X-Git-Url: https://git.proxmox.com/?p=pve-common.git;a=blobdiff_plain;f=src%2FPVE%2FTools.pm;h=039c9fb8dae5e2d10cb492b9f41ecf4f08397a91;hp=3ad37940fdbb1fcfc298957bd3f5784e3baa82aa;hb=a712bf6e378dc0ab56647bfe7649072eb4ee394f;hpb=21c56a963f6bdcb8cd62aaf40fda4d5d26cb146b

diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm
index 3ad3794..039c9fb 100644
--- a/src/PVE/Tools.pm
+++ b/src/PVE/Tools.pm
@@ -22,6 +22,9 @@ use Digest::SHA;
 use Text::ParseWords;
 use String::ShellQuote;
 use Time::HiRes qw(usleep gettimeofday tv_interval alarm);
+use Net::DBus qw(dbus_uint32 dbus_uint64);
+use Net::DBus::Callback;
+use Net::DBus::Reactor;
 
 # avoid warning when parsing long hex values with hex()
 no warnings 'portable'; # Support for 64-bit ints required
@@ -43,6 +46,8 @@ safe_print
 trim
 extract_param
 file_copy
+O_PATH
+O_TMPFILE
 );
 
 my $pvelogdir = "/var/log/pve";
@@ -309,7 +314,7 @@ sub run_command {
 		$cmdstr .= $pipe .  join(' ', map { ref($_) ? $$_ : shellquote($_) } @$command);
 		$pipe = ' | ';
 	    }
-	    $cmd = [ '/bin/bash', '-c', "set -o pipefail && $cmdstr" ];
+	    $cmd = [ '/bin/bash', '-c', "$cmdstr" ];
 	} else {
 	    $cmdstr = cmd2string($cmd);
 	}
@@ -1219,19 +1224,24 @@ sub sync_mountpoint {
 # mailto may be a single email string or an array of receivers
 sub sendmail {
     my ($mailto, $subject, $text, $html, $mailfrom, $author) = @_;
+    my $mail_re = qr/[^-a-zA-Z0-9+._@]/;
 
     $mailto = [ $mailto ] if !ref($mailto);
 
-    my $rcvrarg = '';
-    foreach my $r (@$mailto) {
-	$rcvrarg .= " '$r'";
+    foreach (@$mailto) {
+	die "illegal character in mailto address\n"
+	    if ($_ =~ $mail_re);
     }
+
     my $rcvrtxt = join (', ', @$mailto);
 
     $mailfrom = $mailfrom || "root";
+    die "illegal character in mailfrom address\n"
+	if $mailfrom =~ $mail_re;
+
     $author = $author || 'Proxmox VE';
 
-    open (MAIL,"|sendmail -B 8BITMIME -f $mailfrom $rcvrarg") ||
+    open (MAIL, "|-", "sendmail", "-B", "8BITMIME", "-f", $mailfrom, @$mailto) ||
 	die "unable to open 'sendmail' - $!";
 
     # multipart spec see https://www.ietf.org/rfc/rfc1521.txt
@@ -1343,4 +1353,75 @@ sub mkdirat($$$) {
     return syscall(258, $dirfd, $name, $mode) == 0;
 }
 
+# NOTE: This calls the dbus main loop and must not be used when another dbus
+# main loop is being used as we need to wait for the JobRemoved signal.
+# Polling the job status instead doesn't work because this doesn't give us the
+# distinction between success and failure.
+#
+# Note that the description is mandatory for security reasons.
+sub enter_systemd_scope {
+    my ($unit, $description, %extra) = @_;
+    die "missing description\n" if !defined($description);
+
+    my $timeout = delete $extra{timeout};
+
+    $unit .= '.scope';
+    my $properties = [ [PIDs => [dbus_uint32($$)]] ];
+
+    foreach my $key (keys %extra) {
+	if ($key eq 'Slice' || $key eq 'KillMode') {
+	    push @$properties, [$key, $extra{$key}];
+	} elsif ($key eq 'CPUShares') {
+	    push @$properties, [$key, dbus_uint64($extra{$key})];
+	} elsif ($key eq 'CPUQuota') {
+	    push @$properties, ['CPUQuotaPerSecUSec',
+	                        dbus_uint64($extra{$key} * 10000)];
+	} else {
+	    die "Don't know how to encode $key for systemd scope\n";
+	}
+    }
+
+    my $job;
+    my $done = 0;
+
+    my $bus = Net::DBus->system();
+    my $reactor = Net::DBus::Reactor->main();
+
+    my $service = $bus->get_service('org.freedesktop.systemd1');
+    my $if = $service->get_object('/org/freedesktop/systemd1', 'org.freedesktop.systemd1.Manager');
+    # Connect to the JobRemoved signal since we want to wait for it to finish
+    my $sigid;
+    my $timer;
+    my $cleanup = sub {
+	my ($no_shutdown) = @_;
+	$if->disconnect_from_signal('JobRemoved', $sigid) if defined($if);
+	$if = undef;
+	$sigid = undef;
+	$reactor->remove_timeout($timer) if defined($timer);
+	$timer = undef;
+	return if $no_shutdown;
+	$reactor->shutdown();
+    };
+
+    $sigid = $if->connect_to_signal('JobRemoved', sub {
+	my ($id, $removed_job, $signaled_unit, $result) = @_;
+	return if $signaled_unit ne $unit || $removed_job ne $job;
+	$cleanup->(0);
+	die "systemd job failed\n" if $result ne 'done';
+	$done = 1;
+    });
+
+    my $on_timeout = sub {
+	$cleanup->(0);
+	die "systemd job timed out\n";
+    };
+
+    $timer = $reactor->add_timeout($timeout * 1000, Net::DBus::Callback->new(method => $on_timeout))
+	if defined($timeout);
+    $job = $if->StartTransientUnit($unit, 'fail', $properties, []);
+    $reactor->run();
+    $cleanup->(1);
+    die "systemd job never completed\n" if !$done;
+}
+
 1;