From a4454be21ec1b7884cbf91d088476eb67a33eeaa Mon Sep 17 00:00:00 2001 From: iliana etaoin Date: Tue, 29 Sep 2020 23:32:05 -0700 Subject: [PATCH 1/3] Set the executable name in ensure_sealed Closes #4. --- src/lib.rs | 21 +++++++++------------ tests/ensure_sealed.rs | 1 + 2 files changed, 10 insertions(+), 12 deletions(-) diff --git a/src/lib.rs b/src/lib.rs index 2c9a4a5..b004e64 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -58,11 +58,6 @@ const MEMFD_SEALS: libc::c_int = F_SEAL_SEAL | F_SEAL_SHRINK | F_SEAL_GROW | F_S /// implications as [`CommandExt::exec`]: no destructors on the current stack or any other thread’s /// stack will be run. /// -/// # Compatibility -/// -/// This library is unable to set the program name (`argv[0]`), which will cause unexpected -/// behavior for multi-call binaries and other programs that use the program name. -/// /// # Errors /// /// An error is returned if `/proc/self/exe` fails to open, `memfd_create(2)` fails, the `fcntl(2)` @@ -72,9 +67,13 @@ pub fn ensure_sealed() -> Result<()> { if is_sealed_inner(&file) { Ok(()) } else { - Err(SealedCommand::new(&mut file)? - .args(std::env::args_os().skip(1)) - .exec()) + let mut command = SealedCommand::new(&mut file)?; + let mut args = std::env::args_os().fuse(); + if let Some(arg0) = args.next() { + command.arg0(arg0); + } + command.args(args); + Err(command.exec()) } } @@ -108,10 +107,8 @@ impl SealedCommand { /// The memory-backed file will close on `execve(2)` **unless** the program starts with `#!` /// (indicating that it is an interpreter script). /// - /// # Compatibility - /// - /// This library is unable to set the program name (`argv[0]`), which will cause unexpected - /// behavior for multi-call binaries and other programs that use the program name. + /// `argv[0]` of the program will default to the file descriptor path in procfs (for example, + /// `/proc/self/fd/3`). [`CommandExt::arg0`] can override this. /// /// # Errors /// diff --git a/tests/ensure_sealed.rs b/tests/ensure_sealed.rs index 185d084..bcda8c6 100644 --- a/tests/ensure_sealed.rs +++ b/tests/ensure_sealed.rs @@ -12,4 +12,5 @@ fn main() { pentacle::ensure_sealed().unwrap(); assert_eq!(pentacle::is_sealed(), true); + assert!(std::env::args().next().unwrap().contains("ensure_sealed")); } From bd234b3f8e5f937796e3bbecc9580f3a637d8c96 Mon Sep 17 00:00:00 2001 From: iliana etaoin Date: Tue, 29 Sep 2020 23:40:27 -0700 Subject: [PATCH 2/3] Remove year in copyright headers --- LICENSE | 2 +- src/lib.rs | 2 +- src/syscall.rs | 2 +- tests/ensure_sealed.rs | 2 +- tests/spawn.rs | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/LICENSE b/LICENSE index 8cc68e5..e429240 100644 --- a/LICENSE +++ b/LICENSE @@ -1,4 +1,4 @@ -Copyright (c) 2019 iliana destroyer of worlds +Copyright (c) iliana destroyer of worlds Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/src/lib.rs b/src/lib.rs index b004e64..db71b4c 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,4 +1,4 @@ -// Copyright (c) 2019 iliana destroyer of worlds +// Copyright (c) iliana destroyer of worlds // SPDX-License-Identifier: MIT //! pentacle is a library for executing programs as sealed anonymous files on Linux, using diff --git a/src/syscall.rs b/src/syscall.rs index 082ceed..ce76ce7 100644 --- a/src/syscall.rs +++ b/src/syscall.rs @@ -1,4 +1,4 @@ -// Copyright (c) 2019 iliana destroyer of worlds +// Copyright (c) iliana destroyer of worlds // SPDX-License-Identifier: MIT // syscall returns a c_long but memfd_create(2) and fcntl(2) are documented as returning c_int. The diff --git a/tests/ensure_sealed.rs b/tests/ensure_sealed.rs index bcda8c6..e188e3f 100644 --- a/tests/ensure_sealed.rs +++ b/tests/ensure_sealed.rs @@ -1,4 +1,4 @@ -// Copyright (c) 2019 iliana destroyer of worlds +// Copyright (c) iliana destroyer of worlds // SPDX-License-Identifier: MIT // Smoke test for the two pub functions in pentacle. diff --git a/tests/spawn.rs b/tests/spawn.rs index 10b34ac..dcef538 100644 --- a/tests/spawn.rs +++ b/tests/spawn.rs @@ -1,4 +1,4 @@ -// Copyright (c) 2019 iliana destroyer of worlds +// Copyright (c) iliana destroyer of worlds // SPDX-License-Identifier: MIT #![warn(clippy::pedantic)] From c837e329f16d7f17332d1ce58ae38d812e87c888 Mon Sep 17 00:00:00 2001 From: iliana etaoin Date: Tue, 29 Sep 2020 23:41:28 -0700 Subject: [PATCH 3/3] Prepare v1.0.0 --- CHANGELOG.md | 8 +++++++- Cargo.toml | 4 ++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3ae3ccc..40b3b9f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ## [Unreleased] +## [1.0.0] - 2020-09-29 +### Changed +- Set `argv[0]` to the original `argv[0]` in `ensure_sealed` +- Minimum supported Rust version (MSRV) now 1.45.0 + ## [0.2.0] - 2020-06-23 ### Changed - No longer set `MFD_CLOEXEC` if `#!` is detected at the beginning of a program @@ -18,7 +23,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Added - Everything! -[Unreleased]: https://github.com/iliana/pentacle/compare/v0.2.0...HEAD +[Unreleased]: https://github.com/iliana/pentacle/compare/v1.0.0...HEAD +[1.0.0]: https://github.com/iliana/pentacle/compare/v0.2.0...v1.0.0 [0.2.0]: https://github.com/iliana/pentacle/compare/v0.1.1...v0.2.0 [0.1.1]: https://github.com/iliana/pentacle/compare/v0.1.0...v0.1.1 [0.1.0]: https://github.com/iliana/pentacle/releases/tag/v0.1.0 diff --git a/Cargo.toml b/Cargo.toml index 6665ba1..9b6b18a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "pentacle" -version = "0.2.0" +version = "1.0.0" authors = ["iliana destroyer of worlds "] edition = "2018" exclude = ["bors.toml", ".github", ".gitignore"] @@ -15,5 +15,5 @@ libc = "0.2" log = "0.4" [package.metadata.docs.rs] -# https://docs.rs/about#metadata +# https://docs.rs/about/metadata targets = ["x86_64-unknown-linux-gnu", "i686-unknown-linux-gnu"]