passenger 5.2.1 → 5.2.2

data/src/agent/Core/ApplicationPool/Implementation.cpp

@@ -45,6 +45,7 @@
 #include <Utils/JsonUtils.h>
 #include <Core/ApplicationPool/Pool.h>
 #include <Core/ApplicationPool/Group.h>
+#include <Core/ApplicationPool/Process.cpp>
 #include <Core/ApplicationPool/ErrorRenderer.h>
 #include <Core/ApplicationPool/Pool/InitializationAndShutdown.cpp>
 #include <Core/ApplicationPool/Pool/AnalyticsCollection.cpp>

data/src/agent/Core/ApplicationPool/Options.h

@@ -85,6 +85,7 @@ private:
 
 		result.push_back(&options.appRoot);
 		result.push_back(&options.appGroupName);
+		result.push_back(&options.appLogFile);
 		result.push_back(&options.appType);
 		result.push_back(&options.startCommand);
 		result.push_back(&options.startupFile);
@@ -177,6 +178,11 @@ public:
 	 */
 	HashedStaticString appGroupName;
 
+	/** The application's log file, where Passenger sends the logs from
+	 *	the application.
+	 */
+	StaticString appLogFile;
+
 	/** The application's type, used for determining the command to invoke to
 	 * spawn an application process as well as determining the startup file's
 	 * filename. It can be one of the app type names in AppType.cpp, or the
@@ -598,6 +604,7 @@ public:
 			appendKeyValue (vec, "app_root",           appRoot);
 			appendKeyValue (vec, "app_group_name",     getAppGroupName());
 			appendKeyValue (vec, "app_type",           appType);
+			appendKeyValue (vec, "app_log_file",       appLogFile);
 			appendKeyValue (vec, "start_command",      getStartCommand(resourceLocator));
 			appendKeyValue (vec, "startup_file",       absolutizePath(getStartupFile(), absolutizePath(appRoot)));
 			appendKeyValue (vec, "process_title",      getProcessTitle());
@@ -716,4 +723,3 @@ public:
 } // namespace Passenger
 
 #endif /* _PASSENGER_APPLICATION_POOL2_OPTIONS_H_ */
-

data/src/agent/Core/ApplicationPool/Pool.h

@@ -392,6 +392,7 @@ public:
 	};
 
 	const GroupPtr getGroup(const char *name);
+	const pair<uid_t, gid_t> getGroupRunUidAndGids(const StaticString &appGroupName);
 	Group *findMatchingGroup(const Options &options);
 	GroupPtr createGroup(const Options &options);
 	GroupPtr createGroupAndAsyncGetFromIt(const Options &options,

data/src/agent/Core/ApplicationPool/Pool/GroupUtils.cpp

@@ -45,6 +45,17 @@ using namespace boost;
  *
  ****************************/
 
+const pair<uid_t, gid_t>
+Pool::getGroupRunUidAndGids(const StaticString &appGroupName) {
+	LockGuard l(syncher);
+	GroupPtr *group;
+	if (!groups.lookup(appGroupName.c_str(), &group)) {
+		throw RuntimeException("Could not find group: " + appGroupName);
+	} else {
+		SpawningKit::UserSwitchingInfo info = SpawningKit::prepareUserSwitching((*group)->options);
+		return pair<uid_t, gid_t>(info.uid,info.gid);
+	}
+}
 
 const GroupPtr
 Pool::getGroup(const char *name) {

data/src/agent/Core/ApplicationPool/Process.cpp

@@ -0,0 +1,52 @@
+/*
+ *  Phusion Passenger - https://www.phusionpassenger.com/
+ *  Copyright (c) 2011-2017 Phusion Holding B.V.
+ *
+ *  "Passenger", "Phusion Passenger" and "Union Station" are registered
+ *  trademarks of Phusion Holding B.V.
+ *
+ *  Permission is hereby granted, free of charge, to any person obtaining a copy
+ *  of this software and associated documentation files (the "Software"), to deal
+ *  in the Software without restriction, including without limitation the rights
+ *  to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ *  copies of the Software, and to permit persons to whom the Software is
+ *  furnished to do so, subject to the following conditions:
+ *
+ *  The above copyright notice and this permission notice shall be included in
+ *  all copies or substantial portions of the Software.
+ *
+ *  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ *  IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ *  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ *  AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ *  LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ *  OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ *  THE SOFTWARE.
+ */
+
+#include <Core/ApplicationPool/Process.h>
+#include <Core/ApplicationPool/Group.h>
+
+namespace Passenger {
+namespace ApplicationPool2 {
+
+using namespace std;
+using namespace boost;
+
+SpawningKit::PipeWatcherPtr Process::makePipeWatcher(const SpawningKit::ConfigPtr &config, FileDescriptor socket, const char *channel, pid_t pid, const BasicGroupInfo *groupInfo) {
+	StaticString appLogFile;
+	HashedStaticString appGroupName;
+	if (groupInfo->group != NULL) {
+		appLogFile = groupInfo->group->options.appLogFile;
+		appGroupName = groupInfo->group->options.getAppGroupName();
+	}
+	SpawningKit::PipeWatcherPtr watcher = boost::make_shared<SpawningKit::PipeWatcher>(
+		config, socket, channel, pid, appGroupName, appLogFile
+	);
+	watcher->initialize();
+	watcher->start();
+	return watcher;
+}
+
+} // namespace ApplicationPool2
+} // namespace Passenger

data/src/agent/Core/ApplicationPool/Process.h

@@ -353,6 +353,8 @@ private:
 		return result;
 	}
 
+	SpawningKit::PipeWatcherPtr makePipeWatcher(const SpawningKit::ConfigPtr &config, FileDescriptor socket, const char *channel, pid_t pid, const BasicGroupInfo *groupInfo);
+
 public:
 	/*************************************************************
 	 * Information used by Pool. Do not write to these from
@@ -454,17 +456,11 @@ public:
 			errorPipe = skResult->errorPipe;
 
 			if (adminSocket != -1) {
-				SpawningKit::PipeWatcherPtr watcher = boost::make_shared<SpawningKit::PipeWatcher>(
-					getContext()->getSpawningKitConfig(), adminSocket, "stdout", info.pid);
-				watcher->initialize();
-				watcher->start();
+				SpawningKit::PipeWatcherPtr watcher = makePipeWatcher(getContext()->getSpawningKitConfig(), adminSocket, "stdout", info.pid, groupInfo);
 			}
 
 			if (errorPipe != -1) {
-				SpawningKit::PipeWatcherPtr watcher = boost::make_shared<SpawningKit::PipeWatcher>(
-					getContext()->getSpawningKitConfig(), errorPipe, "stderr", info.pid);
-				watcher->initialize();
-				watcher->start();
+				SpawningKit::PipeWatcherPtr watcher = makePipeWatcher(getContext()->getSpawningKitConfig(), errorPipe, "stderr", info.pid, groupInfo);
 			}
 		}
 	}

data/src/agent/Core/Config.h

@@ -61,10 +61,12 @@ using namespace std;
  * (do not edit: following text is automatically generated
  * by 'rake configkit_schemas_inline_comments')
  *
- *   admin_panel_authentication                                      object             -          secret
+ *   admin_panel_auth_type                                           string             -          default("basic")
  *   admin_panel_close_timeout                                       float              -          default(10.0)
  *   admin_panel_connect_timeout                                     float              -          default(30.0)
  *   admin_panel_data_debug                                          boolean            -          default(false)
+ *   admin_panel_password                                            string             -          secret
+ *   admin_panel_password_file                                       string             -          -
  *   admin_panel_ping_interval                                       float              -          default(30.0)
  *   admin_panel_ping_timeout                                        float              -          default(30.0)
  *   admin_panel_proxy_password                                      string             -          secret
@@ -73,6 +75,7 @@ using namespace std;
  *   admin_panel_proxy_username                                      string             -          -
  *   admin_panel_reconnect_timeout                                   float              -          default(5.0)
  *   admin_panel_url                                                 string             -          read_only
+ *   admin_panel_username                                            string             -          -
  *   admin_panel_websocketpp_debug_access                            boolean            -          default(false)
  *   admin_panel_websocketpp_debug_error                             boolean            -          default(false)
  *   api_server_accept_burst_count                                   unsigned integer   -          default(32)
@@ -150,7 +153,7 @@ using namespace std;
  *   security_update_checker_interval                                unsigned integer   -          default(86400)
  *   security_update_checker_proxy_url                               string             -          -
  *   security_update_checker_url                                     string             -          default("https://securitycheck.phusionpassenger.com/v1/check.json")
- *   server_software                                                 string             -          default("Phusion_Passenger/5.2.1")
+ *   server_software                                                 string             -          default("Phusion_Passenger/5.2.2")
  *   show_version_in_header                                          boolean            -          default(true)
  *   single_app_mode_app_root                                        string             -          default,read_only
  *   single_app_mode_app_type                                        string             -          read_only
@@ -380,6 +383,7 @@ public:
 		loggingKit.translator.finalize();
 		addSubSchema(loggingKit.schema, loggingKit.translator);
 		erase("redirect_stderr");
+		erase("buffer_logs");
 
 		// Add subschema: controller
 		addSubSchemaPrefixTranslations<ServerKit::HttpServerSchema>(

data/src/agent/Core/ConfigChange.cpp

@@ -180,7 +180,8 @@ asyncPrepareConfigChange(const Json::Value &updates, ConfigChangeRequest *req,
 
 	ConfigKit::prepareConfigChangeForSubComponent(
 		*LoggingKit::context, coreSchema->loggingKit.translator,
-		req->config->inspectEffectiveValues(),
+		manipulateLoggingKitConfig(*req->config,
+			req->config->inspectEffectiveValues()),
 		req->errors, req->forLoggingKit);
 	ConfigKit::prepareConfigChangeForSubComponent(
 		*workingObjects->securityUpdateChecker,
@@ -345,5 +346,15 @@ inspectConfig() {
 }
 
 
+Json::Value
+manipulateLoggingKitConfig(const ConfigKit::Store &coreConfig,
+	const Json::Value &loggingKitConfig)
+{
+	Json::Value result = loggingKitConfig;
+	result["buffer_logs"] = !coreConfig["admin_panel_url"].isNull();
+	return result;
+}
+
+
 } // namespace Core
 } // namespace Passenger

data/src/agent/Core/ConfigChange.h

@@ -47,6 +47,9 @@ void asyncPrepareConfigChange(const Json::Value &updates, ConfigChangeRequest *r
 void asyncCommitConfigChange(ConfigChangeRequest *req, const CommitConfigChangeCallback &callback) BOOST_NOEXCEPT_OR_NOTHROW;
 Json::Value inspectConfig();
 
+Json::Value manipulateLoggingKitConfig(const ConfigKit::Store &coreConfig,
+	const Json::Value &loggingKitConfig);
+
 
 } // namespace Core
 } // namespace Passenger

data/src/agent/Core/Controller/Config.h

@@ -111,7 +111,7 @@ parseControllerBenchmarkMode(const StaticString &mode) {
  *   multi_app                                           boolean            -          default(true),read_only
  *   request_freelist_limit                              unsigned integer   -          default(1024)
  *   response_buffer_high_watermark                      unsigned integer   -          default(134217728)
- *   server_software                                     string             -          default("Phusion_Passenger/5.2.1")
+ *   server_software                                     string             -          default("Phusion_Passenger/5.2.2")
  *   show_version_in_header                              boolean            -          default(true)
  *   start_reading_after_accept                          boolean            -          default(true)
  *   stat_throttle_rate                                  unsigned integer   -          default(10)

data/src/agent/Core/Controller/InitRequest.cpp

@@ -353,7 +353,7 @@ Controller::createNewPoolOptions(Client *client, Request *req,
 
 	options.appGroupName = appGroupName;
 
-	fillPoolOption(req, options.appType, "!~PASSENGER_APP_TYPE");
+	fillPoolOption(req, options.appLogFile, "!~PASSENGER_APP_LOG_FILE");
 	fillPoolOption(req, options.environment, "!~PASSENGER_APP_ENV");
 	fillPoolOption(req, options.ruby, "!~PASSENGER_RUBY");
 	fillPoolOption(req, options.python, "!~PASSENGER_PYTHON");

data/src/agent/Core/Controller/InternalUtils.cpp

@@ -244,10 +244,10 @@ Controller::resolveSymlink(const StaticString &path, psg_pool_t *pool) {
 			char *pos  = data;
 			char *end  = data + resultlen;
 
-			pos = appendData(pos, end, linkbuf, linkbuflen);
+			pos = appendData(pos, end, workingDir);
 			*pos = '/';
 			pos++;
-			pos = appendData(pos, end, workingDir);
+			pos = appendData(pos, end, linkbuf, linkbuflen);
 
 			return psg_lstr_create(pool, data, resultlen);
 		}

data/src/agent/Core/CoreMain.cpp

@@ -863,6 +863,10 @@ initializeAdminPanelConnector() {
 	connector->resourceLocator = &wo.resourceLocator;
 	connector->appPool = wo.appPool;
 	connector->configGetter = inspectConfig;
+	for (unsigned int i = 0; i < wo.threadWorkingObjects.size(); i++) {
+		ThreadWorkingObjects *two = &wo.threadWorkingObjects[i];
+		connector->controllers.push_back(two->controller);
+	}
 	connector->initialize();
 	wo.shutdownCounter.fetch_add(1, boost::memory_order_relaxed);
 	wo.adminPanelConnector = connector;
@@ -925,14 +929,16 @@ warnIfPathVulnerable(const char *path, string &warnings) {
 		warnings.append(path);
 		warnings.append("\" can be modified by user \"");
 		warnings.append(pathOwner.pw_name);
-		warnings.append("\" (or applications running as that user). Change the owner of the path to root, or avoid running Passenger as root.");
+		warnings.append("\" (or applications running as that user)."
+			" Change the owner of the path to root, or avoid running " SHORT_PROGRAM_NAME " as root.");
 	}
 
 	// World writeable access rights
 	if ((pathStat.st_mode & S_IWOTH) != 0) {
 		warnings.append("\nThe path \"");
 		warnings.append(path);
-		warnings.append("\" is writeable by any user (or application). Limit write access on the path to only the root user/group.");
+		warnings.append("\" is writeable by any user (or application)."
+			" Limit write access on the path to only the root user/group.");
 	}
 }
 
@@ -965,8 +971,9 @@ warnIfPassengerRootVulnerable() {
 	}
 	if (!warnings.empty()) {
 		P_WARN("WARNING: potential privilege escalation vulnerability. "
-			PROGRAM_NAME " is running as root, and part(s) of the passenger root path ("
-			<< root << ") can be changed by non-root user(s):" << warnings);
+			PROGRAM_NAME " is running as root, and part(s) of the "
+			SHORT_PROGRAM_NAME " root path (" << root
+			<< ") can be changed by non-root user(s):" << warnings);
 	}
 }
 
@@ -1309,6 +1316,12 @@ parseOptions(int argc, const char *argv[], ConfigKit::Store &config) {
 	}
 }
 
+static void
+loggingKitPreInitFunc(Json::Value &loggingKitInitialConfig) {
+	loggingKitInitialConfig = manipulateLoggingKitConfig(*coreConfig,
+		loggingKitInitialConfig);
+}
+
 int
 coreMain(int argc, char *argv[]) {
 	int ret;
@@ -1317,7 +1330,7 @@ coreMain(int argc, char *argv[]) {
 	coreConfig = new ConfigKit::Store(*coreSchema);
 	initializeAgent(argc, &argv, SHORT_PROGRAM_NAME " core",
 		*coreConfig, coreSchema->loggingKit.translator,
-		parseOptions, NULL, 2);
+		parseOptions, loggingKitPreInitFunc, 2);
 
 #if !BOOST_OS_MACOS
 	restoreOomScore(coreConfig->get("oom_score").asString());

data/src/agent/Core/SpawningKit/BackgroundIOCapturer.h

@@ -63,6 +63,8 @@ private:
 	boost::mutex dataSyncher;
 	string data;
 	oxt::thread *thr;
+	const HashedStaticString &appGroupName;
+	const StaticString &appLogFile;
 
 	void capture() {
 		TRACE_POINT();
@@ -89,7 +91,7 @@ private:
 				}
 				UPDATE_TRACE_POINT();
 				if (ret == 1 && buf[0] == '\n') {
-					LoggingKit::logAppOutput(pid, channelName, "", 0);
+					LoggingKit::logAppOutput(appGroupName, pid, channelName, "", 0, appLogFile);
 				} else {
 					vector<StaticString> lines;
 					if (ret > 0 && buf[ret - 1] == '\n') {
@@ -97,7 +99,7 @@ private:
 					}
 					split(StaticString(buf, ret), '\n', lines);
 					foreach (const StaticString line, lines) {
-						LoggingKit::logAppOutput(pid, channelName, line.data(), line.size());
+						LoggingKit::logAppOutput(appGroupName, pid, channelName, line.data(), line.size(), appLogFile);
 					}
 				}
 			}
@@ -105,11 +107,13 @@ private:
 	}
 
 public:
-	BackgroundIOCapturer(const FileDescriptor &_fd, pid_t _pid, const char *_channelName)
+	BackgroundIOCapturer(const FileDescriptor &_fd, pid_t _pid, const char *_channelName, const HashedStaticString &_appGroupName, const StaticString &_appLogFile)
 		: fd(_fd),
 		  pid(_pid),
 		  channelName(_channelName),
-		  thr(NULL)
+		  thr(NULL),
+		  appGroupName(_appGroupName),
+		  appLogFile(_appLogFile)
 		{ }
 
 	~BackgroundIOCapturer() {

data/src/agent/Core/SpawningKit/DirectSpawner.h

@@ -242,7 +242,9 @@ public:
 					errorPipe.first,
 					pid,
 					// The cast works around a compilation problem in Clang.
-					(const char *) "stderr");
+					(const char *) "stderr",
+					options.getAppGroupName(),
+					options.appLogFile);
 			details.stderrCapturer->start();
 			details.pid = pid;
 			details.adminSocket = adminSocket.second;

data/src/agent/Core/SpawningKit/PipeWatcher.h

@@ -61,6 +61,8 @@ private:
 	bool started;
 	boost::mutex startSyncher;
 	boost::condition_variable startCond;
+	const HashedStaticString appGroupName;
+	const StaticString appLogFile;
 
 	static void threadMain(boost::shared_ptr<PipeWatcher> self) {
 		TRACE_POINT();
@@ -97,7 +99,7 @@ private:
 				}
 			} else if (ret == 1 && buf[0] == '\n') {
 				UPDATE_TRACE_POINT();
-				LoggingKit::logAppOutput(pid, name, "", 0);
+				LoggingKit::logAppOutput(appGroupName, pid, name, "", 0, appLogFile);
 			} else {
 				UPDATE_TRACE_POINT();
 				vector<StaticString> lines;
@@ -107,7 +109,7 @@ private:
 				}
 				split(StaticString(buf, ret2), '\n', lines);
 				foreach (const StaticString line, lines) {
-					LoggingKit::logAppOutput(pid, name, line.data(), line.size());
+					LoggingKit::logAppOutput(appGroupName, pid, name, line.data(), line.size(), appLogFile);
 				}
 			}
 
@@ -119,12 +121,15 @@ private:
 
 public:
 	PipeWatcher(const ConfigPtr &_config, const FileDescriptor &_fd,
-		const char *_name, pid_t _pid)
+				const char *_name, pid_t _pid,
+				const HashedStaticString &_appGroupName, const StaticString &_appLogFile)
 		: config(_config),
 		  fd(_fd),
 		  name(_name),
 		  pid(_pid),
-		  started(false)
+		  started(false),
+		  appGroupName(_appGroupName),
+		  appLogFile(_appLogFile)
 		{ }
 
 	void initialize() {

data/src/agent/Core/SpawningKit/SmartSpawner.h

@@ -290,7 +290,9 @@ private:
 					errorPipe.first,
 					pid,
 					// The cast works around a compilation problem in Clang.
-					(const char *) "stderr");
+					(const char *) "stderr",
+					options.getAppGroupName(),
+					options.appLogFile);
 			details.stderrCapturer->start();
 			details.debugDir = debugDir;
 			details.options = &options;
@@ -310,12 +312,12 @@ private:
 			PipeWatcherPtr watcher;
 
 			watcher = boost::make_shared<PipeWatcher>(config,
-				adminSocket.second, "stdout", pid);
+				adminSocket.second, "stdout", pid, options.getAppGroupName(), options.appLogFile);
 			watcher->initialize();
 			watcher->start();
 
 			watcher = boost::make_shared<PipeWatcher>(config,
-				errorPipe.first, "stderr", pid);
+				errorPipe.first, "stderr", pid, options.getAppGroupName(), options.appLogFile);
 			watcher->initialize();
 			watcher->start();
 

data/src/agent/Core/SpawningKit/Spawner.h

@@ -710,7 +710,7 @@ protected:
 				if (details.stderrCapturer != NULL) {
 					details.stderrCapturer->appendToBuffer(result);
 				}
-				LoggingKit::logAppOutput(details.pid, "stdout", line.data(), line.size());
+				LoggingKit::logAppOutput(details.options->getAppGroupName(), details.pid, "stdout", line.data(), line.size(), details.options->appLogFile);
 			}
 		}
 	}