#endif /* HAVE_SYS_RESOURCE_H */
#include "gspawn.h"
+#include "gthread.h"
+#include "glib/gstdio.h"
+#include "genviron.h"
#include "gmem.h"
#include "gshell.h"
#include "gstring.h"
#include "gtestutils.h"
#include "gutils.h"
#include "glibintl.h"
+#include "glib-unix.h"
+
+/**
+ * SECTION:spawn
+ * @Short_description: process launching
+ * @Title: Spawning Processes
+ *
+ * GLib supports spawning of processes with an API that is more
+ * convenient than the bare UNIX fork() and exec().
+ *
+ * The g_spawn family of functions has synchronous (g_spawn_sync())
+ * and asynchronous variants (g_spawn_async(), g_spawn_async_with_pipes()),
+ * as well as convenience variants that take a complete shell-like
+ * commandline (g_spawn_command_line_sync(), g_spawn_command_line_async()).
+ *
+ * See #GSubprocess in GIO for a higher-level API that provides
+ * stream interfaces for communication with child processes.
+ */
+
+
static gint g_execute (const gchar *file,
gchar **argv,
gchar **envp,
- gboolean search_path);
+ gboolean search_path,
+ gboolean search_path_from_envp);
-static gboolean make_pipe (gint p[2],
- GError **error);
static gboolean fork_exec_with_pipes (gboolean intermediate_child,
const gchar *working_directory,
gchar **argv,
gchar **envp,
gboolean close_descriptors,
gboolean search_path,
+ gboolean search_path_from_envp,
gboolean stdout_to_null,
gboolean stderr_to_null,
gboolean child_inherits_stdin,
gboolean file_and_argv_zero,
+ gboolean cloexec_pipes,
GSpawnChildSetupFunc child_setup,
gpointer user_data,
GPid *child_pid,
gint *standard_error,
GError **error);
-GQuark
-g_spawn_error_quark (void)
-{
- return g_quark_from_static_string ("g-exec-error-quark");
-}
+G_DEFINE_QUARK (g-exec-error-quark, g_spawn_error)
+G_DEFINE_QUARK (g-spawn-exit-error-quark, g_spawn_exit_error)
/**
* g_spawn_async:
* You should call g_spawn_close_pid() on the returned child process
* reference when you don't need it any more.
*
- * <note><para>
- * If you are writing a GTK+ application, and the program you
- * are spawning is a graphical application, too, then you may
- * want to use gdk_spawn_on_screen() instead to ensure that
- * the spawned program opens its windows on the right screen.
- * </para></note>
+ * If you are writing a GTK+ application, and the program you are
+ * spawning is a graphical application, too, then you may want to
+ * use gdk_spawn_on_screen() instead to ensure that the spawned program
+ * opens its windows on the right screen.
*
- * <note><para> Note that the returned @child_pid on Windows is a
- * handle to the child process and not its identifier. Process handles
- * and process identifiers are different concepts on Windows.
- * </para></note>
+ * Note that the returned @child_pid on Windows is a handle to the child
+ * process and not its identifier. Process handles and process identifiers
+ * are different concepts on Windows.
*
- * Return value: %TRUE on success, %FALSE if error is set
+ * Returns: %TRUE on success, %FALSE if error is set
**/
gboolean
g_spawn_async (const gchar *working_directory,
* on a file descriptor twice, and another thread has
* re-opened it since the first close)
*/
-static gint
+static void
close_and_invalidate (gint *fd)
{
- gint ret;
-
if (*fd < 0)
- return -1;
+ return;
else
{
- ret = close (*fd);
+ (void) g_close (*fd, NULL);
*fd = -1;
}
-
- return ret;
}
/* Some versions of OS X define READ_OK in public headers */
gint fd,
GError **error)
{
- gssize bytes;
- gchar buf[4096];
+ gssize bytes;
+ gchar buf[4096];
again:
-
bytes = read (fd, buf, 4096);
if (bytes == 0)
g_string_append_len (str, buf, bytes);
return READ_OK;
}
- else if (bytes < 0 && errno == EINTR)
+ else if (errno == EINTR)
goto again;
- else if (bytes < 0)
+ else
{
int errsv = errno;
G_SPAWN_ERROR_READ,
_("Failed to read data from child process (%s)"),
g_strerror (errsv));
-
+
return READ_FAILED;
}
- else
- return READ_OK;
}
/**
* @flags: flags from #GSpawnFlags
* @child_setup: (scope async) (allow-none): function to run in the child just before exec()
* @user_data: (closure): user data for @child_setup
- * @standard_output: (out) (array zero-terminated=1) (element-type uint8) (allow-none): return location for child output, or %NULL
- * @standard_error: (out) (array zero-terminated=1) (element-type uint8) (allow-none): return location for child error messages, or %NULL
+ * @standard_output: (out) (array zero-terminated=1) (element-type guint8) (allow-none): return location for child output, or %NULL
+ * @standard_error: (out) (array zero-terminated=1) (element-type guint8) (allow-none): return location for child error messages, or %NULL
* @exit_status: (out) (allow-none): return location for child exit status, as returned by waitpid(), or %NULL
* @error: return location for error, or %NULL
*
* if those parameters are non-%NULL. Note that you must set the
* %G_SPAWN_STDOUT_TO_DEV_NULL and %G_SPAWN_STDERR_TO_DEV_NULL flags when
* passing %NULL for @standard_output and @standard_error.
- * If @exit_status is non-%NULL, the exit status of the child is stored
- * there as it would be returned by waitpid(); standard UNIX macros such
- * as WIFEXITED() and WEXITSTATUS() must be used to evaluate the exit status.
- * Note that this function call waitpid() even if @exit_status is %NULL, and
- * does not accept the %G_SPAWN_DO_NOT_REAP_CHILD flag.
- * If an error occurs, no data is returned in @standard_output,
- * @standard_error, or @exit_status.
+ *
+ * If @exit_status is non-%NULL, the platform-specific exit status of
+ * the child is stored there; see the documentation of
+ * g_spawn_check_exit_status() for how to use and interpret this.
+ * Note that it is invalid to pass %G_SPAWN_DO_NOT_REAP_CHILD in
+ * @flags.
+ *
+ * If an error occurs, no data is returned in @standard_output,
+ * @standard_error, or @exit_status.
*
* This function calls g_spawn_async_with_pipes() internally; see that
* function for full details on the other parameters and details on
* how these functions work on Windows.
*
- * Return value: %TRUE on success, %FALSE if an error was set.
- **/
+ * Returns: %TRUE on success, %FALSE if an error was set
+ */
gboolean
g_spawn_sync (const gchar *working_directory,
gchar **argv,
envp,
!(flags & G_SPAWN_LEAVE_DESCRIPTORS_OPEN),
(flags & G_SPAWN_SEARCH_PATH) != 0,
+ (flags & G_SPAWN_SEARCH_PATH_FROM_ENVP) != 0,
(flags & G_SPAWN_STDOUT_TO_DEV_NULL) != 0,
(flags & G_SPAWN_STDERR_TO_DEV_NULL) != 0,
(flags & G_SPAWN_CHILD_INHERITS_STDIN) != 0,
(flags & G_SPAWN_FILE_AND_ARGV_ZERO) != 0,
+ (flags & G_SPAWN_CLOEXEC_PIPES) != 0,
child_setup,
user_data,
&pid,
NULL, NULL,
NULL /* no timeout */);
- if (ret < 0 && errno != EINTR)
+ if (ret < 0)
{
int errsv = errno;
+ if (errno == EINTR)
+ continue;
+
failed = TRUE;
g_set_error (error,
{
if (exit_status)
{
- g_warning ("In call to g_spawn_sync(), exit status of a child process was requested but SIGCHLD action was set to SIG_IGN and ECHILD was received by waitpid(), so exit status can't be returned. This is a bug in the program calling g_spawn_sync(); either don't request the exit status, or don't set the SIGCHLD action.");
+ g_warning ("In call to g_spawn_sync(), exit status of a child process was requested but ECHILD was received by waitpid(). Most likely the process is ignoring SIGCHLD, or some other thread is invoking waitpid() with a nonpositive first argument; either behavior can break applications that use g_spawn_sync either directly or indirectly.");
}
else
{
*
* Executes a child program asynchronously (your program will not
* block waiting for the child to exit). The child program is
- * specified by the only argument that must be provided, @argv. @argv
- * should be a %NULL-terminated array of strings, to be passed as the
- * argument vector for the child. The first string in @argv is of
- * course the name of the program to execute. By default, the name of
- * the program must be a full path; the <envar>PATH</envar> shell variable
- * will only be searched if you pass the %G_SPAWN_SEARCH_PATH flag.
+ * specified by the only argument that must be provided, @argv.
+ * @argv should be a %NULL-terminated array of strings, to be passed
+ * as the argument vector for the child. The first string in @argv
+ * is of course the name of the program to execute. By default, the
+ * name of the program must be a full path. If @flags contains the
+ * %G_SPAWN_SEARCH_PATH flag, the `PATH` environment variable is
+ * used to search for the executable. If @flags contains the
+ * %G_SPAWN_SEARCH_PATH_FROM_ENVP flag, the `PATH` variable from
+ * @envp is used to search for the executable. If both the
+ * %G_SPAWN_SEARCH_PATH and %G_SPAWN_SEARCH_PATH_FROM_ENVP flags
+ * are set, the `PATH` variable from @envp takes precedence over
+ * the environment variable.
+ *
+ * If the program name is not a full path and %G_SPAWN_SEARCH_PATH flag is not
+ * used, then the program will be run from the current directory (or
+ * @working_directory, if specified); this might be unexpected or even
+ * dangerous in some cases when the current directory is world-writable.
*
* On Windows, note that all the string or string vector arguments to
* this function and the other g_spawn*() functions are in UTF-8, the
* level wide character command line passed to the spawned program
* using the GetCommandLineW() function.
*
- * On Windows the low-level child process creation API
- * <function>CreateProcess()</function> doesn't use argument vectors,
- * but a command line. The C runtime library's
- * <function>spawn*()</function> family of functions (which
- * g_spawn_async_with_pipes() eventually calls) paste the argument
- * vector elements together into a command line, and the C runtime startup code
- * does a corresponding reconstruction of an argument vector from the
- * command line, to be passed to main(). Complications arise when you have
- * argument vector elements that contain spaces of double quotes. The
- * <function>spawn*()</function> functions don't do any quoting or
- * escaping, but on the other hand the startup code does do unquoting
- * and unescaping in order to enable receiving arguments with embedded
- * spaces or double quotes. To work around this asymmetry,
- * g_spawn_async_with_pipes() will do quoting and escaping on argument
- * vector elements that need it before calling the C runtime
+ * On Windows the low-level child process creation API CreateProcess()
+ * doesn't use argument vectors, but a command line. The C runtime
+ * library's spawn*() family of functions (which g_spawn_async_with_pipes()
+ * eventually calls) paste the argument vector elements together into
+ * a command line, and the C runtime startup code does a corresponding
+ * reconstruction of an argument vector from the command line, to be
+ * passed to main(). Complications arise when you have argument vector
+ * elements that contain spaces of double quotes. The spawn*() functions
+ * don't do any quoting or escaping, but on the other hand the startup
+ * code does do unquoting and unescaping in order to enable receiving
+ * arguments with embedded spaces or double quotes. To work around this
+ * asymmetry, g_spawn_async_with_pipes() will do quoting and escaping on
+ * argument vector elements that need it before calling the C runtime
* spawn() function.
*
* The returned @child_pid on Windows is a handle to the child
* identifiers are different concepts on Windows.
*
* @envp is a %NULL-terminated array of strings, where each string
- * has the form <literal>KEY=VALUE</literal>. This will become
- * the child's environment. If @envp is %NULL, the child inherits its
- * parent's environment.
+ * has the form `KEY=VALUE`. This will become the child's environment.
+ * If @envp is %NULL, the child inherits its parent's environment.
*
* @flags should be the bitwise OR of any flags you want to affect the
- * function's behaviour. The %G_SPAWN_DO_NOT_REAP_CHILD means that
- * the child will not automatically be reaped; you must use a
- * #GChildWatch source to be notified about the death of the child
- * process. Eventually you must call g_spawn_close_pid() on the
- * @child_pid, in order to free resources which may be associated
- * with the child process. (On Unix, using a #GChildWatch source is
- * equivalent to calling waitpid() or handling the %SIGCHLD signal
- * manually. On Windows, calling g_spawn_close_pid() is equivalent
- * to calling CloseHandle() on the process handle returned in
- * @child_pid).
+ * function's behaviour. The %G_SPAWN_DO_NOT_REAP_CHILD means that the
+ * child will not automatically be reaped; you must use a child watch to
+ * be notified about the death of the child process. Eventually you must
+ * call g_spawn_close_pid() on the @child_pid, in order to free
+ * resources which may be associated with the child process. (On Unix,
+ * using a child watch is equivalent to calling waitpid() or handling
+ * the %SIGCHLD signal manually. On Windows, calling g_spawn_close_pid()
+ * is equivalent to calling CloseHandle() on the process handle returned
+ * in @child_pid). See g_child_watch_add().
*
* %G_SPAWN_LEAVE_DESCRIPTORS_OPEN means that the parent's open file
- * descriptors will be inherited by the child; otherwise all
- * descriptors except stdin/stdout/stderr will be closed before
- * calling exec() in the child. %G_SPAWN_SEARCH_PATH
- * means that <literal>argv[0]</literal> need not be an absolute path, it
- * will be looked for in the user's <envar>PATH</envar>.
- * %G_SPAWN_STDOUT_TO_DEV_NULL means that the child's standard output will
- * be discarded, instead of going to the same location as the parent's
+ * descriptors will be inherited by the child; otherwise all descriptors
+ * except stdin/stdout/stderr will be closed before calling exec() in
+ * the child. %G_SPAWN_SEARCH_PATH means that @argv[0] need not be an
+ * absolute path, it will be looked for in the `PATH` environment
+ * variable. %G_SPAWN_SEARCH_PATH_FROM_ENVP means need not be an
+ * absolute path, it will be looked for in the `PATH` variable from
+ * @envp. If both %G_SPAWN_SEARCH_PATH and %G_SPAWN_SEARCH_PATH_FROM_ENVP
+ * are used, the value from @envp takes precedence over the environment.
+ * %G_SPAWN_STDOUT_TO_DEV_NULL means that the child's standard output
+ * will be discarded, instead of going to the same location as the parent's
* standard output. If you use this flag, @standard_output must be %NULL.
* %G_SPAWN_STDERR_TO_DEV_NULL means that the child's standard error
* will be discarded, instead of going to the same location as the parent's
* standard input (by default, the child's standard input is attached to
* /dev/null). If you use this flag, @standard_input must be %NULL.
* %G_SPAWN_FILE_AND_ARGV_ZERO means that the first element of @argv is
- * the file to execute, while the remaining elements are the
- * actual argument vector to pass to the file. Normally
- * g_spawn_async_with_pipes() uses @argv[0] as the file to execute, and
- * passes all of @argv to the child.
+ * the file to execute, while the remaining elements are the actual
+ * argument vector to pass to the file. Normally g_spawn_async_with_pipes()
+ * uses @argv[0] as the file to execute, and passes all of @argv to the child.
*
* @child_setup and @user_data are a function and user data. On POSIX
* platforms, the function is called in the child after GLib has
* performed all the setup it plans to perform (including creating
- * pipes, closing file descriptors, etc.) but before calling
- * exec(). That is, @child_setup is called just
- * before calling exec() in the child. Obviously
- * actions taken in this function will only affect the child, not the
- * parent.
+ * pipes, closing file descriptors, etc.) but before calling exec().
+ * That is, @child_setup is called just before calling exec() in the
+ * child. Obviously actions taken in this function will only affect
+ * the child, not the parent.
*
- * On Windows, there is no separate fork() and exec()
- * functionality. Child processes are created and run with a single
- * API call, CreateProcess(). There is no sensible thing @child_setup
+ * On Windows, there is no separate fork() and exec() functionality.
+ * Child processes are created and run with a single API call,
+ * CreateProcess(). There is no sensible thing @child_setup
* could be used for on Windows so it is ignored and not called.
*
* If non-%NULL, @child_pid will on Unix be filled with the child's
- * process ID. You can use the process ID to send signals to the
- * child, or to use g_child_watch_add() (or waitpid()) if you specified the
+ * process ID. You can use the process ID to send signals to the child,
+ * or to use g_child_watch_add() (or waitpid()) if you specified the
* %G_SPAWN_DO_NOT_REAP_CHILD flag. On Windows, @child_pid will be
* filled with a handle to the child process only if you specified the
* %G_SPAWN_DO_NOT_REAP_CHILD flag. You can then access the child
* process using the Win32 API, for example wait for its termination
- * with the <function>WaitFor*()</function> functions, or examine its
- * exit code with GetExitCodeProcess(). You should close the handle
- * with CloseHandle() or g_spawn_close_pid() when you no longer need it.
+ * with the WaitFor*() functions, or examine its exit code with
+ * GetExitCodeProcess(). You should close the handle with CloseHandle()
+ * or g_spawn_close_pid() when you no longer need it.
*
* If non-%NULL, the @standard_input, @standard_output, @standard_error
* locations will be filled with file descriptors for writing to the child's
* standard input or reading from its standard output or standard error.
* The caller of g_spawn_async_with_pipes() must close these file descriptors
- * when they are no longer in use. If these parameters are %NULL, the corresponding
- * pipe won't be created.
+ * when they are no longer in use. If these parameters are %NULL, the
+ * corresponding pipe won't be created.
*
* If @standard_input is NULL, the child's standard input is attached to
* /dev/null unless %G_SPAWN_CHILD_INHERITS_STDIN is set.
* is set.
*
* @error can be %NULL to ignore errors, or non-%NULL to report errors.
- * If an error is set, the function returns %FALSE. Errors
- * are reported even if they occur in the child (for example if the
- * executable in <literal>argv[0]</literal> is not found). Typically
- * the <literal>message</literal> field of returned errors should be displayed
- * to users. Possible errors are those from the #G_SPAWN_ERROR domain.
+ * If an error is set, the function returns %FALSE. Errors are reported
+ * even if they occur in the child (for example if the executable in
+ * @argv[0] is not found). Typically the `message` field of returned
+ * errors should be displayed to users. Possible errors are those from
+ * the #G_SPAWN_ERROR domain.
*
* If an error occurs, @child_pid, @standard_input, @standard_output,
* and @standard_error will not be filled with valid values.
* If @child_pid is not %NULL and an error does not occur then the returned
* process reference must be closed using g_spawn_close_pid().
*
- * <note><para>
* If you are writing a GTK+ application, and the program you
* are spawning is a graphical application, too, then you may
- * want to use gdk_spawn_on_screen_with_pipes() instead to ensure that
+ * want to use gdk_spawn_on_screen_with_pipes() instead to ensure that
* the spawned program opens its windows on the right screen.
- * </para></note>
*
- * Return value: %TRUE on success, %FALSE if an error was set
- **/
+ * Returns: %TRUE on success, %FALSE if an error was set
+ */
gboolean
g_spawn_async_with_pipes (const gchar *working_directory,
gchar **argv,
envp,
!(flags & G_SPAWN_LEAVE_DESCRIPTORS_OPEN),
(flags & G_SPAWN_SEARCH_PATH) != 0,
+ (flags & G_SPAWN_SEARCH_PATH_FROM_ENVP) != 0,
(flags & G_SPAWN_STDOUT_TO_DEV_NULL) != 0,
(flags & G_SPAWN_STDERR_TO_DEV_NULL) != 0,
(flags & G_SPAWN_CHILD_INHERITS_STDIN) != 0,
(flags & G_SPAWN_FILE_AND_ARGV_ZERO) != 0,
+ (flags & G_SPAWN_CLOEXEC_PIPES) != 0,
child_setup,
user_data,
child_pid,
/**
* g_spawn_command_line_sync:
* @command_line: a command line
- * @standard_output: (out) (array zero-terminated=1) (element-type uint8) (allow-none): return location for child output
- * @standard_error: (out) (array zero-terminated=1) (element-type uint8) (allow-none): return location for child errors
+ * @standard_output: (out) (array zero-terminated=1) (element-type guint8) (allow-none): return location for child output
+ * @standard_error: (out) (array zero-terminated=1) (element-type guint8) (allow-none): return location for child errors
* @exit_status: (out) (allow-none): return location for child exit status, as returned by waitpid()
* @error: return location for errors
*
* appropriate. Possible errors are those from g_spawn_sync() and those
* from g_shell_parse_argv().
*
- * If @exit_status is non-%NULL, the exit status of the child is stored there as
- * it would be returned by waitpid(); standard UNIX macros such as WIFEXITED()
- * and WEXITSTATUS() must be used to evaluate the exit status.
+ * If @exit_status is non-%NULL, the platform-specific exit status of
+ * the child is stored there; see the documentation of
+ * g_spawn_check_exit_status() for how to use and interpret this.
*
* On Windows, please note the implications of g_shell_parse_argv()
* parsing @command_line. Parsing is done according to Unix shell rules, not
* separator. You need to enclose such paths with single quotes, like
* "'c:\\program files\\app\\app.exe' 'e:\\folder\\argument.txt'".
*
- * Return value: %TRUE on success, %FALSE if an error was set
+ * Returns: %TRUE on success, %FALSE if an error was set
**/
gboolean
g_spawn_command_line_sync (const gchar *command_line,
*
* The same concerns on Windows apply as for g_spawn_command_line_sync().
*
- * Return value: %TRUE on success, %FALSE if error is set.
+ * Returns: %TRUE on success, %FALSE if error is set
**/
gboolean
g_spawn_command_line_async (const gchar *command_line,
return retval;
}
+/**
+ * g_spawn_check_exit_status:
+ * @exit_status: An exit code as returned from g_spawn_sync()
+ * @error: a #GError
+ *
+ * Set @error if @exit_status indicates the child exited abnormally
+ * (e.g. with a nonzero exit code, or via a fatal signal).
+ *
+ * The g_spawn_sync() and g_child_watch_add() family of APIs return an
+ * exit status for subprocesses encoded in a platform-specific way.
+ * On Unix, this is guaranteed to be in the same format waitpid() returns,
+ * and on Windows it is guaranteed to be the result of GetExitCodeProcess().
+ *
+ * Prior to the introduction of this function in GLib 2.34, interpreting
+ * @exit_status required use of platform-specific APIs, which is problematic
+ * for software using GLib as a cross-platform layer.
+ *
+ * Additionally, many programs simply want to determine whether or not
+ * the child exited successfully, and either propagate a #GError or
+ * print a message to standard error. In that common case, this function
+ * can be used. Note that the error message in @error will contain
+ * human-readable information about the exit status.
+ *
+ * The @domain and @code of @error have special semantics in the case
+ * where the process has an "exit code", as opposed to being killed by
+ * a signal. On Unix, this happens if WIFEXITED() would be true of
+ * @exit_status. On Windows, it is always the case.
+ *
+ * The special semantics are that the actual exit code will be the
+ * code set in @error, and the domain will be %G_SPAWN_EXIT_ERROR.
+ * This allows you to differentiate between different exit codes.
+ *
+ * If the process was terminated by some means other than an exit
+ * status, the domain will be %G_SPAWN_ERROR, and the code will be
+ * %G_SPAWN_ERROR_FAILED.
+ *
+ * This function just offers convenience; you can of course also check
+ * the available platform via a macro such as %G_OS_UNIX, and use
+ * WIFEXITED() and WEXITSTATUS() on @exit_status directly. Do not attempt
+ * to scan or parse the error message string; it may be translated and/or
+ * change in future versions of GLib.
+ *
+ * Returns: %TRUE if child exited successfully, %FALSE otherwise (and
+ * @error will be set)
+ *
+ * Since: 2.34
+ */
+gboolean
+g_spawn_check_exit_status (gint exit_status,
+ GError **error)
+{
+ gboolean ret = FALSE;
+
+ if (WIFEXITED (exit_status))
+ {
+ if (WEXITSTATUS (exit_status) != 0)
+ {
+ g_set_error (error, G_SPAWN_EXIT_ERROR, WEXITSTATUS (exit_status),
+ _("Child process exited with code %ld"),
+ (long) WEXITSTATUS (exit_status));
+ goto out;
+ }
+ }
+ else if (WIFSIGNALED (exit_status))
+ {
+ g_set_error (error, G_SPAWN_ERROR, G_SPAWN_ERROR_FAILED,
+ _("Child process killed by signal %ld"),
+ (long) WTERMSIG (exit_status));
+ goto out;
+ }
+ else if (WIFSTOPPED (exit_status))
+ {
+ g_set_error (error, G_SPAWN_ERROR, G_SPAWN_ERROR_FAILED,
+ _("Child process stopped by signal %ld"),
+ (long) WSTOPSIG (exit_status));
+ goto out;
+ }
+ else
+ {
+ g_set_error (error, G_SPAWN_ERROR, G_SPAWN_ERROR_FAILED,
+ _("Child process exited abnormally"));
+ goto out;
+ }
+
+ ret = TRUE;
+ out:
+ return ret;
+}
+
static gint
exec_err_to_g_error (gint en)
{
#ifdef E2BIG
case E2BIG:
- return G_SPAWN_ERROR_2BIG;
+ return G_SPAWN_ERROR_TOO_BIG;
break;
#endif
return ret;
}
+static gint
+sane_open (const char *path, gint mode)
+{
+ gint ret;
+
+ retry:
+ ret = open (path, mode);
+ if (ret < 0 && errno == EINTR)
+ goto retry;
+
+ return ret;
+}
+
enum
{
CHILD_CHDIR_FAILED,
gchar **envp,
gboolean close_descriptors,
gboolean search_path,
+ gboolean search_path_from_envp,
gboolean stdout_to_null,
gboolean stderr_to_null,
gboolean child_inherits_stdin,
{
/* Keep process from blocking on a read of stdin */
gint read_null = open ("/dev/null", O_RDONLY);
+ g_assert (read_null != -1);
sane_dup2 (read_null, 0);
close_and_invalidate (&read_null);
}
}
else if (stdout_to_null)
{
- gint write_null = open ("/dev/null", O_WRONLY);
+ gint write_null = sane_open ("/dev/null", O_WRONLY);
+ g_assert (write_null != -1);
sane_dup2 (write_null, 1);
close_and_invalidate (&write_null);
}
}
else if (stderr_to_null)
{
- gint write_null = open ("/dev/null", O_WRONLY);
+ gint write_null = sane_open ("/dev/null", O_WRONLY);
sane_dup2 (write_null, 2);
close_and_invalidate (&write_null);
}
g_execute (argv[0],
file_and_argv_zero ? argv + 1 : argv,
- envp, search_path);
+ envp, search_path, search_path_from_envp);
/* Exec failed */
write_err_and_exit (child_err_report_fd,
gchar **envp,
gboolean close_descriptors,
gboolean search_path,
+ gboolean search_path_from_envp,
gboolean stdout_to_null,
gboolean stderr_to_null,
gboolean child_inherits_stdin,
gboolean file_and_argv_zero,
+ gboolean cloexec_pipes,
GSpawnChildSetupFunc child_setup,
gpointer user_data,
GPid *child_pid,
gint stderr_pipe[2] = { -1, -1 };
gint child_err_report_pipe[2] = { -1, -1 };
gint child_pid_report_pipe[2] = { -1, -1 };
+ guint pipe_flags = cloexec_pipes ? FD_CLOEXEC : 0;
gint status;
- if (!make_pipe (child_err_report_pipe, error))
+ if (!g_unix_open_pipe (child_err_report_pipe, pipe_flags, error))
return FALSE;
- if (intermediate_child && !make_pipe (child_pid_report_pipe, error))
+ if (intermediate_child && !g_unix_open_pipe (child_pid_report_pipe, pipe_flags, error))
goto cleanup_and_fail;
- if (standard_input && !make_pipe (stdin_pipe, error))
+ if (standard_input && !g_unix_open_pipe (stdin_pipe, pipe_flags, error))
goto cleanup_and_fail;
- if (standard_output && !make_pipe (stdout_pipe, error))
+ if (standard_output && !g_unix_open_pipe (stdout_pipe, pipe_flags, error))
goto cleanup_and_fail;
- if (standard_error && !make_pipe (stderr_pipe, error))
+ if (standard_error && !g_unix_open_pipe (stderr_pipe, FD_CLOEXEC, error))
goto cleanup_and_fail;
pid = fork ();
/* Immediate child. This may or may not be the child that
* actually execs the new process.
*/
+
+ /* Reset some signal handlers that we may use */
+ signal (SIGCHLD, SIG_DFL);
+ signal (SIGINT, SIG_DFL);
+ signal (SIGTERM, SIG_DFL);
+ signal (SIGHUP, SIG_DFL);
/* Be sure we crash if the parent exits
* and we write to the err_report_pipe
}
else if (grandchild_pid == 0)
{
+ close_and_invalidate (&child_pid_report_pipe[1]);
do_exec (child_err_report_pipe[1],
stdin_pipe[0],
stdout_pipe[1],
envp,
close_descriptors,
search_path,
+ search_path_from_envp,
stdout_to_null,
stderr_to_null,
child_inherits_stdin,
envp,
close_descriptors,
search_path,
+ search_path_from_envp,
stdout_to_null,
stderr_to_null,
child_inherits_stdin,
return FALSE;
}
-static gboolean
-make_pipe (gint p[2],
- GError **error)
-{
- if (pipe (p) < 0)
- {
- gint errsv = errno;
- g_set_error (error,
- G_SPAWN_ERROR,
- G_SPAWN_ERROR_FAILED,
- _("Failed to create pipe for communicating with child process (%s)"),
- g_strerror (errsv));
- return FALSE;
- }
- else
- return TRUE;
-}
-
/* Based on execvp from GNU C Library */
static void
script_execute (const gchar *file,
gchar **argv,
- gchar **envp,
- gboolean search_path)
+ gchar **envp)
{
/* Count the arguments. */
int argc = 0;
g_execute (const gchar *file,
gchar **argv,
gchar **envp,
- gboolean search_path)
+ gboolean search_path,
+ gboolean search_path_from_envp)
{
if (*file == '\0')
{
return -1;
}
- if (!search_path || strchr (file, '/') != NULL)
+ if (!(search_path || search_path_from_envp) || strchr (file, '/') != NULL)
{
/* Don't search when it contains a slash. */
if (envp)
execv (file, argv);
if (errno == ENOEXEC)
- script_execute (file, argv, envp, FALSE);
+ script_execute (file, argv, envp);
}
else
{
gsize len;
gsize pathlen;
- path = g_getenv ("PATH");
+ path = NULL;
+ if (search_path_from_envp)
+ path = g_environ_getenv (envp, "PATH");
+ if (search_path && path == NULL)
+ path = g_getenv ("PATH");
+
if (path == NULL)
{
- /* There is no `PATH' in the environment. The default
+ /* There is no 'PATH' in the environment. The default
* search path in libc is the current directory followed by
- * the path `confstr' returns for `_CS_PATH'.
+ * the path 'confstr' returns for '_CS_PATH'.
*/
/* In GLib we put . last, for security, and don't use the
if (p == path)
/* Two adjacent colons, or a colon at the beginning or the end
- * of `PATH' means to search the current directory.
+ * of 'PATH' means to search the current directory.
*/
startp = name + 1;
else
execv (startp, argv);
if (errno == ENOEXEC)
- script_execute (startp, argv, envp, search_path);
+ script_execute (startp, argv, envp);
switch (errno)
{
case EACCES:
- /* Record the we got a `Permission denied' error. If we end
+ /* Record the we got a 'Permission denied' error. If we end
* up finding no executable we can use, we want to diagnose
* that we did find one but were denied access.
*/
*/
break;
+ case ENODEV:
+ case ETIMEDOUT:
+ /* Some strange filesystems like AFS return even
+ * stranger error numbers. They cannot reasonably mean anything
+ * else so ignore those, too.
+ */
+ break;
+
default:
/* Some other error means we found an executable file, but
* something went wrong executing it; return the error to our