LOG_I(
"Jail parameters: hostname:'%s', chroot:'%s', process:'%s', bind:[%s]:%d, "
- "max_conns_per_ip:%u, time_limit:%ld, personality:%#lx, daemonize:%s, clone_newnet:%s, "
+ "max_conns_per_ip:%u, time_limit:%" PRId64 " , personality:%#lx, daemonize:%s, clone_newnet:%s, "
"clone_newuser:%s, clone_newns:%s, clone_newpid:%s, clone_newipc:%s, clonew_newuts:%s, "
"clone_newcgroup:%s, keep_caps:%s, disable_no_new_privs:%s, max_cpus:%zu",
nsjconf->hostname.c_str(), nsjconf->chroot.c_str(),
errno = 0;
uint64_t val = strtoull(optarg, NULL, 0);
if (val == ULLONG_MAX && errno != 0) {
- PLOG_F("strtoul('%s', 0)", optarg);
+ PLOG_F("strtoull('%s', 0)", optarg);
}
return val * mul;
}
nsjconf->chroot = optarg;
break;
case 'p':
- nsjconf->port = strtoul(optarg, NULL, 0);
+ nsjconf->port = strtoumax(optarg, NULL, 0);
nsjconf->mode = MODE_LISTEN_TCP;
break;
case 0x604:
nsjconf->logfile = optarg;
break;
case 'L':
- nsjconf->logfile = "/dev/fd/" + std::to_string(strtol(optarg, NULL, 10));
+ nsjconf->logfile = "/dev/fd/" + std::to_string(strtoimax(optarg, NULL, 10));
break;
case 'd':
nsjconf->daemonize = true;
nsjconf->keep_env = true;
break;
case 't':
- nsjconf->tlimit = strtol(optarg, NULL, 0);
+ nsjconf->tlimit = (uint64_t)strtoull(optarg, NULL, 0);
break;
case 'h': /* help */
cmdlineUsage(argv[0]);
continue;
}
errno = 0;
- long fd = strtol(entry->d_name, NULL, 10);
- if (fd == LONG_MAX && errno != 0) {
+ int fd = strtoimax(entry->d_name, NULL, 10);
+ if (errno != 0) {
PLOG_W("Cannot convert /proc/self/fd/%s to a number", entry->d_name);
continue;
}
int flags = TEMP_FAILURE_RETRY(fcntl(fd, F_GETFD, 0));
if (flags == -1) {
- PLOG_D("fcntl(fd=%ld, F_GETFD, 0)", fd);
+ PLOG_D("fcntl(fd=%xld, F_GETFD, 0)", fd);
closedir(dir);
return false;
}
if (containPassFd(nsjconf, fd)) {
- LOG_D("FD=%ld will be passed to the child process", fd);
+ LOG_D("FD=%d will be passed to the child process", fd);
if (TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD, flags & ~(FD_CLOEXEC))) == -1) {
- PLOG_E("Could not clear FD_CLOEXEC for FD=%ld", fd);
+ PLOG_E("Could not clear FD_CLOEXEC for FD=%d", fd);
closedir(dir);
return false;
}
} else {
- LOG_D("FD=%ld will be closed before execve()", fd);
+ LOG_D("FD=%d will be closed before execve()", fd);
if (TEMP_FAILURE_RETRY(fcntl(fd, F_SETFD, flags | FD_CLOEXEC)) == -1) {
- PLOG_E("Could not set FD_CLOEXEC for FD=%ld", fd);
+ PLOG_E("Could not set FD_CLOEXEC for FD=%d", fd);
closedir(dir);
return false;
}
std::string logfile;
logs::llevel_t loglevel;
bool daemonize;
- time_t tlimit;
+ uint64_t tlimit;
size_t max_cpus;
bool keep_env;
bool keep_caps;
time_t now = time(NULL);
for (const auto& pid : nsjconf->pids) {
time_t diff = now - pid.start;
- time_t left = nsjconf->tlimit ? nsjconf->tlimit - diff : 0;
- LOG_I("PID: %d, Remote host: %s, Run time: %ld sec. (time left: %ld sec.)", pid.pid,
- pid.remote_txt.c_str(), (long)diff, (long)left);
+ uint64_t left = nsjconf->tlimit ? nsjconf->tlimit - (uint64_t)diff : 0;
+ LOG_I("PID: %d, Remote host: %s, Run time: %ld sec. (time left: %" PRId64 " sec.)", pid.pid,
+ pid.remote_txt.c_str(), (long)diff, left);
}
}
}
pid_t pid = p.pid;
time_t diff = now - p.start;
- if (diff >= nsjconf->tlimit) {
- LOG_I("PID: %d run time >= time limit (%ld >= %ld) (%s). Killing it", pid,
+ if ((uint64_t)diff >= nsjconf->tlimit) {
+ LOG_I("PID: %d run time >= time limit (%ld >= %" PRId64 ") (%s). Killing it", pid,
(long)diff, (long)nsjconf->tlimit, p.remote_txt.c_str());
/*
* Probably a kernel bug - some processes cannot be killed with KILL if
return pw->pw_uid;
}
if (util::isANumber(id.c_str())) {
- return (uid_t)strtoull(id.c_str(), NULL, 0);
+ return (uid_t)strtoimax(id.c_str(), NULL, 0);
}
return (uid_t)-1;
}
return gr->gr_gid;
}
if (util::isANumber(id.c_str())) {
- return (gid_t)strtoull(id.c_str(), NULL, 0);
+ return (gid_t)strtoimax(id.c_str(), NULL, 0);
}
return (gid_t)-1;
}
projects / platform / upstream / nsjail.git / commitdiff