feat(judge_client/1/uoj_judger): support new version of compilers in Ubuntu 18.04

The compilers are all updated in Ubuntu 18.04 basesystem.
Add some defines for judger on compiling and replace web's display version to the real version.
To support new compilers we must modify the syscall list to let them run properly, otherwise they will error with "Dangerous Syscalls".
The Oracle JDK8 will read usagetracker profiles and record usage infomation, so disable it in order to not making junk files which may cause DGS.
This commit is contained in:
Masco Skray 2018-09-22 00:42:01 +08:00
parent 6cc048d9d1
commit b7c10c82c3
2 changed files with 71 additions and 3 deletions

View File

@ -26,13 +26,17 @@ getOracleJDK(){
echo -e "\n\n==> Getting JDK runtime files" echo -e "\n\n==> Getting JDK runtime files"
#Add judger user #Add judger user
useradd -m local_main_judger && usermod -a -G www-data local_main_judger useradd -m local_main_judger && usermod -a -G www-data local_main_judger
#Set Oracle JDK do not track usage
mkdir -p /etc/oracle/java/ && echo 'com.oracle.usagetracker.track.last.usage=false' >/etc/oracle/java/usagetracker.properties
#Get newest jdk dist file #Get newest jdk dist file
JDK_MIRROR_LINK=https://build.funtoo.org/distfiles/oracle-java/ JDK_MIRROR_LINK=https://build.funtoo.org/distfiles/oracle-java/
#Deprecated #JDK_CNMIRROR_LINK=http://funtoo.neu.edu.cn/funtoo/distfiles/oracle-java/ #Deprecated #JDK_CNMIRROR_LINK=http://funtoo.neu.edu.cn/funtoo/distfiles/oracle-java/
curl -s ${JDK_MIRROR_LINK} | grep -oP '>jdk-[7,8].*-linux-x64.tar' | sed -e 's/[\",>]//g' -e 's/-linux-x64.tar//g' >jdkdist.list curl -s ${JDK_MIRROR_LINK} | grep -oP '>jdk-[7,8].*-linux-x64.tar' | sed -e 's/[\",>]//g' -e 's/-linux-x64.tar//g' >jdkdist.list
wget ${JDK_MIRROR_LINK}$(sed -n '1p' jdkdist.list)-linux-x64.tar.gz && wget ${JDK_MIRROR_LINK}$(sed -n '$p' jdkdist.list)-linux-x64.tar.gz wget ${JDK_MIRROR_LINK}$(sed -n '1p' jdkdist.list)-linux-x64.tar.gz && wget ${JDK_MIRROR_LINK}$(sed -n '$p' jdkdist.list)-linux-x64.tar.gz
#Change jdk version to faq.php #Change jdk and other environment version to faq.php
sed -i -e "s/jdk-7u76/$(sed -n '1p' jdkdist.list)/g" -e "s/jdk-8u31/$(sed -n '$p' jdkdist.list)/g" ../../uoj/1/app/controllers/faq.php sed -i -e 's/Ubuntu Linux 14.04 LTS x64/Ubuntu Linux 18.04 LTS x64/' \
-e 's/g++ 4.8.4/g++ 7.3.0/' -e 's/gcc 4.8.4/gcc 7.3.0/' -e 's/fpc 2.6.2/fpc 3.0.4/' -e 's/Python 2.7和3.4/Python 2.7和3.6/' \
-e "s/jdk-7u76/$(sed -n '1p' jdkdist.list)/g" -e "s/jdk-8u31/$(sed -n '$p' jdkdist.list)/g" ../../uoj/1/app/controllers/faq.php
#Move jdk file to judge user root #Move jdk file to judge user root
chown local_main_judger jdkdist.list jdk-*-linux-x64.tar.gz chown local_main_judger jdkdist.list jdk-*-linux-x64.tar.gz
mv jdkdist.list jdk-*-linux-x64.tar.gz /home/local_main_judger/ mv jdkdist.list jdk-*-linux-x64.tar.gz /home/local_main_judger/
@ -197,7 +201,12 @@ svn update /var/svn/judge_client/cur/judge_client --username root --password $_s
ln -s /var/svn/judge_client/cur/judge_client/1 ~/judge_client ln -s /var/svn/judge_client/cur/judge_client/1 ~/judge_client
ln -s /var/uoj_data ~/judge_client/uoj_judger/data ln -s /var/uoj_data ~/judge_client/uoj_judger/data
cd ~/judge_client && chmod +x judge_client cd ~/judge_client && chmod +x judge_client
echo '#define UOJ_WORK_PATH "/home/local_main_judger/judge_client/uoj_judger"' >uoj_judger/include/uoj_work_path.h cat >uoj_judger/include/uoj_work_path.h <<UOJEOF
#define UOJ_WORK_PATH "/home/local_main_judger/judge_client/uoj_judger"
#define UOJ_JUDGER_BASESYSTEM_UBUNTU1804
#define UOJ_JUDGER_PYTHON3_VERSION "3.6"
#define UOJ_JUDGER_FPC_VERSION "3.0.4"
UOJEOF
make make
mkdir ~/judge_client/uoj_judger/run/runtime && cd ~/judge_client/uoj_judger/run/runtime mkdir ~/judge_client/uoj_judger/run/runtime && cd ~/judge_client/uoj_judger/run/runtime
mv ~/jdkdist.list ~/jdk-*-linux-x64.tar.gz . mv ~/jdkdist.list ~/jdk-*-linux-x64.tar.gz .

View File

@ -333,6 +333,12 @@ void init_conf(const RunProgramConfig &config) {
syscall_max_cnt[__NR_getdents ] = -1; syscall_max_cnt[__NR_getdents ] = -1;
syscall_max_cnt[__NR_getdents64 ] = -1; syscall_max_cnt[__NR_getdents64 ] = -1;
# ifdef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
syscall_max_cnt[__NR_prlimit64 ] = -1;
syscall_max_cnt[__NR_getpid ] = -1;
syscall_max_cnt[__NR_sysinfo ] = -1;
# endif
readable_file_name_set.insert("/usr/bin/python2.7"); readable_file_name_set.insert("/usr/bin/python2.7");
readable_file_name_set.insert("/usr/lib/python2.7/"); readable_file_name_set.insert("/usr/lib/python2.7/");
readable_file_name_set.insert("/usr/bin/lib/python2.7/"); readable_file_name_set.insert("/usr/bin/lib/python2.7/");
@ -340,6 +346,10 @@ void init_conf(const RunProgramConfig &config) {
readable_file_name_set.insert("/usr/lib/pymodules/python2.7/"); readable_file_name_set.insert("/usr/lib/pymodules/python2.7/");
readable_file_name_set.insert("/usr/bin/Modules/"); readable_file_name_set.insert("/usr/bin/Modules/");
readable_file_name_set.insert("/usr/bin/pybuilddir.txt"); readable_file_name_set.insert("/usr/bin/pybuilddir.txt");
# ifdef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
readable_file_name_set.insert("/usr/lib/locale/");
readable_file_name_set.insert(config.work_path + "/answer.code");
# endif
statable_file_name_set.insert("/usr"); statable_file_name_set.insert("/usr");
statable_file_name_set.insert("/usr/bin"); statable_file_name_set.insert("/usr/bin");
@ -351,6 +361,13 @@ void init_conf(const RunProgramConfig &config) {
syscall_max_cnt[__NR_getdents ] = -1; syscall_max_cnt[__NR_getdents ] = -1;
syscall_max_cnt[__NR_getdents64 ] = -1; syscall_max_cnt[__NR_getdents64 ] = -1;
# ifdef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
syscall_max_cnt[__NR_prlimit64 ] = -1;
syscall_max_cnt[__NR_getrandom ] = -1;
syscall_max_cnt[__NR_sysinfo ] = -1;
syscall_max_cnt[__NR_getpid ] = -1;
# endif
readable_file_name_set.insert("/usr/bin/python3"); readable_file_name_set.insert("/usr/bin/python3");
readable_file_name_set.insert("/usr/lib/python3/"); readable_file_name_set.insert("/usr/lib/python3/");
# ifndef UOJ_JUDGER_PYTHON3_VERSION # ifndef UOJ_JUDGER_PYTHON3_VERSION
@ -370,14 +387,23 @@ void init_conf(const RunProgramConfig &config) {
readable_file_name_set.insert("/usr/bin/Modules/"); readable_file_name_set.insert("/usr/bin/Modules/");
readable_file_name_set.insert("/usr/bin/pybuilddir.txt"); readable_file_name_set.insert("/usr/bin/pybuilddir.txt");
readable_file_name_set.insert("/usr/lib/dist-python"); readable_file_name_set.insert("/usr/lib/dist-python");
# ifdef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
readable_file_name_set.insert("/usr/lib/locale/");
readable_file_name_set.insert(config.work_path + "/answer.code");
# endif
statable_file_name_set.insert("/usr"); statable_file_name_set.insert("/usr");
statable_file_name_set.insert("/usr/bin"); statable_file_name_set.insert("/usr/bin");
statable_file_name_set.insert("/usr/lib"); statable_file_name_set.insert("/usr/lib");
# ifdef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
statable_file_name_set.insert("/usr/lib/python36.zip");
# endif
} else if (config.type == "java7") { } else if (config.type == "java7") {
syscall_max_cnt[__NR_gettid ] = -1; syscall_max_cnt[__NR_gettid ] = -1;
syscall_max_cnt[__NR_set_tid_address] = 1; syscall_max_cnt[__NR_set_tid_address] = 1;
# ifndef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
syscall_max_cnt[__NR_set_robust_list] = 14; syscall_max_cnt[__NR_set_robust_list] = 14;
# endif
syscall_max_cnt[__NR_futex ] = -1; syscall_max_cnt[__NR_futex ] = -1;
syscall_max_cnt[__NR_uname ] = 1; syscall_max_cnt[__NR_uname ] = 1;
@ -393,6 +419,14 @@ void init_conf(const RunProgramConfig &config) {
syscall_max_cnt[__NR_sched_getaffinity] = -1; syscall_max_cnt[__NR_sched_getaffinity] = -1;
syscall_max_cnt[__NR_sched_yield ] = -1; syscall_max_cnt[__NR_sched_yield ] = -1;
# ifdef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
syscall_max_cnt[__NR_prlimit64 ] = -1;
syscall_max_cnt[__NR_getpid ] = -1;
syscall_max_cnt[__NR_sysinfo ] = -1;
syscall_max_cnt[__NR_clone ] = -1;
syscall_max_cnt[__NR_set_robust_list] = -1;
# endif
syscall_should_soft_ban[__NR_socket ] = true; syscall_should_soft_ban[__NR_socket ] = true;
syscall_should_soft_ban[__NR_connect ] = true; syscall_should_soft_ban[__NR_connect ] = true;
syscall_should_soft_ban[__NR_geteuid ] = true; syscall_should_soft_ban[__NR_geteuid ] = true;
@ -404,12 +438,17 @@ void init_conf(const RunProgramConfig &config) {
add_file_permission(abspath(0, string(self_path) + "/../runtime/jdk1.7.0") + "/", 'r'); add_file_permission(abspath(0, string(self_path) + "/../runtime/jdk1.7.0") + "/", 'r');
readable_file_name_set.insert("/sys/devices/system/cpu/"); readable_file_name_set.insert("/sys/devices/system/cpu/");
readable_file_name_set.insert("/proc/"); readable_file_name_set.insert("/proc/");
# ifdef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
readable_file_name_set.insert("/usr/lib/locale/");
# endif
statable_file_name_set.insert("/usr/java/"); statable_file_name_set.insert("/usr/java/");
statable_file_name_set.insert("/tmp/"); statable_file_name_set.insert("/tmp/");
} else if (config.type == "java8") { } else if (config.type == "java8") {
syscall_max_cnt[__NR_gettid ] = -1; syscall_max_cnt[__NR_gettid ] = -1;
syscall_max_cnt[__NR_set_tid_address] = 1; syscall_max_cnt[__NR_set_tid_address] = 1;
# ifndef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
syscall_max_cnt[__NR_set_robust_list] = 15; syscall_max_cnt[__NR_set_robust_list] = 15;
# endif
syscall_max_cnt[__NR_futex ] = -1; syscall_max_cnt[__NR_futex ] = -1;
syscall_max_cnt[__NR_uname ] = 1; syscall_max_cnt[__NR_uname ] = 1;
@ -425,6 +464,14 @@ void init_conf(const RunProgramConfig &config) {
syscall_max_cnt[__NR_sched_getaffinity] = -1; syscall_max_cnt[__NR_sched_getaffinity] = -1;
syscall_max_cnt[__NR_sched_yield ] = -1; syscall_max_cnt[__NR_sched_yield ] = -1;
# ifdef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
syscall_max_cnt[__NR_prlimit64 ] = -1;
syscall_max_cnt[__NR_getpid ] = -1;
syscall_max_cnt[__NR_sysinfo ] = -1;
syscall_max_cnt[__NR_clone ] = -1;
syscall_max_cnt[__NR_set_robust_list] = -1;
# endif
syscall_should_soft_ban[__NR_socket ] = true; syscall_should_soft_ban[__NR_socket ] = true;
syscall_should_soft_ban[__NR_connect ] = true; syscall_should_soft_ban[__NR_connect ] = true;
syscall_should_soft_ban[__NR_geteuid ] = true; syscall_should_soft_ban[__NR_geteuid ] = true;
@ -436,6 +483,10 @@ void init_conf(const RunProgramConfig &config) {
add_file_permission(abspath(0, string(self_path) + "/../runtime/jdk1.8.0") + "/", 'r'); add_file_permission(abspath(0, string(self_path) + "/../runtime/jdk1.8.0") + "/", 'r');
readable_file_name_set.insert("/sys/devices/system/cpu/"); readable_file_name_set.insert("/sys/devices/system/cpu/");
readable_file_name_set.insert("/proc/"); readable_file_name_set.insert("/proc/");
# ifdef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
readable_file_name_set.insert("/usr/lib/locale/");
readable_file_name_set.insert("/etc/oracle/java/usagetracker.properties");
# endif
statable_file_name_set.insert("/usr/java/"); statable_file_name_set.insert("/usr/java/");
statable_file_name_set.insert("/tmp/"); statable_file_name_set.insert("/tmp/");
} else if (config.type == "compiler") { } else if (config.type == "compiler") {
@ -476,6 +527,11 @@ void init_conf(const RunProgramConfig &config) {
syscall_max_cnt[__NR_uname ] = -1; // for javac = = syscall_max_cnt[__NR_uname ] = -1; // for javac = =
syscall_max_cnt[__NR_sysinfo ] = -1; // for javac = = syscall_max_cnt[__NR_sysinfo ] = -1; // for javac = =
# ifdef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
syscall_max_cnt[__NR_prlimit64 ] = -1;
syscall_max_cnt[__NR_getrandom ] = -1;
# endif
syscall_should_soft_ban[__NR_socket ] = true; // for javac syscall_should_soft_ban[__NR_socket ] = true; // for javac
syscall_should_soft_ban[__NR_connect ] = true; // for javac syscall_should_soft_ban[__NR_connect ] = true; // for javac
syscall_should_soft_ban[__NR_geteuid ] = true; // for javac syscall_should_soft_ban[__NR_geteuid ] = true; // for javac
@ -487,6 +543,9 @@ void init_conf(const RunProgramConfig &config) {
writable_file_name_set.insert(config.work_path + "/"); writable_file_name_set.insert(config.work_path + "/");
readable_file_name_set.insert(abspath(0, string(self_path) + "/../runtime") + "/"); readable_file_name_set.insert(abspath(0, string(self_path) + "/../runtime") + "/");
# ifdef UOJ_JUDGER_BASESYSTEM_UBUNTU1804
readable_file_name_set.insert("/etc/oracle/java/usagetracker.properties");
# endif
readable_file_name_set.insert("system_root"); readable_file_name_set.insert("system_root");
readable_file_name_set.insert("/usr/"); readable_file_name_set.insert("/usr/");