1/* Licensed to the Apache Software Foundation (ASF) under one or more 2 * contributor license agreements. See the NOTICE file distributed with 3 * this work for additional information regarding copyright ownership. 4 * The ASF licenses this file to You under the Apache License, Version 2.0 5 * (the "License"); you may not use this file except in compliance with 6 * the License. You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17/** 18 * @file unixd.h 19 * @brief common stuff that unix MPMs will want 20 * 21 * @addtogroup APACHE_OS_UNIX 22 * @{ 23 */ 24 25#ifndef UNIXD_H 26#define UNIXD_H 27 28#include "httpd.h" 29#include "http_config.h" 30#include "ap_listen.h" 31#ifdef HAVE_SYS_TIME_H 32#include <sys/time.h> 33#endif 34#ifdef HAVE_SYS_RESOURCE_H 35#include <sys/resource.h> 36#endif 37#include "apr_hooks.h" 38#include "apr_thread_proc.h" 39#include "apr_proc_mutex.h" 40#include "apr_global_mutex.h" 41 42#include <pwd.h> 43#include <grp.h> 44#ifdef APR_HAVE_SYS_TYPES_H 45#include <sys/types.h> 46#endif 47#ifdef HAVE_SYS_IPC_H 48#include <sys/ipc.h> 49#endif 50 51typedef struct { 52 uid_t uid; 53 gid_t gid; 54 int userdir; 55} ap_unix_identity_t; 56 57AP_DECLARE_HOOK(ap_unix_identity_t *, get_suexec_identity,(const request_rec *r)) 58 59 60/* Default user name and group name. These may be specified as numbers by 61 * placing a # before a number */ 62 63#ifndef DEFAULT_USER 64#define DEFAULT_USER "#-1" 65#endif 66#ifndef DEFAULT_GROUP 67#define DEFAULT_GROUP "#-1" 68#endif 69 70typedef struct { 71 const char *user_name; 72 uid_t user_id; 73 gid_t group_id; 74 int suexec_enabled; 75 const char *chroot_dir; 76} unixd_config_rec; 77AP_DECLARE_DATA extern unixd_config_rec unixd_config; 78 79AP_DECLARE(int) unixd_setup_child(void); 80AP_DECLARE(void) unixd_pre_config(apr_pool_t *ptemp); 81AP_DECLARE(const char *) unixd_set_user(cmd_parms *cmd, void *dummy, 82 const char *arg); 83AP_DECLARE(const char *) unixd_set_group(cmd_parms *cmd, void *dummy, 84 const char *arg); 85AP_DECLARE(const char *) unixd_set_chroot_dir(cmd_parms *cmd, void *dummy, 86 const char *arg); 87 88#if defined(RLIMIT_CPU) || defined(RLIMIT_DATA) || defined(RLIMIT_VMEM) || defined(RLIMIT_NPROC) || defined(RLIMIT_AS) 89AP_DECLARE(void) unixd_set_rlimit(cmd_parms *cmd, struct rlimit **plimit, 90 const char *arg, const char * arg2, int type); 91#endif 92 93AP_DECLARE(const char *) unixd_set_suexec(cmd_parms *cmd, void *dummy, 94 int arg); 95 96/** 97 * One of the functions to set mutex permissions should be called in 98 * the parent process on platforms that switch identity when the 99 * server is started as root. 100 * If the child init logic is performed before switching identity 101 * (e.g., MPM setup for an accept mutex), it should only be called 102 * for SysV semaphores. Otherwise, it is safe to call it for all 103 * mutex types. 104 */ 105AP_DECLARE(apr_status_t) unixd_set_proc_mutex_perms(apr_proc_mutex_t *pmutex); 106AP_DECLARE(apr_status_t) unixd_set_global_mutex_perms(apr_global_mutex_t *gmutex); 107AP_DECLARE(apr_status_t) unixd_accept(void **accepted, ap_listen_rec *lr, apr_pool_t *ptrans); 108 109#ifdef HAVE_KILLPG 110#define unixd_killpg(x, y) (killpg ((x), (y))) 111#define ap_os_killpg(x, y) (killpg ((x), (y))) 112#else /* HAVE_KILLPG */ 113#define unixd_killpg(x, y) (kill (-(x), (y))) 114#define ap_os_killpg(x, y) (kill (-(x), (y))) 115#endif /* HAVE_KILLPG */ 116 117#define UNIX_DAEMON_COMMANDS \ 118AP_INIT_TAKE1("User", unixd_set_user, NULL, RSRC_CONF, \ 119 "Effective user id for this server"), \ 120AP_INIT_TAKE1("Group", unixd_set_group, NULL, RSRC_CONF, \ 121 "Effective group id for this server"), \ 122AP_INIT_TAKE1("ChrootDir", unixd_set_chroot_dir, NULL, RSRC_CONF, \ 123 "The directory to chroot(2) into") 124 125#endif 126/** @} */ 127