X-Git-Url: http://git.ieval.ro/?p=gruntmaster-daemon.git;a=blobdiff_plain;f=gruntmaster-exec;h=9590b4e34173feaa8198bfa13e84e424d810bea6;hp=dec8be38835c02ed0913078584cce3c1aee16b03;hb=9c1ab9145b96eba0eff66a8679e0d5665a115eda;hpb=1fe52cdeacc583e0261f95932264f9d4bb0ed19d

diff --git a/gruntmaster-exec b/gruntmaster-exec
index dec8be3..9590b4e 100755
--- a/gruntmaster-exec
+++ b/gruntmaster-exec
@@ -18,16 +18,20 @@ use constant +{
 	DIED => 5,
 	REJ => 10,
 };
+# These constants are changed by ex/makevm
+use constant USER => 65534;
+use constant GROUP => 65534;
 
-use BSD::Resource qw/setrlimit RLIMIT_AS RLIMIT_FSIZE/;
+use BSD::Resource qw/setrlimit RLIMIT_AS RLIMIT_FSIZE RLIMIT_NPROC/;
 use IPC::Signal qw/sig_name sig_num/;
 use sigtrap qw/XFSZ/;
 
 use Getopt::Long;
 use POSIX qw//;
+use Text::ParseWords qw/shellwords/;
 use Time::HiRes qw/alarm/;
 
-my (@fds, $timeout, $mlimit, $olimit);
+my (@fds, $timeout, $mlimit, $olimit, $nobody);
 my $close = 1;
 
 GetOptions(
@@ -36,15 +40,32 @@ GetOptions(
 	"mlimit=i"  => \$mlimit,
 	"olimit=i"  => \$olimit,
 	"close!"    => \$close,
+	"nobody!"   => \$nobody,
 );
 
+my $killuser = $ENV{GRUNTMASTER_KILL_USER};
+my @sudo;
+@sudo = (shellwords ($ENV{GRUNTMASTER_SUDO}), '--') if $ENV{GRUNTMASTER_SUDO} && $nobody;
+undef $mlimit if @sudo; # sudo wants a lot of address space
+
 my $ret = fork // die 'Cannot fork';
 if ($ret) {
 	my $tle;
-	local $SIG{ALRM} = sub { kill KILL => $ret; $tle = 1};
+	local $SIG{ALRM} = sub {
+		if ($killuser) {
+			system @sudo, 'pkill', '-KILL', '-u', $killuser;
+		} else {
+			kill KILL => $ret
+		}
+		$tle = 1
+	};
 	alarm ($timeout || 5);
 	waitpid $ret, 0;
 	alarm 0;
+	if (@sudo) {
+		$? = $? >> 8;
+		$? = $? < 128 || $? > 128+32 ? ($? << 8) : $? - 128;
+	}
 	my $sig = $? & 127;
 	my $signame = sig_name $sig;
 	exit !say TLE,  "\nTime Limit Exceeded"   if $tle;
@@ -66,11 +87,16 @@ if ($ret) {
 			POSIX::close $oldfd or die $!;
 		}
 	}
+	my $nproc = $killuser ? 15 : 1;
+	my $debug = $ENV{TEST_VERBOSE};
 	%ENV = (ONLINE_JUDGE => 1, PATH => $ENV{PATH}, HOME => $ENV{HOME});
 	setrlimit RLIMIT_AS, $mlimit, $mlimit or die $! if $mlimit;
 	setrlimit RLIMIT_FSIZE, $olimit, $olimit or die $! if $olimit;
-	POSIX::setgid 65534; # Set group id to nogroup
-	POSIX::setuid 65534; # Set user id to nobody
+	setrlimit RLIMIT_NPROC, $nproc, $nproc or die $! if $nobody;
+	POSIX::setgid $nobody ? 65534 : USER;
+	POSIX::setuid $nobody ? 65534 : GROUP;
+	unshift @ARGV, @sudo;
+	say STDERR "Executing: ", join ' ', map { "'$_'" } @ARGV if $debug;
 	exec @ARGV;
 }