Pull request: 2231 autoupdate
Merge in DNS/adguard-home from 2231-autoupdate to master Updates #2231. Squashed commit of the following: commit 4ee9148ee7a38f2759898302a2109aa982fb4ee9 Author: Eugene Burkov <e.burkov@adguard.com> Date: Mon Nov 30 19:08:14 2020 +0300 sysutil: provide os-independent interface commit 778097c5fdeb1dec94f4cfc6443d08f92d9db0ba Author: Eugene Burkov <e.burkov@adguard.com> Date: Mon Nov 30 16:40:33 2020 +0300 all: add sysutil package
This commit is contained in:
Eugene Burkov
32
internal/sysutil/os_freebsd.go
Normal file
32
internal/sysutil/os_freebsd.go
Normal file
@@ -0,0 +1,32 @@
|
||||
//+build freebsd
|
||||
|
||||
package sysutil
|
||||
|
||||
import (
|
||||
"os"
|
||||
"syscall"
|
||||
|
||||
"github.com/AdguardTeam/golibs/log"
|
||||
)
|
||||
|
||||
func canBindPrivilegedPorts() (can bool, err error) {
|
||||
return HaveAdminRights()
|
||||
}
|
||||
|
||||
func setRlimit(val uint) {
|
||||
var rlim syscall.Rlimit
|
||||
rlim.Max = int64(val)
|
||||
rlim.Cur = int64(val)
|
||||
err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlim)
|
||||
if err != nil {
|
||||
log.Error("Setrlimit() failed: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
func haveAdminRights() (bool, error) {
|
||||
return os.Getuid() == 0, nil
|
||||
}
|
||||
|
||||
func sendProcessSignal(pid int, sig syscall.Signal) error {
|
||||
return syscall.Kill(pid, sig)
|
||||
}
|
||||
34
internal/sysutil/os_linux.go
Normal file
34
internal/sysutil/os_linux.go
Normal file
@@ -0,0 +1,34 @@
|
||||
//+build linux
|
||||
|
||||
package sysutil
|
||||
|
||||
import (
|
||||
"os"
|
||||
"syscall"
|
||||
|
||||
"github.com/AdguardTeam/golibs/log"
|
||||
"golang.org/x/sys/unix"
|
||||
)
|
||||
|
||||
func canBindPrivilegedPorts() (can bool, err error) {
|
||||
cnbs, err := unix.PrctlRetInt(unix.PR_CAP_AMBIENT, unix.PR_CAP_AMBIENT_IS_SET, unix.CAP_NET_BIND_SERVICE, 0, 0)
|
||||
return cnbs == 1, err
|
||||
}
|
||||
|
||||
func setRlimit(val uint) {
|
||||
var rlim syscall.Rlimit
|
||||
rlim.Max = uint64(val)
|
||||
rlim.Cur = uint64(val)
|
||||
err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlim)
|
||||
if err != nil {
|
||||
log.Error("Setrlimit() failed: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
func haveAdminRights() (bool, error) {
|
||||
return os.Getuid() == 0, nil
|
||||
}
|
||||
|
||||
func sendProcessSignal(pid int, sig syscall.Signal) error {
|
||||
return syscall.Kill(pid, sig)
|
||||
}
|
||||
32
internal/sysutil/os_unix.go
Normal file
32
internal/sysutil/os_unix.go
Normal file
@@ -0,0 +1,32 @@
|
||||
//+build aix darwin dragonfly netbsd openbsd solaris
|
||||
|
||||
package sysutil
|
||||
|
||||
import (
|
||||
"os"
|
||||
"syscall"
|
||||
|
||||
"github.com/AdguardTeam/golibs/log"
|
||||
)
|
||||
|
||||
func canBindPrivilegedPorts() (can bool, err error) {
|
||||
return HaveAdminRights()
|
||||
}
|
||||
|
||||
func setRlimit(val uint) {
|
||||
var rlim syscall.Rlimit
|
||||
rlim.Max = uint64(val)
|
||||
rlim.Cur = uint64(val)
|
||||
err := syscall.Setrlimit(syscall.RLIMIT_NOFILE, &rlim)
|
||||
if err != nil {
|
||||
log.Error("Setrlimit() failed: %v", err)
|
||||
}
|
||||
}
|
||||
|
||||
func haveAdminRights() (bool, error) {
|
||||
return os.Getuid() == 0, nil
|
||||
}
|
||||
|
||||
func sendProcessSignal(pid int, sig syscall.Signal) error {
|
||||
return syscall.Kill(pid, sig)
|
||||
}
|
||||
42
internal/sysutil/os_windows.go
Normal file
42
internal/sysutil/os_windows.go
Normal file
@@ -0,0 +1,42 @@
|
||||
//+build windows
|
||||
|
||||
package sysutil
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"syscall"
|
||||
|
||||
"golang.org/x/sys/windows"
|
||||
)
|
||||
|
||||
func canBindPrivilegedPorts() (can bool, err error) {
|
||||
return HaveAdminRights()
|
||||
}
|
||||
|
||||
func setRlimit(val uint) {
|
||||
}
|
||||
|
||||
func haveAdminRights() (bool, error) {
|
||||
var token windows.Token
|
||||
h := windows.CurrentProcess()
|
||||
err := windows.OpenProcessToken(h, windows.TOKEN_QUERY, &token)
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
||||
info := make([]byte, 4)
|
||||
var returnedLen uint32
|
||||
err = windows.GetTokenInformation(token, windows.TokenElevation, &info[0], uint32(len(info)), &returnedLen)
|
||||
token.Close()
|
||||
if err != nil {
|
||||
return false, err
|
||||
}
|
||||
if info[0] == 0 {
|
||||
return false, nil
|
||||
}
|
||||
return true, nil
|
||||
}
|
||||
|
||||
func sendProcessSignal(pid int, sig syscall.Signal) error {
|
||||
return fmt.Errorf("not supported on Windows")
|
||||
}
|
||||
17
internal/sysutil/syslog_others.go
Normal file
17
internal/sysutil/syslog_others.go
Normal file
@@ -0,0 +1,17 @@
|
||||
//+build !windows,!nacl,!plan9
|
||||
|
||||
package sysutil
|
||||
|
||||
import (
|
||||
"log"
|
||||
"log/syslog"
|
||||
)
|
||||
|
||||
func configureSyslog(serviceName string) error {
|
||||
w, err := syslog.New(syslog.LOG_NOTICE|syslog.LOG_USER, serviceName)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
log.SetOutput(w)
|
||||
return nil
|
||||
}
|
||||
41
internal/sysutil/syslog_windows.go
Normal file
41
internal/sysutil/syslog_windows.go
Normal file
@@ -0,0 +1,41 @@
|
||||
//+build windows nacl plan9
|
||||
|
||||
package sysutil
|
||||
|
||||
import (
|
||||
"log"
|
||||
"strings"
|
||||
|
||||
"golang.org/x/sys/windows"
|
||||
"golang.org/x/sys/windows/svc/eventlog"
|
||||
)
|
||||
|
||||
type eventLogWriter struct {
|
||||
el *eventlog.Log
|
||||
}
|
||||
|
||||
// Write implements io.Writer interface for eventLogWriter.
|
||||
func (w *eventLogWriter) Write(b []byte) (int, error) {
|
||||
return len(b), w.el.Info(1, string(b))
|
||||
}
|
||||
|
||||
func configureSyslog(serviceName string) error {
|
||||
// Note that the eventlog src is the same as the service name
|
||||
// Otherwise, we will get "the description for event id cannot be found" warning in every log record
|
||||
|
||||
// Continue if we receive "registry key already exists" or if we get
|
||||
// ERROR_ACCESS_DENIED so that we can log without administrative permissions
|
||||
// for pre-existing eventlog sources.
|
||||
if err := eventlog.InstallAsEventCreate(serviceName, eventlog.Info|eventlog.Warning|eventlog.Error); err != nil {
|
||||
if !strings.Contains(err.Error(), "registry key already exists") && err != windows.ERROR_ACCESS_DENIED {
|
||||
return err
|
||||
}
|
||||
}
|
||||
el, err := eventlog.Open(serviceName)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
log.SetOutput(&eventLogWriter{el: el})
|
||||
return nil
|
||||
}
|
||||
31
internal/sysutil/sysutil.go
Normal file
31
internal/sysutil/sysutil.go
Normal file
@@ -0,0 +1,31 @@
|
||||
// Package sysutil contains utilities for functions requiring system calls.
|
||||
package sysutil
|
||||
|
||||
import "syscall"
|
||||
|
||||
// CanBindPrivilegedPorts checks if current process can bind to privileged
|
||||
// ports.
|
||||
func CanBindPrivilegedPorts() (can bool, err error) {
|
||||
return canBindPrivilegedPorts()
|
||||
}
|
||||
|
||||
// SetRlimit sets user-specified limit of how many fd's we can use
|
||||
// https://github.com/AdguardTeam/AdGuardHome/internal/issues/659.
|
||||
func SetRlimit(val uint) {
|
||||
setRlimit(val)
|
||||
}
|
||||
|
||||
// HaveAdminRights checks if the current user has root (administrator) rights.
|
||||
func HaveAdminRights() (bool, error) {
|
||||
return haveAdminRights()
|
||||
}
|
||||
|
||||
// SendProcessSignal sends signal to a process.
|
||||
func SendProcessSignal(pid int, sig syscall.Signal) error {
|
||||
return sendProcessSignal(pid, sig)
|
||||
}
|
||||
|
||||
// ConfigureSyslog reroutes standard logger output to syslog.
|
||||
func ConfigureSyslog(serviceName string) error {
|
||||
return configureSyslog(serviceName)
|
||||
}
|
||||
Reference in New Issue
Block a user