diff options
Diffstat (limited to 'src/collectors/utils')
| -rw-r--r-- | src/collectors/utils/local_listeners.c | 339 | ||||
| -rw-r--r-- | src/collectors/utils/ndsudo.c | 494 |
2 files changed, 833 insertions, 0 deletions
diff --git a/src/collectors/utils/local_listeners.c b/src/collectors/utils/local_listeners.c new file mode 100644 index 000000000..a2e8968ff --- /dev/null +++ b/src/collectors/utils/local_listeners.c @@ -0,0 +1,339 @@ +// SPDX-License-Identifier: GPL-3.0-or-later + +#include "libnetdata/libnetdata.h" +#include "libnetdata/local-sockets/local-sockets.h" +#include "libnetdata/required_dummies.h" + +// -------------------------------------------------------------------------------------------------------------------- + +static void print_local_listeners(LS_STATE *ls __maybe_unused, const LOCAL_SOCKET *nn, void *data __maybe_unused) { + LOCAL_SOCKET *n = (LOCAL_SOCKET *)nn; + + char local_address[INET6_ADDRSTRLEN]; + char remote_address[INET6_ADDRSTRLEN]; + + if(n->local.family == AF_INET) { + ipv4_address_to_txt(n->local.ip.ipv4, local_address); + ipv4_address_to_txt(n->remote.ip.ipv4, remote_address); + } + else if(is_local_socket_ipv46(n)) { + strncpyz(local_address, "*", sizeof(local_address) - 1); + remote_address[0] = '\0'; + } + else if(n->local.family == AF_INET6) { + ipv6_address_to_txt(&n->local.ip.ipv6, local_address); + ipv6_address_to_txt(&n->remote.ip.ipv6, remote_address); + } + + printf("%s|%s|%u|%s\n", local_sockets_protocol_name(n), local_address, n->local.port, string2str(n->cmdline)); +} + +// -------------------------------------------------------------------------------------------------------------------- + +int main(int argc, char **argv) { + static struct rusage started, ended; + getrusage(RUSAGE_SELF, &started); + bool debug = false; + + LS_STATE ls = { + .config = { + .listening = true, + .inbound = false, + .outbound = false, + .local = false, + .tcp4 = true, + .tcp6 = true, + .udp4 = true, + .udp6 = true, + .pid = false, + .cmdline = true, + .comm = false, + .namespaces = true, + .tcp_info = false, + .no_mnl = false, + .report = false, + + .max_errors = 10, + .max_concurrent_namespaces = 10, + + .cb = print_local_listeners, + .data = NULL, + }, + .stats = { 0 }, + .sockets_hashtable = { 0 }, + .local_ips_hashtable = { 0 }, + .listening_ports_hashtable = { 0 }, + }; + + netdata_configured_host_prefix = getenv("NETDATA_HOST_PREFIX"); + if(!netdata_configured_host_prefix) netdata_configured_host_prefix = ""; + + for (int i = 1; i < argc; i++) { + char *s = argv[i]; + bool positive = true; + + if(strcmp(s, "-h") == 0 || strcmp(s, "--help") == 0) { + fprintf(stderr, + "\n" + " Netdata local-listeners\n" + " (C) 2024 Netdata Inc.\n" + "\n" + " This program prints a list of all the processes that have a listening socket.\n" + " It is used by Netdata to auto-detect the services running.\n" + "\n" + " Options:\n" + "\n" + " The options:\n" + "\n" + " udp, udp4, udp6, tcp, tcp4, tcp6, ipv4, ipv6\n" + "\n" + " select the sources to read currently available sockets.\n" + "\n" + " while:\n" + "\n" + " listening, local, inbound, outbound, namespaces\n" + "\n" + " filter the output based on the direction of the sockets.\n" + "\n" + " Prepending any option with 'no-', 'not-' or 'non-' will disable them.\n" + "\n" + " Current options:\n" + "\n" + " %s %s %s %s %s %s %s %s %s %s %s %s\n" + "\n" + " Option 'debug' enables all sources and all directions and provides\n" + " a full dump of current sockets.\n" + "\n" + " Option 'report' reports timings per step while collecting and processing\n" + " system information.\n" + "\n" + " Option 'procfile' uses procfile to read proc files, instead of getline().\n" + "\n" + " DIRECTION DETECTION\n" + " The program detects the direction of the sockets using these rules:\n" + "\n" + " - listening are all the TCP sockets that are in listen state\n" + " and all sockets that their remote IP is zero.\n" + "\n" + " - local are all the non-listening sockets that either their source IP\n" + " or their remote IP are loopback addresses. Loopback addresses are\n" + " those in 127.0.0.0/8 and ::1. When IPv4 addresses are mapped\n" + " into IPv6, the program extracts the IPv4 addresses to check them.\n" + "\n" + " Also, local are considered all the sockets that their remote\n" + " IP is one of the IPs that appear as local on another socket.\n" + "\n" + " - inbound are all the non-listening and non-local sockets that their local\n" + " port is a port of another socket that is marked as listening.\n" + "\n" + " - outbound are all the other sockets.\n" + "\n" + " Keep in mind that this kind of socket direction detection is not 100%% accurate,\n" + " and there may be cases (e.g. reusable sockets) that this code may incorrectly\n" + " mark sockets as inbound or outbound.\n" + "\n" + " WARNING:\n" + " This program reads the entire /proc/net/{tcp,udp,tcp6,upd6} files, builds\n" + " multiple hash maps in memory and traverses the entire /proc filesystem to\n" + " associate sockets with processes. We have made the most to make it as\n" + " lightweight and fast as possible, but still this program has a lot of work\n" + " to do and it may have some impact on very busy servers with millions of.\n" + " established connections." + "\n" + " Therefore, we suggest to avoid running it repeatedly for data collection.\n" + "\n" + " Netdata executes it only when it starts to auto-detect data collection sources\n" + " and initialize the network dependencies explorer." + "\n" + , ls.config.udp4 ? "udp4" :"no-udp4" + , ls.config.udp6 ? "udp6" :"no-udp6" + , ls.config.tcp4 ? "tcp4" :"no-tcp4" + , ls.config.tcp6 ? "tcp6" :"no-tcp6" + , ls.config.listening ? "listening" : "no-listening" + , ls.config.local ? "local" : "no-local" + , ls.config.inbound ? "inbound" : "no-inbound" + , ls.config.outbound ? "outbound" : "no-outbound" + , ls.config.namespaces ? "namespaces" : "no-namespaces" + , ls.config.no_mnl ? "no-mnl" : "mnl" + , ls.config.procfile ? "procfile" : "no-procfile" + , ls.config.report ? "report" : "no-report" + ); + exit(1); + } + + if(strncmp(s, "no-", 3) == 0) { + positive = false; + s += 3; + } + else if(strncmp(s, "not-", 4) == 0 || strncmp(s, "non-", 4) == 0) { + positive = false; + s += 4; + } + + if(strcmp(s, "debug") == 0 || strcmp(s, "--debug") == 0) { + fprintf(stderr, "%s debugging\n", positive ? "enabling" : "disabling"); + ls.config.listening = true; + ls.config.local = true; + ls.config.inbound = true; + ls.config.outbound = true; + ls.config.pid = true; + ls.config.comm = true; + ls.config.cmdline = true; + ls.config.namespaces = true; + ls.config.tcp_info = true; + ls.config.uid = true; + ls.config.procfile = false; + ls.config.max_errors = SIZE_MAX; + ls.config.cb = local_listeners_print_socket; + + debug = true; + } + else if (strcmp("tcp", s) == 0) { + ls.config.tcp4 = ls.config.tcp6 = positive; + // fprintf(stderr, "%s tcp4 and tcp6\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("tcp4", s) == 0) { + ls.config.tcp4 = positive; + // fprintf(stderr, "%s tcp4\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("tcp6", s) == 0) { + ls.config.tcp6 = positive; + // fprintf(stderr, "%s tcp6\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("udp", s) == 0) { + ls.config.udp4 = ls.config.udp6 = positive; + // fprintf(stderr, "%s udp4 and udp6\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("udp4", s) == 0) { + ls.config.udp4 = positive; + // fprintf(stderr, "%s udp4\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("udp6", s) == 0) { + ls.config.udp6 = positive; + // fprintf(stderr, "%s udp6\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("ipv4", s) == 0) { + ls.config.tcp4 = ls.config.udp4 = positive; + // fprintf(stderr, "%s udp4 and tcp4\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("ipv6", s) == 0) { + ls.config.tcp6 = ls.config.udp6 = positive; + // fprintf(stderr, "%s udp6 and tcp6\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("listening", s) == 0) { + ls.config.listening = positive; + // fprintf(stderr, "%s listening\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("local", s) == 0) { + ls.config.local = positive; + // fprintf(stderr, "%s local\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("inbound", s) == 0) { + ls.config.inbound = positive; + // fprintf(stderr, "%s inbound\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("outbound", s) == 0) { + ls.config.outbound = positive; + // fprintf(stderr, "%s outbound\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("namespaces", s) == 0 || strcmp("ns", s) == 0) { + ls.config.namespaces = positive; + // fprintf(stderr, "%s namespaces\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("mnl", s) == 0) { + ls.config.no_mnl = !positive; + // fprintf(stderr, "%s mnl\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("procfile", s) == 0) { + ls.config.procfile = positive; + // fprintf(stderr, "%s procfile\n", positive ? "enabling" : "disabling"); + } + else if (strcmp("report", s) == 0) { + ls.config.report = positive; + // fprintf(stderr, "%s report\n", positive ? "enabling" : "disabling"); + } + else { + fprintf(stderr, "Unknown parameter %s\n", s); + exit(1); + } + } + +#if defined(LOCAL_SOCKETS_USE_SETNS) + SPAWN_SERVER *spawn_server = spawn_server_create(SPAWN_SERVER_OPTION_CALLBACK, NULL, local_sockets_spawn_server_callback, argc, (const char **)argv); + if(spawn_server == NULL) { + fprintf(stderr, "Cannot create spawn server.\n"); + exit(1); + } + + ls.spawn_server = spawn_server; +#endif + + local_sockets_process(&ls); + +#if defined(LOCAL_SOCKETS_USE_SETNS) + spawn_server_destroy(spawn_server); +#endif + + getrusage(RUSAGE_SELF, &ended); + + if(debug) { + unsigned long long user = ended.ru_utime.tv_sec * 1000000ULL + ended.ru_utime.tv_usec - started.ru_utime.tv_sec * 1000000ULL + started.ru_utime.tv_usec; + unsigned long long system = ended.ru_stime.tv_sec * 1000000ULL + ended.ru_stime.tv_usec - started.ru_stime.tv_sec * 1000000ULL + started.ru_stime.tv_usec; + unsigned long long total = user + system; + + fprintf(stderr, "CPU Usage %llu user, %llu system, %llu total, %zu namespaces, %zu nl requests (without namespaces)\n", user, system, total, ls.stats.namespaces_found, ls.stats.mnl_sends); + } + + if(ls.config.report) { + fprintf(stderr, "\nTIMINGS REPORT:\n"); + char buf[100]; + usec_t total_ut = 0; + for(size_t i = 0; i < _countof(ls.timings) ;i++) { + if (!ls.timings[i].end_ut) continue; + usec_t dt_ut = ls.timings[i].end_ut - ls.timings[i].start_ut; + total_ut += dt_ut; + } + + for(size_t i = 0; i < _countof(ls.timings) ;i++) { + if(!ls.timings[i].end_ut) continue; + usec_t dt_ut = ls.timings[i].end_ut - ls.timings[i].start_ut; + double percent = (100.0 * (double)dt_ut) / (double)total_ut; + duration_snprintf(buf, sizeof(buf), (int64_t)dt_ut, "us", true); + fprintf(stderr, "%20s: %6.2f%% %s\n", ls.timings[i].name, percent, buf); + } + + duration_snprintf(buf, sizeof(buf), (int64_t)total_ut, "us", true); + fprintf(stderr, "%20s: %6.2f%% %s\n", "TOTAL", 100.0, buf); + + fprintf(stderr, "\n"); + fprintf(stderr, "Namespaces [ found: %zu, absent: %zu, invalid: %zu ]\n" +#if defined(LOCAL_SOCKETS_USE_SETNS) + " \\_ forks [ tried: %zu, failed: %zu, unresponsive: %zu ]\n" + " \\_ sockets [ new: %zu, existing: %zu ]\n" +#endif + , ls.stats.namespaces_found, ls.stats.namespaces_absent, ls.stats.namespaces_invalid +#if defined(LOCAL_SOCKETS_USE_SETNS) + , ls.stats.namespaces_forks_attempted, ls.stats.namespaces_forks_failed, ls.stats.namespaces_forks_unresponsive + , ls.stats.namespaces_sockets_new, ls.stats.namespaces_sockets_existing +#endif + ); + + fprintf(stderr, "\n"); + fprintf(stderr, "Sockets [ found: %zu ]\n", + ls.stats.sockets_added); + + fprintf(stderr, "\n"); + fprintf(stderr, "Main Procfile [ opens: %zu, reads: %zu, resizes: %zu, memory: %zu ]\n" + " \\_ reads [ total bytes read: %zu, average read size: %zu, max read size: %zu ]\n" + " \\_ max [ max file size: %zu, max lines: %zu, max words: %zu ]\n", + ls.stats.ff.opens, ls.stats.ff.reads, ls.stats.ff.resizes, ls.stats.ff.memory, + ls.stats.ff.total_read_bytes, ls.stats.ff.total_read_bytes / (ls.stats.ff.reads ? ls.stats.ff.reads : 1), ls.stats.ff.max_read_size, + ls.stats.ff.max_source_bytes, ls.stats.ff.max_lines, ls.stats.ff.max_words); + + fprintf(stderr, "\n"); + fprintf(stderr, "MNL(without namespaces) [ requests: %zu ]\n", + ls.stats.mnl_sends); + } + + return 0; +} diff --git a/src/collectors/utils/ndsudo.c b/src/collectors/utils/ndsudo.c new file mode 100644 index 000000000..e37110bbb --- /dev/null +++ b/src/collectors/utils/ndsudo.c @@ -0,0 +1,494 @@ +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <stdbool.h> + +#define MAX_SEARCH 2 +#define MAX_PARAMETERS 128 +#define ERROR_BUFFER_SIZE 1024 + +struct command { + const char *name; + const char *params; + const char *search[MAX_SEARCH]; +} allowed_commands[] = { + { + .name = "chronyc-serverstats", + .params = "serverstats", + .search = + { + [0] = "chronyc", + [1] = NULL, + }, + }, + { + .name = "varnishadm-backend-list", + .params = "backend.list", + .search = + { + [0] = "varnishadm", + [1] = NULL, + }, + }, + { + .name = "varnishstat-stats", + .params = "-1 -t off -n {{instanceName}}", + .search = + { + [0] = "varnishstat", + [1] = NULL, + }, + }, + { + .name = "smbstatus-profile", + .params = "-P", + .search = + { + [0] = "smbstatus", + [1] = NULL, + }, + }, + { + .name = "exim-bpc", + .params = "-bpc", + .search = + { + [0] = "exim", + [1] = NULL, + }, + }, + { + .name = "nsd-control-stats", + .params = "stats_noreset", + .search = { + [0] = "nsd-control", + [1] = NULL, + }, + }, + { + .name = "chronyc-serverstats", + .params = "serverstats", + .search = { + [0] = "chronyc", + [1] = NULL, + }, + }, + { + .name = "dmsetup-status-cache", + .params = "status --target cache --noflush", + .search = { + [0] = "dmsetup", + [1] = NULL, + }, + }, + { + .name = "ssacli-controllers-info", + .params = "ctrl all show config detail", + .search = { + [0] = "ssacli", + [1] = NULL, + }, + }, + { + .name = "smartctl-json-scan", + .params = "--json --scan", + .search = { + [0] = "smartctl", + [1] = NULL, + }, + }, + { + .name = "smartctl-json-scan-open", + .params = "--json --scan-open", + .search = { + [0] = "smartctl", + [1] = NULL, + }, + }, + { + .name = "smartctl-json-device-info", + .params = "--json --all {{deviceName}} --device {{deviceType}} --nocheck {{powerMode}}", + .search = { + [0] = "smartctl", + [1] = NULL, + }, + }, + { + .name = "fail2ban-client-status", + .params = "status", + .search = { + [0] = "fail2ban-client", + [1] = NULL, + }, + }, + { + .name = "fail2ban-client-status-socket", + .params = "-s {{socket_path}} status", + .search = { + [0] = "fail2ban-client", + [1] = NULL, + }, + }, + { + .name = "fail2ban-client-status-jail", + .params = "status {{jail}}", + .search = { + [0] = "fail2ban-client", + [1] = NULL, + }, + }, + { + .name = "fail2ban-client-status-jail-socket", + .params = "-s {{socket_path}} status {{jail}}", + .search = { + [0] = "fail2ban-client", + [1] = NULL, + }, + }, + { + .name = "storcli-controllers-info", + .params = "/cALL show all J nolog", + .search = { + [0] = "storcli", + [1] = NULL, + }, + }, + { + .name = "storcli-drives-info", + .params = "/cALL/eALL/sALL show all J nolog", + .search = { + [0] = "storcli", + [1] = NULL, + }, + }, + { + .name = "lvs-report-json", + .params = "--reportformat json --units b --nosuffix -o {{options}}", + .search = { + [0] = "lvs", + [1] = NULL, + }, + }, + { + .name = "igt-list-gpus", + .params = "-L", + .search = { + [0] = "intel_gpu_top", + [1] = NULL, + }, + }, + { + .name = "igt-device-json", + .params = "-d {{device}} -J -s {{interval}}", + .search = { + [0] = "intel_gpu_top", + [1] = NULL, + }, + }, + { + .name = "igt-json", + .params = "-J -s {{interval}}", + .search = { + [0] = "intel_gpu_top", + [1] = NULL, + }, + }, + { + .name = "nvme-list", + .params = "list --output-format=json", + .search = { + [0] = "nvme", + [1] = NULL, + }, + }, + { + .name = "nvme-smart-log", + .params = "smart-log {{device}} --output-format=json", + .search = { + [0] = "nvme", + [1] = NULL, + }, + }, + { + .name = "megacli-disk-info", + .params = "-LDPDInfo -aAll -NoLog", + .search = { + [0] = "megacli", + [1] = "MegaCli", + }, + }, + { + .name = "megacli-battery-info", + .params = "-AdpBbuCmd -aAll -NoLog", + .search = { + [0] = "megacli", + [1] = "MegaCli", + }, + }, + { + .name = "arcconf-ld-info", + .params = "GETCONFIG 1 LD", + .search = { + [0] = "arcconf", + [1] = NULL, + }, + }, + { + .name = "arcconf-pd-info", + .params = "GETCONFIG 1 PD", + .search = { + [0] = "arcconf", + [1] = NULL, + }, + } +}; + +bool command_exists_in_dir(const char *dir, const char *cmd, char *dst, size_t dst_size) { + snprintf(dst, dst_size, "%s/%s", dir, cmd); + return access(dst, X_OK) == 0; +} + +bool command_exists_in_PATH(const char *cmd, char *dst, size_t dst_size) { + if(!dst || !dst_size) + return false; + + char *path = getenv("PATH"); + if(!path) + return false; + + char *path_copy = strdup(path); + if (!path_copy) + return false; + + char *dir; + bool found = false; + dir = strtok(path_copy, ":"); + while(dir && !found) { + found = command_exists_in_dir(dir, cmd, dst, dst_size); + dir = strtok(NULL, ":"); + } + + free(path_copy); + return found; +} + +struct command *find_command(const char *cmd) { + size_t size = sizeof(allowed_commands) / sizeof(allowed_commands[0]); + for(size_t i = 0; i < size ;i++) { + if(strcmp(cmd, allowed_commands[i].name) == 0) + return &allowed_commands[i]; + } + + return NULL; +} + +bool check_string(const char *str, size_t index, char *err, size_t err_size) { + const char *s = str; + while(*s) { + char c = *s++; + if(!((c >= 'A' && c <= 'Z') || + (c >= 'a' && c <= 'z') || + (c >= '0' && c <= '9') || + c == ' ' || c == '_' || c == '-' || c == '/' || + c == '.' || c == ',' || c == ':' || c == '=')) { + snprintf(err, err_size, "command line argument No %zu includes invalid character '%c'", index, c); + return false; + } + } + + return true; +} + +bool check_params(int argc, char **argv, char *err, size_t err_size) { + for(int i = 0 ; i < argc ;i++) + if(!check_string(argv[i], i, err, err_size)) + return false; + + return true; +} + +char *find_variable_in_argv(const char *variable, int argc, char **argv, char *err, size_t err_size) { + for (int i = 1; i < argc - 1; i++) { + if (strcmp(argv[i], variable) == 0) + return strdup(argv[i + 1]); + } + + snprintf(err, err_size, "variable '%s' is required, but was not provided in the command line parameters", variable); + + return NULL; +} + +bool search_and_replace_params(struct command *cmd, char **params, size_t max_params, const char *filename, int argc, char **argv, char *err, size_t err_size) { + if (!cmd || !params || !max_params) { + snprintf(err, err_size, "search_and_replace_params() internal error"); + return false; + } + + const char *delim = " "; + char *token; + char *temp_params = strdup(cmd->params); + if (!temp_params) { + snprintf(err, err_size, "search_and_replace_params() cannot allocate memory"); + return false; + } + + size_t param_count = 0; + params[param_count++] = strdup(filename); + + token = strtok(temp_params, delim); + while (token && param_count < max_params - 1) { + size_t len = strlen(token); + + char *value = NULL; + + if (strncmp(token, "{{", 2) == 0 && strncmp(token + len - 2, "}}", 2) == 0) { + token[0] = '-'; + token[1] = '-'; + token[len - 2] = '\0'; + + value = find_variable_in_argv(token, argc, argv, err, err_size); + } + else + value = strdup(token); + + if(!value) + goto cleanup; + + params[param_count++] = value; + token = strtok(NULL, delim); + } + + params[param_count] = NULL; // Null-terminate the params array + free(temp_params); + return true; + +cleanup: + if(!err[0]) + snprintf(err, err_size, "memory allocation failure"); + + free(temp_params); + for (size_t i = 0; i < param_count; ++i) { + free(params[i]); + params[i] = NULL; + } + return false; +} + +void show_help() { + fprintf(stdout, "\n"); + fprintf(stdout, "ndsudo\n"); + fprintf(stdout, "\n"); + fprintf(stdout, "(C) Netdata Inc.\n"); + fprintf(stdout, "\n"); + fprintf(stdout, "A helper to allow Netdata run privileged commands.\n"); + fprintf(stdout, "\n"); + fprintf(stdout, " --test\n"); + fprintf(stdout, " print the generated command that will be run, without running it.\n"); + fprintf(stdout, "\n"); + fprintf(stdout, " --help\n"); + fprintf(stdout, " print this message.\n"); + fprintf(stdout, "\n"); + + fprintf(stdout, "The following commands are supported:\n\n"); + + size_t size = sizeof(allowed_commands) / sizeof(allowed_commands[0]); + for(size_t i = 0; i < size ;i++) { + fprintf(stdout, "- Command : %s\n", allowed_commands[i].name); + fprintf(stdout, " Executables: "); + for(size_t j = 0; j < MAX_SEARCH && allowed_commands[i].search[j] ;j++) { + fprintf(stdout, "%s ", allowed_commands[i].search[j]); + } + fprintf(stdout, "\n"); + fprintf(stdout, " Parameters : %s\n\n", allowed_commands[i].params); + } + + fprintf(stdout, "The program searches for executables in the system path.\n"); + fprintf(stdout, "\n"); + fprintf(stdout, "Variables given as {{variable}} are expected on the command line as:\n"); + fprintf(stdout, " --variable VALUE\n"); + fprintf(stdout, "\n"); + fprintf(stdout, "VALUE can include space, A-Z, a-z, 0-9, _, -, /, and .\n"); + fprintf(stdout, "\n"); +} + +int main(int argc, char *argv[]) { + char error_buffer[ERROR_BUFFER_SIZE] = ""; + + if (argc < 2) { + fprintf(stderr, "at least 2 parameters are needed, but %d were given.\n", argc); + return 1; + } + + if(!check_params(argc, argv, error_buffer, sizeof(error_buffer))) { + fprintf(stderr, "invalid characters in parameters: %s\n", error_buffer); + return 2; + } + + bool test = false; + const char *cmd = argv[1]; + if(strcmp(cmd, "--help") == 0 || strcmp(cmd, "-h") == 0) { + show_help(); + exit(0); + } + else if(strcmp(cmd, "--test") == 0) { + cmd = argv[2]; + test = true; + } + + struct command *command = find_command(cmd); + if(!command) { + fprintf(stderr, "command not recognized: %s\n", cmd); + return 3; + } + + char new_path[] = "PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin"; + putenv(new_path); + + setuid(0); + setgid(0); + setegid(0); + + bool found = false; + char filename[FILENAME_MAX]; + + for(size_t i = 0; i < MAX_SEARCH && !found ;i++) { + if(command->search[i]) { + found = command_exists_in_PATH(command->search[i], filename, sizeof(filename)); + if(!found) { + size_t len = strlen(error_buffer); + snprintf(&error_buffer[len], sizeof(error_buffer) - len, "%s ", command->search[i]); + } + } + } + + if(!found) { + fprintf(stderr, "%s: not available in PATH.\n", error_buffer); + return 4; + } + else + error_buffer[0] = '\0'; + + char *params[MAX_PARAMETERS]; + if(!search_and_replace_params(command, params, MAX_PARAMETERS, filename, argc, argv, error_buffer, sizeof(error_buffer))) { + fprintf(stderr, "command line parameters are not satisfied: %s\n", error_buffer); + return 5; + } + + if(test) { + fprintf(stderr, "Command to run: \n"); + + for(size_t i = 0; i < MAX_PARAMETERS && params[i] ;i++) + fprintf(stderr, "'%s' ", params[i]); + + fprintf(stderr, "\n"); + + exit(0); + } + else { + char *clean_env[] = {NULL}; + execve(filename, params, clean_env); + perror("execve"); // execve only returns on error + return 6; + } +} |