged lines hidden (view full) ---

387 }
388
389 ret = nxt_runtime_thread_pool_create(thread, rt, rt->auxiliary_threads,
390 60000 * 1000000LL);
391 if (nxt_slow_path(ret != NXT_OK)) {
392 return NXT_ERROR;
393 }
394
391 main_port = rt->port_by_type[NXT_PROCESS_MAIN];
395 nxt_port_read_close(process->parent_port);
396 nxt_port_write_enable(task, process->parent_port);
392
397
393 nxt_port_read_close(main_port);
394 nxt_port_write_enable(task, main_port);
398 /*
399 * If the parent process is already isolated, rt->pid_isolation is already
400 * set to 1 at this point.
401 */
402 if (nxt_is_pid_isolated(process)) {
403 rt->is_pid_isolated = 1;
404 }
395
405
406 if (rt->is_pid_isolated
407 || process->parent_port != rt->port_by_type[NXT_PROCESS_MAIN])
408 {
409 ret = nxt_process_whoami(task, process);
410
411 } else {
412 ret = nxt_process_do_start(task, process);
413 }
414
415 return ret;
416}
417
418
419static nxt_int_t
420nxt_process_do_start(nxt_task_t *task, nxt_process_t *process)
421{
422 nxt_int_t ret;
423 nxt_port_t *port;
424 nxt_process_init_t *init;
425
426 nxt_runtime_process_add(task, process);
427
428 init = nxt_process_init(process);
396 port = nxt_process_port_first(process);
397
398 nxt_port_enable(task, port, init->port_handlers);
399
400 ret = init->setup(task, process);
429 port = nxt_process_port_first(process);
430
431 nxt_port_enable(task, port, init->port_handlers);
432
433 ret = init->setup(task, process);
401
402 if (nxt_slow_path(ret != NXT_OK)) {
403 return NXT_ERROR;
404 }
405
406 switch (process->state) {
407
408 case NXT_PROCESS_STATE_CREATED:
409 ret = nxt_process_send_created(task, process);

--- 20 unchanged lines hidden (view full) ---

430 nxt_alert(task, "%s failed to start", process->name);
431 }
432
433 return ret;
434}
435
436
437static nxt_int_t
434 if (nxt_slow_path(ret != NXT_OK)) {
435 return NXT_ERROR;
436 }
437
438 switch (process->state) {
439
440 case NXT_PROCESS_STATE_CREATED:
441 ret = nxt_process_send_created(task, process);

--- 20 unchanged lines hidden (view full) ---

462 nxt_alert(task, "%s failed to start", process->name);
463 }
464
465 return ret;
466}
467
468
469static nxt_int_t
470nxt_process_whoami(nxt_task_t *task, nxt_process_t *process)
471{
472 uint32_t stream;
473 nxt_fd_t fd;
474 nxt_buf_t *buf;
475 nxt_int_t ret;
476 nxt_port_t *my_port, *main_port;
477 nxt_runtime_t *rt;
478
479 rt = task->thread->runtime;
480
481 my_port = nxt_process_port_first(process);
482 main_port = rt->port_by_type[NXT_PROCESS_MAIN];
483
484 nxt_assert(my_port != NULL && main_port != NULL);
485
486 nxt_port_enable(task, my_port, &nxt_process_whoami_port_handlers);
487
488 buf = nxt_buf_mem_alloc(main_port->mem_pool, sizeof(nxt_pid_t), 0);
489 if (nxt_slow_path(buf == NULL)) {
490 return NXT_ERROR;
491 }
492
493 buf->mem.free = nxt_cpymem(buf->mem.free, &nxt_ppid, sizeof(nxt_pid_t));
494
495 stream = nxt_port_rpc_register_handler(task, my_port,
496 nxt_process_whoami_ok,
497 nxt_process_whoami_error,
498 main_port->pid, process);
499 if (nxt_slow_path(stream == 0)) {
500 nxt_mp_free(main_port->mem_pool, buf);
501
502 return NXT_ERROR;
503 }
504
505 fd = (process->parent_port != main_port) ? my_port->pair[1] : -1;
506
507 ret = nxt_port_socket_write(task, main_port, NXT_PORT_MSG_WHOAMI,
508 fd, stream, my_port->id, buf);
509
510 if (nxt_slow_path(ret != NXT_OK)) {
511 nxt_alert(task, "%s failed to send WHOAMI message", process->name);
512 nxt_port_rpc_cancel(task, my_port, stream);
513 nxt_mp_free(main_port->mem_pool, buf);
514
515 return NXT_ERROR;
516 }
517
518 return NXT_OK;
519}
520
521
522static void
523nxt_process_whoami_ok(nxt_task_t *task, nxt_port_recv_msg_t *msg, void *data)
524{
525 nxt_pid_t pid, isolated_pid;
526 nxt_buf_t *buf;
527 nxt_port_t *port;
528 nxt_process_t *process;
529 nxt_runtime_t *rt;
530
531 process = data;
532
533 buf = msg->buf;
534
535 nxt_assert(nxt_buf_used_size(buf) == sizeof(nxt_pid_t));
536
537 nxt_memcpy(&pid, buf->mem.pos, sizeof(nxt_pid_t));
538
539 isolated_pid = nxt_pid;
540
541 if (isolated_pid != pid) {
542 nxt_pid = pid;
543 process->pid = pid;
544
545 nxt_process_port_each(process, port) {
546 port->pid = pid;
547 } nxt_process_port_loop;
548 }
549
550 rt = task->thread->runtime;
551
552 if (process->parent_port != rt->port_by_type[NXT_PROCESS_MAIN]) {
553 port = process->parent_port;
554
555 (void) nxt_port_socket_write(task, port, NXT_PORT_MSG_PROCESS_CREATED,
556 -1, 0, 0, NULL);
557
558 nxt_log(task, NXT_LOG_INFO, "%s started", process->name);
559 }
560
561 if (nxt_slow_path(nxt_process_do_start(task, process) != NXT_OK)) {
562 nxt_process_quit(task, 1);
563 }
564}
565
566
567static void
568nxt_process_whoami_error(nxt_task_t *task, nxt_port_recv_msg_t *msg, void *data)
569{
570 nxt_alert(task, "WHOAMI error");
571
572 nxt_process_quit(task, 1);
573}
574
575
576static nxt_int_t
438nxt_process_send_created(nxt_task_t *task, nxt_process_t *process)
439{
440 uint32_t stream;
441 nxt_int_t ret;
442 nxt_port_t *my_port, *main_port;
443 nxt_runtime_t *rt;
444
445 nxt_assert(process->state == NXT_PROCESS_STATE_CREATED);

--- 32 unchanged lines hidden (view full) ---

478static void
479nxt_process_created_ok(nxt_task_t *task, nxt_port_recv_msg_t *msg, void *data)
480{
481 nxt_int_t ret;
482 nxt_process_t *process;
483 nxt_process_init_t *init;
484
485 process = data;
577nxt_process_send_created(nxt_task_t *task, nxt_process_t *process)
578{
579 uint32_t stream;
580 nxt_int_t ret;
581 nxt_port_t *my_port, *main_port;
582 nxt_runtime_t *rt;
583
584 nxt_assert(process->state == NXT_PROCESS_STATE_CREATED);

--- 32 unchanged lines hidden (view full) ---

617static void
618nxt_process_created_ok(nxt_task_t *task, nxt_port_recv_msg_t *msg, void *data)
619{
620 nxt_int_t ret;
621 nxt_process_t *process;
622 nxt_process_init_t *init;
623
624 process = data;
625
626 process->state = NXT_PROCESS_STATE_READY;
627
486 init = nxt_process_init(process);
487
488 ret = nxt_process_apply_creds(task, process);
489 if (nxt_slow_path(ret != NXT_OK)) {
490 goto fail;
491 }
492
493 nxt_log(task, NXT_LOG_INFO, "%s started", process->name);
494
628 init = nxt_process_init(process);
629
630 ret = nxt_process_apply_creds(task, process);
631 if (nxt_slow_path(ret != NXT_OK)) {
632 goto fail;
633 }
634
635 nxt_log(task, NXT_LOG_INFO, "%s started", process->name);
636
637 ret = nxt_process_send_ready(task, process);
638 if (nxt_slow_path(ret != NXT_OK)) {
639 goto fail;
640 }
641
495 ret = init->start(task, &process->data);
496
642 ret = init->start(task, &process->data);
643
497fail:
644 if (nxt_process_type(process) != NXT_PROCESS_PROTOTYPE) {
645 nxt_port_write_close(nxt_process_port_first(process));
646 }
498
647
499 nxt_process_quit(task, ret == NXT_OK ? 0 : 1);
648 if (nxt_fast_path(ret == NXT_OK)) {
649 return;
650 }
651
652fail:
653 nxt_process_quit(task, 1);
500}
501
502
503static void
504nxt_process_created_error(nxt_task_t *task, nxt_port_recv_msg_t *msg,
505 void *data)
506{
507 nxt_process_t *process;

--- 71 unchanged lines hidden (view full) ---

579 nxt_runtime_t *rt;
580
581 rt = task->thread->runtime;
582
583 cap_setid = rt->capabilities.setid;
584
585#if (NXT_HAVE_CLONE && NXT_HAVE_CLONE_NEWUSER)
586 if (!cap_setid
654}
655
656
657static void
658nxt_process_created_error(nxt_task_t *task, nxt_port_recv_msg_t *msg,
659 void *data)
660{
661 nxt_process_t *process;

--- 71 unchanged lines hidden (view full) ---

733 nxt_runtime_t *rt;
734
735 rt = task->thread->runtime;
736
737 cap_setid = rt->capabilities.setid;
738
739#if (NXT_HAVE_CLONE && NXT_HAVE_CLONE_NEWUSER)
740 if (!cap_setid
587 && nxt_is_clone_flag_set(process->isolation.clone.flags, NEWUSER)) {
741 && nxt_is_clone_flag_set(process->isolation.clone.flags, NEWUSER))
742 {
588 cap_setid = 1;
589 }
590#endif
591
592 if (cap_setid) {
593 ret = nxt_credential_setgids(task, process->user_cred);
594 if (nxt_slow_path(ret != NXT_OK)) {
595 return NXT_ERROR;

--- 16 unchanged lines hidden (view full) ---

612
613 return NXT_OK;
614}
615
616
617static nxt_int_t
618nxt_process_send_ready(nxt_task_t *task, nxt_process_t *process)
619{
743 cap_setid = 1;
744 }
745#endif
746
747 if (cap_setid) {
748 ret = nxt_credential_setgids(task, process->user_cred);
749 if (nxt_slow_path(ret != NXT_OK)) {
750 return NXT_ERROR;

--- 16 unchanged lines hidden (view full) ---

767
768 return NXT_OK;
769}
770
771
772static nxt_int_t
773nxt_process_send_ready(nxt_task_t *task, nxt_process_t *process)
774{
620 nxt_int_t ret;
621 nxt_port_t *main_port;
622 nxt_runtime_t *rt;
775 nxt_int_t ret;
623
776
624 rt = task->thread->runtime;
625
626 main_port = rt->port_by_type[NXT_PROCESS_MAIN];
627
628 nxt_assert(main_port != NULL);
629
630 ret = nxt_port_socket_write(task, main_port, NXT_PORT_MSG_PROCESS_READY,
777 ret = nxt_port_socket_write(task, process->parent_port,
778 NXT_PORT_MSG_PROCESS_READY,
631 -1, process->stream, 0, NULL);
632
633 if (nxt_slow_path(ret != NXT_OK)) {
634 nxt_alert(task, "%s failed to send READY message", process->name);
635 return NXT_ERROR;
636 }
637
638 nxt_debug(task, "%s sent ready", process->name);

--- 270 unchanged lines hidden ---
779 -1, process->stream, 0, NULL);
780
781 if (nxt_slow_path(ret != NXT_OK)) {
782 nxt_alert(task, "%s failed to send READY message", process->name);
783 return NXT_ERROR;
784 }
785
786 nxt_debug(task, "%s sent ready", process->name);

--- 270 unchanged lines hidden ---