haraldwolff
/
collabora-online
mirror of https://github.com/CollaboraOnline/online.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

rename: loolforkit -> coolforkit 

Signed-off-by: Mert Tumer <mert.tumer@collabora.com>
Change-Id: I1de688dce4b068bff35451604486b72ecc8c91d4
pull/3649/head
Mert Tumer 2021-11-16 12:59:05 +03:00 committed by Andras Timar
parent 49f6f5cb54
commit 81f61c8073
20 changed files with 63 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -73,7 +73,7 @@ browser/typescript_js
connect
lokitclient
loolwsd
loolforkit
coolforkit
loolmount
loolmap
loolconvert
@ -81,7 +81,7 @@ loolsocketdump
loolstress
loolconfig
coolconfig
loolforkit-nocaps
coolforkit-nocaps
loadtest
unittest
loolwsd_fuzzer

26
Makefile.am
View File

@ -15,7 +15,7 @@ SUBDIRS = . browser test cypress_test
export ENABLE_DEBUG
bin_PROGRAMS = \
loolforkit \
coolforkit \
loolmount \
loolconvert coolconfig
@ -28,7 +28,7 @@ dist_bin_SCRIPTS = loolwsd-systemplate-setup \
loolwsd-generate-proof-key
man_MANS = man/loolwsd.1 \
man/loolforkit.1 \
man/coolforkit.1 \
man/loolconvert.1 \
man/coolconfig.1 \
man/loolwsd-systemplate-setup.1 \
@ -171,17 +171,17 @@ lokitclient_SOURCES = common/Log.cpp \
common/TraceEvent.cpp \
common/Util.cpp
loolforkit_sources = kit/ChildSession.cpp \
coolforkit_sources = kit/ChildSession.cpp \
kit/ForKit.cpp \
kit/Kit.cpp
loolforkit_json = $(patsubst %.cpp,%.cmd,$(loolforkit_sources))
coolforkit_json = $(patsubst %.cpp,%.cmd,$(coolforkit_sources))
loolforkit_SOURCES = $(loolforkit_sources) \
coolforkit_SOURCES = $(coolforkit_sources) \
$(shared_sources)
loolwsd_fuzzer_SOURCES = $(loolwsd_sources) \
$(loolforkit_sources) \
$(coolforkit_sources) \
$(shared_sources) \
kit/DummyLibreOfficeKit.cpp
@ -190,7 +190,7 @@ admin_fuzzer_CPPFLAGS = \
$(AM_CPPFLAGS)
admin_fuzzer_SOURCES = \
$(loolwsd_sources) \
$(loolforkit_sources) \
$(coolforkit_sources) \
$(shared_sources) \
fuzzer/Admin.cpp
admin_fuzzer_LDFLAGS = -fsanitize=fuzzer $(AM_LDFLAGS)
@ -200,7 +200,7 @@ clientsession_fuzzer_CPPFLAGS = \
$(AM_CPPFLAGS)
clientsession_fuzzer_SOURCES = \
$(loolwsd_sources) \
$(loolforkit_sources) \
$(coolforkit_sources) \
$(shared_sources) \
fuzzer/ClientSession.cpp
clientsession_fuzzer_LDFLAGS = -fsanitize=fuzzer $(AM_LDFLAGS)
@ -210,7 +210,7 @@ httpresponse_fuzzer_CPPFLAGS = \
$(AM_CPPFLAGS)
httpresponse_fuzzer_SOURCES = \
$(loolwsd_sources) \
$(loolforkit_sources) \
$(coolforkit_sources) \
$(shared_sources) \
fuzzer/HttpResponse.cpp
httpresponse_fuzzer_LDFLAGS = -fsanitize=fuzzer $(AM_LDFLAGS)
@ -379,7 +379,7 @@ CAPABILITIES = $(if @ENABLE_SETCAP@,true,false)
RUN_GDB = $(if $(GDB_FRONTEND),$(GDB_FRONTEND),gdb --tui --args)
if ENABLE_SETCAP
SET_CAPS_COMMAND=sudo @SETCAP@ cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep loolforkit && sudo @SETCAP@ cap_sys_admin=ep loolmount
SET_CAPS_COMMAND=sudo @SETCAP@ cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep coolforkit && sudo @SETCAP@ cap_sys_admin=ep loolmount
else
SET_CAPS_COMMAND=echo "Skipping capability setting"
endif
@ -387,7 +387,7 @@ endif
if ENABLE_LIBFUZZER
CLEANUP_DEPS=
else
CLEANUP_DEPS=loolwsd loolmount loolforkit
CLEANUP_DEPS=loolwsd loolmount coolforkit
endif
# Build loolwsd and loolmount first, so we can cleanup before updating
@ -536,7 +536,7 @@ else
ALL_LOCAL_DEPS=loolwsd
endif
# After building loolforkit, set its capabilities as required. Do it
# After building coolforkit, set its capabilities as required. Do it
# already after a plain 'make' to allow for testing without
# installing. When building for packaging, no need for this, as the
# capabilities won't survive packaging anyway. Instead, handle it when
@ -564,7 +564,7 @@ CLANGXX_COMPILE_FLAGS=clang++ $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \
JSON_COMPILE_FLAGS=$(subst ",\",$(subst \,\\,$(CLANGXX_COMPILE_FLAGS)))
JSON_COMPILE_SRC = $(loolwsd_json) $(loolforkit_json) $(shared_json)
JSON_COMPILE_SRC = $(loolwsd_json) $(coolforkit_json) $(shared_json)
$(eval $(call file_targets,$(JSON_COMPILE_SRC)))

6
common/Common.hpp
View File

@ -14,11 +14,11 @@
constexpr int DEFAULT_CLIENT_PORT_NUMBER = 9980;
// define to wrap strace around the forkit
#define STRACE_LOOLFORKIT 0
#define STRACE_COOLFORKIT 0
// define to wrap valgrind around the forkit
#define VALGRIND_LOOLFORKIT 0
#define VALGRIND_COOLFORKIT 0
#if VALGRIND_LOOLFORKIT
#if VALGRIND_COOLFORKIT
constexpr int TRACE_MULTIPLIER = 20;
#else
constexpr int TRACE_MULTIPLIER = 1;

2
debian/loolwsd.postinst.in vendored
View File

@ -4,7 +4,7 @@ set -e
case "$1" in
configure)
setcap cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep /usr/bin/loolforkit || true
setcap cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep /usr/bin/coolforkit || true
setcap cap_sys_admin=ep /usr/bin/loolmount || true
adduser --quiet --system --group --home /opt/lool lool

2
docker/from-source/Debian
View File

@ -24,7 +24,7 @@ COPY /start-collabora-online.sh /
# set up Collabora Online (normally done by postinstall script of package)
# Fix permissions
RUN setcap cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep /usr/bin/loolforkit && \
RUN setcap cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep /usr/bin/coolforkit && \
setcap cap_sys_admin=ep /usr/bin/loolmount && \
adduser --quiet --system --group --home /opt/lool lool && \
rm -rf /opt/lool && \

2
docker/from-source/Ubuntu
View File

@ -25,7 +25,7 @@ COPY /start-collabora-online.sh /
# set up Collabora Online (normally done by postinstall script of package)
# Fix permissions
RUN setcap cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep /usr/bin/loolforkit && \
RUN setcap cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep /usr/bin/coolforkit && \
setcap cap_sys_admin=ep /usr/bin/loolmount && \
adduser --quiet --system --group --home /opt/lool lool && \
rm -rf /opt/lool && \

2
docker/from-source/openSUSE
View File

@ -19,7 +19,7 @@ COPY /start-collabora-online.sh /
# set up Collabora Online (normally done by postinstall script of package)
# Fix permissions
RUN setcap cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep /usr/bin/loolforkit && \
RUN setcap cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep /usr/bin/coolforkit && \
setcap cap_sys_admin=ep /usr/bin/loolmount && \
groupadd -r lool && \
useradd -g lool -r lool -d /opt/lool -s /bin/bash && \

14
kit/ForKit.cpp
View File

@ -223,12 +223,12 @@ static bool haveCapability(cap_value_t capability)
{
if (cap_name)
{
LOG_ERR("Capability " << cap_name << " is not set for the loolforkit program.");
LOG_ERR("Capability " << cap_name << " is not set for the coolforkit program.");
cap_free(cap_name);
}
else
{
LOG_ERR("Capability " << capability << " is not set for the loolforkit program.");
LOG_ERR("Capability " << capability << " is not set for the coolforkit program.");
}
return false;
}
@ -445,7 +445,7 @@ void forkLibreOfficeKit(const std::string& childRoot,
#ifndef KIT_IN_PROCESS
static void printArgumentHelp()
{
std::cout << "Usage: loolforkit [OPTION]..." << std::endl;
std::cout << "Usage: coolforkit [OPTION]..." << std::endl;
std::cout << " Single-threaded process that spawns lok instances" << std::endl;
std::cout << " Note: Running this standalone is not possible. It is spawned by loolwsd" << std::endl;
std::cout << " and is controlled via a pipe." << std::endl;
@ -466,7 +466,7 @@ int main(int argc, char** argv)
/*WARNING*/ checkLoolUser = false;
/*WARNING*/ }
/*WARNING*/ if (!hasCorrectUID("loolforkit"))
/*WARNING*/ if (!hasCorrectUID("coolforkit"))
/*WARNING*/ {
/*WARNING*/ // don't allow if any capability is set (unless root; who runs this
/*WARNING*/ // as root or runs this in a container and provides --disable-lool-user-checking knows what they
@ -482,7 +482,7 @@ int main(int argc, char** argv)
/*WARNING*/ else if (hasAnyCapability())
/*WARNING*/ {
/*WARNING*/ if (!checkLoolUser)
/*WARNING*/ LOG_FTL("Security: --disable-lool-user-checking failed, loolforkit has some capabilities set.");
/*WARNING*/ LOG_FTL("Security: --disable-lool-user-checking failed, coolforkit has some capabilities set.");
/*WARNING*/ LOG_FTL("Aborting.");
/*WARNING*/ return EX_SOFTWARE;
@ -588,7 +588,7 @@ int main(int argc, char** argv)
{
std::string version, hash;
Util::getVersionInfo(version, hash);
std::cout << "loolforkit version details: " << version << " - " << hash << std::endl;
std::cout << "coolforkit version details: " << version << " - " << hash << std::endl;
DisplayVersion = true;
}
else if (std::strstr(cmd, "--rlimits") == cmd)
@ -664,7 +664,7 @@ int main(int argc, char** argv)
if (!NoCapsForKit && !haveCorrectCapabilities())
{
LOG_FTL("Capabilities are not set for the loolforkit program.");
LOG_FTL("Capabilities are not set for the coolforkit program.");
LOG_FTL("Please make sure that the current partition was *not* mounted with the 'nosuid' option.");
LOG_FTL("If you are on SLES11, please set 'file_caps=1' as kernel boot option.");
return EX_SOFTWARE;

6
loolwsd.spec.in
View File

@ -101,7 +101,7 @@ echo "account required pam_unix.so" >> %{buildroot}/etc/pam.d/loolwsd
/usr/bin/loolwsd
/usr/bin/loolwsd-systemplate-setup
/usr/bin/loolwsd-generate-proof-key
/usr/bin/loolforkit
/usr/bin/coolforkit
/usr/bin/loolconvert
/usr/bin/coolconfig
/usr/bin/loolconfig
@ -115,7 +115,7 @@ echo "account required pam_unix.so" >> %{buildroot}/etc/pam.d/loolwsd
/usr/share/doc/loolwsd/protocol.txt
/usr/share/doc/loolwsd/reference.md
/usr/share/man/man1/loolwsd.1.gz
/usr/share/man/man1/loolforkit.1.gz
/usr/share/man/man1/coolforkit.1.gz
/usr/share/man/man1/loolconvert.1.gz
/usr/share/man/man1/coolconfig.1.gz
/usr/share/man/man1/loolwsd-systemplate-setup.1.gz
@ -181,7 +181,7 @@ if [ $LOOLWSD_IS_ACTIVE == "1" ]; then systemctl start loolwsd; fi
echo " Done."
%post
setcap cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep /usr/bin/loolforkit
setcap cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep /usr/bin/coolforkit
setcap cap_sys_admin=ep /usr/bin/loolmount
%if 0%{?rhel} >= 7

2
man/coolconfig.1
View File

@ -31,4 +31,4 @@ update\-system\-template
The \fBanonymize\fR command helps to read anonymized logs. If you know a document and/or a user had an issue, you can find their session in the logs by running this command with the username and/or document name and get the anonymized hash, which you use to search the logs with.
.PP
.SH "SEE ALSO"
loolforkit(1), loolconvert(1), loolwsd(1), loolwsd-systemplate-setup(1), loolwsd-generate-proof-key(1), loolmount(1)
coolforkit(1), loolconvert(1), loolwsd(1), loolwsd-systemplate-setup(1), loolwsd-generate-proof-key(1), loolmount(1)

11
man/coolforkit.1 100644
View File

@ -0,0 +1,11 @@
.TH COOLFORKIT "1" "May 2018" "coolforkit " "User Commands"
.SH NAME
coolforkit \- Utility that spawns LOK instances for Collabora Online
.SH SYNOPSIS
coolforkit OPTIONS
.SH DESCRIPTION
Single-threaded process that spawns LibreOfficeKit (LOK) instances.
.PP
\fBNote\fR: Running this standalone is not possible. It is spawned by loolwsd and is controlled via a pipe.
.SH "SEE ALSO"
loolwsd(1), loolconvert(1), coolconfig(1), loolforkit-systemplate-setup(1), loolwsd-generate-proof-key(1), loolmount(1)

2
man/loolconvert.1
View File

@ -17,4 +17,4 @@ loolconvert OPTIONS FILE(S)
\fB\-\-no\-check\-certificate\fR Disable checking of SSL certs
.PP
.SH "SEE ALSO"
loolwsd(1), loolforkit(1), coolconfig(1), loolforkit-systemplate-setup(1), loolwsd-generate-proof-key(1), loolmount(1)
loolwsd(1), coolforkit(1), coolconfig(1), loolforkit-systemplate-setup(1), loolwsd-generate-proof-key(1), loolmount(1)

2
man/loolmount.1
View File

@ -8,4 +8,4 @@ This is a very tiny helper to allow overlay mounting.
.PP
\fBNote\fR: Running this standalone is not possible. It is used internally by loolwsd when it creates the jail for the document.
.SH "SEE ALSO"
loolwsd(1), loolconvert(1), coolconfig(1), loolforkit-systemplate-setup(1), loolwsd-generate-proof-key(1), loolforkit(1)
loolwsd(1), loolconvert(1), coolconfig(1), loolforkit-systemplate-setup(1), loolwsd-generate-proof-key(1), coolforkit(1)

2
man/loolwsd-generate-proof-key.1
View File

@ -6,4 +6,4 @@ loolwsd-generate-proof-key
.SH DESCRIPTION
loolwsd-generate-proof-key creates an RSA key pair in /etc/loolwsd for the WOPI Proof headers. The script is automatically run by the postinstall script of loolwsd package, but in case of failure sysadmins can run it manually.
.SH "SEE ALSO"
loolforkit(1), loolconvert(1), coolconfig(1), loolwsd(1), loolwsd-systemplate-setup(1), loolmount(1)
coolforkit(1), loolconvert(1), coolconfig(1), loolwsd(1), loolwsd-systemplate-setup(1), loolmount(1)

2
man/loolwsd-systemplate-setup.1
View File

@ -6,4 +6,4 @@ loolwsd-systemplate-setup <chroot template directory for system libs to create>
.SH DESCRIPTION
loolwsd-systemplate-setup creates a minimal system template for running the LibreOfficeKit in a chroot jail. The system template contains the bare minimum of system libraries to run LibreOfficeKit, and also fonts and locale data from the system.
.SH "SEE ALSO"
loolforkit(1), loolconvert(1), coolconfig(1), loolwsd(1), loolwsd-generate-proof-key(1), loolmount(1)
coolforkit(1), loolconvert(1), coolconfig(1), loolwsd(1), loolwsd-generate-proof-key(1), loolmount(1)

2
man/loolwsd.1
View File

@ -31,4 +31,4 @@ loolwsd OPTIONS
\fB\-\-nocaps\fR Use a non\-privileged forkit, with increase in security problems.
.PP
.SH "SEE ALSO"
loolforkit(1), loolconvert(1), coolconfig(1), loolwsd-systemplate-setup(1), loolwsd-generate-proof-key(1), loolmount(1)
coolforkit(1), loolconvert(1), coolconfig(1), loolwsd-systemplate-setup(1), loolwsd-generate-proof-key(1), loolmount(1)

2
scripts/segv-catch.pl
View File

@ -17,6 +17,6 @@ while (<STDIN>) {
print "$day $time $process $signal\n";
}
# 2016-04-12T20:06:49.627111+00:00 ip-172-31-34-231 loolwsd[5918]: Backtrace:
# 2016-04-12T20:06:49.627455+00:00 ip-172-31-34-231 loolwsd[5918]: /usr/bin/loolforkit() [0x43e86d]
# 2016-04-12T20:06:49.627455+00:00 ip-172-31-34-231 loolwsd[5918]: /usr/bin/coolforkit() [0x43e86d]
# 2016-04-12T20:06:49.627795+00:00 ip-172-31-34-231 loolwsd[5918]: /lib64/libpthread.so.0(+0xf890) [0x7f9389f97890]

18
wsd/LOOLWSD.cpp
View File

@ -1932,7 +1932,7 @@ bool LOOLWSD::checkAndRestoreForKit()
if (!SigUtil::getShutdownRequestFlag() && !SigUtil::getTerminationFlag() && !createForKit())
{
// Should never fail.
LOG_FTL("Setting ShutdownRequestFlag: Failed to spawn loolforkit.");
LOG_FTL("Setting ShutdownRequestFlag: Failed to spawn coolforkit.");
SigUtil::requestShutdown();
}
}
@ -2115,7 +2115,7 @@ bool LOOLWSD::createForKit()
StringVector args;
std::string parentPath = Path(Application::instance().commandPath()).parent().toString();
#if STRACE_LOOLFORKIT
#if STRACE_COOLFORKIT
// if you want to use this, you need to sudo setcap cap_fowner,cap_chown,cap_mknod,cap_sys_chroot=ep /usr/bin/strace
args.push_back("-o");
args.push_back("strace.log");
@ -2123,8 +2123,8 @@ bool LOOLWSD::createForKit()
args.push_back("-tt");
args.push_back("-s");
args.push_back("256");
args.push_back(parentPath + "loolforkit");
#elif VALGRIND_LOOLFORKIT
args.push_back(parentPath + "coolforkit");
#elif VALGRIND_COOLFORKIT
NoCapsForKit = true;
NoSeccomp = true;
// args.push_back("--log-file=valgrind.log");
@ -2132,8 +2132,8 @@ bool LOOLWSD::createForKit()
args.push_back("--trace-children=yes");
args.push_back("--error-limit=no");
args.push_back("--num-callers=128");
std::string nocapsCopy = parentPath + "loolforkit-nocaps";
FileUtil::copy(parentPath + "loolforkit", nocapsCopy, true, true);
std::string nocapsCopy = parentPath + "coolforkit-nocaps";
FileUtil::copy(parentPath + "coolforkit", nocapsCopy, true, true);
args.push_back(nocapsCopy);
#endif
args.push_back("--losubpath=" + std::string(LO_JAIL_SUBPATH));
@ -2172,12 +2172,12 @@ bool LOOLWSD::createForKit()
args.push_back("--singlekit");
#endif
#if STRACE_LOOLFORKIT
#if STRACE_COOLFORKIT
std::string forKitPath = "/usr/bin/strace";
#elif VALGRIND_LOOLFORKIT
#elif VALGRIND_COOLFORKIT
std::string forKitPath = "/usr/bin/valgrind";
#else
std::string forKitPath = parentPath + "loolforkit";
std::string forKitPath = parentPath + "coolforkit";
#endif
// Always reap first, in case we haven't done so yet.

6
wsd/README
View File

@ -48,7 +48,7 @@ When building from a tarball less magic is needed.
Run 'make check' after each commit.
Note that the loolforkit program needs the CAP_SYS_CHROOT capability,
Note that the coolforkit program needs the CAP_SYS_CHROOT capability,
thus you will be asked the root password when running make as it
invokes sudo to run /sbin/setcap.
@ -235,7 +235,7 @@ or
so that you have time to attach to the process.
Then run loolwsd, and attach your debugger to the process you are
interested in. Note that as the loolforkit executable file has
interested in. Note that as the coolforkit executable file has
capabilities set, so when debugging that you need to run the debugger
with super-user privilege.
@ -268,7 +268,7 @@ websocket.
Architecture
------------
There are three processes: LoolWSD, LoolForKit, and LoolKit.
There are three processes: LoolWSD, CoolForKit, and LoolKit.
WSD is the top-level server and is intended to run as a service.
It is responsible for spawning ForKit and listening on public

2
wsd/protocol.txt
View File

@ -810,7 +810,7 @@ recv_bytes
Queries for total memory or bandwidth being consumed by the server
in kilobytes. For mem_consumed this includes processes - loolwsd,
loolforkit, and child processes hosting various documents. For
coolforkit, and child processes hosting various documents. For
sent/recv_bytes this includes only external traffic.
active_docs_count