X-Git-Url: http://git.ieval.ro/?p=gruntmaster-daemon.git;a=blobdiff_plain;f=gruntmaster-exec;h=bcde8d721321899e0f65cf317ecf8d3d697f4a7e;hp=a4ae94d4ce0335575dd4dcfa50b7a208078a1a69;hb=16de3659fc10d654c8b8c9e660393c1f25eb85d0;hpb=7be8c37d42b6782bc5d94ea4e52dd1261ce6e3ae

diff --git a/gruntmaster-exec b/gruntmaster-exec
index a4ae94d..bcde8d7 100755
--- a/gruntmaster-exec
+++ b/gruntmaster-exec
@@ -18,30 +18,54 @@ use constant +{
 	DIED => 5,
 	REJ => 10,
 };
+# These constants are changed by ex/makevm
+use constant USER => 65534;
+use constant GROUP => 65534;
 
-use BSD::Resource qw/setrlimit RLIMIT_AS RLIMIT_FSIZE/;
+use BSD::Resource qw/setrlimit RLIMIT_AS RLIMIT_FSIZE RLIMIT_NPROC/;
 use IPC::Signal qw/sig_name sig_num/;
 use sigtrap qw/XFSZ/;
 
 use Getopt::Long;
 use POSIX qw//;
+use Text::ParseWords qw/shellwords/;
 use Time::HiRes qw/alarm/;
 
-my (@fds, $timeout, $mlimit, $olimit);
+my (@fds, $timeout, $mlimit, $olimit, $nobody);
+my $close = 1;
+
 GetOptions(
 	"fd=s"      => \@fds,
 	"timeout=f" => \$timeout,
 	"mlimit=i"  => \$mlimit,
 	"olimit=i"  => \$olimit,
+	"close!"    => \$close,
+	"nobody!"   => \$nobody,
 );
 
+my $killuser = $ENV{GRUNTMASTER_KILL_USER};
+my @sudo;
+@sudo = (shellwords ($ENV{GRUNTMASTER_SUDO}), '--') if $ENV{GRUNTMASTER_SUDO} && $nobody;
+undef $mlimit if @sudo; # sudo wants a lot of address space
+
 my $ret = fork // die 'Cannot fork';
 if ($ret) {
 	my $tle;
-	local $SIG{ALRM} = sub { kill KILL => $ret; $tle = 1};
+	local $SIG{ALRM} = sub {
+		if ($killuser) {
+			system @sudo, 'pkill', '-KILL', '-u', $killuser;
+		} else {
+			kill KILL => $ret
+		}
+		$tle = 1
+	};
 	alarm ($timeout || 5);
 	waitpid $ret, 0;
 	alarm 0;
+	if (@sudo) {
+		$? = $? >> 8;
+		$? = $? < 128 ? ($? << 8) : $? - 128;
+	}
 	my $sig = $? & 127;
 	my $signame = sig_name $sig;
 	exit !say TLE,  "\nTime Limit Exceeded"   if $tle;
@@ -51,7 +75,9 @@ if ($ret) {
 	exit !say AC,   "\nAll OK";
 } else {
 	$^F = 50;
-	POSIX::close $_ for 0 .. $^F;
+	if ($close) {
+		POSIX::close $_ for 0 .. $^F;
+	}
 	for my $fdstring (@fds) {
 		my ($fd, $file) = split ' ', $fdstring, 2;
 		open my $fh, $file or die $!;
@@ -61,11 +87,16 @@ if ($ret) {
 			POSIX::close $oldfd or die $!;
 		}
 	}
+	my $nproc = $killuser ? 5 : 1;
+	my $debug = $ENV{TEST_VERBOSE};
 	%ENV = (ONLINE_JUDGE => 1, PATH => $ENV{PATH}, HOME => $ENV{HOME});
 	setrlimit RLIMIT_AS, $mlimit, $mlimit or die $! if $mlimit;
 	setrlimit RLIMIT_FSIZE, $olimit, $olimit or die $! if $olimit;
-	POSIX::setgid 65534; # Set group id to nogroup
-	POSIX::setuid 65534; # Set user id to nobody
+	setrlimit RLIMIT_NPROC, $nproc, $nproc or die $! if $nobody;
+	POSIX::setgid $nobody ? 65534 : USER;
+	POSIX::setuid $nobody ? 65534 : GROUP;
+	unshift @ARGV, @sudo;
+	say STDERR "Executing: ", join ' ', map { "'$_'" } @ARGV if $debug;
 	exec @ARGV;
 }