Title: | POSIX System Utilities |
---|---|
Description: | Bindings to system utilities found in most Unix systems such as POSIX functions which are not part of the Standard C Library. |
Authors: | Jeroen Ooms [aut, cre] |
Maintainer: | Jeroen Ooms <[email protected]> |
License: | MIT + file LICENSE |
Version: | 1.5.9 |
Built: | 2024-12-02 05:58:31 UTC |
Source: | https://github.com/jeroen/unix |
Changes the root directory of the calling process to that specified in path.
This directory will be used for pathnames beginning with /
.
Only a privileged process (i.e. sudo) may call chroot()
.
chroot(path = getwd())
chroot(path = getwd())
path |
directory of the new root |
This call changes an ingredient in the pathname resolution process and does nothing else. In particular, it is not intended to be used for any kind of security purpose, neither to fully sandbox a process nor to restrict filesystem system calls.
Evaluates an expression in a temporary fork and returns the value without any
side effects on the main R session. For eval_safe()
the expression is wrapped
in additional R code to handle errors and graphics.
eval_safe( expr, tmp = tempfile("fork"), std_out = stdout(), std_err = stderr(), timeout = 0, priority = NULL, uid = NULL, gid = NULL, rlimits = NULL, profile = NULL, device = pdf ) eval_fork( expr, tmp = tempfile("fork"), std_out = stdout(), std_err = stderr(), timeout = 0 )
eval_safe( expr, tmp = tempfile("fork"), std_out = stdout(), std_err = stderr(), timeout = 0, priority = NULL, uid = NULL, gid = NULL, rlimits = NULL, profile = NULL, device = pdf ) eval_fork( expr, tmp = tempfile("fork"), std_out = stdout(), std_err = stderr(), timeout = 0 )
expr |
expression to evaluate |
tmp |
the value of |
std_out |
if and where to direct child process |
std_err |
if and where to direct child process |
timeout |
maximum time in seconds to allow for call to return |
priority |
(integer) priority of the child process. High value is low priority. |
uid |
evaluate as given user (uid or name). See |
gid |
evaluate as given group (gid or name). See |
rlimits |
named vector/list with rlimit values, for example: |
profile |
AppArmor profile, see |
device |
graphics device to use in the fork, see |
Some programs such as Java
are not fork-safe and cannot be called from within a
forked process if they have already been loaded in the main process. On MacOS any
software calling CoreFoundation
functionality might crash within the fork. This
includes libcurl
which has been built on OSX against native SecureTransport rather
than OpenSSL for https connections. The same limitations hold for e.g. parallel::mcparallel()
.
# works like regular eval: eval_safe(rnorm(5)) # Exceptions get propagated test <- function() { doesnotexit() } tryCatch(eval_safe(test()), error = function(e){ cat("oh no!", e$message, "\n") }) # Honor interrupt and timeout, even inside C evaluations try(eval_safe(svd(matrix(rnorm(1e8), 1e4)), timeout = 2)) # Capture output outcon <- rawConnection(raw(0), "r+") eval_safe(print(sessionInfo()), std_out = outcon) cat(rawToChar(rawConnectionValue(outcon))) close(outcon)
# works like regular eval: eval_safe(rnorm(5)) # Exceptions get propagated test <- function() { doesnotexit() } tryCatch(eval_safe(test()), error = function(e){ cat("oh no!", e$message, "\n") }) # Honor interrupt and timeout, even inside C evaluations try(eval_safe(svd(matrix(rnorm(1e8), 1e4)), timeout = 2)) # Capture output outcon <- rawConnection(raw(0), "r+") eval_safe(print(sessionInfo()), std_out = outcon) cat(rawToChar(rawConnectionValue(outcon))) close(outcon)
Get or set attributes of the current process.
getuid() getgid() geteuid() getegid() getpid() getppid() getpgid() getpriority() setuid(uid) seteuid(uid) setgid(gid) setegid(gid) setpgid(pgid = 0) setpriority(prio) kill(pid, signal = SIGTERM)
getuid() getgid() geteuid() getegid() getpid() getppid() getpgid() getpriority() setuid(uid) seteuid(uid) setgid(gid) setegid(gid) setpgid(pgid = 0) setpriority(prio) kill(pid, signal = SIGTERM)
uid |
User ID from |
gid |
Group ID from |
pgid |
Process Group ID. Default |
prio |
Priority level |
pid |
process ID (integer) |
signal |
a signal number (integer), defaults to tools::SIGTERM. |
Acronyms stand for:
pid
Process ID
ppid
Parent-Process ID
pgid
Process-Group ID
uid
User ID
euid
Effective User ID
gid
Group ID
egid
Effective Group ID
prio
Priority level
An unprivileged (non-root) process cannot change it's uid
and only lower
process priority (higher value).
GETUID(2) GETPID(2) GETPGID(2) GETPRIORITY(2)
# Current User: getuid() # Current UserGroup: getgid() # Current UserGroup: geteuid() # Current UserGroup: getegid() # Process ID getpid() # parent PID: getppid() # Process group id: getpgid() # Detach process group setpgid(0) getpgid() # Process priority: getpriority() # Decrease priority setpriority(getpriority() + 1)
# Current User: getuid() # Current UserGroup: getgid() # Current UserGroup: geteuid() # Current UserGroup: getegid() # Process ID getpid() # parent PID: getppid() # Process group id: getpgid() # Detach process group setpgid(0) getpgid() # Process priority: getpriority() # Decrease priority setpriority(getpriority() + 1)
Get and set process resource limits. Each function returns the current limits, and
can optionally update the limit by passing argument values. The rlimit_all()
function is a convenience wrapper which prints all current hard and soft limits.
rlimit_all() rlimit_as(cur = NULL, max = NULL) rlimit_core(cur = NULL, max = NULL) rlimit_cpu(cur = NULL, max = NULL) rlimit_data(cur = NULL, max = NULL) rlimit_fsize(cur = NULL, max = NULL) rlimit_memlock(cur = NULL, max = NULL) rlimit_nofile(cur = NULL, max = NULL) rlimit_nproc(cur = NULL, max = NULL) rlimit_stack(cur = NULL, max = NULL)
rlimit_all() rlimit_as(cur = NULL, max = NULL) rlimit_core(cur = NULL, max = NULL) rlimit_cpu(cur = NULL, max = NULL) rlimit_data(cur = NULL, max = NULL) rlimit_fsize(cur = NULL, max = NULL) rlimit_memlock(cur = NULL, max = NULL) rlimit_nofile(cur = NULL, max = NULL) rlimit_nproc(cur = NULL, max = NULL) rlimit_stack(cur = NULL, max = NULL)
cur |
set the current (soft) limit for this resource. See details. |
max |
set the max (hard) limit for this resource. See details. |
Each resource has an associated soft and hard limit. The soft limit is the value that the kernel enforces for the corresponding resource. The hard limit acts as a ceiling for the soft limit: an unprivileged process may set only its soft limit to a value in the range from 0 up to the hard limit, and (irreversibly) lower its hard limit.
Definitons from the Linux manual page are as follows:
RLIMIT_AS
: the maximum size of the process's virtual memory (address space) in bytes.
RLIMIT_CORE
: the maximum size of a core file that the process may dump.
RLIMIT_CPU
: a limit in seconds on the amount of CPU time (not elapsed time) that
the process may consume. When the process reaches the soft limit, it is sent a SIGXCPU
signal.
RLIMIT_DATA
: the maximum size of the process's data segment (initialized data, uninitialized
data, and heap).
RLIMIT_FSIZE
: the maximum size of files that the process may create. Attempts to extend a
file beyond this limit result in delivery of a SIGXFSZ signal.
RLIMIT_MEMLOCK
: the maximum number of bytes of memory that may be locked into RAM.
RLIMIT_NOFILE
: a value one greater than the maximum file descriptor number that can be opened
by this process.
RLIMIT_NPROC
: the maximum number of processes that can be created for the real user ID of the
calling process. Upon encountering this limit, fork fails with the error EAGAIN. Not enforced for
root user.
RLIMIT_STACK
: the maximum size of the process stack, in bytes.
Note that the support for enforcing limits very widely by system. In particular
RLIMIT_AS
has a different meaning depending on how memory allocation is managed
by the operating system (and doesn't work at all on MacOS).
# Print all limits rlimit_all() # Get one limit rlimit_as() ## Not run: # Set a soft limit lim <- rlimit_as(1e9) print(lim) # Reset the limit to max rlimit_as(cur = lim$max) # Set a hard limit (irreversible) rlimit_as(max = 1e10) ## End(Not run)
# Print all limits rlimit_all() # Get one limit rlimit_as() ## Not run: # Set a soft limit lim <- rlimit_as(1e9) print(lim) # Reset the limit to max rlimit_as(cur = lim$max) # Set a hard limit (irreversible) rlimit_as(max = 1e10) ## End(Not run)
Shows which features are enabled in the package configuration.
sys_config() aa_config()
sys_config() aa_config()
sys_config()
sys_config()
Lookup a user or group info via user uid/name or group gid/name.
user_info(uid = getuid()) group_info(gid = getgid())
user_info(uid = getuid()) group_info(gid = getgid())
uid |
user ID (integer) or name (string) |
gid |
group ID (integer) or name (string) |
# Get info current user user_info() group_info()
# Get info current user user_info() group_info()