File syslog-ng-3.2.2-systemd-integration.bnc656104.diff of Package syslog-ng
commit 3128ea4f2f0c2af9ff8ff2bd674c59657f42eb65
Author: Gergely Nagy <algernon@balabit.hu>
Date: Tue Feb 1 14:09:28 2011 +0100
gsockaddr: Make ->sa_funcs per-instance.
Instead of initializing GSockAddr->sa_funcs to a static value, that
points to an internal structure, make it per-instance, so one can
override parts of it later on, without breaking the rest of the
instances that share the address family.
Signed-off-by: Gergely Nagy <algernon@balabit.hu>
commit 72acf3efef71400d7aacf5137c9727a698dbde19
Author: Gergely Nagy <algernon@balabit.hu>
Date: Tue Feb 1 11:15:07 2011 +0100
systemd: Code cleanup.
Cleaned up inherit_systemd_activation(): removing unused code, turning
gotos into returns and merging a few ifs together.
Signed-off-by: Gergely Nagy <algernon@balabit.hu>
commit 7f8154cd014bb78dfb1365dae8114b59e488a591
Author: Gergely Nagy <algernon@balabit.hu>
Date: Tue Feb 1 11:07:43 2011 +0100
systemd: Added sd-daemon.c & sd-daemon.h.
commit 65e27c1855dc9601f1c67b0359c60ec60da3d4bf
Author: Marius Tomaschewski <mt@suse.de>
Date: Tue Jan 18 14:03:29 2011 +0100
Enabled systemd socket activation in forking mode
commit febacf0bb5740e3f6454fd524f8d0e9e76c20e31
Author: Marius Tomaschewski <mt@suse.de>
Date: Mon Jan 17 17:23:09 2011 +0100
Cleaned up systemd socket activation
commit e22582bf1a2ac49bd1550980b7a6d55ede450c60
Author: Marius Tomaschewski <mt@suse.de>
Date: Fri Dec 10 18:39:57 2010 +0100
First version of systemd socket activation support
First version of systemd socket activation support for unix-dgram
sockets (not only /dev/log) in foreground mode. The sd-daemon.[ch]
files are available at
http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.[ch]
diff --git a/lib/gprocess.c b/lib/gprocess.c
index 363d030..d9a2dfb 100644
--- a/lib/gprocess.c
+++ b/lib/gprocess.c
@@ -140,6 +140,56 @@ static struct
.gid = -1
};
+/**
+ * Inherits systemd socket activation from parent process updating the pid
+ * in LISTEN_PID to the pid of the child process.
+ *
+ * @return same as sd_listen_fds
+ * r == 0: no socket activation or this process is not responsible
+ * r > 0: success, number of sockets
+ * r < 0: an error occured
+ */
+static int
+inherit_systemd_activation(void)
+{
+ const char *e;
+ char buf[24] = { '\0' };
+ char *p = NULL;
+ unsigned long l;
+
+ /* fetch listen pid */
+ if (!(e = getenv("LISTEN_PID")))
+ return 0;
+
+ errno = 0;
+ l = strtoul(e, &p, 10);
+ if (errno != 0 || !p || *p || l == 0)
+ return (errno) ? -errno : -EINVAL;
+
+ /* was it for our parent? */
+ if (getppid() != (pid_t)l)
+ return 0;
+
+ /* verify listen fds */
+ if (!(e = getenv("LISTEN_FDS")))
+ return 0;
+
+ errno = 0;
+ l = strtoul(e, &p, 10);
+ if (errno != 0 || !p || *p)
+ return (errno) ? -errno : -EINVAL;
+
+ /* update the listen pid to ours */
+ snprintf(buf, sizeof(buf), "%d", getpid());
+ if (errno != 0 || !*buf)
+ return (errno) ? -errno : -EINVAL;
+
+ if (setenv("LISTEN_PID", buf, 1) == 0)
+ return (int)l;
+
+ return -1;
+}
+
#if ENABLE_LINUX_CAPS
/**
@@ -1125,6 +1175,10 @@ g_process_perform_supervise(void)
process_kind = G_PK_DAEMON;
close(init_result_pipe[0]);
init_result_pipe[0] = -1;
+
+ /* update systemd socket activation pid */
+ inherit_systemd_activation();
+
memcpy(process_opts.argv_start, process_opts.argv_orig, process_opts.argv_env_len);
return;
}
@@ -1180,6 +1234,9 @@ g_process_start(void)
/* shut down init_result_pipe read side */
close(init_result_pipe[0]);
init_result_pipe[0] = -1;
+
+ /* update systemd socket activation pid */
+ inherit_systemd_activation();
}
else if (process_opts.mode == G_PM_SAFE_BACKGROUND)
{
@@ -1213,6 +1270,9 @@ g_process_start(void)
close(startup_result_pipe[0]);
startup_result_pipe[0] = -1;
+ /* update systemd socket activation pid */
+ inherit_systemd_activation();
+
process_kind = G_PK_SUPERVISOR;
g_process_perform_supervise();
/* we only return in the daamon process here */
diff --git a/lib/gsockaddr.c b/lib/gsockaddr.c
index dc1a093..ebee377 100644
--- a/lib/gsockaddr.c
+++ b/lib/gsockaddr.c
@@ -143,10 +143,13 @@ g_sockaddr_unref(GSockAddr *a)
if (g_atomic_counter_dec_and_test(&a->refcnt))
{
if (!a->sa_funcs->freefn)
- g_free(a);
- else
- a->sa_funcs->freefn(a);
- }
+ {
+ g_free(a->sa_funcs);
+ g_free(a);
+ }
+ else
+ a->sa_funcs->freefn(a);
+ }
}
}
@@ -198,21 +201,18 @@ g_sockaddr_inet_format(GSockAddr *addr, gchar *text, gulong n, gint format)
void
g_sockaddr_inet_free(GSockAddr *addr)
{
+ g_free(addr->sa_funcs);
g_free(addr);
}
-static GSockAddrFuncs inet_sockaddr_funcs =
-{
- g_sockaddr_inet_bind_prepare,
- NULL,
- g_sockaddr_inet_format,
- g_sockaddr_inet_free
-};
-
gboolean
g_sockaddr_inet_check(GSockAddr *a)
{
- return a->sa_funcs == &inet_sockaddr_funcs;
+ return (a->sa_funcs &&
+ a->sa_funcs->sa_bind_prepare == g_sockaddr_inet_bind_prepare &&
+ a->sa_funcs->sa_bind == NULL &&
+ a->sa_funcs->sa_format == g_sockaddr_inet_format &&
+ a->sa_funcs->freefn == g_sockaddr_inet_free);
}
/*+
@@ -243,7 +243,10 @@ g_sockaddr_inet_new(gchar *ip, guint16 port)
addr->sin.sin_family = AF_INET;
addr->sin.sin_port = htons(port);
addr->sin.sin_addr = ina;
- addr->sa_funcs = &inet_sockaddr_funcs;
+ addr->sa_funcs = g_new0(GSockAddrFuncs, 1);
+ addr->sa_funcs->sa_bind_prepare = g_sockaddr_inet_bind_prepare;
+ addr->sa_funcs->sa_format = g_sockaddr_inet_format;
+ addr->sa_funcs->freefn = g_sockaddr_inet_free;
}
return (GSockAddr *) addr;
}
@@ -269,7 +272,10 @@ g_sockaddr_inet_new2(struct sockaddr_in *sin)
addr->flags = 0;
addr->salen = sizeof(struct sockaddr_in);
addr->sin = *sin;
- addr->sa_funcs = &inet_sockaddr_funcs;
+ addr->sa_funcs = g_new0(GSockAddrFuncs, 1);
+ addr->sa_funcs->sa_bind_prepare = g_sockaddr_inet_bind_prepare;
+ addr->sa_funcs->sa_format = g_sockaddr_inet_format;
+ addr->sa_funcs->freefn = g_sockaddr_inet_free;
return (GSockAddr *) addr;
}
@@ -331,14 +337,6 @@ g_sockaddr_inet_range_bind(int sock, GSockAddr *a)
return G_IO_STATUS_ERROR;
}
-static GSockAddrFuncs inet_range_sockaddr_funcs =
-{
- NULL,
- g_sockaddr_inet_range_bind,
- g_sockaddr_inet_format,
- g_sockaddr_inet_free,
-};
-
GSockAddr *
g_sockaddr_inet_range_new(gchar *ip, guint16 min_port, guint16 max_port)
{
@@ -350,7 +348,13 @@ g_sockaddr_inet_range_new(gchar *ip, guint16 min_port, guint16 max_port)
addr->sin.sin_family = AF_INET;
inet_aton(ip, &addr->sin.sin_addr);
addr->sin.sin_port = 0;
- addr->sa_funcs = &inet_range_sockaddr_funcs;
+
+ addr->sa_funcs = g_new0(GSockAddrFuncs, 1);
+ addr->sa_funcs->sa_bind_prepare = NULL;
+ addr->sa_funcs->sa_bind = g_sockaddr_inet_range_bind;
+ addr->sa_funcs->sa_format = g_sockaddr_inet_format;
+ addr->sa_funcs->freefn = g_sockaddr_inet_free;
+
if (max_port > min_port)
{
addr->last_port = (rand() % (max_port - min_port)) + min_port;
@@ -405,21 +409,18 @@ g_sockaddr_inet6_format(GSockAddr *addr, gchar *text, gulong n, gint format)
static void
g_sockaddr_inet6_free(GSockAddr *addr)
{
+ g_free(addr->sa_funcs);
g_free(addr);
}
-static GSockAddrFuncs inet6_sockaddr_funcs =
-{
- g_sockaddr_inet_bind_prepare,
- NULL,
- g_sockaddr_inet6_format,
- g_sockaddr_inet6_free
-};
-
gboolean
g_sockaddr_inet6_check(GSockAddr *a)
{
- return a->sa_funcs == &inet6_sockaddr_funcs;
+ return (a->sa_funcs &&
+ a->sa_funcs->sa_bind_prepare == g_sockaddr_inet_bind_prepare &&
+ a->sa_funcs->sa_bind == NULL &&
+ a->sa_funcs->sa_format == g_sockaddr_inet6_format &&
+ a->sa_funcs->freefn == g_sockaddr_inet6_free);
}
@@ -446,7 +447,10 @@ g_sockaddr_inet6_new(gchar *ip, guint16 port)
addr->sin6.sin6_family = AF_INET6;
inet_pton(AF_INET6, ip, &addr->sin6.sin6_addr);
addr->sin6.sin6_port = htons(port);
- addr->sa_funcs = &inet6_sockaddr_funcs;
+ addr->sa_funcs = g_new0(GSockAddrFuncs, 1);
+ addr->sa_funcs->sa_bind_prepare = g_sockaddr_inet_bind_prepare;
+ addr->sa_funcs->sa_format = g_sockaddr_inet6_format;
+ addr->sa_funcs->freefn = g_sockaddr_inet6_free;
return (GSockAddr *) addr;
}
@@ -473,7 +477,10 @@ g_sockaddr_inet6_new2(struct sockaddr_in6 *sin6)
addr->flags = 0;
addr->salen = sizeof(struct sockaddr_in6);
addr->sin6 = *sin6;
- addr->sa_funcs = &inet6_sockaddr_funcs;
+ addr->sa_funcs = g_new0(GSockAddrFuncs, 1);
+ addr->sa_funcs->sa_bind_prepare = g_sockaddr_inet_bind_prepare;
+ addr->sa_funcs->sa_format = g_sockaddr_inet6_format;
+ addr->sa_funcs->freefn = g_sockaddr_inet6_free;
return (GSockAddr *) addr;
}
@@ -501,13 +508,6 @@ static GIOStatus g_sockaddr_unix_bind_prepare(int sock, GSockAddr *addr);
static GIOStatus g_sockaddr_unix_bind(int sock, GSockAddr *addr);
static gchar *g_sockaddr_unix_format(GSockAddr *addr, gchar *text, gulong n, gint format);
-static GSockAddrFuncs unix_sockaddr_funcs =
-{
- g_sockaddr_unix_bind_prepare,
- g_sockaddr_unix_bind,
- g_sockaddr_unix_format
-};
-
/* anonymous if name == NULL */
/*+
@@ -528,7 +528,10 @@ g_sockaddr_unix_new(const gchar *name)
g_atomic_counter_set(&addr->refcnt, 1);
addr->flags = 0;
- addr->sa_funcs = &unix_sockaddr_funcs;
+ addr->sa_funcs = g_new0(GSockAddrFuncs, 1);
+ addr->sa_funcs->sa_bind_prepare = g_sockaddr_unix_bind_prepare;
+ addr->sa_funcs->sa_bind = g_sockaddr_unix_bind;
+ addr->sa_funcs->sa_format = g_sockaddr_unix_format;
addr->saun.sun_family = AF_UNIX;
if (name)
{
@@ -564,7 +567,10 @@ g_sockaddr_unix_new2(struct sockaddr_un *saun, int sunlen)
g_atomic_counter_set(&addr->refcnt, 1);
addr->flags = 0;
- addr->sa_funcs = &unix_sockaddr_funcs;
+ addr->sa_funcs = g_new0(GSockAddrFuncs, 1);
+ addr->sa_funcs->sa_bind_prepare = g_sockaddr_unix_bind_prepare;
+ addr->sa_funcs->sa_bind = g_sockaddr_unix_bind;
+ addr->sa_funcs->sa_format = g_sockaddr_unix_format;
addr->salen = sunlen;
addr->saun = *saun;
return (GSockAddr *) addr;
diff --git a/modules/afsocket/Makefile.am b/modules/afsocket/Makefile.am
index 40d9dd8..fdd2ee6 100644
--- a/modules/afsocket/Makefile.am
+++ b/modules/afsocket/Makefile.am
@@ -7,7 +7,8 @@ noinst_DATA = libafsocket.la
libafsocket_notls_la_SOURCES = \
afsocket.c afsocket.h afunix.c afunix.h afinet.c afinet.h \
tlscontext.c tlscontext.h tlstransport.c tlstransport.h \
- afsocket-grammar.y afsocket-parser.c afsocket-parser.h afsocket-plugin.c
+ afsocket-grammar.y afsocket-parser.c afsocket-parser.h afsocket-plugin.c \
+ sd-daemon.c sd-daemon.h
libafsocket_notls_la_CPPFLAGS = $(AM_CPPFLAGS)
libafsocket_notls_la_LIBADD = ../../lib/libsyslog-ng.la $(LIBNET_LIBS) $(LIBWRAP_LIBS)
libafsocket_notls_la_LDFLAGS = -avoid-version -module -no-undefined
@@ -17,7 +18,8 @@ module_LTLIBRARIES += libafsocket-tls.la
libafsocket_tls_la_SOURCES = \
afsocket.c afsocket.h afunix.c afunix.h afinet.c afinet.h \
tlscontext.c tlscontext.h tlstransport.c tlstransport.h \
- afsocket-grammar.y afsocket-parser.c afsocket-parser.h afsocket-plugin.c
+ afsocket-grammar.y afsocket-parser.c afsocket-parser.h afsocket-plugin.c \
+ sd-daemon.c sd-daemon.h
libafsocket_tls_la_CPPFLAGS = $(AM_CPPFLAGS) -DENABLE_SSL=1
libafsocket_tls_la_LIBADD = ../../lib/libsyslog-ng.la $(OPENSSL_LIBS) $(ZLIB_LIBS) $(LIBNET_LIBS) $(LIBWRAP_LIBS)
libafsocket_tls_la_LDFLAGS = -avoid-version -module -no-undefined
diff --git a/modules/afsocket/afsocket.c b/modules/afsocket/afsocket.c
index 499cfb1..67f9499 100644
--- a/modules/afsocket/afsocket.c
+++ b/modules/afsocket/afsocket.c
@@ -529,6 +529,16 @@ afsocket_sd_init(LogPipe *s)
gboolean res = FALSE;
GlobalConfig *cfg = log_pipe_get_config(s);
+ if (self->systemd_sock != -1)
+ {
+ /* TODO: another socket types */
+ if ((self->bind_addr->sa.sa_family != AF_UNIX) || !(self->flags & AFSOCKET_DGRAM))
+ {
+ msg_error("Systemd activation implemented for unix datagram sockets only", NULL);
+ return FALSE;
+ }
+ }
+
#if ENABLE_SSL
if (self->flags & AFSOCKET_REQUIRE_TLS && !self->tls_context)
{
@@ -604,14 +614,22 @@ afsocket_sd_init(LogPipe *s)
{
if (!self->connections)
{
- if (!afsocket_open_socket(self->bind_addr, !!(self->flags & AFSOCKET_STREAM), &sock))
+ if (self->systemd_sock != -1)
+ {
+ sock = self->systemd_sock;
+ g_fd_set_nonblock(sock, TRUE);
+ self->bind_addr->sa_funcs->sa_bind = NULL;
+ self->bind_addr->sa_funcs->sa_bind_prepare = NULL;
+ }
+ else if (!afsocket_open_socket(self->bind_addr, !!(self->flags & AFSOCKET_STREAM), &sock))
return self->super.optional;
}
self->fd = -1;
if (!self->setup_socket(self, sock))
{
- close(sock);
+ if (self->systemd_sock == -1)
+ close(sock);
return FALSE;
}
@@ -738,6 +756,7 @@ afsocket_sd_init_instance(AFSocketSourceDriver *self, SocketOptions *sock_option
self->setup_socket = afsocket_sd_setup_socket;
self->max_connections = 10;
self->listen_backlog = 255;
+ self->systemd_sock = -1;
self->flags = flags | AFSOCKET_KEEP_ALIVE;
log_reader_options_defaults(&self->reader_options);
diff --git a/modules/afsocket/afsocket.h b/modules/afsocket/afsocket.h
index bf1c74f..f172db8 100644
--- a/modules/afsocket/afsocket.h
+++ b/modules/afsocket/afsocket.h
@@ -77,6 +77,7 @@ struct _AFSocketSourceDriver
GList *connections;
SocketOptions *sock_options_ptr;
gboolean (*setup_socket)(AFSocketSourceDriver *s, gint fd);
+ gint systemd_sock;
};
void afsocket_sd_set_keep_alive(LogDriver *self, gint enable);
diff --git a/modules/afsocket/afunix.c b/modules/afsocket/afunix.c
index b486b6b..4d45c60 100644
--- a/modules/afsocket/afunix.c
+++ b/modules/afsocket/afunix.c
@@ -25,12 +25,14 @@
#include "misc.h"
#include "messages.h"
#include "gprocess.h"
+#include "sd-daemon.h"
#include <sys/types.h>
#include <sys/socket.h>
#include <sys/un.h>
#include <sys/stat.h>
#include <unistd.h>
+#include <stdlib.h>
void
afunix_sd_set_uid(LogDriver *s, gchar *owner)
@@ -67,6 +69,34 @@ afunix_sd_init(LogPipe *s)
{
AFUnixSourceDriver *self = (AFUnixSourceDriver *) s;
cap_t saved_caps;
+ int fds, fd, t, r;
+
+ fd = -1;
+ fds = sd_listen_fds(0);
+ msg_debug( "Systemd socket activation",
+ evt_tag_int("systemd-sockets", fds),
+ evt_tag_str("systemd-listen-pid", getenv("LISTEN_PID")),
+ evt_tag_str("systemd-listen-fds", getenv("LISTEN_FDS")),
+ NULL);
+ if (fds < 0)
+ {
+ msg_error("Failed to acquire systemd sockets", NULL);
+ return FALSE;
+ }
+ else if (fds > 0)
+ {
+ for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + fds; fd++)
+ {
+ t = (self->super.flags & AFSOCKET_STREAM) ? SOCK_STREAM : SOCK_DGRAM;
+ r = sd_is_socket_unix(fd, t, -1, self->filename, 0);
+ if (r == 1)
+ {
+ /* OK, remember this systemd socket */
+ self->super.systemd_sock = fd;
+ break;
+ }
+ }
+ }
if (afsocket_sd_init(s))
{
@@ -83,9 +113,27 @@ afunix_sd_init(LogPipe *s)
if (self->perm >= 0)
chmod(self->filename, (mode_t) self->perm);
g_process_cap_restore(saved_caps);
+
+ if (self->super.systemd_sock != -1)
+ {
+ msg_verbose("Acquired systemd socket",
+ evt_tag_int("systemd-sock-fd", self->super.systemd_sock),
+ evt_tag_str("systemd-sock-name", self->filename),
+ NULL);
+ }
return TRUE;
}
- return FALSE;
+ else
+ {
+ if (self->super.systemd_sock != -1)
+ {
+ msg_error("Failed to acquire systemd socket",
+ evt_tag_int("systemd-sock-fd", self->super.systemd_sock),
+ evt_tag_str("systemd-sock-name", self->filename),
+ NULL);
+ }
+ return FALSE;
+ }
}
static void
diff --git a/modules/afsocket/sd-daemon.c b/modules/afsocket/sd-daemon.c
new file mode 100644
index 0000000..6d1eebf
--- /dev/null
+++ b/modules/afsocket/sd-daemon.c
@@ -0,0 +1,436 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+ Copyright 2010 Lennart Poettering
+
+ Permission is hereby granted, free of charge, to any person
+ obtaining a copy of this software and associated documentation files
+ (the "Software"), to deal in the Software without restriction,
+ including without limitation the rights to use, copy, modify, merge,
+ publish, distribute, sublicense, and/or sell copies of the Software,
+ and to permit persons to whom the Software is furnished to do so,
+ subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be
+ included in all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ SOFTWARE.
+***/
+
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE
+#endif
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <sys/fcntl.h>
+#include <netinet/in.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <unistd.h>
+#include <string.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stddef.h>
+
+#include "sd-daemon.h"
+
+int sd_listen_fds(int unset_environment) {
+
+#if defined(DISABLE_SYSTEMD) || !defined(__linux__)
+ return 0;
+#else
+ int r, fd;
+ const char *e;
+ char *p = NULL;
+ unsigned long l;
+
+ if (!(e = getenv("LISTEN_PID"))) {
+ r = 0;
+ goto finish;
+ }
+
+ errno = 0;
+ l = strtoul(e, &p, 10);
+
+ if (errno != 0) {
+ r = -errno;
+ goto finish;
+ }
+
+ if (!p || *p || l <= 0) {
+ r = -EINVAL;
+ goto finish;
+ }
+
+ /* Is this for us? */
+ if (getpid() != (pid_t) l) {
+ r = 0;
+ goto finish;
+ }
+
+ if (!(e = getenv("LISTEN_FDS"))) {
+ r = 0;
+ goto finish;
+ }
+
+ errno = 0;
+ l = strtoul(e, &p, 10);
+
+ if (errno != 0) {
+ r = -errno;
+ goto finish;
+ }
+
+ if (!p || *p) {
+ r = -EINVAL;
+ goto finish;
+ }
+
+ for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + (int) l; fd ++) {
+ int flags;
+
+ if ((flags = fcntl(fd, F_GETFD)) < 0) {
+ r = -errno;
+ goto finish;
+ }
+
+ if (flags & FD_CLOEXEC)
+ continue;
+
+ if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) < 0) {
+ r = -errno;
+ goto finish;
+ }
+ }
+
+ r = (int) l;
+
+finish:
+ if (unset_environment) {
+ unsetenv("LISTEN_PID");
+ unsetenv("LISTEN_FDS");
+ }
+
+ return r;
+#endif
+}
+
+int sd_is_fifo(int fd, const char *path) {
+ struct stat st_fd;
+
+ if (fd < 0)
+ return -EINVAL;
+
+ memset(&st_fd, 0, sizeof(st_fd));
+ if (fstat(fd, &st_fd) < 0)
+ return -errno;
+
+ if (!S_ISFIFO(st_fd.st_mode))
+ return 0;
+
+ if (path) {
+ struct stat st_path;
+
+ memset(&st_path, 0, sizeof(st_path));
+ if (stat(path, &st_path) < 0) {
+
+ if (errno == ENOENT || errno == ENOTDIR)
+ return 0;
+
+ return -errno;
+ }
+
+ return
+ st_path.st_dev == st_fd.st_dev &&
+ st_path.st_ino == st_fd.st_ino;
+ }
+
+ return 1;
+}
+
+static int sd_is_socket_internal(int fd, int type, int listening) {
+ struct stat st_fd;
+
+ if (fd < 0 || type < 0)
+ return -EINVAL;
+
+ if (fstat(fd, &st_fd) < 0)
+ return -errno;
+
+ if (!S_ISSOCK(st_fd.st_mode))
+ return 0;
+
+ if (type != 0) {
+ int other_type = 0;
+ socklen_t l = sizeof(other_type);
+
+ if (getsockopt(fd, SOL_SOCKET, SO_TYPE, &other_type, &l) < 0)
+ return -errno;
+
+ if (l != sizeof(other_type))
+ return -EINVAL;
+
+ if (other_type != type)
+ return 0;
+ }
+
+ if (listening >= 0) {
+ int accepting = 0;
+ socklen_t l = sizeof(accepting);
+
+ if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &accepting, &l) < 0)
+ return -errno;
+
+ if (l != sizeof(accepting))
+ return -EINVAL;
+
+ if (!accepting != !listening)
+ return 0;
+ }
+
+ return 1;
+}
+
+union sockaddr_union {
+ struct sockaddr sa;
+ struct sockaddr_in in4;
+ struct sockaddr_in6 in6;
+ struct sockaddr_un un;
+ struct sockaddr_storage storage;
+};
+
+int sd_is_socket(int fd, int family, int type, int listening) {
+ int r;
+
+ if (family < 0)
+ return -EINVAL;
+
+ if ((r = sd_is_socket_internal(fd, type, listening)) <= 0)
+ return r;
+
+ if (family > 0) {
+ union sockaddr_union sockaddr;
+ socklen_t l;
+
+ memset(&sockaddr, 0, sizeof(sockaddr));
+ l = sizeof(sockaddr);
+
+ if (getsockname(fd, &sockaddr.sa, &l) < 0)
+ return -errno;
+
+ if (l < sizeof(sa_family_t))
+ return -EINVAL;
+
+ return sockaddr.sa.sa_family == family;
+ }
+
+ return 1;
+}
+
+int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port) {
+ union sockaddr_union sockaddr;
+ socklen_t l;
+ int r;
+
+ if (family != 0 && family != AF_INET && family != AF_INET6)
+ return -EINVAL;
+
+ if ((r = sd_is_socket_internal(fd, type, listening)) <= 0)
+ return r;
+
+ memset(&sockaddr, 0, sizeof(sockaddr));
+ l = sizeof(sockaddr);
+
+ if (getsockname(fd, &sockaddr.sa, &l) < 0)
+ return -errno;
+
+ if (l < sizeof(sa_family_t))
+ return -EINVAL;
+
+ if (sockaddr.sa.sa_family != AF_INET &&
+ sockaddr.sa.sa_family != AF_INET6)
+ return 0;
+
+ if (family > 0)
+ if (sockaddr.sa.sa_family != family)
+ return 0;
+
+ if (port > 0) {
+ if (sockaddr.sa.sa_family == AF_INET) {
+ if (l < sizeof(struct sockaddr_in))
+ return -EINVAL;
+
+ return htons(port) == sockaddr.in4.sin_port;
+ } else {
+ if (l < sizeof(struct sockaddr_in6))
+ return -EINVAL;
+
+ return htons(port) == sockaddr.in6.sin6_port;
+ }
+ }
+
+ return 1;
+}
+
+int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length) {
+ union sockaddr_union sockaddr;
+ socklen_t l;
+ int r;
+
+ if ((r = sd_is_socket_internal(fd, type, listening)) <= 0)
+ return r;
+
+ memset(&sockaddr, 0, sizeof(sockaddr));
+ l = sizeof(sockaddr);
+
+ if (getsockname(fd, &sockaddr.sa, &l) < 0)
+ return -errno;
+
+ if (l < sizeof(sa_family_t))
+ return -EINVAL;
+
+ if (sockaddr.sa.sa_family != AF_UNIX)
+ return 0;
+
+ if (path) {
+ if (length <= 0)
+ length = strlen(path);
+
+ if (length <= 0)
+ /* Unnamed socket */
+ return l == offsetof(struct sockaddr_un, sun_path);
+
+ if (path[0])
+ /* Normal path socket */
+ return
+ (l >= offsetof(struct sockaddr_un, sun_path) + length + 1) &&
+ memcmp(path, sockaddr.un.sun_path, length+1) == 0;
+ else
+ /* Abstract namespace socket */
+ return
+ (l == offsetof(struct sockaddr_un, sun_path) + length) &&
+ memcmp(path, sockaddr.un.sun_path, length) == 0;
+ }
+
+ return 1;
+}
+
+int sd_notify(int unset_environment, const char *state) {
+#if defined(DISABLE_SYSTEMD) || !defined(__linux__) || !defined(SOCK_CLOEXEC)
+ return 0;
+#else
+ int fd = -1, r;
+ struct msghdr msghdr;
+ struct iovec iovec;
+ union sockaddr_union sockaddr;
+ const char *e;
+
+ if (!state) {
+ r = -EINVAL;
+ goto finish;
+ }
+
+ if (!(e = getenv("NOTIFY_SOCKET")))
+ return 0;
+
+ /* Must be an abstract socket, or an absolute path */
+ if ((e[0] != '@' && e[0] != '/') || e[1] == 0) {
+ r = -EINVAL;
+ goto finish;
+ }
+
+ if ((fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0)) < 0) {
+ r = -errno;
+ goto finish;
+ }
+
+ memset(&sockaddr, 0, sizeof(sockaddr));
+ sockaddr.sa.sa_family = AF_UNIX;
+ strncpy(sockaddr.un.sun_path, e, sizeof(sockaddr.un.sun_path));
+
+ if (sockaddr.un.sun_path[0] == '@')
+ sockaddr.un.sun_path[0] = 0;
+
+ memset(&iovec, 0, sizeof(iovec));
+ iovec.iov_base = (char*) state;
+ iovec.iov_len = strlen(state);
+
+ memset(&msghdr, 0, sizeof(msghdr));
+ msghdr.msg_name = &sockaddr;
+ msghdr.msg_namelen = offsetof(struct sockaddr_un, sun_path) + strlen(e);
+
+ if (msghdr.msg_namelen > sizeof(struct sockaddr_un))
+ msghdr.msg_namelen = sizeof(struct sockaddr_un);
+
+ msghdr.msg_iov = &iovec;
+ msghdr.msg_iovlen = 1;
+
+ if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) < 0) {
+ r = -errno;
+ goto finish;
+ }
+
+ r = 1;
+
+finish:
+ if (unset_environment)
+ unsetenv("NOTIFY_SOCKET");
+
+ if (fd >= 0)
+ close(fd);
+
+ return r;
+#endif
+}
+
+int sd_notifyf(int unset_environment, const char *format, ...) {
+#if defined(DISABLE_SYSTEMD) || !defined(__linux__)
+ return 0;
+#else
+ va_list ap;
+ char *p = NULL;
+ int r;
+
+ va_start(ap, format);
+ r = vasprintf(&p, format, ap);
+ va_end(ap);
+
+ if (r < 0 || !p)
+ return -ENOMEM;
+
+ r = sd_notify(unset_environment, p);
+ free(p);
+
+ return r;
+#endif
+}
+
+int sd_booted(void) {
+#if defined(DISABLE_SYSTEMD) || !defined(__linux__)
+ return 0;
+#else
+
+ struct stat a, b;
+
+ /* We simply test whether the systemd cgroup hierarchy is
+ * mounted */
+
+ if (lstat("/sys/fs/cgroup", &a) < 0)
+ return 0;
+
+ if (lstat("/sys/fs/cgroup/systemd", &b) < 0)
+ return 0;
+
+ return a.st_dev != b.st_dev;
+#endif
+}
diff --git a/modules/afsocket/sd-daemon.h b/modules/afsocket/sd-daemon.h
new file mode 100644
index 0000000..d0a0a94
--- /dev/null
+++ b/modules/afsocket/sd-daemon.h
@@ -0,0 +1,265 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+#ifndef foosddaemonhfoo
+#define foosddaemonhfoo
+
+/***
+ Copyright 2010 Lennart Poettering
+
+ Permission is hereby granted, free of charge, to any person
+ obtaining a copy of this software and associated documentation files
+ (the "Software"), to deal in the Software without restriction,
+ including without limitation the rights to use, copy, modify, merge,
+ publish, distribute, sublicense, and/or sell copies of the Software,
+ and to permit persons to whom the Software is furnished to do so,
+ subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be
+ included in all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+ BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+ ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ SOFTWARE.
+***/
+
+#include <sys/types.h>
+#include <inttypes.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ Reference implementation of a few systemd related interfaces for
+ writing daemons. These interfaces are trivial to implement. To
+ simplify porting we provide this reference implementation.
+ Applications are welcome to reimplement the algorithms described
+ here if they do not want to include these two source files.
+
+ The following functionality is provided:
+
+ - Support for logging with log levels on stderr
+ - File descriptor passing for socket-based activation
+ - Daemon startup and status notification
+ - Detection of systemd boots
+
+ You may compile this with -DDISABLE_SYSTEMD to disable systemd
+ support. This makes all those calls NOPs that are directly related to
+ systemd (i.e. only sd_is_xxx() will stay useful).
+
+ Since this is drop-in code we don't want any of our symbols to be
+ exported in any case. Hence we declare hidden visibility for all of
+ them.
+
+ You may find an up-to-date version of these source files online:
+
+ http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.h
+ http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c
+
+ This should compile on non-Linux systems, too, but with the
+ exception of the sd_is_xxx() calls all functions will become NOPs.
+
+ See sd-daemon(7) for more information.
+*/
+
+#ifndef _sd_printf_attr_
+#if __GNUC__ >= 4
+#define _sd_printf_attr_(a,b) __attribute__ ((format (printf, a, b)))
+#else
+#define _sd_printf_attr_(a,b)
+#endif
+#endif
+
+#ifndef _sd_hidden_
+#if (__GNUC__ >= 4) && !defined(SD_EXPORT_SYMBOLS)
+#define _sd_hidden_ __attribute__ ((visibility("hidden")))
+#else
+#define _sd_hidden_
+#endif
+#endif
+
+/*
+ Log levels for usage on stderr:
+
+ fprintf(stderr, SD_NOTICE "Hello World!\n");
+
+ This is similar to printk() usage in the kernel.
+*/
+#define SD_EMERG "<0>" /* system is unusable */
+#define SD_ALERT "<1>" /* action must be taken immediately */
+#define SD_CRIT "<2>" /* critical conditions */
+#define SD_ERR "<3>" /* error conditions */
+#define SD_WARNING "<4>" /* warning conditions */
+#define SD_NOTICE "<5>" /* normal but significant condition */
+#define SD_INFO "<6>" /* informational */
+#define SD_DEBUG "<7>" /* debug-level messages */
+
+/* The first passed file descriptor is fd 3 */
+#define SD_LISTEN_FDS_START 3
+
+/*
+ Returns how many file descriptors have been passed, or a negative
+ errno code on failure. Optionally, removes the $LISTEN_FDS and
+ $LISTEN_PID file descriptors from the environment (recommended, but
+ problematic in threaded environments). If r is the return value of
+ this function you'll find the file descriptors passed as fds
+ SD_LISTEN_FDS_START to SD_LISTEN_FDS_START+r-1. Returns a negative
+ errno style error code on failure. This function call ensures that
+ the FD_CLOEXEC flag is set for the passed file descriptors, to make
+ sure they are not passed on to child processes. If FD_CLOEXEC shall
+ not be set, the caller needs to unset it after this call for all file
+ descriptors that are used.
+
+ See sd_listen_fds(3) for more information.
+*/
+int sd_listen_fds(int unset_environment) _sd_hidden_;
+
+/*
+ Helper call for identifying a passed file descriptor. Returns 1 if
+ the file descriptor is a FIFO in the file system stored under the
+ specified path, 0 otherwise. If path is NULL a path name check will
+ not be done and the call only verifies if the file descriptor
+ refers to a FIFO. Returns a negative errno style error code on
+ failure.
+
+ See sd_is_fifo(3) for more information.
+*/
+int sd_is_fifo(int fd, const char *path) _sd_hidden_;
+
+/*
+ Helper call for identifying a passed file descriptor. Returns 1 if
+ the file descriptor is a socket of the specified family (AF_INET,
+ ...) and type (SOCK_DGRAM, SOCK_STREAM, ...), 0 otherwise. If
+ family is 0 a socket family check will not be done. If type is 0 a
+ socket type check will not be done and the call only verifies if
+ the file descriptor refers to a socket. If listening is > 0 it is
+ verified that the socket is in listening mode. (i.e. listen() has
+ been called) If listening is == 0 it is verified that the socket is
+ not in listening mode. If listening is < 0 no listening mode check
+ is done. Returns a negative errno style error code on failure.
+
+ See sd_is_socket(3) for more information.
+*/
+int sd_is_socket(int fd, int family, int type, int listening) _sd_hidden_;
+
+/*
+ Helper call for identifying a passed file descriptor. Returns 1 if
+ the file descriptor is an Internet socket, of the specified family
+ (either AF_INET or AF_INET6) and the specified type (SOCK_DGRAM,
+ SOCK_STREAM, ...), 0 otherwise. If version is 0 a protocol version
+ check is not done. If type is 0 a socket type check will not be
+ done. If port is 0 a socket port check will not be done. The
+ listening flag is used the same way as in sd_is_socket(). Returns a
+ negative errno style error code on failure.
+
+ See sd_is_socket_inet(3) for more information.
+*/
+int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port) _sd_hidden_;
+
+/*
+ Helper call for identifying a passed file descriptor. Returns 1 if
+ the file descriptor is an AF_UNIX socket of the specified type
+ (SOCK_DGRAM, SOCK_STREAM, ...) and path, 0 otherwise. If type is 0
+ a socket type check will not be done. If path is NULL a socket path
+ check will not be done. For normal AF_UNIX sockets set length to
+ 0. For abstract namespace sockets set length to the length of the
+ socket name (including the initial 0 byte), and pass the full
+ socket path in path (including the initial 0 byte). The listening
+ flag is used the same way as in sd_is_socket(). Returns a negative
+ errno style error code on failure.
+
+ See sd_is_socket_unix(3) for more information.
+*/
+int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length) _sd_hidden_;
+
+/*
+ Informs systemd about changed daemon state. This takes a number of
+ newline separated environment-style variable assignments in a
+ string. The following variables are known:
+
+ READY=1 Tells systemd that daemon startup is finished (only
+ relevant for services of Type=notify). The passed
+ argument is a boolean "1" or "0". Since there is
+ little value in signalling non-readiness the only
+ value daemons should send is "READY=1".
+
+ STATUS=... Passes a single-line status string back to systemd
+ that describes the daemon state. This is free-from
+ and can be used for various purposes: general state
+ feedback, fsck-like programs could pass completion
+ percentages and failing programs could pass a human
+ readable error message. Example: "STATUS=Completed
+ 66% of file system check..."
+
+ ERRNO=... If a daemon fails, the errno-style error code,
+ formatted as string. Example: "ERRNO=2" for ENOENT.
+
+ BUSERROR=... If a daemon fails, the D-Bus error-style error
+ code. Example: "BUSERROR=org.freedesktop.DBus.Error.TimedOut"
+
+ MAINPID=... The main pid of a daemon, in case systemd did not
+ fork off the process itself. Example: "MAINPID=4711"
+
+ Daemons can choose to send additional variables. However, it is
+ recommened to prefix variable names not listed above with X_.
+
+ Returns a negative errno-style error code on failure. Returns > 0
+ if systemd could be notified, 0 if it couldn't possibly because
+ systemd is not running.
+
+ Example: When a daemon finished starting up, it could issue this
+ call to notify systemd about it:
+
+ sd_notify(0, "READY=1");
+
+ See sd_notifyf() for more complete examples.
+
+ See sd_notify(3) for more information.
+*/
+int sd_notify(int unset_environment, const char *state) _sd_hidden_;
+
+/*
+ Similar to sd_notify() but takes a format string.
+
+ Example 1: A daemon could send the following after initialization:
+
+ sd_notifyf(0, "READY=1\n"
+ "STATUS=Processing requests...\n"
+ "MAINPID=%lu",
+ (unsigned long) getpid());
+
+ Example 2: A daemon could send the following shortly before
+ exiting, on failure:
+
+ sd_notifyf(0, "STATUS=Failed to start up: %s\n"
+ "ERRNO=%i",
+ strerror(errno),
+ errno);
+
+ See sd_notifyf(3) for more information.
+*/
+int sd_notifyf(int unset_environment, const char *format, ...) _sd_printf_attr_(2,3) _sd_hidden_;
+
+/*
+ Returns > 0 if the system was booted with systemd. Returns < 0 on
+ error. Returns 0 if the system was not booted with systemd. Note
+ that all of the functions above handle non-systemd boots just
+ fine. You should NOT protect them with a call to this function. Also
+ note that this function checks whether the system, not the user
+ session is controlled by systemd. However the functions above work
+ for both user and system services.
+
+ See sd_booted(3) for more information.
+*/
+int sd_booted(void) _sd_hidden_;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif