mxqd: rename output files as user

mariux64 · Jul 13, 2016 · cd2469d · cd2469d
1 parent f3d02d1
commit cd2469d
Showing 1 changed file with 41 additions and 3 deletions.
diff --git a/mxqd.c b/mxqd.c
@@ -1693,12 +1693,30 @@ int killall_cancelled(struct mxq_server *server)
     return 0;
 }
 
-static void rename_outfiles(struct mxq_group *group, struct mxq_job *job)
+static void rename_outfiles(struct mxq_server *server, struct mxq_group *group, struct mxq_job *job)
 {
     int res;
 
     mxq_job_set_tmpfilenames(group, job);
 
+    if(RUNNING_AS_ROOT) {
+        res=initgroups(group->user_name,group->user_gid);
+        if (res==-1) {
+            mx_log_err("initgroups(\"%s\",%d): %m",group->user_name,group->user_gid);
+            exit(-errno);
+        }
+        res=setegid(group->user_gid);
+        if (res==-1) {
+            mx_log_err("setedid(%d): %m",group->user_gid);
+            exit(-errno);
+        }
+        res=seteuid(group->user_uid);
+        if (res==-1) {
+            mx_log_err("seteuid(%d): %m",group->user_uid);
+            exit(-errno);
+        }
+    }
+
     if (!mx_streq(job->job_stdout, "/dev/null")) {
         res = rename(job->tmp_stdout, job->job_stdout);
         if (res == -1) {
@@ -1722,6 +1740,26 @@ static void rename_outfiles(struct mxq_group *group, struct mxq_job *job)
                     job->host_pid);
         }
     }
+
+   if(RUNNING_AS_ROOT) {
+        uid_t uid=getuid();
+        uid_t gid=getgid();
+        res=seteuid(uid);
+        if (res==-1) {
+            mx_log_err("seteuid(%d): %m",uid);
+            exit(-errno);
+        }
+        res=setegid(gid);
+        if (res==-1) {
+            mx_log_err("setegid(%d): %m",gid);
+            exit(-errno);
+        }
+        res=setgroups(server->supgid_cnt,server->supgid);
+        if (res==-1) {
+            mx_log_err("setgroups(): %m");
+            exit(-errno);
+        }
+    }
 }
 
 static int job_has_finished(struct mxq_server *server, struct mxq_group *group, struct mxq_job_list *jlist)
@@ -1733,7 +1771,7 @@ static int job_has_finished(struct mxq_server *server, struct mxq_group *group,
 
         mxq_set_job_status_exited(server->mysql, job);
 
-        rename_outfiles(group, job);
+        rename_outfiles(server, group, job);
 
         cnt = jlist->group->slots_per_job;
         cpuset_clear_running(&server->cpu_set_running, &job->host_cpu_set);
@@ -1756,7 +1794,7 @@ static int job_is_lost(struct mxq_server *server,struct mxq_group *group, struct
         group->group_jobs_unknown++;
         group->group_jobs_running--;
 
-        rename_outfiles(group, job);
+        rename_outfiles(server, group, job);
 
         cnt = jlist->group->slots_per_job;
         cpuset_clear_running(&server->cpu_set_running, &job->host_cpu_set);