Commit Graph

223 Commits

Author SHA1 Message Date
Brian Seymour 5830d7fb43 fix json validation 2021-05-07 14:35:27 -05:00
Brian Seymour de449c6d56 validate json instead of a json header, and lots of cleanup 2021-05-07 14:22:25 -05:00
Thomas Hobson 0da1cd5867
use real uid for killing processes instead of using euid (#206) 2021-05-07 22:11:28 +12:00
Thomas Hobson 972228412a
switch to taking config by env
To help with ease of deployment, configuration now is administered through the use of environment variables.
This allows for easy configuration directly from the docker-compose file and is a much more robust solution.
2021-05-07 21:11:36 +12:00
Felix fb102ebe83
Improved memory limits (#248)
* Added optional compile_memory_limit and run_memory_limit parameters

* Combined memory limit parameters into one
2021-05-07 20:21:25 +12:00
Thomas Hobson eaf0ba34bd
Allow additional content-type parameters 2021-05-07 20:12:27 +12:00
Thomas Hobson d95d67071c
reject on non-json content-types (#233) 2021-05-07 19:37:22 +12:00
Thomas Hobson 9590d5afbc
Patch for race condition with filesystem and process cleanup 2021-05-07 19:23:34 +12:00
Thomas Hobson 8b90c12c5c
chown directories to root, ensuring they are not writable by runners 2021-05-02 20:11:55 +12:00
Thomas Hobson 38ab15081e
Merge branch 'master' of https://github.com/engineer-man/piston 2021-05-02 17:02:26 +12:00
Thomas Hobson 37c760b081
allow empty contents 2021-05-02 17:01:50 +12:00
Thomas d577072749
Revert "Added max_memory_usage parameter (#238)" (#246)
This reverts commit a49acc7dbe.
2021-05-02 14:55:37 +12:00
Dan Vargas 2412d50f82
pkg(octave-6.2.0): add deps for octave (#245) 2021-05-02 14:41:53 +12:00
Felix a49acc7dbe
Added max_memory_usage parameter (#238)
* Added max_memory_usage parameter

* Added max_memory_usage description to readme
2021-05-01 21:10:53 +12:00
Thomas Hobson 5509492a99
uncomment the fix 2021-04-28 16:11:49 +12:00
Thomas Hobson 3bd73d07a9
file persistance fix 2021-04-28 16:03:35 +12:00
Thomas Hobson a6bc24e22e
Fix issue where large files can be written to exhaust space
**BREAKING CHANGE**
Requires manually editing the config file, or deleting the config file entirely!
2021-04-28 15:39:23 +12:00
Thomas Hobson 9a52e369f2
fix forking exploits 2021-04-26 19:37:40 +12:00
Thomas Hobson 6fe0da030d
edge case 2021-04-26 13:37:50 +12:00
Thomas Hobson 3673b4e403
zombie process handler 2021-04-26 13:00:34 +12:00
Thomas Hobson 347f2d56d7
use a compatible waitpid library 2021-04-26 11:32:10 +12:00
Thomas Hobson dd31873700
free zombie processes from proctable 2021-04-26 11:22:28 +12:00
Thomas Hobson 18a44bf146
install ps in container 2021-04-26 10:58:57 +12:00
Thomas Hobson 00fede6e0d
change api version to v2 2021-04-26 10:40:53 +12:00
Thomas Hobson 72bda367e0
cleanup all runner user processes 2021-04-26 10:35:34 +12:00
Thomas Hobson 3b0f2a0013
remove useless kill 2021-04-26 03:15:49 +12:00
Thomas Hobson 349beeb45a
Warn on errors when killing process group 2021-04-26 03:01:08 +12:00
Thomas Hobson f9b8fbd9c0
correct logging contexts 2021-04-25 21:01:16 +12:00
Thomas Hobson 3928bace86
refactor 2021-04-25 20:55:20 +12:00
Victor Frazao 5f97005a9a
Fixes nasm32 - adds 32bit arch to seccomp filter (#231) 2021-04-25 16:55:39 +12:00
Thomas Hobson 45eb4c799d
dont crash if there are no aliases 2021-04-25 16:37:05 +12:00
Thomas Hobson 30fa1d1425
use correct var name 2021-04-25 15:11:32 +12:00
Thomas Hobson a328b3eeda
better support for multiple languages per package 2021-04-25 15:02:57 +12:00
Thomas Hobson d851515f37
api: install rename in container 2021-04-24 19:51:33 +12:00
Thomas aeda95a215
add .code extension to files without file names 2021-04-24 17:59:06 +12:00
Thomas 5bc607dcec
API compatibility 2021-04-23 20:40:49 +12:00
Brian Seymour a1eb732406 update readme, refactor some code 2021-04-22 22:27:50 -05:00
Thomas Hobson 487bde6526
404 error 2021-04-23 14:49:12 +12:00
Thomas Hobson e6da87faa9
better error handling 2021-04-23 14:47:08 +12:00
Thomas Hobson 46b1e9118d
throw error 2021-04-23 14:32:05 +12:00
Thomas Hobson 890d9f024d
Merge branch 'v3' of https://github.com/engineer-man/piston into v3 2021-04-23 14:30:19 +12:00
Brian Seymour 04990566a1 updated readme 2021-04-22 21:30:01 -05:00
Thomas Hobson 6ff89f6e91
bail when not installed 2021-04-23 14:29:40 +12:00
Thomas Hobson 9c42254b80
default file name 2021-04-23 13:09:33 +12:00
Thomas Hobson 589dfec6df
default values 2021-04-23 11:54:37 +12:00
Thomas Hobson 9814217aee
remove main 2021-04-23 11:52:50 +12:00
Brian Seymour b3575246bd change urls, fix docker compose file 2021-04-22 18:43:21 -05:00
Thomas 1edb5ad046
ci bump 2021-04-17 12:11:31 +12:00
Dan Vargas d2e05a4a7e
pkg(*-*): Fix uninstall (#213) 2021-04-11 13:15:14 +12:00
Thomas Hobson 81cdc766b6
Uninstallation (#211) 2021-04-10 16:10:18 +12:00
Victor Frazao 552fb91c6b
v3 - Remove the use of unshare + privileged mode and instead (#195)
use seccomp to filter for socket syscalls
2021-04-07 12:31:30 +12:00
Thomas Hobson be47ab802c
Merge branch 'v3' of https://github.com/engineer-man/piston into v3 2021-03-29 21:33:54 +13:00
Thomas Hobson 607123f73d
switch to yarn 2021-03-29 21:33:49 +13:00
Brian Seymour 902ad71578 remove unnecessary author fields 2021-03-28 14:29:28 -05:00
Brian Seymour 7aa52bb0c5 move env 2021-03-28 14:03:08 -05:00
Brian Seymour b31deaddbc change port to match old piston, some formatting change, add env to fix debian warning/error 2021-03-28 14:01:46 -05:00
Vargas, Dan aa0a7ac35f pkg(swift-5.3.3): Add deps for swift 2021-03-18 15:08:51 -05:00
Vargas, Dan d50403230c pkg(prolog-8.2.4): Add deps for prolog 2021-03-18 09:13:02 -05:00
Vargas, Dan cb5ad603d0 pkg(haskell-9.0.1): Add deps to api container 2021-03-17 12:29:10 -05:00
Vargas, Dan 76e0f7d76a pkg(crystal-0.36.1): Add deps to api container 2021-03-17 12:59:14 +13:00
Dan Vargas 148c7414f3 pkg(osabie-1.0.1/elixir-1.11.3): Fix VM warnings for osabie and elixir 2021-03-17 09:52:03 +13:00
Victor Frazao 81b70fe08d Adds build-essential to API container - need this for rust executor 2021-03-16 19:48:50 +13:00
Thomas Hobson 8c6552d19e
api: start at user 1001 by default 2021-03-15 22:08:37 +13:00
Thomas Hobson 8b70b7d82e
api: update default repo url 2021-03-15 19:39:55 +13:00
Thomas Hobson b36cb64105
api: revert quoting of args 2021-03-14 15:33:29 +13:00
Thomas Hobson d529384f21
api: quote args when being executed 2021-03-14 13:57:14 +13:00
Thomas Hobson 4621f34e47
api: fixes from refactor 2021-03-13 23:09:13 +13:00
Thomas Hobson 3ae32aad3f
api: fix errors from refactor + PISTON_ALIAS envvar 2021-03-13 20:57:21 +13:00
Brian Seymour b3d18600cd api refactoring 2021-03-12 23:01:04 -06:00
Thomas Hobson 812069cc3f
api: remove repos from ppman 2021-03-06 19:17:56 +13:00
Thomas Hobson 49c761311b
api: fix bugs introduced in code cleanup 2021-03-06 00:31:51 +13:00
Thomas Hobson af1741becc
api: code cleanup 2021-03-05 19:29:09 +13:00
Thomas Hobson b1f13d2b87
api,repo: Add libxml2 to container 2021-02-28 15:44:43 +13:00
Thomas Hobson bd920b19b9
api: add /runtimes endpoint 2021-02-28 01:25:10 +13:00
Thomas Hobson 870a4c1282
api: fix compile stage
runtime.compiled always returned false as it was undefined.
This made the code think it's a run-only language, and never called the compile script.
2021-02-28 01:18:04 +13:00
Thomas Hobson 12dc93435d
api,repo: Switch to debian base image 2021-02-28 01:15:52 +13:00
Thomas Hobson b91ff42bb8
api: fix validators 2021-02-27 23:10:54 +13:00
Thomas Hobson 8a0f7b3abd
api: add express-validator 2021-02-27 18:45:43 +13:00
Thomas Hobson 764641b5a6
api: lint 2021-02-27 13:08:51 +13:00
Thomas Hobson 8b61f4f69f
api: add validators to endpoints 2021-02-27 12:58:30 +13:00
Thomas Hobson 9d32012bbc
api: write stdin to child process 2021-02-23 19:52:49 +13:00
Thomas Hobson 809004ecf9
api: add all users 2021-02-22 23:15:04 +13:00
Thomas Hobson 920e6e7054
api: add rlimits to config 2021-02-22 22:56:54 +13:00
Thomas Hobson e31e66aad5
api: harden file count 2021-02-22 22:52:04 +13:00
Thomas Hobson 9b1a9bf8b3
api: harden process limit 2021-02-22 22:51:19 +13:00
Thomas Hobson 94d179762b
api: enforce execute time limits 2021-02-22 22:00:37 +13:00
Thomas Hobson 0ebdcadf12
api: add unshare back 2021-02-22 21:57:03 +13:00
Thomas Hobson 00bb5be55b
api: tidy up execute 2021-02-22 21:55:51 +13:00
Thomas Hobson 64b2882450
api: gpg key importing 2021-02-21 21:37:38 +13:00
Thomas Hobson 1f5d4b8eb1
api: config options 2021-02-21 21:37:13 +13:00
Thomas Hobson 514006058b
api: harden runaway code 2021-02-21 21:36:49 +13:00
Thomas Hobson 8727a545c6
api: disable networking during execute 2021-02-21 14:56:07 +13:00
Thomas Hobson 2f64f23896
api: container hardening 2021-02-21 14:25:03 +13:00
Thomas Hobson 5ac1285534
api: lint 2021-02-21 14:15:48 +13:00
Thomas Hobson ac46c1b5bb
api: read both stdout and stderr 2021-02-21 13:32:35 +13:00
Thomas Hobson 7b2305f30c
api: add licence to package.json 2021-02-21 13:15:11 +13:00
Thomas Hobson 233fb9bf26
api: trim whitespace off env vars 2021-02-21 12:57:20 +13:00
Thomas Hobson cdc65d6605
api: use bash to call run/compile script 2021-02-21 12:57:02 +13:00
Thomas Hobson b20f853ef1
api: fix function name + allow unsigned packages 2021-02-21 12:56:35 +13:00
Thomas Hobson 8ad62ec983
api: use patched nocamel for fs/promises 2021-02-21 12:06:20 +13:00