diff options
| author | Valery Piashchynski <[email protected]> | 2020-12-27 00:59:10 +0300 |
|---|---|---|
| committer | Valery Piashchynski <[email protected]> | 2020-12-27 00:59:10 +0300 |
| commit | 8df4896deabdab9a50a5ad3c6da6e1c7f05922af (patch) | |
| tree | c2fa71733902b999c02e5abd608bff4bc7449c5c /utils | |
| parent | 1aaf6e6ffb015cd5a21d9d938ad84c18723973c5 (diff) | |
Util -> Utils
Diffstat (limited to 'utils')
| -rwxr-xr-x | utils/doc.go | 5 | ||||
| -rwxr-xr-x | utils/isolate.go | 59 | ||||
| -rwxr-xr-x | utils/isolate_win.go | 17 | ||||
| -rwxr-xr-x | utils/network.go | 59 | ||||
| -rwxr-xr-x | utils/network_test.go | 23 | ||||
| -rwxr-xr-x | utils/network_windows.go | 43 | ||||
| -rwxr-xr-x | utils/network_windows_test.go | 16 |
7 files changed, 222 insertions, 0 deletions
diff --git a/utils/doc.go b/utils/doc.go new file mode 100755 index 00000000..2c1c0d9c --- /dev/null +++ b/utils/doc.go @@ -0,0 +1,5 @@ +package utils + +/* +This package should not contain roadrunner dependencies, only system or third-party +*/ diff --git a/utils/isolate.go b/utils/isolate.go new file mode 100755 index 00000000..b797a999 --- /dev/null +++ b/utils/isolate.go @@ -0,0 +1,59 @@ +// +build !windows + +package utils + +import ( + "fmt" + "os" + "os/exec" + "os/user" + "strconv" + "syscall" + + "github.com/spiral/errors" +) + +// IsolateProcess change gpid for the process to avoid bypassing signals to php processes. +func IsolateProcess(cmd *exec.Cmd) { + cmd.SysProcAttr = &syscall.SysProcAttr{Setpgid: true, Pgid: 0} +} + +// ExecuteFromUser may work only if run RR under root user +func ExecuteFromUser(cmd *exec.Cmd, u string) error { + const op = errors.Op("execute from user") + usr, err := user.Lookup(u) + if err != nil { + return errors.E(op, err) + } + + usrI32, err := strconv.ParseInt(usr.Uid, 10, 32) + if err != nil { + return errors.E(op, err) + } + + grI32, err := strconv.ParseInt(usr.Gid, 10, 32) + if err != nil { + return errors.E(op, err) + } + + // For more information: + // https://www.man7.org/linux/man-pages/man7/user_namespaces.7.html + // https://www.man7.org/linux/man-pages/man7/namespaces.7.html + if _, err := os.Stat("/proc/self/ns/user"); err != nil { + if os.IsNotExist(err) { + return fmt.Errorf("kernel doesn't support user namespaces") + } + if os.IsPermission(err) { + return fmt.Errorf("unable to test user namespaces due to permissions") + } + + return errors.E(op, errors.Errorf("failed to stat /proc/self/ns/user: %v", err)) + } + + cmd.SysProcAttr.Credential = &syscall.Credential{ + Uid: uint32(usrI32), + Gid: uint32(grI32), + } + + return nil +} diff --git a/utils/isolate_win.go b/utils/isolate_win.go new file mode 100755 index 00000000..b2b213a8 --- /dev/null +++ b/utils/isolate_win.go @@ -0,0 +1,17 @@ +// +build windows + +package utils + +import ( + "os/exec" + "syscall" +) + +// IsolateProcess change gpid for the process to avoid bypassing signals to php processes. +func IsolateProcess(cmd *exec.Cmd) { + cmd.SysProcAttr = &syscall.SysProcAttr{CreationFlags: syscall.CREATE_NEW_PROCESS_GROUP} +} + +func ExecuteFromUser(cmd *exec.Cmd, u string) error { + return nil +} diff --git a/utils/network.go b/utils/network.go new file mode 100755 index 00000000..fcfc4ace --- /dev/null +++ b/utils/network.go @@ -0,0 +1,59 @@ +// +build linux darwin freebsd + +package utils + +import ( + "errors" + "fmt" + "net" + "os" + "strings" + "syscall" + + "github.com/valyala/tcplisten" +) + +// CreateListener crates socket listener based on DSN definition. +func CreateListener(address string) (net.Listener, error) { + dsn := strings.Split(address, "://") + if len(dsn) != 2 { + return nil, errors.New("invalid DSN (tcp://:6001, unix://file.sock)") + } + + if dsn[0] != "unix" && dsn[0] != "tcp" { + return nil, errors.New("invalid Protocol (tcp://:6001, unix://file.sock)") + } + + // create unix listener + if dsn[0] == "unix" { + // check if the file exist + if fileExists(dsn[1]) { + err := syscall.Unlink(dsn[1]) + if err != nil { + return nil, fmt.Errorf("error during the unlink syscall: error %v", err) + } + } + return net.Listen(dsn[0], dsn[1]) + } + + // configure and create tcp4 listener + cfg := tcplisten.Config{ + ReusePort: true, + DeferAccept: true, + FastOpen: true, + Backlog: 0, + } + + // only tcp4 is currently supported + return cfg.NewListener("tcp4", dsn[1]) +} + +// fileExists checks if a file exists and is not a directory before we +// try using it to prevent further errors. +func fileExists(filename string) bool { + info, err := os.Stat(filename) + if os.IsNotExist(err) { + return false + } + return !info.IsDir() +} diff --git a/utils/network_test.go b/utils/network_test.go new file mode 100755 index 00000000..cfed98f9 --- /dev/null +++ b/utils/network_test.go @@ -0,0 +1,23 @@ +// +build linux darwin freebsd + +package utils + +import ( + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestCreateListener(t *testing.T) { + _, err := CreateListener("unexpected dsn") + assert.Error(t, err, "Invalid DSN (tcp://:6001, unix://file.sock)") + + _, err = CreateListener("aaa://192.168.0.1") + assert.Error(t, err, "Invalid Protocol (tcp://:6001, unix://file.sock)") +} + +func TestUnixCreateListener(t *testing.T) { + l, err := CreateListener("unix://file.sock") + assert.NoError(t, err) + l.Close() +} diff --git a/utils/network_windows.go b/utils/network_windows.go new file mode 100755 index 00000000..ebe343a3 --- /dev/null +++ b/utils/network_windows.go @@ -0,0 +1,43 @@ +// +build windows + +package utils + +import ( + "errors" + "fmt" + "net" + "os" + "strings" + "syscall" +) + +// CreateListener crates socket listener based on DSN definition. +func CreateListener(address string) (net.Listener, error) { + dsn := strings.Split(address, "://") + if len(dsn) != 2 { + return nil, errors.New("invalid DSN (tcp://:6001, unix://file.sock)") + } + + if dsn[0] != "unix" && dsn[0] != "tcp" { + return nil, errors.New("invalid Protocol (tcp://:6001, unix://file.sock)") + } + + if dsn[0] == "unix" && fileExists(dsn[1]) { + err := syscall.Unlink(dsn[1]) + if err != nil { + return nil, fmt.Errorf("error during the unlink syscall: error %v", err) + } + } + + return net.Listen(dsn[0], dsn[1]) +} + +// fileExists checks if a file exists and is not a directory before we +// try using it to prevent further errors. +func fileExists(filename string) bool { + info, err := os.Stat(filename) + if os.IsNotExist(err) { + return false + } + return !info.IsDir() +} diff --git a/utils/network_windows_test.go b/utils/network_windows_test.go new file mode 100755 index 00000000..277dc970 --- /dev/null +++ b/utils/network_windows_test.go @@ -0,0 +1,16 @@ +// +build windows + +package utils + +import ( + "github.com/stretchr/testify/assert" + "testing" +) + +func TestCreateListener(t *testing.T) { + _, err := CreateListener("unexpected dsn") + assert.Error(t, err, "Invalid DSN (tcp://:6001, unix://file.sock)") + + _, err = CreateListener("aaa://192.168.0.1") + assert.Error(t, err, "Invalid Protocol (tcp://:6001, unix://file.sock)") +} |