Merge pull request #392 from VIDA-NYU/systemd-warnings

Print warnings for systemd
VIDA-NYU · Mar 3, 2023 · dc699e4 · dc699e4
2 parents b4be884 + f9f1c38
commit dc699e4
Show file tree

Hide file tree

Showing 5 changed files with 89 additions and 37 deletions.
diff --git a/reprounzip/reprounzip/common.py b/reprounzip/reprounzip/common.py
@@ -49,6 +49,7 @@
 FILE_WDIR = 0x04
 FILE_STAT = 0x08
 FILE_LINK = 0x10
+FILE_SOCKET = 0x20
 
 
 class File(object):
@@ -736,7 +737,7 @@ def setup_logging(tag, verbosity):
     file_level = logging.INFO
     min_level = min(console_level, file_level)
 
-    # Create formatter, with same format as C extension
+    # Create formatter
     fmt = "[%s] %%(asctime)s %%(levelname)s: %%(message)s" % tag
     formatter = LoggingDateFormatter(fmt)
 

diff --git a/reprozip/native/database.h b/reprozip/native/database.h
@@ -6,6 +6,7 @@
 #define FILE_WDIR   0x04  /* File is used as a process's working dir */
 #define FILE_STAT   0x08  /* File is stat()d (only metadata is read) */
 #define FILE_LINK   0x10  /* The link itself is accessed, no dereference */
+#define FILE_SOCKET 0x20  /* The file is a UNIX domain socket */
 
 int db_init(const char *filename);
 int db_close(int rollback);

diff --git a/reprozip/native/syscalls.c b/reprozip/native/syscalls.c
@@ -13,6 +13,7 @@
 #include <sys/stat.h>
 #include <sys/syscall.h>
 #include <sys/types.h>
+#include <sys/un.h>
 #include <unistd.h>
 
 #include "config.h"
@@ -68,31 +69,6 @@ static char *abs_path_arg(const struct Process *process, size_t arg)
 }
 
 
-static const char *print_sockaddr(void *address, socklen_t addrlen)
-{
-    static char buffer[512];
-    const short family = ((struct sockaddr*)address)->sa_family;
-    if(family == AF_INET && addrlen >= sizeof(struct sockaddr_in))
-    {
-        struct sockaddr_in *address_ = address;
-        snprintf(buffer, 512, "%s:%d",
-                inet_ntoa(address_->sin_addr),
-                ntohs(address_->sin_port));
-    }
-    else if(family == AF_INET6
-          && addrlen >= sizeof(struct sockaddr_in6))
-    {
-        struct sockaddr_in6 *address_ = address;
-        char buf[50];
-        inet_ntop(AF_INET6, &address_->sin6_addr, buf, sizeof(buf));
-        snprintf(buffer, 512, "[%s]:%d", buf, ntohs(address_->sin6_port));
-    }
-    else
-        snprintf(buffer, 512, "<unknown destination, sa_family=%d>", family);
-    return buffer;
-}
-
-
 /* ********************
  * Other syscalls that might be of interest but that we don't handle yet
  */
@@ -861,6 +837,46 @@ int syscall_fork_event(struct Process *process, unsigned int event)
  * Network connections
  */
 
+static int handle_socket(struct Process *process, const char *msg,
+                         void *address, socklen_t addrlen)
+{
+    const short family = ((struct sockaddr*)address)->sa_family;
+    if(family == AF_INET && addrlen >= sizeof(struct sockaddr_in))
+    {
+        struct sockaddr_in *address_ = address;
+        log_info(process->tid, "%s %s:%d", msg,
+                 inet_ntoa(address_->sin_addr),
+                 ntohs(address_->sin_port));
+    }
+    else if(family == AF_INET6
+          && addrlen >= sizeof(struct sockaddr_in6))
+    {
+        struct sockaddr_in6 *address_ = address;
+        char buf[50];
+        inet_ntop(AF_INET6, &address_->sin6_addr, buf, sizeof(buf));
+        log_info(process->tid, "%s [%s]:%d", msg,
+                 buf, ntohs(address_->sin6_port));
+    }
+    else if(family == AF_UNIX)
+    {
+        struct sockaddr_un *address_ = address;
+        char buf[109];
+        strncpy(buf, &address_->sun_path, 108);
+        buf[108] = 0;
+        log_info(process->tid, "%s unix:%s", msg, buf);
+
+        if(db_add_file_open(process->identifier,
+                            buf,
+                            FILE_SOCKET | FILE_WRITE,
+                            0) != 0)
+            return -1; /* LCOV_EXCL_LINE */
+    }
+    else
+        log_info(process->tid, "%s <unknown destination, sa_family=%d>",
+                 msg, family);
+    return 0;
+}
+
 static int handle_accept(struct Process *process,
                          void *arg1, void *arg2)
 {
@@ -870,8 +886,9 @@ static int handle_accept(struct Process *process,
     {
         void *address = malloc(addrlen);
         tracee_read(process->tid, address, arg1, addrlen);
-        log_info(process->tid, "process accepted a connection from %s",
-                 print_sockaddr(address, addrlen));
+        if(handle_socket(process, "process accepted a connection from",
+                         address, addrlen) != 0)
+            return -1; /* LCOV_EXCL_LINE */
         free(address);
     }
     return 0;
@@ -884,8 +901,9 @@ static int handle_connect(struct Process *process,
     {
         void *address = malloc(addrlen);
         tracee_read(process->tid, address, arg1, addrlen);
-        log_info(process->tid, "process connected to %s",
-                 print_sockaddr(address, addrlen));
+        if(handle_socket(process, "process connected to",
+                         address, addrlen) != 0)
+            return -1; /* LCOV_EXCL_LINE */
         free(address);
     }
     return 0;

diff --git a/reprozip/reprozip/common.py b/reprozip/reprozip/common.py
@@ -49,6 +49,7 @@
 FILE_WDIR = 0x04
 FILE_STAT = 0x08
 FILE_LINK = 0x10
+FILE_SOCKET = 0x20
 
 
 class File(object):
@@ -736,7 +737,7 @@ def setup_logging(tag, verbosity):
     file_level = logging.INFO
     min_level = min(console_level, file_level)
 
-    # Create formatter, with same format as C extension
+    # Create formatter
     fmt = "[%s] %%(asctime)s %%(levelname)s: %%(message)s" % tag
     formatter = LoggingDateFormatter(fmt)
 

diff --git a/reprozip/reprozip/tracer/trace.py b/reprozip/reprozip/tracer/trace.py
@@ -11,6 +11,7 @@
 
 from __future__ import division, print_function, unicode_literals
 
+import contextlib
 import distro
 from collections import defaultdict
 from itertools import count
@@ -26,7 +27,7 @@
 from reprozip import __version__ as reprozip_version
 from reprozip import _pytracer
 from reprozip.common import File, InputOutputFile, load_config, save_config, \
-    FILE_READ, FILE_WRITE, FILE_LINK
+    FILE_READ, FILE_WRITE, FILE_LINK, FILE_SOCKET
 from reprozip.tracer.linux_pkgs import magic_dirs, system_dirs, \
     identify_packages
 from reprozip.utils import PY3, izip, iteritems, itervalues, \
@@ -36,6 +37,21 @@
 logger = logging.getLogger('reprozip')
 
 
+systemd_sockets = ('/run/systemd/private', '/run/dbus/system_bus_socket')
+
+
+@contextlib.contextmanager
+def stderr_in_red():
+    if os.isatty(sys.stderr.fileno()):
+        try:
+            print('\x1b[31;20m', file=sys.stderr, end='', flush=True)
+            yield
+        finally:
+            print('\x1b[0m', file=sys.stderr, end='', flush=True)
+    else:
+        yield
+
+
 class TracedFile(File):
     """Override of `~reprozip.common.File` that reads stats from filesystem.
 
@@ -145,6 +161,7 @@ def get_files(conn):
         ORDER BY timestamp;
         ''')
     executed = set()
+    systemd_accessed = False
     run = 0
     for event_type, r_name, r_mode, r_timestamp in rows:
         if event_type == 'exec':
@@ -178,6 +195,9 @@ def get_files(conn):
             f = files[r_name]
         if r_mode & FILE_READ:
             f.read(run)
+        if r_mode & FILE_SOCKET:
+            if r_name in systemd_sockets:
+                systemd_accessed = True
         if r_mode & FILE_WRITE:
             f.write(run)
             # Mark the parent directory as read
@@ -230,21 +250,32 @@ def get_files(conn):
     inputs = [[path for path in lst if path in files]
               for lst in inputs]
 
-    # Displays a warning for READ_THEN_WRITTEN files
+    # Display a warning for READ_THEN_WRITTEN files
     read_then_written_files = [
         fi
         for fi in itervalues(files)
         if fi.what == TracedFile.READ_THEN_WRITTEN and
         not any(fi.path.lies_under(m) for m in magic_dirs)]
     if read_then_written_files:
-        logger.warning(
-            "Some files were read and then written. We will only pack the "
-            "final version of the file; reproducible experiments shouldn't "
-            "change their input files")
+        with stderr_in_red():
+            logger.warning(
+                "Some files were read and then written. We will only pack the "
+                "final version of the file; reproducible experiments "
+                "shouldn't change their input files")
         logger.info("Paths:\n%s",
                     ", ".join(unicode_(fi.path)
                               for fi in read_then_written_files))
 
+    # Display a warning for systemd
+    if systemd_accessed:
+        with stderr_in_red():
+            logger.warning(
+                "A connection to systemd was detected. If systemd was asked "
+                "to start a process, it won't be captured by reprozip, "
+                "because it is an independent server. Please see "
+                "https://docs.reprozip.org/s/systemd.html for more "
+                "information")
+
     files = set(
         fi
         for fi in itervalues(files)