X-Git-Url: https://git.proxmox.com/?p=pve-common.git;a=blobdiff_plain;f=src%2FPVE%2FTools.pm;h=039c9fb8dae5e2d10cb492b9f41ecf4f08397a91;hp=8c7f3733f80aa0c0338a09c6d9d314122138a342;hb=a712bf6e378dc0ab56647bfe7649072eb4ee394f;hpb=0a7de8204ea8a99dd723660438ae1ffef46549af

diff --git a/src/PVE/Tools.pm b/src/PVE/Tools.pm
index 8c7f373..039c9fb 100644
--- a/src/PVE/Tools.pm
+++ b/src/PVE/Tools.pm
@@ -12,6 +12,7 @@ use Filesys::Df (); # don't overwrite our df()
 use IO::Pipe;
 use IO::File;
 use IO::Dir;
+use IO::Handle;
 use IPC::Open3;
 use Fcntl qw(:DEFAULT :flock);
 use base 'Exporter';
@@ -21,6 +22,9 @@ use Digest::SHA;
 use Text::ParseWords;
 use String::ShellQuote;
 use Time::HiRes qw(usleep gettimeofday tv_interval alarm);
+use Net::DBus qw(dbus_uint32 dbus_uint64);
+use Net::DBus::Callback;
+use Net::DBus::Reactor;
 
 # avoid warning when parsing long hex values with hex()
 no warnings 'portable'; # Support for 64-bit ints required
@@ -42,6 +46,8 @@ safe_print
 trim
 extract_param
 file_copy
+O_PATH
+O_TMPFILE
 );
 
 my $pvelogdir = "/var/log/pve";
@@ -308,7 +314,7 @@ sub run_command {
 		$cmdstr .= $pipe .  join(' ', map { ref($_) ? $$_ : shellquote($_) } @$command);
 		$pipe = ' | ';
 	    }
-	    $cmd = [ '/bin/bash', '-c', "set -o pipefail && $cmdstr" ];
+	    $cmd = [ '/bin/bash', '-c', "$cmdstr" ];
 	} else {
 	    $cmdstr = cmd2string($cmd);
 	}
@@ -1218,19 +1224,24 @@ sub sync_mountpoint {
 # mailto may be a single email string or an array of receivers
 sub sendmail {
     my ($mailto, $subject, $text, $html, $mailfrom, $author) = @_;
+    my $mail_re = qr/[^-a-zA-Z0-9+._@]/;
 
     $mailto = [ $mailto ] if !ref($mailto);
 
-    my $rcvrarg = '';
-    foreach my $r (@$mailto) {
-	$rcvrarg .= " '$r'";
+    foreach (@$mailto) {
+	die "illegal character in mailto address\n"
+	    if ($_ =~ $mail_re);
     }
+
     my $rcvrtxt = join (', ', @$mailto);
 
     $mailfrom = $mailfrom || "root";
+    die "illegal character in mailfrom address\n"
+	if $mailfrom =~ $mail_re;
+
     $author = $author || 'Proxmox VE';
 
-    open (MAIL,"|sendmail -B 8BITMIME -f $mailfrom $rcvrarg") ||
+    open (MAIL, "|-", "sendmail", "-B", "8BITMIME", "-f", $mailfrom, @$mailto) ||
 	die "unable to open 'sendmail' - $!";
 
     # multipart spec see https://www.ietf.org/rfc/rfc1521.txt
@@ -1322,4 +1333,95 @@ sub validate_ssh_public_keys {
     }
 }
 
+sub openat($$$;$) {
+    my ($dirfd, $pathname, $flags, $mode) = @_;
+    my $fd = syscall(257, $dirfd, $pathname, $flags, $mode//0);
+    return undef if $fd < 0;
+    # sysopen() doesn't deal with numeric file descriptors apparently
+    # so we need to convert to a mode string for IO::Handle->new_from_fd
+    my $flagstr = ($flags & O_RDWR) ? 'rw' : ($flags & O_WRONLY) ? 'w' : 'r';
+    my $handle = IO::Handle->new_from_fd($fd, $flagstr);
+    return $handle if $handle;
+    my $err = $!; # save error before closing the raw fd
+    syscall(3, $fd); # close
+    $! = $err;
+    return undef;
+}
+
+sub mkdirat($$$) {
+    my ($dirfd, $name, $mode) = @_;
+    return syscall(258, $dirfd, $name, $mode) == 0;
+}
+
+# NOTE: This calls the dbus main loop and must not be used when another dbus
+# main loop is being used as we need to wait for the JobRemoved signal.
+# Polling the job status instead doesn't work because this doesn't give us the
+# distinction between success and failure.
+#
+# Note that the description is mandatory for security reasons.
+sub enter_systemd_scope {
+    my ($unit, $description, %extra) = @_;
+    die "missing description\n" if !defined($description);
+
+    my $timeout = delete $extra{timeout};
+
+    $unit .= '.scope';
+    my $properties = [ [PIDs => [dbus_uint32($$)]] ];
+
+    foreach my $key (keys %extra) {
+	if ($key eq 'Slice' || $key eq 'KillMode') {
+	    push @$properties, [$key, $extra{$key}];
+	} elsif ($key eq 'CPUShares') {
+	    push @$properties, [$key, dbus_uint64($extra{$key})];
+	} elsif ($key eq 'CPUQuota') {
+	    push @$properties, ['CPUQuotaPerSecUSec',
+	                        dbus_uint64($extra{$key} * 10000)];
+	} else {
+	    die "Don't know how to encode $key for systemd scope\n";
+	}
+    }
+
+    my $job;
+    my $done = 0;
+
+    my $bus = Net::DBus->system();
+    my $reactor = Net::DBus::Reactor->main();
+
+    my $service = $bus->get_service('org.freedesktop.systemd1');
+    my $if = $service->get_object('/org/freedesktop/systemd1', 'org.freedesktop.systemd1.Manager');
+    # Connect to the JobRemoved signal since we want to wait for it to finish
+    my $sigid;
+    my $timer;
+    my $cleanup = sub {
+	my ($no_shutdown) = @_;
+	$if->disconnect_from_signal('JobRemoved', $sigid) if defined($if);
+	$if = undef;
+	$sigid = undef;
+	$reactor->remove_timeout($timer) if defined($timer);
+	$timer = undef;
+	return if $no_shutdown;
+	$reactor->shutdown();
+    };
+
+    $sigid = $if->connect_to_signal('JobRemoved', sub {
+	my ($id, $removed_job, $signaled_unit, $result) = @_;
+	return if $signaled_unit ne $unit || $removed_job ne $job;
+	$cleanup->(0);
+	die "systemd job failed\n" if $result ne 'done';
+	$done = 1;
+    });
+
+    my $on_timeout = sub {
+	$cleanup->(0);
+	die "systemd job timed out\n";
+    };
+
+    $timer = $reactor->add_timeout($timeout * 1000, Net::DBus::Callback->new(method => $on_timeout))
+	if defined($timeout);
+    $job = $if->StartTransientUnit($unit, 'fail', $properties, []);
+    $reactor->run();
+    $cleanup->(1);
+    die "systemd job never completed\n" if !$done;
+}
+
 1;