Commit graph

81 commits

Author SHA1 Message Date
Ashod Nakashian
693ac2fa52 wsd: logs and const
Change-Id: Id7e4f81ab9709b62eddfa747479ab593a5ad45a2
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
2020-12-22 11:24:13 -05:00
Jan Holesovsky
c44609532a Root actually has all the capabilities.
Signed-off-by: Jan Holesovsky <kendy@collabora.com>
Change-Id: If49be334cb1380daf1eaf24c7007f1b004754304
2020-12-18 23:15:57 +01:00
Gökay Şatır
cdd10066df AdminConsole: Additional changes based on reviews.
Change-Id: I277d9179a84dc34aae9770a07a3a72d35a24a0a6
Signed-off-by: Gökay Şatır <gokaysatir@collabora.com>
2020-12-07 17:30:51 -05:00
Gökay Şatır
b51413c0a0 Admin console: Cosmetic changes and documentation.
Change-Id: I977b5bc56f44c44b8bedf9f9bd710e7050fe67ff
Signed-off-by: Gökay Şatır <gokaysatir@collabora.com>
2020-12-07 17:30:51 -05:00
Gökay Şatır
ace1c23a99 Admin console log levels.
Now chosen log level is propagated to forkit and kits.
Also, admin console users can filter logs according to their channel names on client side.

Change-Id: Ife15a6148ed87533b81e9d63da252c633e74e559
Signed-off-by: Gökay Şatır <gokaysatir@collabora.com>
2020-12-07 17:30:51 -05:00
Jan Holesovsky
d9708437b2 Compare string the c++ way + clarify the message for the user.
Signed-off-by: Jan Holesovsky <kendy@collabora.com>
Change-Id: I32c4667380301853b1a89b35fc0480849f75b14c
2020-11-30 11:24:31 +01:00
Ashod Nakashian
1f24489db6 wsd: retry jail cleanup if it fails
It is possible for the jail directory cleanup
to fail, if there are still references to at
least one file in the jail. In those cases we
keep the jail path around so we can retry the
next time we cleanup a jail. This reduces
the chance of leaking jails until restarting
the service.

Change-Id: If6116ef598afc91063de71c66870bd6426a971ba
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
2020-11-19 10:12:38 +00:00
Gleb Popov
7553c1f2fb ForKit.cpp: Implement haveCorrectCapabilities() for FreeBSD by checking that
we are running as root.

Change-Id: I1aa1cfe92e25f754b7a9dd5e658f00d05346f38c
Signed-off-by: Gleb Popov <6yearold@gmail.com>
2020-11-16 14:02:23 +00:00
Andras Timar
0002fdfd6c fix license headers
Change-Id: I8623770b32d278a45357dc7f757fabfadd2b4af7
2020-10-01 11:56:43 +02:00
Ashod Nakashian
29a5a1f1e9 wsd: move jail setup to the script to support readonly systemplate
We now gracefully fallback to copying when/if systemplate
is readonly.

The bulk of the change is to support proper cleanup in
both cases.

First, we had to move as much of the jail bootstrapping
into the loolwsd-systemplate-setup script, so systemplate
will be as complete as possible before it is locked down.
Next, we needed to update the jail with graceful fallback
to linking/copying upon failure. For that, the jail setup
logic in Kit.cpp has been reworked to support not just
update failures, but also more comprehensive mounting
failures as well.

Finally, jail cleanup now is seamless. To support proper
cleanup when we had mounting enabled but had to fallback,
we mark jails that aren't mounted so we can 'rm -rf' the
contents safely and without fear or causing undue damage
(as unlikely as that is, technically we wouldn't want to
rm systemplate files, if mounting read-only had failed).

There are a few minor refactorings of JailUtil to make
it cleaner and more robust.

Change-Id: Iac34869cb84f45acf64fbbc46d46898367b496d2
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/101260
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
2020-08-25 07:58:30 +02:00
Michael Meeks
ca5d5943e4 Kit: add initial state dumping on USR1.
Change-Id: I8225f686e8678c08e505490df056904fc813d2fe
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/98927
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-07-18 18:21:14 +02:00
Michael Meeks
6ca6a7649e Forkit: add dump_forkit_state and re-factor state checks to simplify.
Change-Id: Ic65bbd0894f26f69e1b55c769ac47013f9aaf163
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/98746
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-07-14 17:28:32 +02:00
Tor Lillqvist
3edc4d2201 Move the setupKitEnvironment() function into a file of its own
A small re-factoring to help planned re-plumbing of the iOS app.

Change-Id: I21f09216a7c5adf965179765a75f5a0d521cd7f3
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/97771
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Tor Lillqvist <tml@collabora.com>
2020-07-03 08:40:49 +02:00
Ashod Nakashian
5c9988f2e3 wsd: faster jail setup via bind-mount
loolmount now works and supports mounting and
unmounting, plus numerous improvements,
refactoring, logging, etc..  When enabled,
binding improves the jail setup time by anywhere
from 2x to orders of magnitude (in docker, f.e.).

A new config entry mount_jail_tree controls
whether mounting is used or the old method of
linking/copying of jail contents. It is set to
true by default and falls back to linking/copying.
A test mount is done when the setting is enabled,
and if mounting fails, it's disabled to avoid noise.

Temporarily disabled for unit-tests until we can
cleanup lingering mounts after Jenkins aborts our
build job. In a future patch we will have mount/jail
cleanup as part of make.

The network/system files in /etc that need frequent
refreshing are now updated in systemplate to make
their most recent version available in the jails.
These files can change during the course of loolwsd
lifetime, and are unlikely to be updated in
systemplate after installation at all. We link to
them in the systemplate/etc directory, and if that
fails, we copy them before forking each kit
instance to have the latest.

This reworks the approach used to bind-mount the
jails and the templates such that the total is
now down to only three mounts: systemplate, lo, tmp.

As now systemplate and lotemplate are shared, they
must be mounted as readonly, this means that user/
must now be moved into tmp/user/ which is writable.

The mount-points must be recursive, because we mount
lo/ within the mount-point of systemplate (which is
the root of the jail). But because we (re)bind
recursively, and because both systemplate and
lotemplate are mounted for each jails, we need to
make them unbindable, so they wouldn't multiply the
mount-points for each jails (an explosive growth!)
Contrarywise, we don't want the mount-points to
be shared, because we don't expect to add/remove
mounts after a jail is created.

The random temp directory is now created and set
correctly, plus many logging and other improvements.

Change-Id: Iae3fda5e876cf47d2cae6669a87b5b826a8748df
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92829
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
2020-07-01 05:42:43 +02:00
Szymon Kłos
11965d083e notebookbar: early init
- read settings from loolwsd.xml
- in case of notebookbar activated send :notebookbar parameter
- for mobile apps I left empty parameter in setupKitEnvironment calls

Change-Id: I5813589564b37eecc1e77c5d0eb737eca5f92f04
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/97233
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Szymon Kłos <szymon.klos@collabora.com>
2020-06-30 08:15:25 +02:00
Ashod Nakashian
d2d0492245 wsd: move LOOLProtocol::tokenize to Util::tokenize
The tokenizer(s) are more generic than the protocol
logic, and are used from contexts that don't involve
the protocol as such.

Change-Id: Ie8c256bf11a91e466bff794021f41603c9596a7f
2020-06-02 18:03:36 +01:00
Ashod Nakashian
224ef08c7f wsd: single-char string literals -> char
More readable and typically more efficient.

Change-Id: I9bd5bfc91f4ac255bb8ae0987708fb8b56b398f8
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/95285
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
2020-06-02 01:31:26 +02:00
Pranam Lashkari
8b349716eb killpoco: removed Poco::Process completely
Change-Id: Iba67abf9342c11517c69c1d94903bf4752aa87d6
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/83770
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
2020-04-29 14:27:54 +02:00
Pranam Lashkari
b67b335b50 killpoco: Removed Poco::Thread::sleep
Replaced method with std::this_thread::sleep_for

Change-Id: I26e37475d67816e4f1d68d222b1c067107c27b05
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/83200
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
2020-04-29 10:28:53 +02:00
Jan Holesovsky
eb88cb485c Allow running the production build under a non-lool user when necessary.
But it is insecure, so warn about that.

Change-Id: I151be64f53521e217a5498c0531c9ef2ff8db818
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92822
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
2020-04-24 20:58:43 +02:00
Tor Lillqvist
378a2b5295 Bin a couple of unintentionally committed LOG_TRC() calls
Change-Id: Ieadc06a38d71aed723191f1738f8f39154978091
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92476
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Tor Lillqvist <tml@collabora.com>
2020-04-18 16:35:15 +02:00
Tor Lillqvist
4eb598711c Use #pragma once
LibreOffice core uses that, too, and we support an even more
restricted set of compilers.

Change-Id: I0d0e2c8608e323eb5ef0f35ee8c46d02ab49a745
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92467
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Tor Lillqvist <tml@collabora.com>
2020-04-18 15:00:18 +02:00
Michael Meeks
a7dc2d1467 kill IoUtil - obsolete & unused.
The switch away from LOOLWebSocket and the use of a websocket
for talking to forkit removes the need for the pipe code.

Change-Id: Ifb0c6c88681289e7a1709d9bc3281532935c7be4
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92033
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-04-10 16:38:25 +02:00
Michael Meeks
28a9c4dc05 Poll - cleanup method naming, and fix merge issues.
This mends several problems from commit
5710c86323.

Change-Id: I1b29f29ca81679608a2692488fa1ef22b2e62dfd
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92032
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-04-10 13:58:00 +02:00
Michael Meeks
5710c86323 Poll - switch to ppoll for closer to microsecond accuracy.
Change-Id: Ib8a2bb6f60302df8631edadbbb8db626894c457c
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92000
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-04-10 10:06:23 +02:00
Gabriel Masei
0ac330f599 Add segmentation fault metric for Kit processes
Change-Id: Ifb0de004274213ef512f601e4419f98f456c7288
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91857
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-04-08 15:06:39 +02:00
Gabriel Masei
70af76e28c Replaced pipe with websocket based on Unix socket in communication with ForKit
Change-Id: I80f1a4e84ca6820503966a8ee5d9958a150eac14
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91585
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-04-07 15:04:47 +02:00
Miklos Vajna
a7d3efdd4e Introduce StringVector::equals()
Allows comparing tokens with C strings without a heap allocation. Do the
same when comparing two tokens from two different StringVectors.

And use it at all places where operator ==() has an argument, which is a
StringVector::operator []() result.

Change-Id: Id36eff96767ab99b235ecbd12fb14446a3efa869
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/90201
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
2020-03-09 09:46:33 +01:00
Henry Castro
7ba4e9dd23 wsd: debug: run the server with a single "lokit" process
Sometimes it is very useful to have one "lokit" process,
to focus on a 100% reproducible bug, and not worry
that server pre-spawn several processes.

Change-Id: I414a8145b53a0601a282cba9c245833f5d07f404
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89999
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Henry Castro <hcastro@collabora.com>
2020-03-06 13:37:53 +01:00
Miklos Vajna
547f9ea731 Rework StringVector to have a single underlying string
This is meant to reduce lots of small allocations and instead have
pointers into the single string for the various tokens instead.

This has a few requirements, though:

1) It's no longer OK to modify the tokens, changing their length would
invalidate the start/length of other tokens. Rework
DocumentBroker::load() to avoid such mutation.

2) The iterators no longer expose zero-terminated strings, so
Poco::cat() doesn't work anymore: add an own cat() instead and use that
in e.g. ChildSession. The own cat() has the benefit that it won't read
past the end of the array if the begin index is out of bounds to add
more safety.

(This nicely works towards killing Poco usage in general.)

3) If zero-terminated strings for all individual tokens is needed, a
copy has to be made, as done in spawnProcess().

(For all of these requirements, the build fails if there are problems.)

Change-Id: Iea40e4400e630b2d669f5c72aea85cb40edf9a2c
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89711
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
2020-02-28 18:31:37 +01:00
Miklos Vajna
b8bd1990aa Rework LOOLProtocol::tokenize() to return a StringVector object
The bulk of this commit just changes std::vector<std::string> to
StringVector when we deal with tokens from a websocket message.

The less boring part of it is the new StringVector class, which is a
wrapper around std::vector<std::string>, and provides the same API,
except that operator[] returns a string, not a string&, and this allows
returning an empty string in case that prevents reading past the end of
the underlying array.

This means in case client code forgets to check size() before invoking
operator[], we don't crash. (See the ~3 previous commits which fixed
such crashes.)

Later the ctor could be changed to take a single underlying string to
avoid lots of tiny allocations, that's not yet done in this commit.

Change-Id: I8a6082143a8ac0b65824f574b32104d7889c184f
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89687
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-02-28 16:07:56 +01:00
Michael Meeks
6bdf561049 Share the Kit environment setup code.
Particularly configuration layers so we can tweak mobile config
easily.

Add core source files from configmgr for breakpointing convenience in
the iOS project. Add loolkitconfig.xcu to the iOS app bundle. Use
${BRAND_BASE_DIR} instead of a compile-time LOOLWSD_CONFIGDIR literal
on iOS (because there is no compile-time constant path to the app
bundle). No "registry" directory directly in the app bundle any longer
on iOS, a corresponding change in core.git moved that stuff to be
under "share", like on other platforms.

Change-Id: I6672efc0505abf27297c4758118a20992b10ceb3
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/88765
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
2020-02-17 14:49:06 +01:00
Michael Meeks
8f91659ae0 test: dung out redundant LOOL_TEST_CLIENT_PORT.
And cleanup other related oddities.

Change-Id: I2d179a2ece6a8553e10e406ad4e5da08a2ff58e5
2020-01-21 15:07:54 +00:00
Gabriel Masei
2164f5207c Add REST endpoint for admin metrics.
Change-Id: I701485631931334d27594c4907cb770f9888e5bf
Reviewed-on: https://gerrit.libreoffice.org/82492
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Michael Meeks <michael.meeks@collabora.com>
2019-11-25 13:06:01 +01:00
Iván Sánchez Ortega
55ac3da53f loleaflet: Draw column/row grid lines on the background
Based on information from UNO ViewRowColumnHeaders messages, this draws
the grid lines with Leaflet's SVG polylines, in a background pane.

To prevent visual glitches on touchscreens, this also reverts parts of
26aad36771ebd5a304b763912184acd2ea26dfdf - that introduced a regression
that prevented 'dragend' events from being fired when inertia-dragging.
Instead, inertia drag is disabled in the L.Map constructor.

[ Miklos: cherry-pick these early as they prevent automatic merging. ]

Change-Id: I86c68214822a0a2c2f8ced82ccf5a6c201e2cf04
2019-11-13 16:58:15 +00:00
Jan Holesovsky
5b5e29b430 killpoco: Don't use POCO for app exit values.
Change-Id: I2948ac45a7b4243f7afde08d5245530fdbf9a070
Reviewed-on: https://gerrit.libreoffice.org/82125
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
2019-11-07 12:23:47 +01:00
Ashod Nakashian
7a976488f0 wsd: cleanup the global flag accessors
The following flags are affected:
ShutdownRequestFlag
TerminationFlag
DumpGlobalState

Since it's common to grep for all places
that set or reset these global flags, it
makes more sense to have explicit functions
for each operation. Now we have set and reset
accessors where appropriate and get is reserved
for read-only access.

This changes the getters to only return
the boolean value of these flags rather than
a reference to the atomic object, now that
they are read-only.

Also, a few Mobile-specific cases were folded
either with other Mobile-specific sections, or
they were now identical to the non-Mobile case
and therefore deduplicated, making the code
cleaner and more readable.

Change-Id: Icc852aa43e86695d4e7d5962040a9b5086d9d08c
Reviewed-on: https://gerrit.libreoffice.org/81978
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2019-11-06 03:43:45 +01:00
Ashod Nakashian
720c26176a wsd: improved kit thread naming
Now the wsd docbroker thread and its peer kit
thread are trivial to match, since they are called
docbroker_xxx and kitbroker_xxx (where xxx is the
instance ID) respectively.

Also, label spare kit instances as kit_spare_xxx
to differentiate from ones with actual documents,
where xxx is a running counter to differentiate
spare instances from one another.

Now we are able to easily see (and count) the number
of spare kit instances, and match wsd and kit threads
handling a given document.

Unit-test logic updated to reflect the new thread
naming scheme.

Change-Id: I154dc8f200fbe0e65f3f5984e6dad2cef1b52e22
Reviewed-on: https://gerrit.libreoffice.org/79328
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2019-09-22 20:23:27 +02:00
Miklos Vajna
bd4d72d41f common: wrap TerminationFlag in a getter function to avoid ODR violation
Otherwise both loolwsd and unit-copy-paste.so would have a
TerminationFlag:

==11732==ERROR: AddressSanitizer: odr-violation (0x00000208f4a0):
  [1] size=1 'TerminationFlag' ../common/SigUtil.cpp:41:19
  [2] size=1 'TerminationFlag' common/SigUtil.cpp:41:19
These globals were registered at these points:
  [1]:
    #0 0x5f9988 in __asan_register_globals.part.13 /home/vmiklos/git/libreoffice/lode/packages/llvm-472c6ef8b0f53061b049039f9775ab127beafbe4.src/compiler-rt/lib/asan/asan_globals.cc:365
    #1 0x7f5df9cf18cb in asan.module_ctor (/home/vmiklos/git/libreoffice/online-san/test/../test/.libs/unit-copy-paste.so+0x60a8cb)

  [2]:
    #0 0x5f9988 in __asan_register_globals.part.13 /home/vmiklos/git/libreoffice/lode/packages/llvm-472c6ef8b0f53061b049039f9775ab127beafbe4.src/compiler-rt/lib/asan/asan_globals.cc:365
    #1 0xe2b4fe in asan.module_ctor (/home/vmiklos/git/libreoffice/online-san/loolwsd+0xe2b4fe)

Change-Id: Ic620b143ecb77699f40676ff39d0fa7abceb34d5
2019-08-08 09:10:59 +02:00
Ashod Nakashian
6b82d245fa Unipoll: integrate with the LOK mainloop in a single thread.
Unfortunately processing multiple events from the Kit socket
is causing massive document invalidations, for unknown
reasons. As such, for now we have to process one event
at a time, until the source of the invalidations is found
and fixed.

Without the invalidation, the average tile rendering
roundtrip is about 3x faster than with the invalidations
and the maximum roundrip is at least 2x faster.

Change-Id: Iafbf9ccc2b80656cb71c208b598080f72d201ca2
Reviewed-on: https://gerrit.libreoffice.org/70906
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2019-04-23 03:00:07 +02:00
Michael Meeks
729c124b3b perftrace: consume PROFILE_FRAME messages and chart lok ProfileZones.
Also - enable performance tracing in the kit when we're logging at
trace level.

Change-Id: I838e8d7769b0ead8508c4482c58e0e2564dcee91
2019-04-16 20:27:37 +01:00
Michael Meeks
81a27e26aa Switch local prisoner sockets to abstract UDS
Unix Domain Sockets are inaddressable remotely, and more efficient,
as well as allowing future SCM_CREDENTIALS / SCM_RIGHTS.

Change-Id: Ia2472260f75feb43e9022cdfa0fe005ccd489454
2019-03-30 16:51:06 +00:00
Ashod Nakashian
00a44d6e81 wsd: flush logs before existing
This is important for when we abort with some explanation.
Often said explanation doesn't show up anywhere to be useful.

Also, issue fatal logs for abnormal exist and use SFL to log errno.

Reviewed-on: https://gerrit.libreoffice.org/57540
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
Tested-by: Jan Holesovsky <kendy@collabora.com>
(cherry picked from commit ad7964393eadb68873b820e0a620fb40f1e1b06a)

Change-Id: Ic67064ef40ef6e93d26e5847ecd32bdd49c3cc8b
2018-10-16 20:12:23 -04:00
Ashod Nakashian
053161b3f5 wsd: move string utilities into Util
Reviewed-on: https://gerrit.libreoffice.org/57539
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
Tested-by: Jan Holesovsky <kendy@collabora.com>
(cherry picked from commit fb2671c4145edd4d4e359f0dcf5cc84835487cd4)

Change-Id: Idc578dff4e8ee5e48c1b7780d3feb2d21c6a9b13
2018-10-16 20:12:23 -04:00
Ashod Nakashian
380c55d9eb wsd: disable tracing after initialization
The first child had tracing enabled even after
initial startup is completed. This would leak
user details when anonymization is enabled.

Change-Id: I5325e02d1a1078bff6640af85f5672b556c00aeb
2018-10-16 20:12:23 -04:00
Tor Lillqvist
8ead4af199 Say "TerminationFlag" in logging when that is what we mean
We already did in other places.
2018-10-15 15:36:51 +03:00
Ashod Nakashian
b9db83518b wsd: warn when we have no kits and we are not exiting just yet
Change-Id: I8c19dcea3eb900a989aebac7ef96793af31bdce8
Reviewed-on: https://gerrit.libreoffice.org/55576
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
Tested-by: Jan Holesovsky <kendy@collabora.com>
2018-06-14 17:05:46 +02:00
Michael Meeks
03bbe52665 Ensure the forkit does not have lingering threads after preinit.
Change-Id: I216a03a0ada628189355ebfd4016bf6033430eef
2018-04-16 20:04:23 +01:00
Michael Meeks
8f134aa1a9 Allow running without seccomp and capabilities.
There are some significant security trade-offs here which are now
at least configurable.

Change-Id: I1d879d69e91392f4ccf5db250a2277f53df60db7
2018-03-19 20:46:17 +00:00
Miklos Vajna
e76485d8b9 kit: spell out non-trivial autos to improve readability
Change-Id: I69b025b08a69c8780d40b39074d7d7abb12cc3af
2018-02-07 10:18:12 +01:00