~azzar1/unity/add-show-desktop-key

« back to all changes in this revision

Viewing changes to bin/trampoline/trampoline.c

Committer: William Grant
Date: 2009-08-02 07:06:20 UTC
Revision ID: grantw@unimelb.edu.au-20090802070620-ppq1zznwt6gh3fmg

Tags: 0.1.9.15

Revert browser bottom offset changes; the new one is broken in many browsers.

files added:
doc/dependencies.txt

doc/notes

doc/notes/Makefile

doc/notes/README

doc/notes/apps

doc/notes/apps/Makefile

doc/notes/apps/browser.txt

doc/notes/apps/dispatch.txt

doc/notes/architecture.txt

doc/notes/execution.txt

doc/notes/imports.txt

doc/notes/misc.txt

doc/notes/session.txt

doc/notes/subversion.txt

doc/notes/timeline.txt

doc/setup

doc/setup/faq.txt

doc/setup/forum.txt

doc/setup/install_proc.txt

doc/setup/ivle-both.conf

doc/setup/ivle-svn.conf

doc/setup/ivle.conf

doc/setup/pound.cfg

doc/setup/usrmgt-server.init

doc/template.py

doc/tutorial

doc/tutorial/TestSuite_output.txt

doc/upgrade.txt

ivle/webapp/admin/templates/subject.html

ivle/webapp/admin/templates/user-settings.html

ivle/webapp/admin/user-media

ivle/webapp/admin/user-media/settings.js

ivle/webapp/admin/user-settings-help.html

ivle/webapp/groups/help.html

ivle/webapp/tutorial/templates/subjectmenu.html

userdb/users.png

userdb/users.vpp

files removed:
bin/ivle-dev-setup

bin/ivle-loadsampledata

doc/Makefile

doc/conf.py

doc/dev

doc/dev/architecture.rst

doc/dev/coding.rst

doc/dev/docs.rst

doc/dev/faq.rst

doc/dev/index.rst

doc/dev/releases.rst

doc/images

doc/images/ivle-system-diagram.png

doc/index.rst

doc/man

doc/man/architecture.rst

doc/man/config.rst

doc/man/directory.rst

doc/man/faq.rst

doc/man/index.rst

doc/man/install.rst

doc/man/roles.rst

doc/man/sample.rst

doc/man/scripts.rst

doc/man/tour.rst

doc/static

doc/templates

examples

examples/config

examples/config/apache-ssl.conf

examples/config/apache-svn.conf

examples/config/apache.conf

examples/config/usrmgt-server.init

examples/db

examples/db/sample.sql

examples/userrepos

examples/userrepos/group1.dump

examples/userrepos/studenta.dump

image-source/breadcrumb-chevron.svg

image-source/drop-down.svg

image-source/ivle-system-diagram.svg

image-source/root-breadcrumb.svg

ivle/tests

ivle/tests/__init__.py

ivle/tests/test_chat.py

ivle/webapp/admin/breadcrumbs.py

ivle/webapp/admin/publishing.py

ivle/webapp/admin/templates/enrolment-delete.html

ivle/webapp/admin/templates/enrolment-edit.html

ivle/webapp/admin/templates/enrolments.html

ivle/webapp/admin/templates/offering-clone-worksheets.html

ivle/webapp/admin/templates/offering-edit.html

ivle/webapp/admin/templates/offering-form.html

ivle/webapp/admin/templates/offering-new.html

ivle/webapp/admin/templates/offering.html

ivle/webapp/admin/templates/semester-edit.html

ivle/webapp/admin/templates/semester-form.html

ivle/webapp/admin/templates/semester-new.html

ivle/webapp/admin/templates/subject-edit.html

ivle/webapp/admin/templates/subject-form.html

ivle/webapp/admin/templates/subject-new.html

ivle/webapp/admin/templates/subject.html

ivle/webapp/admin/templates/subjects-manage.html

ivle/webapp/admin/templates/user-admin.html

ivle/webapp/admin/templates/user-edit.html

ivle/webapp/admin/templates/user-password-change.html

ivle/webapp/admin/templates/user-password-reset.html

ivle/webapp/admin/templates/users.html

ivle/webapp/admin/user-media

ivle/webapp/admin/user-media/users.png

ivle/webapp/base/forms.py

ivle/webapp/breadcrumbs.py

ivle/webapp/coremedia/images/chrome/breadcrumb-chevron.png

ivle/webapp/coremedia/images/chrome/drop-down.png

ivle/webapp/coremedia/images/chrome/root-breadcrumb.png

ivle/webapp/coremedia/images/interface/README

ivle/webapp/coremedia/images/interface/add.png

ivle/webapp/coremedia/images/interface/delete.png

ivle/webapp/coremedia/images/interface/group.png

ivle/webapp/coremedia/images/interface/help.png

ivle/webapp/coremedia/images/interface/key.png

ivle/webapp/coremedia/images/interface/magnifier.png

ivle/webapp/coremedia/images/interface/pencil.png

ivle/webapp/coremedia/images/interface/world.png

ivle/webapp/coremedia/images/interface/wrench.png

ivle/webapp/coremedia/images/svn/replaced.png

ivle/webapp/coremedia/images/svn/unversioned.png

ivle/webapp/filesystem/browser/help-run-serve.html

ivle/webapp/filesystem/browser/help-svn.html

ivle/webapp/filesystem/svnlog/media/log.js

ivle/webapp/publisher

ivle/webapp/publisher/__init__.py

ivle/webapp/publisher/decorators.py

ivle/webapp/publisher/test_publisher.py

ivle/webapp/submit/help.html

ivle/webapp/tutorial/breadcrumbs.py

ivle/webapp/tutorial/media.py

ivle/webapp/tutorial/media/worksheet.css

ivle/webapp/tutorial/publishing.py

ivle/webapp/tutorial/templates/exercise.html

ivle/webapp/tutorial/templates/exercise_deleted.html

ivle/webapp/tutorial/templates/exercise_undeletable.html

ivle/webapp/tutorial/templates/worksheet_form.html

setup.cfg

userdb/migrations/20090814-01.sql

userdb/migrations/20091217-01.sql

userdb/migrations/20100216-01.sql

files renamed:
ivle/webapp/tutorial/templates/exercise_fragment.html => ivle/webapp/tutorial/templates/exercise.html

files modified:
.bzrignore

bin/ivle-buildjail

bin/ivle-cloneworksheets

bin/ivle-config

bin/ivle-createdatadirs

bin/ivle-enrolallusers

bin/ivle-fetchsubmissions

bin/ivle-refreshfilesystem

bin/trampoline/trampoline.c

ivle/__init__.py

ivle/auth/authenticate.py

ivle/chat.py

ivle/config/ivle-spec.conf

ivle/console.py

ivle/database.py

ivle/date.py

ivle/dispatch/__init__.py

ivle/fileservice_lib/__init__.py

ivle/fileservice_lib/action.py

ivle/fileservice_lib/listing.py

ivle/interpret.py

ivle/makeuser.py

ivle/pulldown_subj/__init__.py

ivle/pulldown_subj/dummy_subj.py

ivle/rpc/decorators.py

ivle/studpath.py

ivle/svn.py

ivle/util.py

ivle/webapp/__init__.py

ivle/webapp/admin/offeringservice.py

ivle/webapp/admin/projectservice.py

ivle/webapp/admin/subject-media/project.css

ivle/webapp/admin/subject-media/project.js

ivle/webapp/admin/subject.py

ivle/webapp/admin/templates/enrol.html

ivle/webapp/admin/templates/offering_projects.html

ivle/webapp/admin/templates/project.html

ivle/webapp/admin/templates/project_fragment.html

ivle/webapp/admin/templates/projectset_fragment.html

ivle/webapp/admin/templates/subjects.html

ivle/webapp/admin/user.py

ivle/webapp/base/ivle-headings.html

ivle/webapp/base/plugins.py

ivle/webapp/base/rest.py

ivle/webapp/base/test/test_rest.py

ivle/webapp/base/views.py

ivle/webapp/base/xhtml.py

ivle/webapp/base/xhtmlunauthorized.html

ivle/webapp/console/__init__.py

ivle/webapp/console/help.html

ivle/webapp/console/media/console.css

ivle/webapp/console/media/console.js

ivle/webapp/console/overlay.html

ivle/webapp/console/overlay.py

ivle/webapp/console/service.py

ivle/webapp/coremedia/images/README

ivle/webapp/coremedia/images/svn/added.png

ivle/webapp/coremedia/images/svn/conflicted.png

ivle/webapp/coremedia/images/svn/deleted.png

ivle/webapp/coremedia/images/svn/missing.png

ivle/webapp/coremedia/images/svn/modified.png

ivle/webapp/coremedia/images/svn/normal.png

ivle/webapp/coremedia/images/svn/revision.png

ivle/webapp/coremedia/ivle.css

ivle/webapp/coremedia/util.js

ivle/webapp/fileservice/__init__.py

ivle/webapp/filesystem/__init__.py

ivle/webapp/filesystem/browser/__init__.py

ivle/webapp/filesystem/browser/help.html

ivle/webapp/filesystem/browser/media/browser.css

ivle/webapp/filesystem/browser/media/browser.js

ivle/webapp/filesystem/browser/media/editor.js

ivle/webapp/filesystem/browser/media/listing.css

ivle/webapp/filesystem/browser/media/listing.js

ivle/webapp/filesystem/browser/media/specialhome.js

ivle/webapp/filesystem/browser/template.html

ivle/webapp/filesystem/diff/__init__.py

ivle/webapp/filesystem/diff/template.html

ivle/webapp/filesystem/serve/__init__.py

ivle/webapp/filesystem/svnlog/__init__.py

ivle/webapp/filesystem/svnlog/template.html

ivle/webapp/groups/__init__.py

ivle/webapp/groups/media/groups.js

ivle/webapp/groups/template.html

ivle/webapp/help/__init__.py

ivle/webapp/help/toc.html

ivle/webapp/media.py

ivle/webapp/security/__init__.py

ivle/webapp/security/login.html

ivle/webapp/security/logout.html

ivle/webapp/security/views.py

ivle/webapp/submit/__init__.py

ivle/webapp/submit/submit.html

ivle/webapp/submit/submitted.html

ivle/webapp/testing/__init__.py

ivle/webapp/tos/__init__.py

ivle/webapp/tos/media/tos.js

ivle/webapp/tutorial/__init__.py

ivle/webapp/tutorial/exercise_service.py

ivle/webapp/tutorial/media/exercise_admin.css

ivle/webapp/tutorial/media/exercise_admin.js

ivle/webapp/tutorial/media/images/pencil.png

ivle/webapp/tutorial/media/tutorial.css

ivle/webapp/tutorial/media/tutorial.js

ivle/webapp/tutorial/media/tutorial_admin.js

ivle/webapp/tutorial/service.py

ivle/webapp/tutorial/templates/exercise_add.html

ivle/webapp/tutorial/templates/exercise_delete.html

ivle/webapp/tutorial/templates/exercise_edit.html

ivle/webapp/tutorial/templates/exercises.html

ivle/webapp/tutorial/templates/worksheet.html

ivle/webapp/tutorial/templates/worksheet_add.html

ivle/webapp/tutorial/templates/worksheet_edit.html

ivle/webapp/tutorial/templates/worksheets_edit.html

ivle/webapp/tutorial/test/TestFramework.py

ivle/webapp/userservice/__init__.py

ivle/worksheet/rst.py

ivle/worksheet/utils.py

services/diffservice

services/python-console

services/serveservice

services/svnlogservice

services/usrmgt-server

setup/util.py

userdb/users.sql

Show diffs side-by-side

added added

removed removed

bin/trampoline/trampoline.c

* Scripts (such as Python programs) should be executed by supplying

* "/usr/bin/python" as the program, and the script as the first argument.

* Usage: trampoline uid jail-path working-path program [args...]

* Must run as root. Will safely setuid to the supplied uid, checking that it

* is not root. Recommended that the file is set up as follows:

* sudo chown root:root trampoline; sudo chroot +s trampoline

#define _XOPEN_SOURCE

#define _BSD_SOURCE

#include <stdio.h>

#include <stdlib.h>

#include <sys/stat.h>

#include <sys/time.h>

#include <sys/resource.h>

#include <grp.h>

#include <limits.h>

#include <signal.h>

123

122

{

124

123

fprintf(stderr,

125

124

"usage: %s [-d] [-u] <uid> <base> <src> <system> <jail> <cwd> <program> [args...]\n", nm);

126

fprintf(stderr, " -d \tDaemonize\n");

127

fprintf(stderr, " -u \tPrint usage\n");

128

fprintf(stderr, " <uid> \tUID to run program as\n");

129

fprintf(stderr, " <base> \tDirectory that jails will be mounted in\n");

130

fprintf(stderr, " <src> \tDirectory containing users jail data\n");

131

fprintf(stderr, " <system> \tDirectory containing main jail file system\n");

132

fprintf(stderr, " <jail> \tDirectory of users mounted jail\n");

133

fprintf(stderr, " <cwd> \tDirectory inside the jail to change dir to\n");

134

fprintf(stderr, " <program>\tProgram inside jail to execute\n");

135

125

exit(1);

136

126

}

137

127

260

250

char* prog;

261

251

char* const * args;

262

252

int uid;

263

gid_t groups[1];

264

253

int arg_num = 1;

265

254

int daemon_mode = 0;

266

255

int unlimited = 0;

360

349

perror("could not setgid");

361

350

exit(1);

362

351

}

363

364

groups[0] = uid;

365

if (setgroups(1, groups))

366

{

367

perror("could not setgroups");

368

exit(1);

369

}

370

352

371

353

if (setuid(uid))

372

354

{

420

402

/* File Size */

421

403

l.rlim_cur = 64 * 1024 * 1024; /* 64MiB */

422

404

l.rlim_max = 72 * 1024 * 1024; /* 72MiB */

423

if (setrlimit(RLIMIT_FSIZE, &l))

405

if (setrlimit(RLIMIT_FSIZE, &l))

424

406

{

425

407

perror("could not setrlimit/RLIMIT_FSIZE");

426

408

exit(1);

427

409

}

428

429

/* Number of Processes */

430

l.rlim_cur = 50;

431

l.rlim_max = 50;

432

if (setrlimit(RLIMIT_NPROC, &l))

433

{

434

perror("could not setrlimit/RLIMIT_NPROC");

435

exit(1);

436

}

437

410

}

438

411

439

412

/* Remove any signal handler masks so we can send signals to the child */

Older »