mirrors/cdt
1
0
Fork 0
mirror of https://github.com/eclipse-cdt/cdt synced 2025-08-04 23:05:47 +02:00
Code Issues Wiki Activity

[287305] [dstore] Need to set proper uid for commands when using SecuredThread and single server for multiple clients[

Browse source
This commit is contained in:
David McKnight 2009-10-15 14:49:22 +00:00
parent 3bd98f9f42
commit 67574e1c7f
2 changed files with 132 additions and 91 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

216
rse/plugins/org.eclipse.rse.services.dstore/miners/org/eclipse/rse/internal/dstore/universal/miners/command/CommandMinerThread.java
View file

@ -23,6 +23,7 @@
* David McKnight (IBM) [284179] [dstore] commands have a hard coded line length limit of 100 characters * David McKnight (IBM) [284179] [dstore] commands have a hard coded line length limit of 100 characters
* David McKnight (IBM) - [286671] Dstore shell service interprets < and > sequences * David McKnight (IBM) - [286671] Dstore shell service interprets < and > sequences
* David McKnight (IBM) [290743] [dstore][shells] allow bash shells and custom shell invocation * David McKnight (IBM) [290743] [dstore][shells] allow bash shells and custom shell invocation
* David McKnight (IBM) [287305] [dstore] Need to set proper uid for commands when using SecuredThread and single server for multiple clients[
*******************************************************************************/ *******************************************************************************/
package org.eclipse.rse.internal.dstore.universal.miners.command; package org.eclipse.rse.internal.dstore.universal.miners.command;
@ -42,6 +43,7 @@ import java.util.Hashtable;
import java.util.List; import java.util.List;
import org.eclipse.dstore.core.miners.MinerThread; import org.eclipse.dstore.core.miners.MinerThread;
import org.eclipse.dstore.core.model.Client;
import org.eclipse.dstore.core.model.DE; import org.eclipse.dstore.core.model.DE;
import org.eclipse.dstore.core.model.DataElement; import org.eclipse.dstore.core.model.DataElement;
import org.eclipse.dstore.core.model.DataStoreAttributes; import org.eclipse.dstore.core.model.DataStoreAttributes;
@ -98,6 +100,7 @@ public class CommandMinerThread extends MinerThread
_isDone = false; _isDone = false;
_status = status; _status = status;
_descriptors = descriptors; _descriptors = descriptors;
boolean isBash = false;
_subject = theElement; _subject = theElement;
@ -132,14 +135,23 @@ public class CommandMinerThread extends MinerThread
} }
try try
{ {
String userHome = null; String suCommand = null;
if (_dataStore.getClient() != null){ String userHome = null;
userHome = _dataStore.getClient().getProperty("user.home");//$NON-NLS-1$ Client client = _dataStore.getClient();
}
else { if (client != null){
userHome = System.getProperty("user.home");//$NON-NLS-1$ String clientActualUserId = client.getProperty("user.name");//$NON-NLS-1$
String clientUserId = client.getUserid();
userHome = client.getProperty("user.home");//$NON-NLS-1$
if (clientUserId != null && !clientActualUserId.equals(clientUserId)){
suCommand = "su " + clientUserId + " -c "; //$NON-NLS-1$
}
} }
else {
userHome = System.getProperty("user.home");//$NON-NLS-1$
}
_cwdStr = theElement.getSource(); _cwdStr = theElement.getSource();
if (_cwdStr == null || _cwdStr.length() == 0) if (_cwdStr == null || _cwdStr.length() == 0)
@ -176,12 +188,16 @@ public class CommandMinerThread extends MinerThread
{ {
_isTTY = false; _isTTY = false;
} }
_patterns.setIsTerminal(_isTTY); _patterns.setIsTerminal(_isTTY);
String property = "SHELL="; //$NON-NLS-1$ String property = "SHELL="; //$NON-NLS-1$
String[] env = getEnvironment(_subject); String[] env = getEnvironment(_subject);
boolean isBash = false;
boolean isBashonZ = false; boolean isBashonZ = false;
boolean isSHonZ = false; boolean isSHonZ = false;
@ -229,17 +245,20 @@ public class CommandMinerThread extends MinerThread
if (_invocation.equals(">")) //$NON-NLS-1$ if (_invocation.equals(">")) //$NON-NLS-1$
{ {
_invocation = "sh"; //$NON-NLS-1$ _invocation = "sh"; //$NON-NLS-1$
_isShell = true; _isShell = true;
if (isZ) if (isZ)
isSHonZ = true; isSHonZ = true;
} }
if (_isTTY) if (_isTTY)
{ {
if (isSHonZ) if (isSHonZ)
{ {
String args[] = new String[3]; String args[] = new String[3];
args[0] = PSEUDO_TERMINAL; args[0] = PSEUDO_TERMINAL;
args[1] = _invocation; args[1] = "sh"; //$NON-NLS-1$
args[2] = "-L"; //$NON-NLS-1$ args[2] = "-L"; //$NON-NLS-1$
try { try {
@ -252,14 +271,28 @@ public class CommandMinerThread extends MinerThread
} }
else else
{ {
String args[] = new String[2]; List argsList = new ArrayList();
args[0] = PSEUDO_TERMINAL;
args[1] = _invocation; if (suCommand != null){
String[] suSplit = suCommand.split(" "); //$NON-NLS-1$
for (int i = 0; i < suSplit.length; i++){ // su before terminal
argsList.add(suSplit[i]);
}
}
argsList.add(PSEUDO_TERMINAL);
argsList.add(invocation);
String args[] = (String[])argsList.toArray(new String[argsList.size()]);
_theProcess = Runtime.getRuntime().exec(args, env, theDirectory); _theProcess = Runtime.getRuntime().exec(args, env, theDirectory);
} }
} }
else else
{ {
//VRB: for Linux on System z we end up here
if (suCommand!=null)
_invocation = suCommand + _invocation;
_theProcess = Runtime.getRuntime().exec(_invocation, env, theDirectory); _theProcess = Runtime.getRuntime().exec(_invocation, env, theDirectory);
} }
} }
@ -268,51 +301,51 @@ public class CommandMinerThread extends MinerThread
if (_invocation.equals(">")) //$NON-NLS-1$ if (_invocation.equals(">")) //$NON-NLS-1$
{ {
_invocation = theShell; _invocation = theShell;
_isShell = true; _isShell = true;
if (_isTTY) if (_isTTY)
{ {
String args[] = null; List argsList = new ArrayList();
if (isBashonZ)
{ if (!isBashonZ && !isSHonZ && suCommand != null){
args = new String[5]; // su before starting rseterm
args[0] = PSEUDO_TERMINAL; String[] suArgs = suCommand.split(" "); //$NON-NLS-1$
args[1] = "-w"; //$NON-NLS-1$ for (int i = 0; i < suArgs.length; i++){
args[2] = "256"; //$NON-NLS-1$ argsList.add(suArgs[i]);
args[3] = _invocation; }
args[4] = "--login"; //$NON-NLS-1$ }
argsList.add(PSEUDO_TERMINAL);
if (!isBashonZ && !isSHonZ && suCommand != null){
// need sh -c before invocation
argsList.add("sh"); //$NON-NLS-1$
argsList.add("-c"); //$NON-NLS-1$
}
else {
argsList.add("-w"); //$NON-NLS-1$
argsList.add(""+_maxLineLength); //$NON-NLS-1$
}
argsList.add(_invocation);
if (isBashonZ){
argsList.add("--login"); //$NON-NLS-1$
didLogin = true; didLogin = true;
} }
else if (isBash) else if (isBash){
{ argsList.add("-l"); //$NON-NLS-1$
args = new String[5];
args[0] = PSEUDO_TERMINAL;
args[1] = "-w"; //$NON-NLS-1$
args[2] = "256"; //$NON-NLS-1$
args[3] = _invocation;
args[4] = "-l"; //$NON-NLS-1$
didLogin = true; didLogin = true;
} }
else if (isSHonZ) else if (isSHonZ){
{ argsList.add("-L"); //$NON-NLS-1$
args = new String[5];
args[0] = PSEUDO_TERMINAL;
args[1] = "-w"; //$NON-NLS-1$
args[2] = "256"; //$NON-NLS-1$
args[3] = _invocation;
args[4] = "-L"; //$NON-NLS-1$
didLogin = true; didLogin = true;
} }
else
{ String args[] = (String[])argsList.toArray(new String[argsList.size()]);
args = new String[4];
args[0] = PSEUDO_TERMINAL;
args[1] = "-w"; //$NON-NLS-1$
args[2] = "256"; //$NON-NLS-1$
args[3] = _invocation;
}
try { try {
_theProcess = Runtime.getRuntime().exec(args, env, theDirectory); _theProcess = Runtime.getRuntime().exec(args, env, theDirectory);
} }
@ -323,6 +356,10 @@ public class CommandMinerThread extends MinerThread
} }
else else
{ {
if (!isBashonZ && !isSHonZ && suCommand != null){
_invocation = suCommand + _invocation;
}
if (customShellInvocation != null && customShellInvocation.length() > 0){ if (customShellInvocation != null && customShellInvocation.length() > 0){
// all handled in the custom shell invocation // all handled in the custom shell invocation
_theProcess = Runtime.getRuntime().exec(_invocation, env, theDirectory); _theProcess = Runtime.getRuntime().exec(_invocation, env, theDirectory);
@ -352,32 +389,21 @@ public class CommandMinerThread extends MinerThread
} }
else else
{ {
_isTTY = false; if (suCommand != null){
theShell = suCommand + theShell;
//String[] inv = parseArgs(_invocation);
if (_isTTY)
{
String args[] = new String[4];
args[0] = PSEUDO_TERMINAL;
args[1] = theShell;
args[2] = "-c"; //$NON-NLS-1$
args[3] = _invocation;
_theProcess = Runtime.getRuntime().exec(args, env, theDirectory);
} }
else
{ List argsList = new ArrayList();
String args[] = new String[3]; String[] shellArray = theShell.split(" "); //$NON-NLS-1$
args[0] = theShell; for (int i = 0; i < shellArray.length; i++){
args[1] = "-c"; //$NON-NLS-1$ argsList.add(shellArray[i]);
args[2] = _invocation;
_theProcess = Runtime.getRuntime().exec(args, env, theDirectory);
} }
argsList.add("-c"); //$NON-NLS-1$
argsList.add(_invocation);
String args[] = (String[])argsList.toArray(new String[argsList.size()]);
_theProcess = Runtime.getRuntime().exec(args, env, theDirectory);
} }
} }
} }
@ -472,10 +498,19 @@ public class CommandMinerThread extends MinerThread
_stdOutputHandler.setDataStore(_dataStore); _stdOutputHandler.setDataStore(_dataStore);
_stdErrorHandler.start(); _stdErrorHandler.start();
if (didLogin && !userHome.equals(_cwdStr)) // initialization
if (didLogin || _isTTY)
{ {
String initCmd = ""; //$NON-NLS-1$
if (_isTTY){
initCmd = "export PS1='$PWD>';" ; //$NON-NLS-1$
}
if (didLogin && !userHome.equals(_cwdStr)){
initCmd += "cd " + _cwdStr; //$NON-NLS-1$
}
// need to CD to the correct directory // need to CD to the correct directory
final String cdCmd = "cd " + _cwdStr; //$NON-NLS-1$ final String finitCmd = initCmd;
Thread cdThread = new Thread( Thread cdThread = new Thread(
new Runnable() new Runnable()
{ {
@ -490,7 +525,7 @@ public class CommandMinerThread extends MinerThread
{ {
} }
sendInput(cdCmd); sendInput(finitCmd);
} }
}); });
cdThread.start(); cdThread.start();
@ -506,7 +541,7 @@ public class CommandMinerThread extends MinerThread
catch (IOException e) catch (IOException e)
{ {
_theProcess = null; _theProcess = null;
e.printStackTrace(); _dataStore.trace(e);
createObject("command", e.getMessage()); //$NON-NLS-1$ createObject("command", e.getMessage()); //$NON-NLS-1$
status.setAttribute(DE.A_NAME, "done"); //$NON-NLS-1$ status.setAttribute(DE.A_NAME, "done"); //$NON-NLS-1$
return; return;
@ -650,11 +685,13 @@ public class CommandMinerThread extends MinerThread
if (!_isWindows && (input.startsWith("cd ") || input.equals("cd"))) //$NON-NLS-1$ //$NON-NLS-2$ if (!_isWindows && (input.startsWith("cd ") || input.equals("cd"))) //$NON-NLS-1$ //$NON-NLS-2$
{ {
queryCWD(); if (!_isTTY)
queryCWD();
} }
else if (!_didInitialCWDQuery) else if (!_didInitialCWDQuery)
{ {
queryCWD(); if (!_isTTY)
queryCWD();
} }
if (!_isWindows && !_isTTY) if (!_isWindows && !_isTTY)
{ {
@ -732,8 +769,11 @@ public class CommandMinerThread extends MinerThread
if (_isTTY) if (_isTTY)
{ {
varTable.put("PS1","$PWD/>"); //$NON-NLS-1$ //$NON-NLS-2$ varTable.put("PS1","'$PWD/>'"); //$NON-NLS-1$ //$NON-NLS-2$
varTable.put("COLUMNS","256"); //$NON-NLS-1$ //$NON-NLS-2$
//if (_maxLineLength )
varTable.put("COLUMNS","" + _maxLineLength); //$NON-NLS-1$ //$NON-NLS-2$
} }
@ -846,7 +886,7 @@ public class CommandMinerThread extends MinerThread
} }
catch (Throwable e) catch (Throwable e)
{ {
e.printStackTrace(); _dataStore.trace(e);
} }
return theValue.toString(); return theValue.toString();
} }
@ -992,7 +1032,7 @@ public class CommandMinerThread extends MinerThread
} }
} }
catch (IllegalThreadStateException e) catch (IllegalThreadStateException e)
{ //e.printStackTrace(); {
exitcode = -1; exitcode = -1;
_theProcess.destroy(); _theProcess.destroy();
} }
@ -1027,7 +1067,7 @@ public class CommandMinerThread extends MinerThread
} }
catch (IOException e) catch (IOException e)
{ {
e.printStackTrace(); _dataStore.trace(e);
} }
} }
@ -1118,7 +1158,7 @@ public class CommandMinerThread extends MinerThread
} }
catch (Throwable e) catch (Throwable e)
{ {
e.printStackTrace(); _dataStore.trace(e);
} }
if (parsedMsg == null) if (parsedMsg == null)
{ {
@ -1175,7 +1215,7 @@ public class CommandMinerThread extends MinerThread
} }
catch (NumberFormatException e) catch (NumberFormatException e)
{ {
e.printStackTrace(); _dataStore.trace(e);
} }
} }
} }

7
rse/plugins/org.eclipse.rse.services.dstore/miners/org/eclipse/rse/internal/dstore/universal/miners/command/OutputHandler.java
View file

@ -17,6 +17,7 @@
* David McKnight (IBM) [249715] [dstore][shells] Unix shell does not echo command * David McKnight (IBM) [249715] [dstore][shells] Unix shell does not echo command
* David McKnight (IBM) - [282919] [dstore] server shutdown results in exception in shell io reading * David McKnight (IBM) - [282919] [dstore] server shutdown results in exception in shell io reading
* David McKnight (IBM) - [286671] Dstore shell service interprets &lt; and &gt; sequences * David McKnight (IBM) - [286671] Dstore shell service interprets &lt; and &gt; sequences
* David McKnight (IBM) [287305] [dstore] Need to set proper uid for commands when using SecuredThread and single server for multiple clients[
*******************************************************************************/ *******************************************************************************/
package org.eclipse.rse.internal.dstore.universal.miners.command; package org.eclipse.rse.internal.dstore.universal.miners.command;
@ -153,7 +154,7 @@ public class OutputHandler extends Handler {
} }
} }
} catch (IOException e) { } catch (IOException e) {
e.printStackTrace(); _commandThread._dataStore.trace(e);
} }
} }
@ -317,11 +318,11 @@ public class OutputHandler extends Handler {
return output; return output;
} }
} catch (Exception e) { } catch (Exception e) {
e.printStackTrace(); _commandThread._dataStore.trace(e);
} }
} }
} catch (Exception e) { } catch (Exception e) {
e.printStackTrace(); _commandThread._dataStore.trace(e);
} }
return output; return output;
} }