From 78f97b28b4693750d0c108764171cc1e19ab7d17 Mon Sep 17 00:00:00 2001 From: Vrganj Date: Mon, 25 Jan 2021 18:24:34 +0100 Subject: [PATCH 1/4] Possibly fix stdin newlines --- lxc/execute | 50 +++++++++++++++++------------------------------ shared/execute.js | 14 +++++++------ 2 files changed, 26 insertions(+), 38 deletions(-) diff --git a/lxc/execute b/lxc/execute index 51f2eca..3dff13f 100755 --- a/lxc/execute +++ b/lxc/execute @@ -9,60 +9,46 @@ if [ -z "$1" ] || [ -z "$2" ]; then exit fi -lang=$1 -epoch=$(date +%s%N) -basepath="/var/lib/lxc/piston/rootfs" -filepath="/tmp/$epoch/code.code" -argpath="/tmp/$epoch/args.args" -stdinpath="/tmp/$epoch/stdin.stdin" -arg=$(basename $argpath) +language=$1 +id=$2 -# write arg file -mkdir -p $basepath/tmp/$epoch -chmod 777 $basepath/tmp/$epoch -cat $2 > $basepath$filepath -echo $3 > $basepath$stdinpath -echo -n "${@:4}" > $basepath$argpath +basepath="/var/lib/lxc/piston/rootfs" # process incrementor exec 200>$dir/lockfile -flock -x 200 -oldinc=$(cat $dir/i | awk '{$1=$1};1') -newinc=$(expr $oldinc + 1) +flock 200 -if (( newinc >= 151 )); then - newinc=1 - echo 1 > $dir/i -else - echo $newinc > $dir/i -fi +runner=$(cat $dir/i) +let 'runner = runner % 150 + 1' + +echo $runner > $dir/i exec 200>&- # prevent users from spying on each other lxc-attach --clear-env -n piston -- \ /bin/bash -l -c " - chown runner$newinc: -R /tmp/$epoch - chmod 700 /tmp/$epoch + chown runner$runner -R /tmp/$id + chmod 700 /tmp/$id " > /dev/null 2>&1 # runner timeout -s KILL 20 \ lxc-attach --clear-env -n piston -- \ - /bin/bash -l -c "runuser runner$newinc /exec/$lang $newinc $epoch" + /bin/bash -l -c "runuser runner$runner /exec/$language runner$runner $id" # process janitor lxc-attach --clear-env -n piston -- \ /bin/bash -l -c " for i in {1..100} do - pkill -u runner$newinc --signal SIGKILL + pkill -u runner$runner --signal SIGKILL done - find /tmp -user runner$newinc -delete - find /var/tmp -user runner$newinc -delete - find /var/lock -user runner$newinc -delete - find /dev/shm -user runner$newinc -delete - find /run/lock -user runner$newinc -delete + find /tmp -user runner$runner -delete + find /var/tmp -user runner$runner -delete + find /var/lock -user runner$runner -delete + find /dev/shm -user runner$runner -delete + find /run/lock -user runner$runner -delete " > /dev/null 2>&1 & -rm -rf $basepath/tmp/$epoch +rm -rf $basepath/tmp/$id diff --git a/shared/execute.js b/shared/execute.js index 526efdd..cd90820 100644 --- a/shared/execute.js +++ b/shared/execute.js @@ -1,20 +1,22 @@ -const { writeFileSync, unlinkSync } = require('fs'); +const { writeFileSync, unlinkSync, mkdirSync } = require('fs'); const { spawn } = require('child_process'); const OUTPUT_LIMIT = 65535; +const LXC_ROOT = '/var/lib/lxc/piston/rootfs'; function execute(language, source, stdin = '', args = []) { return new Promise(resolve => { - const stamp = new Date().getTime(); + const id = new Date().getTime() + '_' + Math.floor(Math.random() * 10000000); const sourceFile = `/tmp/${stamp}.code`; - writeFileSync(sourceFile, source); + mkdirSync(`${LXC_ROOT}/tmp/${id}`); + writeFileSync(`${LXC_ROOT}/tmp/${id}/code.code`, source); + writeFileSync(`${LXC_ROOT}/tmp/${id}/stdin.stdin`, stdin); + writeFileSync(`${LXC_ROOT}/tmp/${id}/args.args`, args.join('\n')); const process = spawn(__dirname + '/../lxc/execute', [ language.name, - sourceFile, - stdin, - args.join('\n'), + id, ]); let stdout = ''; From 53842e85828601fbeded954b23e18a558a889d44 Mon Sep 17 00:00:00 2001 From: Vrganj Date: Mon, 25 Jan 2021 18:30:07 +0100 Subject: [PATCH 2/4] Remove useless variable --- shared/execute.js | 1 - 1 file changed, 1 deletion(-) diff --git a/shared/execute.js b/shared/execute.js index cd90820..238fdc6 100644 --- a/shared/execute.js +++ b/shared/execute.js @@ -7,7 +7,6 @@ const LXC_ROOT = '/var/lib/lxc/piston/rootfs'; function execute(language, source, stdin = '', args = []) { return new Promise(resolve => { const id = new Date().getTime() + '_' + Math.floor(Math.random() * 10000000); - const sourceFile = `/tmp/${stamp}.code`; mkdirSync(`${LXC_ROOT}/tmp/${id}`); writeFileSync(`${LXC_ROOT}/tmp/${id}/code.code`, source); From 659593c60d717c29a117a044f7ddc16f2ceb2940 Mon Sep 17 00:00:00 2001 From: Vrganj Date: Mon, 25 Jan 2021 18:46:06 +0100 Subject: [PATCH 3/4] Remove error if i doesn't exist, remove useless line --- lxc/execute | 1 + shared/execute.js | 2 -- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/lxc/execute b/lxc/execute index 3dff13f..8fbfeb9 100755 --- a/lxc/execute +++ b/lxc/execute @@ -18,6 +18,7 @@ basepath="/var/lib/lxc/piston/rootfs" exec 200>$dir/lockfile flock 200 +touch $dir/i runner=$(cat $dir/i) let 'runner = runner % 150 + 1' diff --git a/shared/execute.js b/shared/execute.js index 238fdc6..c8b8635 100644 --- a/shared/execute.js +++ b/shared/execute.js @@ -37,8 +37,6 @@ function execute(language, source, stdin = '', args = []) { }); process.on('exit', code => { - unlinkSync(sourceFile); - stderr = stderr.trim().substring(0, OUTPUT_LIMIT); stdout = stdout.trim().substring(0, OUTPUT_LIMIT); output = output.trim().substring(0, OUTPUT_LIMIT); From 36dade3f77330ef9a796f38d6674a3c3e2c37c10 Mon Sep 17 00:00:00 2001 From: Vrganj Date: Mon, 25 Jan 2021 19:27:11 +0100 Subject: [PATCH 4/4] Re-add colon to chown --- lxc/execute | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lxc/execute b/lxc/execute index 8fbfeb9..40d1797 100755 --- a/lxc/execute +++ b/lxc/execute @@ -28,7 +28,7 @@ exec 200>&- # prevent users from spying on each other lxc-attach --clear-env -n piston -- \ /bin/bash -l -c " - chown runner$runner -R /tmp/$id + chown runner$runner: -R /tmp/$id chmod 700 /tmp/$id " > /dev/null 2>&1