CN104091132A - Method and device for running plug-in on routing equipment and routing equipment - Google Patents
Method and device for running plug-in on routing equipment and routing equipment Download PDFInfo
- Publication number
- CN104091132A CN104091132A CN201410269810.7A CN201410269810A CN104091132A CN 104091132 A CN104091132 A CN 104091132A CN 201410269810 A CN201410269810 A CN 201410269810A CN 104091132 A CN104091132 A CN 104091132A
- Authority
- CN
- China
- Prior art keywords
- unit
- plug
- catalogue
- starting
- described plug
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/56—Routing software
Landscapes
- Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Stored Programmes (AREA)
Abstract
The invention relates to a method and a device for running a plug-in on routing equipment and the routing equipment. The method comprises the following steps: acquiring a running command for the plug-in; acquiring the plug-in from a first set catalogue in an operating system; creating a progress corresponding to the plug-in, wherein an accessing space restricting the progress is the first set catalogue; running the plug-in in the progress. The accessing space restricting the progress is only under the first set catalogue, namely under the catalogue of an installation plug-in, generally the catalogue of the installation plug-in is not a saving catalogue for system files of the operating system, and thus the progress cannot access the system files of the operating system, so that the system files of the operating system of the routing equipment can be effectively prevented from being damaged by the progress, and normal operation of the operating system is guaranteed.
Description
Technical field
The disclosure relates to communication technical field, relates in particular to a kind of method, device and routing device that moves plug-in unit on routing device.
Background technology
Along with the develop rapidly of the communication technology, routing device is more and more intelligent, and intelligentized routing device is similar to the operating system of an opening, can carry out the operation such as installation, operation, unloading of plug-in unit.
But, while moving plug-in unit on current routing device, usually there will be the system file in operating system destroyed, and then cause the problem of operating system paralysis.Therefore, need at present a kind of plug-in component operation method that can prevent from destroying in plug-in component operation process operating system badly.
Summary of the invention
For overcoming the problem existing in correlation technique, the disclosure provides a kind of method, device and routing device that moves plug-in unit on routing device.
According to the first aspect of disclosure embodiment, a kind of method of moving plug-in unit on routing device is provided, comprising:
Obtain the operating instruction for plug-in unit;
Set catalogue and obtain described plug-in unit from first of operating system;
Create the process corresponding with described plug-in unit, and the addressing space that limits described process is described first to set catalogue;
In described process, move described plug-in unit.
In conjunction with first aspect, in the possible implementation of the first of first aspect, described in obtain for the step of the operating instruction of plug-in unit and comprise:
After startup, call the booting script of preserving described plug-in unit under starting up's catalogue, generate described operating instruction; Or,
After startup, obtain the configuration file of described plug-in unit from the second setting catalogue by the plug-in unit startup Manage Scripts under starting up's catalogue, if described configuration file carries starting up's mark, generate described operating instruction; If described configuration file does not carry described starting up's mark, receive the described operating instruction that client is sent.
In conjunction with first aspect, in the possible implementation of the second of first aspect, the addressing space of the described process of described restriction is that the described first step of setting catalogue comprises:
If other catalogue except described the first setting catalogue in operating system, is mounted to described other catalogue described first and sets under catalogue described in described process requested access;
Be read-only by carry at the described first setup of attribute of setting other catalogue under catalogue.
In conjunction with the possible implementation of the second of the possible implementation of the first of first aspect, first aspect or first aspect, in the third possible implementation of first aspect, described method also comprises:
In process list, record the identification information of described process.
In conjunction with first aspect, in the 4th kind of possible implementation of first aspect, described method also comprises:
Obtain the installation instruction for described plug-in unit;
Obtain the compressed package that described plug-in unit is corresponding, described compressed package comprises described plug-in unit, dynamic link library, configuration file and digital certificate that described plug-in unit is corresponding;
According to described digital certificate and the PKI prestoring, described compressed package is decrypted to certification;
If described compressed package by decrypted authentication, is stored in described first by described plug-in unit and described dynamic link library and sets under catalogue, by described configuration file stores under the second setting catalogue.
In conjunction with the 4th kind of possible implementation of first aspect, in the 5th kind of possible implementation of first aspect, described method also comprises:
If described configuration file carries starting up's mark, under starting up's catalogue, add the booting script of described plug-in unit.
In conjunction with first aspect, in the 6th kind of possible implementation of first aspect, described method also comprises:
Obtain the unloading command for described plug-in unit;
After determining that described plug-in unit is out of service, detect the booting script of whether having deleted described plug-in unit from described starting up's catalogue;
If delete the booting script of described plug-in unit from described starting up's catalogue, empty described first and set catalogue.
In conjunction with the 6th kind of possible implementation of first aspect, in the 7th kind of possible implementation of first aspect, described definite described plug-in unit step out of service comprises:
In detection procedure list, whether there is the identification information of the process corresponding with described plug-in unit;
If there is not the identification information of the process corresponding with described plug-in unit in described process list, determine that described plug-in unit is out of service;
If there is the identification information of the process corresponding with described plug-in unit in described process list, delete the identification information of the process corresponding with described plug-in unit.
According to the second aspect of disclosure embodiment, a kind of device that moves plug-in unit on routing device is provided, comprising:
The first acquisition module, for obtaining the operating instruction for plug-in unit;
The second acquisition module, obtains described plug-in unit for setting catalogue from first of operating system;
Limiting module, for creating the process corresponding with described plug-in unit, and the addressing space that limits described process is described first to set catalogue;
Operation module, for moving described plug-in unit in described process.
In conjunction with second aspect, in the possible implementation of the first of second aspect, described the first acquisition module comprises:
Generation unit, after starting, calls the booting script of preserving described plug-in unit under starting up's catalogue, generates described operating instruction; Or,
Processing unit, after starting, obtain the configuration file of described plug-in unit from the second setting catalogue by the plug-in unit startup Manage Scripts under starting up's catalogue, if described configuration file carries starting up's mark, generate described operating instruction, if described configuration file does not carry described starting up's mark, receive the described operating instruction that client is sent.
In conjunction with second aspect, in the possible implementation of the second of second aspect, described limiting module comprises:
Carry unit, if for operating system described in described process requested access except described first other catalogue of setting catalogue, described other catalogue is mounted under described the first setting catalogue;
Setting unit is read-only for the setup of attribute of other catalogue under described the first setting catalogue by carry.
In conjunction with the possible implementation of the second of the possible implementation of the first of second aspect, second aspect or second aspect, in the third possible implementation of second aspect, described device also comprises:
Logging modle, for recording the identification information of described process at process list.
In conjunction with second aspect, in the 4th kind of possible implementation of second aspect, described device also comprises:
The 3rd acquisition module, for obtaining the installation instruction for described plug-in unit;
The 4th acquisition module, for obtaining the compressed package that described plug-in unit is corresponding, described compressed package comprises described plug-in unit, dynamic link library, configuration file and digital certificate that described plug-in unit is corresponding;
Decrypted authentication module, for being decrypted certification according to described digital certificate and the PKI prestoring to described compressed package;
Memory module, if for described compressed package by decrypted authentication, described plug-in unit and described dynamic link library are stored in to described first and set under catalogue, by described configuration file stores under the second setting catalogue.
In conjunction with the 4th kind of possible implementation of second aspect, in the 5th kind of possible implementation of second aspect, described device also comprises:
Add module, if carry starting up's mark for described configuration file, under starting up's catalogue, add the booting script of described plug-in unit.
In conjunction with second aspect, in the 6th kind of possible implementation of second aspect, described device also comprises:
The 5th acquisition module, for obtaining the unloading command for described plug-in unit;
Detection module, after determining that described plug-in unit is out of service, detects the booting script of whether having deleted described plug-in unit from described starting up's catalogue;
Empty module, if for delete the booting script of described plug-in unit from described starting up's catalogue, empty described first and set catalogue.
In conjunction with the 6th kind of possible implementation of second aspect, in the 7th kind of possible implementation of second aspect, described detection module comprises:
Detecting unit, for detection of the identification information that whether has the process corresponding with described plug-in unit in process list;
Determining unit, if there is not the identification information of the process corresponding with described plug-in unit for described process list, determines that described plug-in unit is out of service; If there is the identification information of the process corresponding with described plug-in unit in described process list, delete the identification information of the process corresponding with described plug-in unit.
According to the third aspect of disclosure embodiment, a kind of routing device is provided, comprising:
Processor;
For the storer of storage of processor executable instruction;
Wherein, described processor is configured to:
Obtain the operating instruction for plug-in unit;
Set catalogue and obtain described plug-in unit from first of operating system;
Create the process corresponding with described plug-in unit, and the addressing space that limits described process is described first to set catalogue;
In described process, move described plug-in unit.
The technical scheme that embodiment of the present disclosure provides can comprise following beneficial effect: obtain the operating instruction for plug-in unit, set catalogue and obtain plug-in unit from first of operating system, create the process corresponding with plug-in unit, and the addressing space of limiting process is the first setting catalogue, in process, move described plug-in unit, because the addressing space of limiting process is only under the first setting catalogue, install under the catalogue of plug-in unit, the catalogue that plug-in unit is installed is not conventionally the catalogue that the system file of operating system is preserved, therefore the system file that process cannot accessing operation system, so just effectively prevention process is destroyed the system file of the operating system of routing device, ensure that operating system normally works.
Should be understood that, it is only exemplary and explanatory that above general description and details are hereinafter described, and can not limit the disclosure.
Brief description of the drawings
Accompanying drawing is herein merged in instructions and forms the part of this instructions, shows embodiment according to the invention, and is used from and explains principle of the present invention with instructions one.
Fig. 1 is according to the process flow diagram of a kind of method of moving plug-in unit on routing device shown in an exemplary embodiment.
Fig. 2 is according to a kind of process flow diagram that plug-in unit is installed on routing device shown in an exemplary embodiment.
Fig. 3 is according to a kind of process flow diagram that unloads plug-in unit on routing device shown in an exemplary embodiment.
Fig. 4 is according to the process flow diagram of a kind of method of moving plug-in unit on routing device shown in an exemplary embodiment.
Fig. 5 is the block diagram that moves insert arrangement according to the first shown in an exemplary embodiment on routing device.
Fig. 6 is according to the block diagram of a kind of limiting module shown in an exemplary embodiment.
Fig. 7 is the block diagram that moves insert arrangement according to the second shown in an exemplary embodiment on routing device.
Fig. 8 is the block diagram that moves insert arrangement according to the third shown in an exemplary embodiment on routing device.
Fig. 9 is the block diagram that moves insert arrangement according to the 4th kind shown in an exemplary embodiment on routing device.
Figure 10 is the block diagram that moves insert arrangement according to the 5th kind shown in an exemplary embodiment on routing device.
Figure 11 is according to the block diagram of a kind of detection module shown in an exemplary embodiment.
Figure 12 is according to the block diagram of a kind of routing device shown in an exemplary embodiment.
Embodiment
Here will at length describe exemplary embodiment, its sample table shows in the accompanying drawings.When description below relates to accompanying drawing, unless separately there is expression, the same numbers in different accompanying drawings represents same or analogous key element.Embodiment described in following exemplary embodiment does not represent all embodiments consistent with the present invention.On the contrary, they are only and the example of apparatus and method as consistent in some aspects that described in detail in appended claims, of the present invention.
Fig. 1 is according to the process flow diagram of a kind of method of moving plug-in unit on routing device shown in an exemplary embodiment, and as shown in Figure 1, the method, for routing device, comprises the following steps.
In step S11, obtain the operating instruction for plug-in unit.
This operating instruction shows to move this plug-in unit.
In step S12, set catalogue and obtain plug-in unit from first of operating system.
Plugin card installation, in the first setting catalogue of the operating system of routing device, when after the operating instruction getting for plug-in unit, can arrive in the first setting catalogue and obtain this plug-in unit.
In step S13, create the process corresponding with plug-in unit, and the addressing space of limiting process is the first setting catalogue.
When operating system is different, instrument and function that establishment process adopts are not identical yet.Suppose that operating system is linux system, can create specially an instrument, use this instrument to call process corresponding with plug-in unit of fork function creation.
Due to operation, plug-in unit mainly considers is safety problem, if the system file under the root directory of the premeditated deletion action system of plug-in unit will cause crushing blow to operating system, so need the addressing space of the restriction process corresponding with plug-in unit.Such as, plugin card installation is under PluginsFolder/ID/, the process corresponding with plug-in unit should be accessed the file under this catalogue, can not access other catalogues, be that PluginsFolder/ID/ is exactly the root directory of this plug-in unit, call the root of chroot order using PluginsFolder/ID/ as it, can realize the addressing space that limits this process.
In step S14, in process, move plug-in unit.
Continue, along using example, can call exec function and in process, move plug-in unit.
In this scheme, obtain the operating instruction for plug-in unit, set catalogue and obtain plug-in unit from first of operating system, create the process corresponding with plug-in unit, and the addressing space of limiting process is the first setting catalogue, in process, move described plug-in unit, because the addressing space of limiting process is only under the first setting catalogue, install under the catalogue of plug-in unit, the catalogue that plug-in unit is installed is not conventionally the catalogue that the system file of operating system is preserved, therefore the system file that process cannot accessing operation system, so just effectively prevention process is destroyed the system file of the operating system of routing device, ensure that operating system normally works.
Obtaining for the step of the operating instruction of plug-in unit in above-mentioned S11 can comprise following two kinds of situations:
The first situation, after startup, calls the booting script of preserving plug-in unit under starting up's catalogue, generating run instruction.
If this plug-in unit moves while needing starting up, need in the time that being installed, preserve plug-in unit the booting script of this plug-in unit under starting up's catalogue, and starting up's catalogue can be/etc/init.d.
Routing device can call the booting script of preserving plug-in unit under starting up's catalogue, generating run instruction after starting.
The second situation, after startup, obtain the configuration file of plug-in unit from the second setting catalogue by the plug-in unit startup Manage Scripts under starting up's catalogue, if configuration file carries starting up's mark, generating run instruction, if configuration file does not carry starting up's mark, receive the operating instruction that client is sent.
If this plug-in unit moves while needing starting up, can also under starting up's catalogue, preserve plug-in unit and start Manage Scripts.Start after routing device, plug-in unit starts Manage Scripts and goes the second setting catalogue to obtain the configuration file of plug-in unit, and is detecting that configuration file carries after starting up's mark, generating run instruction.If this plug-in unit does not need starting up, can need to move this plug-in unit by user time, send operating instruction by client.
Wherein, the second setting catalogue can be PluginsFolder/Register, and configuration file can be expressed as manifest.
The addressing space of the limiting process in above-mentioned S13 is that the step of the first setting catalogue comprises:
If other catalogue in process requested access operating system except the first setting catalogue, is mounted to other catalogue under the first setting catalogue;
The setup of attribute of other catalogue by carry under the first setting catalogue is read-only.
If the system file of the necessary accessing operation system of the process corresponding with plug-in unit, for example, system file below/usr/bin, can adopt carry (mount bind) technology, general/usr/bin catalogue is mounted in PluginsFolder/ID catalogue, obtain PluginsFolder/ID/usr/bin catalogue, the attribute that then PluginsFolder/ID/usr/bin catalogue is set is read-only, addressing space that so just can limiting process is PluginsFolder/ID/, and because the attribute of PluginsFolder/ID/usr/bin catalogue is read-only, process cannot be destroyed operation by right/usr/bin, thereby effectively prevention process is destroyed the system file of operating system, guarantee that operating system normally works.
Can also be in process list the identification information of record the process, thereby be convenient to plug-in unit out of service or unloading plug-in unit.
Fig. 2 is according to a kind of process flow diagram that plug-in unit is installed on routing device shown in an exemplary embodiment, and as shown in Figure 2, the method, for routing device, comprises the following steps.
In step S21, obtain the installation instruction for plug-in unit.
For example, can be to receive the installation instruction for plug-in unit that client sends.
In step S22, obtain the compressed package that plug-in unit is corresponding, compressed package comprises plug-in unit, dynamic link library, configuration file and digital certificate that plug-in unit is corresponding.
For example, can upload the compressed package that this plug-in unit is corresponding from the download of plug-in unit shop or this locality.
In step S23, according to digital certificate and the PKI prestoring, compressed package is decrypted to certification.
For example, because compressed package all passes through encryption conventionally, the PKI that can prestore on routing device, just can be decrypted certification according to the digital certificate in compressed package and the PKI prestoring.
In step S24, if compressed package by decrypted authentication, is stored in plug-in unit and dynamic link library under the first setting catalogue, by configuration file stores under the second setting catalogue.
If compressed package by decrypted authentication, is stored in the file in compressed package under fixing catalogue, this catalogue is the unified installation site of plug-in unit.Suppose that fixing catalogue is PluginsFolder, each plug-in unit has an identification information (being designated as ID), the plug-in unit obtaining after decompress(ion) and dynamic link library can be stored in below this catalogue of PluginsFolder/ID/, first set catalogue, the configuration file stores obtaining after decompress(ion) arrives below PluginsFolder/Register catalogue, second sets catalogue.
If configuration file carries starting up's mark, under starting up's catalogue, add the booting script of plug-in unit.If configuration file carries starting up's mark, that is to say that this plug-in unit needs starting up, under starting up's catalogue, add the booting script of plug-in unit, can realize this plug-in unit of starting up.
Fig. 3 is according to a kind of process flow diagram that unloads plug-in unit on routing device shown in an exemplary embodiment, and as shown in Figure 3, the method, for routing device, comprises the following steps.
In step S31, obtain the unloading command for plug-in unit.
In step S32, after determining that plug-in unit is out of service, whether detect under starting up catalogue the booting script of memory card.
If the booting script of memory card under starting up's catalogue, in step S33, deletes the booting script of plug-in unit.
In step S34, empty the first setting catalogue.
For example, if the booting script of memory card not under starting up's catalogue, execution step S34.
Because this plugin card installation is under the first setting catalogue, from starting up's catalogue, delete after the booting script of this plug-in unit in confirmation, can empty under the first setting catalogue, thereby realize this plug-in unit of unloading.
Definite plug-in unit step out of service in above-mentioned S32 comprises:
In detection procedure list, whether there is the identification information of the process corresponding with plug-in unit;
If there is not the identification information of the process corresponding with plug-in unit in process list, determine that plug-in unit is out of service;
If there is the identification information of the process corresponding with plug-in unit in process list, delete the identification information of the process corresponding with plug-in unit.
Like this, can by whether existing the identification information of the process corresponding with plug-in unit to determine that whether plug-in unit is out of service in detection procedure list.
Fig. 4 is according to the method flow diagram shown in an exemplary embodiment, and as shown in Figure 4, the method, for routing device, supposes that the operating system on routing device is linux system, and the method comprises the following steps.
In step S411, obtain the installation instruction for plug-in unit.
In the time that user need to install plug-in unit on routing device, can send the installation instruction for plug-in unit to routing device by client.For example, selected after plug-in unit A in shop in application, selection is by this plugin card installation on router B time, and server sends the installation kit of this plug-in unit A to this router B.Meanwhile, this router B receives the installation instruction for plug-in unit.
In step S412, obtain the compressed package that plug-in unit is corresponding, compressed package comprises plug-in unit, dynamic link library, configuration file and digital certificate that plug-in unit is corresponding.
Plug-in unit is executable file, and the dynamic link library that plug-in unit is corresponding is the dynamic link library that executable file may be used, and configuration file is used for describing executable file, and digital certificate is used for decrypted authentication.
In step S413, according to digital certificate and the PKI prestoring, compressed package is decrypted to certification.
Because compressed package all passes through encryption conventionally, the PKI that can prestore of the fixed position on routing device, is used for compressed package to be decrypted certification.
In step S414, if compressed package by decrypted authentication, is stored in plug-in unit and dynamic link library under the first setting catalogue, by configuration file stores under the second setting catalogue.
File in Normal squeezing bag is stored under fixing catalogue, and this fixing catalogue is the unified installation site of plug-in unit.Suppose that fixing catalogue is PluginsFolder, each plug-in unit has an ID, the first setting catalogue is PluginsFolder/ID/ so, the plug-in unit obtaining after decompress(ion) and dynamic link library can be stored under this catalogue, the second setting catalogue is PluginsFolder/Register, and the configuration file stores obtaining after decompress(ion) is under this catalogue.
In step S415, when configuration file carries starting up's mark, under starting up's catalogue, add the booting script of plug-in unit.For example, in linux system, starting up's catalogue is /etc/init.d.
In step S416, obtain the operating instruction for plug-in unit.
In this step, can comprise following two kinds of situations:
The first situation, after startup, calls the booting script of preserving plug-in unit under starting up's catalogue, generating run instruction.
If this plug-in unit moves while needing starting up, can call/etc/init.d preserves the booting script of plug-in unit, generating run instruction.
The second situation, after startup, obtain the configuration file of plug-in unit from the second setting catalogue by the plug-in unit startup Manage Scripts under starting up's catalogue, if configuration file carries starting up's mark, generating run instruction, if configuration file does not carry starting up's mark, receive the operating instruction that client is sent.
If this plug-in unit moves while needing starting up, can also under/etc/init.d, preserve plug-in unit and start Manage Scripts.Start after routing device, plug-in unit starts Manage Scripts and goes PluginsFolder/Register to obtain the configuration file of plug-in unit, and is detecting that configuration file carries after starting up's mark, generating run instruction.If this plug-in unit does not need starting up, can need to move this plug-in unit by user time, send operating instruction by client.Configuration file can be expressed as manifest.
In step S417, set catalogue and obtain plug-in unit from first of operating system.
From PluginsFolder/ID/, obtain this plug-in unit.
In step S418, create the process corresponding with plug-in unit, and the addressing space of limiting process is the first setting catalogue.
In linux system, can create specially an instrument, use this instrument to call process corresponding with plug-in unit of fork function creation.The addressing space of process is PluginsFolder/ID/, and this catalogue is exactly the root directory of plug-in unit, calls the root of chroot order using PluginsFolder/ID/ as it, can realize the addressing space that limits this process.
If the process corresponding with plug-in unit must be accessed the system file of linux system, for example, system file below/usr/bin, can adopt bind technology, general/usr/bin catalogue is mounted in PluginsFolder/ID catalogue, obtain PluginsFolder/ID/usr/bin catalogue, the attribute that then PluginsFolder/ID/usr/bin catalogue is set is read-only, addressing space that so just can limiting process is PluginsFolder/ID/, and because the attribute of PluginsFolder/ID/usr/bin catalogue is read-only, process cannot be destroyed operation by right/usr/bin, thereby effectively prevention process is destroyed the system file of operating system, guarantee that operating system normally works.
In step S419, in process, move plug-in unit, in process list, record the ID of the process of this plug-in unit.
For example, can call exec function and in process, move plug-in unit.
In step S420, obtain the unloading command for plug-in unit.
In the time that user will unload the plug-in unit on routing device, can send the unloading command for plug-in unit to routing device by client.
In step S421, after determining that plug-in unit is out of service, whether detect under starting up catalogue the booting script of memory card.
For example, can, by whether existing the identification information of the process corresponding with plug-in unit to determine that whether plug-in unit is out of service in detection procedure list, if there is not the identification information of the process corresponding with plug-in unit in process list, determine that plug-in unit is out of service; If there is the identification information of the process corresponding with plug-in unit in process list, delete the identification information of the process corresponding with plug-in unit, thereby also determined that plug-in unit is out of service.
If the booting script of memory card under starting up's catalogue, in step S422, deletes the booting script of plug-in unit.
In step S423, empty the first setting catalogue.
If the booting script of memory card not under starting up's catalogue, execution step S423.
Because this plugin card installation is under PluginsFolder/ID/, from/etc/init.d, delete after the booting script of this plug-in unit confirming, can empty PluginsFolder/ID/, thereby realize this plug-in unit of unloading.
Fig. 5 is the device block diagram that moves plug-in unit according to the first shown in an exemplary embodiment on routing device.With reference to Fig. 5, this device comprises the first acquisition module 511, the second acquisition modules 512, limiting module 513 and operation module 514.
This first acquisition module 511 is configured to, and obtains the operating instruction for plug-in unit.
This second acquisition module 512 is configured to, and sets catalogue and obtains plug-in unit from first of operating system.
This limiting module 513 is configured to, and creates the process corresponding with plug-in unit, and the addressing space of limiting process is the first setting catalogue.
This operation module 514 is configured to, and moves plug-in unit in process.
This first acquisition module 511 comprise generation unit and processing unit the two one of.
This generation unit is configured to, and after startup, calls the booting script of preserving plug-in unit under starting up's catalogue, generating run instruction.
This processing unit is configured to, after startup, obtain the configuration file of plug-in unit from the second setting catalogue by the plug-in unit startup Manage Scripts under starting up's catalogue, if configuration file carries starting up's mark, generating run instruction, if described configuration file does not carry described starting up's mark, receive the operating instruction that client is sent.
As shown in Figure 6, this limiting module 513 comprises carry unit 5131 and setting unit 5132.
This carry unit 5131 is configured to, if other catalogue except the first setting catalogue in process requested access operating system is mounted to other catalogue under the first setting catalogue.
This setting unit 5132 is configured to, and the setup of attribute of other catalogue by carry under the first setting catalogue is read-only.
The device that the second moves plug-in unit on routing device as shown in Figure 7, on the basis of device as shown in Figure 5, also comprises logging modle 515.
This logging modle 515 is configured to, the identification information of record the process in process list.
The third device that moves plug-in unit on routing device as shown in Figure 8, on the basis of device as shown in Figure 5, also comprises the 3rd acquisition module 516, the four acquisition modules 517, decrypted authentication module 518 and memory module 519.
The 3rd acquisition module 516 is configured to, and obtains the installation instruction for plug-in unit.
The 4th acquisition module 517 is configured to, and obtains the compressed package that plug-in unit is corresponding, and compressed package comprises plug-in unit, dynamic link library, configuration file and digital certificate that plug-in unit is corresponding.
This decrypted authentication module 518 is configured to, and according to digital certificate and the PKI prestoring, compressed package is decrypted to certification.
This memory module 519 is configured to, if compressed package by decrypted authentication, is stored in plug-in unit and dynamic link library under the first setting catalogue, by configuration file stores under the second setting catalogue.
The 4th kind of device that moves plug-in unit on routing device as shown in Figure 9, on the basis of device as shown in Figure 8, also comprises and adds module 520.
This interpolation module 520 is configured to, if configuration file carries starting up's mark, adds the booting script of plug-in unit under starting up's catalogue.
The 5th kind of device that moves plug-in unit on routing device as shown in figure 10, on the basis of device as shown in Figure 5, also comprises the 5th acquisition module 521, detection module 522 and empty module 523.
The 5th acquisition module 521 is configured to, for obtaining the unloading command for plug-in unit.
This detection module 522 is configured to, and after determining that plug-in unit is out of service, detects the booting script of whether having deleted plug-in unit from starting up's catalogue.
This empties module 523 and is configured to, if delete the booting script of plug-in unit from starting up's catalogue, empties the first setting catalogue.
As shown in figure 11, this detection module 522 comprises detecting unit 5221 and determining unit 5222.
This detecting unit 5221 is configured to, and whether has the identification information of the process corresponding with plug-in unit in detection procedure list.
This determining unit 5222 is configured to, if there is not the identification information of the process corresponding with plug-in unit in process list, determines that plug-in unit is out of service; If there is the identification information of the process corresponding with plug-in unit in process list, delete the identification information of the process corresponding with plug-in unit.
About the device in above-described embodiment, wherein the concrete mode of modules executable operations have been described in detail in the embodiment about the method, will not elaborate explanation herein.
Figure 12 is a kind of for move the block diagram of device 1900 of plug-in unit on routing device according to shown in an exemplary embodiment.For example, device 1900 may be provided in a routing device.With reference to Figure 12, device 1900 comprises processing components 1922, and it further comprises one or more processors, and by the memory resource of storer 1932 representatives, can for example, by the instruction of the execution of processing components 1922, application program for storing.In storer 1932, the application program of storage can comprise one or more each module corresponding to one group of instruction.In addition, processing components 1922 is configured to carry out instruction, to carry out the above-mentioned method of moving plug-in unit on routing device.
Device 1900 can also comprise that a power supply module 1926 is configured to the power management of actuating unit 1900, and a wired or wireless network interface 1950 is configured to device 1900 to be connected to network, and input and output (I/O) interface 1958.Device 1900 operating systems that can operate based on being stored in storer 1932, for example Windows ServerTM, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM or similar.
In an embodiment, provide a kind of routing device, having comprised:
Processor;
For the storer of storage of processor executable instruction;
Wherein, described processor is configured to:
Obtain the operating instruction for plug-in unit;
Set catalogue and obtain described plug-in unit from first of operating system;
Create the process corresponding with described plug-in unit, and the addressing space that limits described process is described first to set catalogue;
In described process, move described plug-in unit.
Optionally, in another embodiment, described in obtain for the step of the operating instruction of plug-in unit and comprise:
After startup, call the booting script of preserving described plug-in unit under starting up's catalogue, generate described operating instruction; Or,
After startup, obtain the configuration file of described plug-in unit from the second setting catalogue by the plug-in unit startup Manage Scripts under starting up's catalogue, if described configuration file carries starting up's mark, generate described operating instruction, if described configuration file does not carry described starting up's mark, receive the described operating instruction that client is sent.
Optionally, in another embodiment, the addressing space that limits described process is that the described first step of setting catalogue comprises:
If other catalogue except described the first setting catalogue in operating system, is mounted to described other catalogue described first and sets under catalogue described in described process requested access;
Be read-only by carry at the described first setup of attribute of setting other catalogue under catalogue.
Optionally, in another embodiment, in process list, record the identification information of described process.
Optionally, in another embodiment, obtain the installation instruction for described plug-in unit; Obtain the compressed package that described plug-in unit is corresponding, described compressed package comprises described plug-in unit, dynamic link library, configuration file and digital certificate that described plug-in unit is corresponding; According to described digital certificate and the PKI prestoring, described compressed package is decrypted to certification; If described compressed package by decrypted authentication, is stored in described first by described plug-in unit and described dynamic link library and sets under catalogue, by described configuration file stores under the second setting catalogue.
Optionally, in another embodiment, if configuration file carries starting up's mark, under starting up's catalogue, add the booting script of plug-in unit.
Optionally, in another embodiment, obtain the unloading command for plug-in unit; After determining that plug-in unit is out of service, detect the booting script of whether having deleted described plug-in unit from starting up's catalogue; If delete the booting script of plug-in unit from starting up's catalogue, empty the first setting catalogue.
Optionally, in another embodiment, determine that plug-in unit step out of service comprises:
In detection procedure list, whether there is the identification information of the process corresponding with described plug-in unit;
If there is not the identification information of the process corresponding with described plug-in unit in described process list, determine that described plug-in unit is out of service;
If there is the identification information of the process corresponding with described plug-in unit in described process list, delete the identification information of the process corresponding with described plug-in unit.
Disclosure embodiment provides a kind of non-provisional computer-readable recording medium, in the time that the instruction in this storage medium is carried out by the processor of routing device, makes routing device can carry out a kind of method of moving plug-in unit on routing device, and described method comprises:
Obtain the operating instruction for plug-in unit;
Set catalogue and obtain plug-in unit from first of operating system;
Create the process corresponding with plug-in unit, and the addressing space of limiting process is the first setting catalogue;
In process, move plug-in unit.
Described obtaining for the step of the operating instruction of plug-in unit comprises:
After startup, call the booting script of preserving described plug-in unit under starting up's catalogue, generate described operating instruction; Or,
After startup, obtain the configuration file of described plug-in unit from the second setting catalogue by the plug-in unit startup Manage Scripts under starting up's catalogue, if described configuration file carries starting up's mark, generate described operating instruction, if described configuration file does not carry described starting up's mark, receive the described operating instruction that client is sent.
The addressing space of the described process of described restriction is that the described first step of setting catalogue comprises:
If other catalogue except described the first setting catalogue in operating system, is mounted to described other catalogue described first and sets under catalogue described in described process requested access;
Be read-only by carry at the described first setup of attribute of setting other catalogue under catalogue.
Described method also comprises:
In process list, record the identification information of described process.
Described method also comprises:
Obtain the installation instruction for described plug-in unit;
Obtain the compressed package that described plug-in unit is corresponding, described compressed package comprises described plug-in unit, dynamic link library, configuration file and digital certificate that described plug-in unit is corresponding;
According to described digital certificate and the PKI prestoring, described compressed package is decrypted to certification;
If described compressed package by decrypted authentication, is stored in described first by described plug-in unit and described dynamic link library and sets under catalogue, by described configuration file stores under the second setting catalogue.
Described method also comprises:
If described configuration file carries starting up's mark, under starting up's catalogue, add the booting script of described plug-in unit.
Described method also comprises:
Obtain the unloading command for described plug-in unit;
After determining that described plug-in unit is out of service, detect the booting script of whether having deleted described plug-in unit from described starting up's catalogue;
If delete the booting script of described plug-in unit from described starting up's catalogue, empty described first and set catalogue.
Described definite described plug-in unit step out of service comprises:
In detection procedure list, whether there is the identification information of the process corresponding with described plug-in unit;
If there is not the identification information of the process corresponding with described plug-in unit in described process list, determine that described plug-in unit is out of service;
If there is the identification information of the process corresponding with described plug-in unit in described process list, delete the identification information of the process corresponding with described plug-in unit.
Those skilled in the art, considering instructions and putting into practice after invention disclosed herein, will easily expect other embodiment of the present invention.The application is intended to contain any modification of the present invention, purposes or adaptations, and these modification, purposes or adaptations are followed general principle of the present invention and comprised undocumented common practise or the conventional techniques means in the art of the disclosure.Instructions and embodiment are only regarded as exemplary, and true scope of the present invention and spirit are pointed out by claim below.
Should be understood that, the present invention is not limited to precision architecture described above and illustrated in the accompanying drawings, and can carry out various amendments and change not departing from its scope.Scope of the present invention is only limited by appended claim.
Claims (17)
1. a method of moving plug-in unit on routing device, is characterized in that, comprising:
Obtain the operating instruction for plug-in unit;
Set catalogue and obtain described plug-in unit from first of operating system;
Create the process corresponding with described plug-in unit, and the addressing space that limits described process is described first to set catalogue;
In described process, move described plug-in unit.
2. method according to claim 1, is characterized in that, described in obtain for the step of the operating instruction of plug-in unit and comprise:
After startup, call the booting script of preserving described plug-in unit under starting up's catalogue, generate described operating instruction; Or,
After startup, obtain the configuration file of described plug-in unit from the second setting catalogue by the plug-in unit startup Manage Scripts under starting up's catalogue, if described configuration file carries starting up's mark, generate described operating instruction, if described configuration file does not carry described starting up's mark, receive the described operating instruction that client is sent.
3. method according to claim 1, is characterized in that, the addressing space of the described process of described restriction is that the described first step of setting catalogue comprises:
If other catalogue except described the first setting catalogue in operating system, is mounted to described other catalogue described first and sets under catalogue described in described process requested access;
Be read-only by carry at the described first setup of attribute of setting other catalogue under catalogue.
4. according to the arbitrary described method of claim 1-3, it is characterized in that, described method also comprises:
In process list, record the identification information of described process.
5. the method for claim 1, is characterized in that, described method also comprises:
Obtain the installation instruction for described plug-in unit;
Obtain the compressed package that described plug-in unit is corresponding, described compressed package comprises described plug-in unit, dynamic link library, configuration file and digital certificate that described plug-in unit is corresponding;
According to described digital certificate and the PKI prestoring, described compressed package is decrypted to certification;
If described compressed package by decrypted authentication, is stored in described first by described plug-in unit and described dynamic link library and sets under catalogue, by described configuration file stores under the second setting catalogue.
6. method according to claim 5, is characterized in that, described method also comprises:
If described configuration file carries starting up's mark, under starting up's catalogue, add the booting script of described plug-in unit.
7. the method for claim 1, is characterized in that, described method also comprises:
Obtain the unloading command for described plug-in unit;
After determining that described plug-in unit is out of service, detect the booting script of whether having deleted described plug-in unit from described starting up's catalogue;
If delete the booting script of described plug-in unit from described starting up's catalogue, empty described first and set catalogue.
8. method according to claim 7, is characterized in that, described definite described plug-in unit step out of service comprises:
In detection procedure list, whether there is the identification information of the process corresponding with described plug-in unit;
If there is not the identification information of the process corresponding with described plug-in unit in described process list, determine that described plug-in unit is out of service;
If there is the identification information of the process corresponding with described plug-in unit in described process list, delete the identification information of the process corresponding with described plug-in unit.
9. a device that moves plug-in unit on routing device, is characterized in that, comprising:
The first acquisition module, for obtaining the operating instruction for plug-in unit;
The second acquisition module, obtains described plug-in unit for setting catalogue from first of operating system;
Limiting module, for creating the process corresponding with described plug-in unit, and the addressing space that limits described process is described first to set catalogue;
Operation module, for moving described plug-in unit in described process.
10. device according to claim 9, is characterized in that, described the first acquisition module comprises:
Generation unit, after starting, calls the booting script of preserving described plug-in unit under starting up's catalogue, generates described operating instruction; Or,
Processing unit, after starting, obtain the configuration file of described plug-in unit from the second setting catalogue by the plug-in unit startup Manage Scripts under starting up's catalogue, if described configuration file carries starting up's mark, generate described operating instruction, if described configuration file does not carry described starting up's mark, receive the described operating instruction that client is sent.
11. devices according to claim 9, is characterized in that, described limiting module comprises:
Carry unit, if for operating system described in described process requested access except described first other catalogue of setting catalogue, described other catalogue is mounted under described the first setting catalogue;
Setting unit is read-only for the setup of attribute of other catalogue under described the first setting catalogue by carry.
12. according to the arbitrary described device of claim 9-11, it is characterized in that, described device also comprises:
Logging modle, for recording the identification information of described process at process list.
13. devices as claimed in claim 9, is characterized in that, described device also comprises:
The 3rd acquisition module, for obtaining the installation instruction for described plug-in unit;
The 4th acquisition module, for obtaining the compressed package that described plug-in unit is corresponding, described compressed package comprises described plug-in unit, dynamic link library, configuration file and digital certificate that described plug-in unit is corresponding;
Decrypted authentication module, for being decrypted certification according to described digital certificate and the PKI prestoring to described compressed package;
Memory module, if for described compressed package by decrypted authentication, described plug-in unit and described dynamic link library are stored in to described first and set under catalogue, by described configuration file stores under the second setting catalogue.
14. devices according to claim 13, is characterized in that, described device also comprises:
Add module, if carry starting up's mark for described configuration file, under starting up's catalogue, add the booting script of described plug-in unit.
15. devices as claimed in claim 9, is characterized in that, described device also comprises:
The 5th acquisition module, for obtaining the unloading command for described plug-in unit;
Detection module, after determining that described plug-in unit is out of service, detects the booting script of whether having deleted described plug-in unit from described starting up's catalogue;
Empty module, if for delete the booting script of described plug-in unit from described starting up's catalogue, empty described first and set catalogue.
16. devices according to claim 15, is characterized in that, described detection module comprises:
Detecting unit, for detection of the identification information that whether has the process corresponding with described plug-in unit in process list;
Determining unit, if there is not the identification information of the process corresponding with described plug-in unit for described process list, determines that described plug-in unit is out of service; If there is the identification information of the process corresponding with described plug-in unit in described process list, delete the identification information of the process corresponding with described plug-in unit.
17. 1 kinds of routing devices, is characterized in that, comprising:
Processor;
For the storer of storage of processor executable instruction;
Wherein, described processor is configured to:
Obtain the operating instruction for plug-in unit;
Set catalogue and obtain described plug-in unit from first of operating system;
Create the process corresponding with described plug-in unit, and the addressing space that limits described process is described first to set catalogue;
In described process, move described plug-in unit.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410269810.7A CN104091132B (en) | 2014-06-17 | 2014-06-17 | Method, device and the routing device of plug-in unit are run on routing device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410269810.7A CN104091132B (en) | 2014-06-17 | 2014-06-17 | Method, device and the routing device of plug-in unit are run on routing device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104091132A true CN104091132A (en) | 2014-10-08 |
| CN104091132B CN104091132B (en) | 2017-07-28 |
Family
ID=51638847
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410269810.7A Active CN104091132B (en) | 2014-06-17 | 2014-06-17 | Method, device and the routing device of plug-in unit are run on routing device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104091132B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105653961A (en) * | 2015-12-31 | 2016-06-08 | 北京元心科技有限公司 | Method and device for improving loading safety of mobile terminal application |
| WO2022100141A1 (en) * | 2020-11-11 | 2022-05-19 | 华为技术有限公司 | Plug-in management method, system and apparatus |
| CN118034889A (en) * | 2024-03-08 | 2024-05-14 | 荣耀终端有限公司 | Plug-in process mapping method and related device |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101014034A (en) * | 2006-12-31 | 2007-08-08 | 武汉蓝星科技股份有限公司 | U disk server-based cluster solving method |
| CN101403973A (en) * | 2006-12-05 | 2009-04-08 | 三星电子株式会社 | Application program launching method and system for improving security of embedded Linux kernel |
| CN101515238A (en) * | 2009-03-31 | 2009-08-26 | 山东鲁西化工股份有限公司 | Method for automatically installing or uninstalling application software of computers and a device thereof |
| US20110023024A1 (en) * | 2009-07-24 | 2011-01-27 | Ricoh Company, Ltd. | Information processing apparatus, workflow system, workflow management method, and storage medium of program for workflow management method |
| CN102968321A (en) * | 2012-11-22 | 2013-03-13 | 用友软件股份有限公司 | Application program installation device and application program installation method |
| CN103106091A (en) * | 2013-01-31 | 2013-05-15 | 深圳市开立科技有限公司 | Start-up system and method of operating system based on removable storage media |
| CN104036183A (en) * | 2013-05-17 | 2014-09-10 | 腾讯科技(深圳)有限公司 | Method and system for installing software in sandbox |
-
2014
- 2014-06-17 CN CN201410269810.7A patent/CN104091132B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101403973A (en) * | 2006-12-05 | 2009-04-08 | 三星电子株式会社 | Application program launching method and system for improving security of embedded Linux kernel |
| CN101014034A (en) * | 2006-12-31 | 2007-08-08 | 武汉蓝星科技股份有限公司 | U disk server-based cluster solving method |
| CN101515238A (en) * | 2009-03-31 | 2009-08-26 | 山东鲁西化工股份有限公司 | Method for automatically installing or uninstalling application software of computers and a device thereof |
| US20110023024A1 (en) * | 2009-07-24 | 2011-01-27 | Ricoh Company, Ltd. | Information processing apparatus, workflow system, workflow management method, and storage medium of program for workflow management method |
| CN102968321A (en) * | 2012-11-22 | 2013-03-13 | 用友软件股份有限公司 | Application program installation device and application program installation method |
| CN103106091A (en) * | 2013-01-31 | 2013-05-15 | 深圳市开立科技有限公司 | Start-up system and method of operating system based on removable storage media |
| CN104036183A (en) * | 2013-05-17 | 2014-09-10 | 腾讯科技(深圳)有限公司 | Method and system for installing software in sandbox |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105653961A (en) * | 2015-12-31 | 2016-06-08 | 北京元心科技有限公司 | Method and device for improving loading safety of mobile terminal application |
| WO2022100141A1 (en) * | 2020-11-11 | 2022-05-19 | 华为技术有限公司 | Plug-in management method, system and apparatus |
| CN114546511A (en) * | 2020-11-11 | 2022-05-27 | 华为技术有限公司 | Plug-in management method, system and device |
| CN118034889A (en) * | 2024-03-08 | 2024-05-14 | 荣耀终端有限公司 | Plug-in process mapping method and related device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104091132B (en) | 2017-07-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20180341556A1 (en) | Data backup method and device, storage medium and server | |
| RU2589348C2 (en) | Entropy pools for virtual machines | |
| CN103106138B (en) | The method that test case is synchronous with test script and device | |
| KR20190032603A (en) | Authentication methods, devices and authentication clients | |
| CN108647317B (en) | Incremental file generation method and device, storage medium and electronic equipment | |
| CN109542862B (en) | Method, device and system for controlling mounting of file system | |
| CN111008034B (en) | Patch generation method and device | |
| CN109460358B (en) | Configuration management method and system based on Cmdb | |
| CN103544434A (en) | Method and terminal used for ensuring safe operation of application program | |
| WO2017076051A1 (en) | Method and apparatus for acquiring superuser permission | |
| CN104899049A (en) | File deletion method and device | |
| US11263297B2 (en) | Dynamic insertion of variablized secrets in a pipeline integration system | |
| CN104091132A (en) | Method and device for running plug-in on routing equipment and routing equipment | |
| CN105704296A (en) | Application environment cloning method and device | |
| WO2019037521A1 (en) | Security detection method, device, system, and server | |
| CN103984621B (en) | log separation method and system | |
| US20160277477A1 (en) | Information processing apparatus, terminal device, information processing method, and non-transitory computer readable recording medium | |
| CN104751046B (en) | A kind of user authen method and mobile terminal device of application program | |
| US9244668B1 (en) | Systems and methods for synchronizing mobile computing platforms | |
| CN114816225A (en) | Management method and device of storage cluster, electronic equipment and storage medium | |
| CN105160213A (en) | Terminal starting method and terminal thereof | |
| CN105447382A (en) | Sandbox based software registry redirection method and system | |
| US20220158856A1 (en) | Attestation of trusted execution environments | |
| US10701099B2 (en) | Providing efficient information tracking with dynamically selected precision | |
| RU2013146656A (en) | METHOD AND SYSTEM OF SIMULTANEOUS INSTALLATION OF MULTIPLE APPLICATIONS USING THE RESTORATION OF A FALSE BACKUP ARCHIVE |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |