From 55da87d03dc126a1fda61d5f271aba3bea8165a5 Mon Sep 17 00:00:00 2001 From: Andrew Gaffney Date: Sat, 5 Jan 2008 06:26:21 +0000 Subject: move code that talks to server into talk_to_server(), which forks before doing its thing in order to drop privileges svn path=/branches/new-fu/; revision=330 --- client/Scire.pm | 6 ++++++ client/scireclient.pl | 60 ++++++++++++++++++++++++++++++++++----------------- 2 files changed, 46 insertions(+), 20 deletions(-) diff --git a/client/Scire.pm b/client/Scire.pm index 19c6119..2275a87 100644 --- a/client/Scire.pm +++ b/client/Scire.pm @@ -96,6 +96,12 @@ sub create_connection { $self->{connection_pid} = open2($self->{SERVER_STDOUT}, $self->{SERVER_STDIN}, $self->{connection_command}); } +sub close_connection { + my $self = shift; + close $self->{SERVER_STDIN}; + close $self->{SERVER_STDOUT}; +} + sub build_connection_command { my $self = shift; # This will eventually be something like "ssh scire@${scireserver} /usr/bin/scireserver.pl" diff --git a/client/scireclient.pl b/client/scireclient.pl index 05d2340..f630f7f 100755 --- a/client/scireclient.pl +++ b/client/scireclient.pl @@ -10,6 +10,7 @@ use Getopt::Long; use Data::Dumper; use File::Path; use Sys::Hostname; +use POSIX qw/WEXITSTATUS setuid/; my $ETC_DIR = "/etc/scire"; my $SCIRE_CONFIG_FILE = "${ETC_DIR}/scire.conf"; @@ -25,34 +26,53 @@ sub run_main { check_job_dir(); - #ok folks so here's how this thang goes down. - #1. Connect. - $comm = Scire::Communicator->new( host => $conf{host}, user => $conf{user}, port => $conf{port} ); - $comm->create_connection(); - - #2. Register with the DB. (only it knows if you're allowed to be active) - # If we do not have a defined key file, we assume this is the first run of this client - # so we register them instead of trying to identify. - if(defined($conf{key_file}) and (-f $conf{key_file})) { - if(!identify_client()) { - exit(1); - } + my $exitcode = talk_to_server(); +} + +sub talk_to_server { + # This functions forks a new process just for the purpose of dropping privileges. + my $pid = fork(); + if($pid) { + debug("Waiting for PID ${pid} to finish"); + waitpid($pid, 0); + my $exitcode = WEXITSTATUS($?); + debug("PID ${pid} has finished with status ${exitcode}"); + return $exitcode; } else { - register_client(); + # We'll need to add a call to setuid() here at some point + #ok folks so here's how this thang goes down. + #1. Connect. + $comm = Scire::Communicator->new( host => $conf{host}, user => $conf{user}, port => $conf{port} ); + $comm->create_connection(); + + #2. Register with the DB. (only it knows if you're allowed to be active) + # If we do not have a defined key file, we assume this is the first run of this client + # so we register them instead of trying to identify. + if(defined($conf{key_file}) and (-f $conf{key_file})) { + if(!identify_client()) { + exit(1); + } + } else { + register_client(); + exit(0); + } + + #3. Scan the jobs directory. If there are done/failed jobs, report them. Note jobs in running or queue. + my @existing_jobs = scan_jobs_dir(); + #4. Fetch the jobs list + get_jobs(); + #5. ??? + #6. Profit! + + $comm->close_connection(); exit(0); } - - #3. Scan the jobs directory. If there are done/failed jobs, report them. Note jobs in running or queue. - my @existing_jobs = scan_jobs_dir(); - #4. Fetch the jobs list - get_jobs(); - #5. ??? - #6. Profit! } sub parse_command_line { GetOptions( 'debug|d' => \$conf{debug}, + 'daemon|D' => \$conf{daemon}, 'dry-run' => \$conf{dry_run}, 'help|h' => \$conf{help}, 'config|c=s' => \$conf{config}, -- cgit v1.2.3-65-gdbad