Set process groups. Initialize group membership

Change-Id: I3e8c1b81b57aec26377ee3f52fc021213b8b255c Reviewed-by: Chris Craig <ext-chris.craig@nokia.com>
author: Andrew Christian <andrew.christian@nokia.com> 2012-02-08 07:02:27 -0500
committer: Chris Craig <ext-chris.craig@nokia.com> 2012-02-08 15:08:38 +0100
commit: c315c08527e2de7d4f252874b2a1833cc319df87 (patch)
tree: 2829945c5a8c18dc40bf5561872b94587bdf0ea7
parent: 2eb3f59f17a0dda37636a373984e4d56c3866893 (diff)
4 files changed, 75 insertions, 43 deletions
diff --git a/src/core/unixprocessbackend.cpp b/src/core/unixprocessbackend.cpp
index b019ebc..100cfc0 100644
--- a/src/core/unixprocessbackend.cpp
+++ b/src/core/unixprocessbackend.cpp
@@ -168,10 +168,9 @@ bool UnixProcessBackend::createProcess()
         return false;
     }
 
-    if (m_info.contains(ProcessInfoConstants::Uid) || m_info.contains(ProcessInfoConstants::Gid))
-        m_process = new UnixSandboxProcess(m_info.uid(), m_info.gid(), this);
-    else
-        m_process = new QProcess(this);
+    qint64 uid = (m_info.contains(ProcessInfoConstants::Uid) ? m_info.uid() : -1);
+    qint64 gid = (m_info.contains(ProcessInfoConstants::Gid) ? m_info.gid() : -1);
+    m_process = new UnixSandboxProcess(uid, gid, this);
 
     m_process->setReadChannel(QProcess::StandardOutput);
     connect(m_process, SIGNAL(readyReadStandardOutput()),
diff --git a/src/core/unixsandboxprocess.cpp b/src/core/unixsandboxprocess.cpp
index c7c8889..45c3ddf 100644
--- a/src/core/unixsandboxprocess.cpp
+++ b/src/core/unixsandboxprocess.cpp
@@ -46,6 +46,7 @@
 #include <unistd.h>
 #include <grp.h>
 #endif
+#include <pwd.h>
 
 #include <QDebug>
 
@@ -73,11 +74,21 @@ UnixSandboxProcess::UnixSandboxProcess(qint64 uid, qint64 gid, QObject *parent)
 
 void UnixSandboxProcess::setupChildProcess()
 {
-    qDebug() << "Setting up child process" << m_uid << m_gid;
-    ::setgroups(0,0);
-    ::setgid(m_gid);
-    ::setuid(m_uid);
+    // qDebug() << "Setting up child process" << m_uid << m_gid;
+    if (m_gid >= 0)
+        ::setgid(m_gid);
+    if (m_uid >= 0)
+        ::setuid(m_uid);
     ::umask(S_IWGRP | S_IWOTH);
+    ::setpgid(0,0);
+
+    struct passwd * pw = getpwent();
+    if (pw)
+        ::initgroups(pw->pw_name, pw->pw_gid);
+    else {
+        qWarning() << "Unable to find UID" << ::getuid() << "to set groups";
+        ::setgroups(0,0);
+    }
 }
 
 #include "moc_unixsandboxprocess.cpp"
diff --git a/tests/auto/processmanager/testPrelaunch/main.cpp b/tests/auto/processmanager/testPrelaunch/main.cpp
index 45cc890..de83b1a 100644
--- a/tests/auto/processmanager/testPrelaunch/main.cpp
+++ b/tests/auto/processmanager/testPrelaunch/main.cpp
@@ -46,6 +46,13 @@
 #include <QJsonObject>
 #include "processinfo.h"
 
+#if defined(Q_OS_LINUX)
+#include <sys/types.h>
+#include <unistd.h>
+#include <grp.h>
+#endif
+#include <pwd.h>
+
 QT_USE_NAMESPACE_PROCESSMANAGER
 
 class Container : public QObject
@@ -66,6 +73,19 @@ public:
         if (!count) {
             ProcessInfo info(object.toVariantMap());
             // qDebug() << "Received process info" << info.toMap();
+            qint64 uid = (info.contains(ProcessInfoConstants::Uid) ? info.uid() : -1);
+            qint64 gid = (info.contains(ProcessInfoConstants::Gid) ? info.gid() : -1);
+            if (gid >= 0)
+                ::setgid(gid);
+            if (uid >= 0)
+                ::setuid(uid);
+            struct passwd * pw = getpwent();
+            if (pw)
+                ::initgroups(pw->pw_name, pw->pw_gid);
+            else {
+                qWarning() << "Unable to find UID" << ::getuid() << "to set groups";
+                ::setgroups(0,0);
+            }
         }
         else {
             QString cmd = object.value("command").toString();
diff --git a/tests/auto/processmanager/tst_processmanager.cpp b/tests/auto/processmanager/tst_processmanager.cpp
index 043f48b..ee9d276 100644
--- a/tests/auto/processmanager/tst_processmanager.cpp
+++ b/tests/auto/processmanager/tst_processmanager.cpp
@@ -324,6 +324,21 @@ static void writeJson(ProcessBackend *process, const char *command)
     process->write(QJsonDocument::fromVariant(map).toBinaryData());
 }
 
+static void verifyRunning(ProcessBackend *process)
+{
+    QVERIFY(process->state() == QProcess::Running);
+    pid_t pid = process->pid();
+    pid_t pgrp = ::getpgid(pid);
+    QVERIFY(pid != 0);
+    QCOMPARE(pgrp, pid);
+}
+static void cleanupProcess(ProcessBackend *process)
+{
+    QVERIFY(process->state() == QProcess::NotRunning);
+    QVERIFY(process->parent() == NULL);
+    delete process;
+}
+
 typedef void (*CommandFunc)(ProcessBackend *, const char *);
 
 static void startAndStopClient(ProcessBackendManager *manager, ProcessInfo info, CommandFunc func)
@@ -335,7 +350,7 @@ static void startAndStopClient(ProcessBackendManager *manager, ProcessInfo info,
     Spy spy(process);
     process->start();
     spy.waitStart();
-    QVERIFY(process->state() == QProcess::Running);
+    verifyRunning(process);
     spy.check(1,0,0,2);
 
     func(process, "stop");
@@ -344,9 +359,7 @@ static void startAndStopClient(ProcessBackendManager *manager, ProcessInfo info,
     spy.checkExitCode(0);
     spy.checkExitStatus(QProcess::NormalExit);
 
-    QVERIFY(process->state() == QProcess::NotRunning);
-    QVERIFY(process->parent() == NULL);
-    delete process;
+    cleanupProcess(process);
 }
 
 static void startAndKillClient(ProcessBackendManager *manager, ProcessInfo info, CommandFunc func)
@@ -360,8 +373,8 @@ static void startAndKillClient(ProcessBackendManager *manager, ProcessInfo info,
     Spy spy(process);
     process->start();
     spy.waitStart();
+    verifyRunning(process);
     spy.check(1,0,0,2);
-    QVERIFY(process->state() == QProcess::Running);
 
     process->stop();
     spy.waitFinished();
@@ -370,9 +383,7 @@ static void startAndKillClient(ProcessBackendManager *manager, ProcessInfo info,
     spy.checkExitStatus(QProcess::CrashExit);
     spy.checkErrors(QList<QProcess::ProcessError>() << QProcess::Crashed);
 
-    QVERIFY(process->state() == QProcess::NotRunning);
-    QVERIFY(process->parent() == NULL);
-    delete process;
+    cleanupProcess(process);
 }
 
 static void startAndCrashClient(ProcessBackendManager *manager, ProcessInfo info, CommandFunc func)
@@ -384,7 +395,7 @@ static void startAndCrashClient(ProcessBackendManager *manager, ProcessInfo info
     Spy spy(process);
     process->start();
     spy.waitStart();
-    QVERIFY(process->state() == QProcess::Running);
+    verifyRunning(process);
     spy.check(1,0,0,2);
 
     func(process, "crash");
@@ -393,9 +404,7 @@ static void startAndCrashClient(ProcessBackendManager *manager, ProcessInfo info
     spy.checkExitCode(2);
     spy.checkExitStatus(QProcess::NormalExit);
 
-    QVERIFY(process->state() == QProcess::NotRunning);
-    QVERIFY(process->parent() == NULL);
-    delete process;
+    cleanupProcess(process);
 }
 
 static void failToStartClient(ProcessBackendManager *manager, ProcessInfo info, CommandFunc func)
@@ -411,9 +420,7 @@ static void failToStartClient(ProcessBackendManager *manager, ProcessInfo info,
     spy.waitFailedStart();
     spy.check(0,1,0,2);
 
-    QVERIFY(process->state() == QProcess::NotRunning);
-    QVERIFY(process->parent() == NULL);
-    delete process;
+    cleanupProcess(process);
 }
 
 static void echoClient(ProcessBackendManager *manager, ProcessInfo info, CommandFunc func)
@@ -425,7 +432,8 @@ static void echoClient(ProcessBackendManager *manager, ProcessInfo info, Command
     Spy spy(process);
     process->start();
     spy.waitStart();
-    QVERIFY(process->state() == QProcess::Running);
+    verifyRunning(process);
+    spy.check(1,0,0,2);
 
     func(process, "echotest");
     spy.waitStdout();
@@ -437,9 +445,7 @@ static void echoClient(ProcessBackendManager *manager, ProcessInfo info, Command
     spy.checkExitCode(0);
     spy.checkExitStatus(QProcess::NormalExit);
 
-    QVERIFY(process->state() == QProcess::NotRunning);
-    QVERIFY(process->parent() == NULL);
-    delete process;
+    cleanupProcess(process);
 }
 
 static void priorityChangeBeforeClient(ProcessBackendManager *manager, ProcessInfo info, CommandFunc func)
@@ -451,7 +457,8 @@ static void priorityChangeBeforeClient(ProcessBackendManager *manager, ProcessIn
     Spy spy(process);
     process->start();
     spy.waitStart();
-    QVERIFY(process->state() == QProcess::Running);
+    verifyRunning(process);
+    spy.check(1,0,0,2);
     QCOMPARE(process->actualPriority(), 19);
 
     func(process, "stop");
@@ -460,9 +467,7 @@ static void priorityChangeBeforeClient(ProcessBackendManager *manager, ProcessIn
     spy.checkExitCode(0);
     spy.checkExitStatus(QProcess::NormalExit);
 
-    QVERIFY(process->state() == QProcess::NotRunning);
-    QVERIFY(process->parent() == NULL);
-    delete process;
+    cleanupProcess(process);
 }
 
 static void priorityChangeAfterClient(ProcessBackendManager *manager, ProcessInfo info, CommandFunc func)
@@ -474,7 +479,8 @@ static void priorityChangeAfterClient(ProcessBackendManager *manager, ProcessInf
     Spy spy(process);
     process->start();
     spy.waitStart();
-    QVERIFY(process->state() == QProcess::Running);
+    verifyRunning(process);
+    spy.check(1,0,0,2);
 
     process->setDesiredPriority(19);
     waitForPriority(process, 19);
@@ -485,9 +491,7 @@ static void priorityChangeAfterClient(ProcessBackendManager *manager, ProcessInf
     spy.checkExitCode(0);
     spy.checkExitStatus(QProcess::NormalExit);
 
-    QVERIFY(process->state() == QProcess::NotRunning);
-    QVERIFY(process->parent() == NULL);
-    delete process;
+    cleanupProcess(process);
 }
 
 #if defined(Q_OS_LINUX)
@@ -514,7 +518,8 @@ static void oomChangeBeforeClient(ProcessBackendManager *manager, ProcessInfo in
     Spy spy(process);
     process->start();
     spy.waitStart();
-    QVERIFY(process->state() == QProcess::Running);
+    verifyRunning(process);
+    spy.check(1,0,0,2);
     QCOMPARE(process->actualOomAdjustment(), 500);
 
     func(process, "stop");
@@ -523,9 +528,7 @@ static void oomChangeBeforeClient(ProcessBackendManager *manager, ProcessInfo in
     spy.checkExitCode(0);
     spy.checkExitStatus(QProcess::NormalExit);
 
-    QVERIFY(process->state() == QProcess::NotRunning);
-    QVERIFY(process->parent() == NULL);
-    delete process;
+    cleanupProcess(process);
 }
 
 static void oomChangeAfterClient(ProcessBackendManager *manager, ProcessInfo info, CommandFunc func)
@@ -537,7 +540,8 @@ static void oomChangeAfterClient(ProcessBackendManager *manager, ProcessInfo inf
     Spy spy(process);
     process->start();
     spy.waitStart();
-    QVERIFY(process->state() == QProcess::Running);
+    verifyRunning(process);
+    spy.check(1,0,0,2);
 
     process->setDesiredOomAdjustment(499);
     waitForOom(process, 499);
@@ -548,9 +552,7 @@ static void oomChangeAfterClient(ProcessBackendManager *manager, ProcessInfo inf
     spy.checkExitCode(0);
     spy.checkExitStatus(QProcess::NormalExit);
 
-    QVERIFY(process->state() == QProcess::NotRunning);
-    QVERIFY(process->parent() == NULL);
-    delete process;
+    cleanupProcess(process);
 }
 
 #endif // defined(Q_OS_LINUX)
author	Andrew Christian <andrew.christian@nokia.com>	2012-02-08 07:02:27 -0500
committer	Chris Craig <ext-chris.craig@nokia.com>	2012-02-08 15:08:38 +0100
commit	c315c08527e2de7d4f252874b2a1833cc319df87 (patch)
tree	2829945c5a8c18dc40bf5561872b94587bdf0ea7
parent	2eb3f59f17a0dda37636a373984e4d56c3866893 (diff)