sbuild::session Class Reference
Session handler. More...
#include <sbuild-session.h>
Public Types | |
| enum | operation { OPERATION_AUTOMATIC, OPERATION_BEGIN, OPERATION_RECOVER, OPERATION_END, OPERATION_RUN } |
| Session operations. More... | |
| enum | error_code { CHDIR, CHDIR_FB, CHILD_CORE, CHILD_FAIL, CHILD_FORK, CHILD_SIGNAL, CHILD_WAIT, CHROOT, CHROOT_ALIAS, CHROOT_LOCK, CHROOT_NOTFOUND, CHROOT_SETUP, CHROOT_UNLOCK, COMMAND_ABS, EXEC, GROUP_GET_SUP, GROUP_GET_SUPC, GROUP_SET, GROUP_SET_SUP, GROUP_UNKNOWN, PAM, ROOT_DROP, SET_SESSION_ID, SHELL, SHELL_FB, SIGNAL_CATCH, SIGNAL_SET, USER_SET, USER_SWITCH } |
| Error codes. More... | |
| typedef std::vector< chroot::ptr > | chroot_list |
| A list of chroots. | |
| typedef custom_error< error_code > | error |
| Exception type. | |
|
typedef std::tr1::shared_ptr < session > | ptr |
| A shared_ptr to a session object. | |
Public Member Functions | |
| session (std::string const &service, operation operation, chroot_list const &chroots) | |
| The constructor. | |
| virtual | ~session () |
| The destructor. | |
| auth::ptr const & | get_auth () const |
| Get the authentication state associated with this session. | |
| void | set_auth (auth::ptr &auth) |
| Set the authentication state associated with this session. | |
| chroot_list const & | get_chroots () const |
| Get the chroots to use in this session. | |
| void | set_chroots (chroot_list const &chroots) |
| Set the chroots to use in this session. | |
| operation | get_operation () const |
| Get the operation this session will perform. | |
| void | set_operation (operation operation) |
| Set the operation this session will perform. | |
| std::string const & | get_session_id () const |
| Get the session identifier. | |
| void | set_session_id (std::string const &session_id) |
| Set the session identifier. | |
| std::string const & | get_verbosity () const |
| Get the message verbosity. | |
| void | set_verbosity (std::string const &verbosity) |
| Set the message verbosity. | |
| bool | get_preserve_environment () const |
| Check if the environment should be preserved in the chroot. | |
| void | set_preserve_environment (bool preserve_environment) |
| Set if the environment should be preserved in the chroot. | |
| bool | get_force () const |
| Get the force status of this session. | |
| void | set_force (bool force) |
| Set the force status of this session. | |
| void | save_termios () |
| Save terminal state. | |
| void | restore_termios () |
| Restore terminal state. | |
| int | get_child_status () const |
| Get the exit (wait) status of the last child process to run in this session. | |
| virtual sbuild::auth::status | get_auth_status () const |
| Check if authentication is required, taking users, groups, root-users and root-groups membership of all chroots specified into account. | |
| void | run () |
| Run a session. | |
Protected Member Functions | |
| void | get_chroot_membership (chroot::ptr const &chroot, bool &in_users, bool &in_root_users, bool &in_groups, bool &in_root_groups) const |
| Get the chroot authentication properties the user is included in. | |
| virtual auth::status | get_chroot_auth_status (auth::status status, chroot::ptr const &chroot) const |
| Check if authentication is required for a single chroot, taking users, groups, root-users and root-groups membership into account. | |
| virtual void | run_impl () |
| Run a session. | |
| virtual string_list | get_login_directories (sbuild::chroot::ptr &session_chroot, environment const &env) const |
| Get a list of directories to change to when running a login shell. | |
| virtual string_list | get_command_directories (sbuild::chroot::ptr &session_chroot, environment const &env) const |
| Get a list of directories to change to when running a command Multiple directories are used as fallbacks. | |
| virtual std::string | get_shell () const |
| Get the shell to run. | |
| virtual void | get_command (chroot::ptr &session_chroot, std::string &file, string_list &command, environment const &env) const |
| Get the command to run. | |
| virtual void | get_login_command (chroot::ptr &session_chroot, std::string &file, string_list &command) const |
| Get the command to run a login shell. | |
| virtual void | get_user_command (chroot::ptr &session_chroot, std::string &file, string_list &command, environment const &env) const |
| Get the command to run a user command. | |
Protected Attributes | |
| std::string | cwd |
| Current working directory. | |
Private Member Functions | |
| void | setup_chroot (chroot::ptr &session_chroot, chroot::setup_type setup_type) |
| Setup a chroot. | |
| void | run_chroot (chroot::ptr &session_chroot) |
| Run command or login shell in the specified chroot. | |
| void | run_child (chroot::ptr &session_chroot) |
| Run a command or login shell as a child process in the specified chroot. | |
| void | wait_for_child (pid_t pid, int &child_status) |
| Wait for a child process to complete, and check its exit status. | |
| void | set_sighup_handler () |
| Set the SIGHUP handler. | |
| void | clear_sighup_handler () |
| Restore the state of SIGHUP prior to setting the handler. | |
| void | set_sigint_handler () |
| Set the SIGINT handler. | |
| void | clear_sigint_handler () |
| Restore the state of SIGINT prior to setting the handler. | |
| void | set_sigterm_handler () |
| Set the SIGTERM handler. | |
| void | clear_sigterm_handler () |
| Restore the state of SIGTERM prior to setting the handler. | |
| void | set_signal_handler (int signal, struct sigaction *saved_signal, void(*handler)(int)) |
| Set a signal handler. | |
| void | clear_signal_handler (int signal, struct sigaction *saved_signal) |
| Restore the state of the signal prior to setting the handler. | |
Private Attributes | |
| auth::ptr | authstat |
| Authentication state. | |
| chroot_list | chroots |
| The chroots to run the session operation in. | |
| int | chroot_status |
| The current chroot status. | |
| bool | lock_status |
| Lock status for locks acquired during chroot setup. | |
| int | child_status |
| The child exit status. | |
| operation | session_operation |
| The session operation to perform. | |
| std::string | session_id |
| The session identifier. | |
| bool | force |
| The session force status. | |
| struct sigaction | saved_sighup_signal |
| Signal saved while sighup handler is set. | |
| struct sigaction | saved_sigint_signal |
| Signal saved while sigint handler is set. | |
| struct sigaction | saved_sigterm_signal |
| Signal saved while sigterm handler is set. | |
| struct termios | saved_termios |
| Saved terminal settings. | |
| bool | termios_ok |
| Are the saved terminal settings valid? | |
| std::string | verbosity |
| Message verbosity. | |
| bool | preserve_environment |
| Preserve environment? | |
Detailed Description
Session handler.This class provides the session handling for schroot. It uses auth, which performs all the necessary PAM actions. This allows more sophisticated handling of user authorisation (users, groups, root-users and root-groups membership in the configuration file) and session management (setting up the session, entering the chroot and running the requested command or shell).
Member Enumeration Documentation
Error codes.
- Enumerator:
-
CHDIR Failed to change to directory. CHDIR_FB Falling back to directory. CHILD_CORE Child dumped core. CHILD_FAIL Child exited abnormally (reason unknown). CHILD_FORK Failed to fork child. CHILD_SIGNAL Child terminated by signal. CHILD_WAIT Wait for child failed. CHROOT Failed to change root to directory. CHROOT_ALIAS No chroot found matching alias. CHROOT_LOCK Failed to lock chroot. CHROOT_NOTFOUND Chroot not found. CHROOT_SETUP Setup failed. CHROOT_UNLOCK Failed to unlock chroot. COMMAND_ABS Command must have an absolute path. EXEC Failed to execute. GROUP_GET_SUP Failed to get supplementary groups. GROUP_GET_SUPC Failed to get supplementary group count. GROUP_SET Failed to set group. GROUP_SET_SUP Failed to set supplementary groups. GROUP_UNKNOWN Group not found. PAM PAM error. ROOT_DROP Failed to drop root permissions. SET_SESSION_ID Chroot does not support setting a session ID. SHELL Shell not available. SHELL_FB Falling back to shell. SIGNAL_CATCH Caught signal. SIGNAL_SET Failed to set signal handler. USER_SET Failed to set user. USER_SWITCH User switching is not permitted.
Constructor & Destructor Documentation
| session::session | ( | std::string const & | service, | |
| operation | operation, | |||
| chroot_list const & | chroots | |||
| ) |
The constructor.
- Parameters:
-
service the PAM service name. operation the session operation to perform. chroots the chroots to act upon.
References sbuild::getcwd().
Member Function Documentation
| auth::ptr const & session::get_auth | ( | ) | const |
| void session::set_auth | ( | auth::ptr & | auth | ) |
| session::chroot_list const & session::get_chroots | ( | ) | const |
| void session::set_chroots | ( | chroot_list const & | chroots | ) |
| session::operation session::get_operation | ( | ) | const |
| void session::set_operation | ( | operation | operation | ) |
Set the operation this session will perform.
- Parameters:
-
operation the operation.
References session_operation.
| std::string const & session::get_session_id | ( | ) | const |
Get the session identifier.
The session identifier is a unique string to identify a session.
- Returns:
- the session id.
References session_id.
Referenced by run_impl().
| void session::set_session_id | ( | std::string const & | session_id | ) |
| std::string const & session::get_verbosity | ( | ) | const |
| void session::set_verbosity | ( | std::string const & | verbosity | ) |
Set the message verbosity.
This will override the chroot message verbosity if set.
- Parameters:
-
verbosity the message verbosity.
| bool session::get_preserve_environment | ( | ) | const |
Check if the environment should be preserved in the chroot.
- Returns:
- true to preserve or false to clean.
References preserve_environment.
Referenced by get_login_command(), and run_child().
| void session::set_preserve_environment | ( | bool | preserve_environment | ) |
Set if the environment should be preserved in the chroot.
- Parameters:
-
preserve_environment true to preserve or false to clean.
| bool session::get_force | ( | ) | const |
| void session::set_force | ( | bool | force | ) |
| int session::get_child_status | ( | ) | const |
Get the exit (wait) status of the last child process to run in this session.
- Returns:
- the exit status.
References child_status.
| auth::status session::get_auth_status | ( | ) | const [virtual] |
Check if authentication is required, taking users, groups, root-users and root-groups membership of all chroots specified into account.
- Todo:
- Use set difference rather than iteration and is_group_member.
References sbuild::auth::change_auth(), chroots, get_chroot_auth_status(), and sbuild::auth::STATUS_NONE.
Referenced by run().
| void session::run | ( | ) |
Run a session.
The user will be asked for authentication if required, and then the run_impl virtual method will be called.
An auth::error will be thrown on failure.
References authstat, get_auth_status(), and run_impl().
| void session::run_impl | ( | ) | [protected, virtual] |
Run a session.
If a command has been specified, this will be run in each of the specified chroots. If no command has been specified, a login shell will run in the specified chroot.
An error will be thrown on failure.
References authstat, child_status, CHROOT_NOTFOUND, chroots, clear_sighup_handler(), clear_sigint_handler(), clear_sigterm_handler(), sbuild::DEBUG_NOTICE, sbuild::DEBUG_WARNING, get_chroot_membership(), get_session_id(), sbuild::log_debug(), OPERATION_AUTOMATIC, OPERATION_BEGIN, OPERATION_RUN, restore_termios(), run_chroot(), save_termios(), sbuild::chroot::SESSION_CREATE, session_operation, set_sighup_handler(), set_sigint_handler(), set_sigterm_handler(), setup_chroot(), sbuild::chroot::SETUP_RECOVER, sbuild::chroot::SETUP_START, sbuild::chroot::SETUP_STOP, sbuild::unique_identifier(), and verbosity.
Referenced by run().
| string_list session::get_login_directories | ( | sbuild::chroot::ptr & | session_chroot, | |
| environment const & | env | |||
| ) | const [protected, virtual] |
Get a list of directories to change to when running a login shell.
Multiple directories are used as fallbacks.
- Parameters:
-
session_chroot the chroot to setup. env the environment to use for HOME
- Returns:
- a list of directories
References authstat, cwd, and sbuild::environment::get().
Referenced by run_child().
| string_list session::get_command_directories | ( | sbuild::chroot::ptr & | session_chroot, | |
| environment const & | env | |||
| ) | const [protected, virtual] |
Get a list of directories to change to when running a command Multiple directories are used as fallbacks.
- Parameters:
-
session_chroot the chroot to setup. env the environment to use for HOME
- Returns:
- a list of directories
Referenced by run_child().
| std::string session::get_shell | ( | ) | const [protected, virtual] |
Get the shell to run.
This finds a suitable shell to run in the chroot, falling back to /bin/sh if necessary. Note that it assumes it is inside the chroot when called.
- Returns:
- the shell.
References authstat, sbuild::log_exception_warning(), SHELL, and SHELL_FB.
Referenced by get_login_command(), and run_child().
| void session::get_command | ( | chroot::ptr & | session_chroot, | |
| std::string & | file, | |||
| string_list & | command, | |||
| environment const & | env | |||
| ) | const [protected, virtual] |
Get the command to run.
- Parameters:
-
session_chroot the chroot to setup. file the filename to pass to execve(2). command the argv to pass to execve(2). env the environment to use for PATH
References get_login_command(), and get_user_command().
Referenced by run_child().
| void session::get_login_command | ( | chroot::ptr & | session_chroot, | |
| std::string & | file, | |||
| string_list & | command | |||
| ) | const [protected, virtual] |
Get the command to run a login shell.
- Parameters:
-
session_chroot the chroot to setup. file the filename to pass to execve(2). command the argv to pass to execve(2).
References authstat, sbuild::basename(), sbuild::DEBUG_NOTICE, get_preserve_environment(), get_shell(), sbuild::log_debug(), sbuild::log_info(), and sbuild::chroot::VERBOSITY_VERBOSE.
Referenced by get_command().
| void session::get_user_command | ( | chroot::ptr & | session_chroot, | |
| std::string & | file, | |||
| string_list & | command, | |||
| environment const & | env | |||
| ) | const [protected, virtual] |
Get the command to run a user command.
- Parameters:
-
session_chroot the chroot to setup. file the filename to pass to execve(2). command the argv to pass to execve(2). env the environment to use for PATH
References authstat, sbuild::DEBUG_NOTICE, sbuild::find_program_in_path(), sbuild::environment::get(), sbuild::log_debug(), sbuild::log_info(), sbuild::string_list_to_string(), and sbuild::chroot::VERBOSITY_VERBOSE.
Referenced by get_command().
| void session::setup_chroot | ( | chroot::ptr & | session_chroot, | |
| chroot::setup_type | setup_type | |||
| ) | [private] |
Setup a chroot.
This runs all of the commands in setup.d or run.d.
The environment variables CHROOT_NAME, CHROOT_DESCRIPTION, CHROOT_LOCATION, AUTH_USER and AUTH_VERBOSITY are set for use in setup scripts. See schroot-setup(5) for a complete list.
An error will be thrown on failure.
- Parameters:
-
session_chroot the chroot to setup. setup_type the type of setup to perform.
References sbuild::environment::add(), authstat, CHILD_FORK, CHROOT_LOCK, CHROOT_SETUP, chroot_status, CHROOT_UNLOCK, sbuild::DEBUG_INFO, lock_status, sbuild::log_debug(), sbuild::log_error(), sbuild::log_exception_error(), OPERATION_AUTOMATIC, OPERATION_BEGIN, OPERATION_END, OPERATION_RECOVER, sbuild::run_parts::run(), session_operation, sbuild::run_parts::set_reverse(), sbuild::run_parts::set_verbose(), sbuild::chroot::SETUP_RECOVER, sbuild::chroot::SETUP_START, sbuild::chroot::SETUP_STOP, sbuild::chroot::VERBOSITY_VERBOSE, and wait_for_child().
Referenced by run_impl().
| void session::run_chroot | ( | chroot::ptr & | session_chroot | ) | [private] |
Run command or login shell in the specified chroot.
An error will be thrown on failure.
- Parameters:
-
session_chroot the chroot to setup.
References CHILD_FORK, child_status, sbuild::log_error(), sbuild::log_exception_error(), run_child(), and wait_for_child().
Referenced by run_impl().
| void session::run_child | ( | chroot::ptr & | session_chroot | ) | [private] |
Run a command or login shell as a child process in the specified chroot.
This method is only ever to be run in a child process, and will never return.
- Parameters:
-
session_chroot the chroot to setup.
References authstat, CHDIR, CHDIR_FB, CHROOT, cwd, sbuild::DEBUG_INFO, sbuild::DEBUG_NOTICE, EXEC, sbuild::exec(), sbuild::find_program_in_path(), get_command(), get_command_directories(), get_login_directories(), get_preserve_environment(), get_shell(), sbuild::getcwd(), GROUP_SET, GROUP_SET_SUP, sbuild::log_debug(), sbuild::log_exception_warning(), ROOT_DROP, sbuild::string_list_to_string(), and USER_SET.
Referenced by run_chroot().
| void session::wait_for_child | ( | pid_t | pid, | |
| int & | child_status | |||
| ) | [private] |
Wait for a child process to complete, and check its exit status.
An error will be thrown on failure.
- Parameters:
-
pid the pid to wait for. child_status the place to store the child exit status.
References CHILD_CORE, CHILD_FAIL, CHILD_SIGNAL, CHILD_WAIT, chroot_status, sbuild::log_exception_error(), and SIGNAL_CATCH.
Referenced by run_chroot(), and setup_chroot().
| void session::set_sighup_handler | ( | ) | [private] |
Set the SIGHUP handler.
An error will be thrown on failure.
References saved_sighup_signal, and set_signal_handler().
Referenced by run_impl().
| void session::set_sigint_handler | ( | ) | [private] |
Set the SIGINT handler.
An error will be thrown on failure.
References saved_sigint_signal, and set_signal_handler().
Referenced by run_impl().
| void session::set_sigterm_handler | ( | ) | [private] |
Set the SIGTERM handler.
An error will be thrown on failure.
References saved_sigterm_signal, and set_signal_handler().
Referenced by run_impl().
| void session::set_signal_handler | ( | int | signal, | |
| struct sigaction * | saved_signal, | |||
| void(*)(int) | handler | |||
| ) | [private] |
Set a signal handler.
An error will be thrown on failure.
- Parameters:
-
signal the signal number. saved_signal the location to save the current handler. handler the signal handler to install.
References SIGNAL_SET.
Referenced by set_sighup_handler(), set_sigint_handler(), and set_sigterm_handler().
| void session::clear_signal_handler | ( | int | signal, | |
| struct sigaction * | saved_signal | |||
| ) | [private] |
Restore the state of the signal prior to setting the handler.
- Parameters:
-
signal the signal number. saved_signal the location from which to restore the saved handler.
Referenced by clear_sighup_handler(), clear_sigint_handler(), and clear_sigterm_handler().
The documentation for this class was generated from the following files:
- sbuild/sbuild-session.h
- sbuild/sbuild-session.cc
