Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:11.4:Update
syslog-ng
syslog-ng-3.2.2-systemd-integration.bnc656104.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File syslog-ng-3.2.2-systemd-integration.bnc656104.diff of Package syslog-ng
commit 3128ea4f2f0c2af9ff8ff2bd674c59657f42eb65 Author: Gergely Nagy <algernon@balabit.hu> Date: Tue Feb 1 14:09:28 2011 +0100 gsockaddr: Make ->sa_funcs per-instance. Instead of initializing GSockAddr->sa_funcs to a static value, that points to an internal structure, make it per-instance, so one can override parts of it later on, without breaking the rest of the instances that share the address family. Signed-off-by: Gergely Nagy <algernon@balabit.hu> commit 72acf3efef71400d7aacf5137c9727a698dbde19 Author: Gergely Nagy <algernon@balabit.hu> Date: Tue Feb 1 11:15:07 2011 +0100 systemd: Code cleanup. Cleaned up inherit_systemd_activation(): removing unused code, turning gotos into returns and merging a few ifs together. Signed-off-by: Gergely Nagy <algernon@balabit.hu> commit 7f8154cd014bb78dfb1365dae8114b59e488a591 Author: Gergely Nagy <algernon@balabit.hu> Date: Tue Feb 1 11:07:43 2011 +0100 systemd: Added sd-daemon.c & sd-daemon.h. commit 65e27c1855dc9601f1c67b0359c60ec60da3d4bf Author: Marius Tomaschewski <mt@suse.de> Date: Tue Jan 18 14:03:29 2011 +0100 Enabled systemd socket activation in forking mode commit febacf0bb5740e3f6454fd524f8d0e9e76c20e31 Author: Marius Tomaschewski <mt@suse.de> Date: Mon Jan 17 17:23:09 2011 +0100 Cleaned up systemd socket activation commit e22582bf1a2ac49bd1550980b7a6d55ede450c60 Author: Marius Tomaschewski <mt@suse.de> Date: Fri Dec 10 18:39:57 2010 +0100 First version of systemd socket activation support First version of systemd socket activation support for unix-dgram sockets (not only /dev/log) in foreground mode. The sd-daemon.[ch] files are available at http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.[ch] diff --git a/lib/gprocess.c b/lib/gprocess.c index 363d030..d9a2dfb 100644 --- a/lib/gprocess.c +++ b/lib/gprocess.c @@ -140,6 +140,56 @@ static struct .gid = -1 }; +/** + * Inherits systemd socket activation from parent process updating the pid + * in LISTEN_PID to the pid of the child process. + * + * @return same as sd_listen_fds + * r == 0: no socket activation or this process is not responsible + * r > 0: success, number of sockets + * r < 0: an error occured + */ +static int +inherit_systemd_activation(void) +{ + const char *e; + char buf[24] = { '\0' }; + char *p = NULL; + unsigned long l; + + /* fetch listen pid */ + if (!(e = getenv("LISTEN_PID"))) + return 0; + + errno = 0; + l = strtoul(e, &p, 10); + if (errno != 0 || !p || *p || l == 0) + return (errno) ? -errno : -EINVAL; + + /* was it for our parent? */ + if (getppid() != (pid_t)l) + return 0; + + /* verify listen fds */ + if (!(e = getenv("LISTEN_FDS"))) + return 0; + + errno = 0; + l = strtoul(e, &p, 10); + if (errno != 0 || !p || *p) + return (errno) ? -errno : -EINVAL; + + /* update the listen pid to ours */ + snprintf(buf, sizeof(buf), "%d", getpid()); + if (errno != 0 || !*buf) + return (errno) ? -errno : -EINVAL; + + if (setenv("LISTEN_PID", buf, 1) == 0) + return (int)l; + + return -1; +} + #if ENABLE_LINUX_CAPS /** @@ -1125,6 +1175,10 @@ g_process_perform_supervise(void) process_kind = G_PK_DAEMON; close(init_result_pipe[0]); init_result_pipe[0] = -1; + + /* update systemd socket activation pid */ + inherit_systemd_activation(); + memcpy(process_opts.argv_start, process_opts.argv_orig, process_opts.argv_env_len); return; } @@ -1180,6 +1234,9 @@ g_process_start(void) /* shut down init_result_pipe read side */ close(init_result_pipe[0]); init_result_pipe[0] = -1; + + /* update systemd socket activation pid */ + inherit_systemd_activation(); } else if (process_opts.mode == G_PM_SAFE_BACKGROUND) { @@ -1213,6 +1270,9 @@ g_process_start(void) close(startup_result_pipe[0]); startup_result_pipe[0] = -1; + /* update systemd socket activation pid */ + inherit_systemd_activation(); + process_kind = G_PK_SUPERVISOR; g_process_perform_supervise(); /* we only return in the daamon process here */ diff --git a/lib/gsockaddr.c b/lib/gsockaddr.c index dc1a093..ebee377 100644 --- a/lib/gsockaddr.c +++ b/lib/gsockaddr.c @@ -143,10 +143,13 @@ g_sockaddr_unref(GSockAddr *a) if (g_atomic_counter_dec_and_test(&a->refcnt)) { if (!a->sa_funcs->freefn) - g_free(a); - else - a->sa_funcs->freefn(a); - } + { + g_free(a->sa_funcs); + g_free(a); + } + else + a->sa_funcs->freefn(a); + } } } @@ -198,21 +201,18 @@ g_sockaddr_inet_format(GSockAddr *addr, gchar *text, gulong n, gint format) void g_sockaddr_inet_free(GSockAddr *addr) { + g_free(addr->sa_funcs); g_free(addr); } -static GSockAddrFuncs inet_sockaddr_funcs = -{ - g_sockaddr_inet_bind_prepare, - NULL, - g_sockaddr_inet_format, - g_sockaddr_inet_free -}; - gboolean g_sockaddr_inet_check(GSockAddr *a) { - return a->sa_funcs == &inet_sockaddr_funcs; + return (a->sa_funcs && + a->sa_funcs->sa_bind_prepare == g_sockaddr_inet_bind_prepare && + a->sa_funcs->sa_bind == NULL && + a->sa_funcs->sa_format == g_sockaddr_inet_format && + a->sa_funcs->freefn == g_sockaddr_inet_free); } /*+ @@ -243,7 +243,10 @@ g_sockaddr_inet_new(gchar *ip, guint16 port) addr->sin.sin_family = AF_INET; addr->sin.sin_port = htons(port); addr->sin.sin_addr = ina; - addr->sa_funcs = &inet_sockaddr_funcs; + addr->sa_funcs = g_new0(GSockAddrFuncs, 1); + addr->sa_funcs->sa_bind_prepare = g_sockaddr_inet_bind_prepare; + addr->sa_funcs->sa_format = g_sockaddr_inet_format; + addr->sa_funcs->freefn = g_sockaddr_inet_free; } return (GSockAddr *) addr; } @@ -269,7 +272,10 @@ g_sockaddr_inet_new2(struct sockaddr_in *sin) addr->flags = 0; addr->salen = sizeof(struct sockaddr_in); addr->sin = *sin; - addr->sa_funcs = &inet_sockaddr_funcs; + addr->sa_funcs = g_new0(GSockAddrFuncs, 1); + addr->sa_funcs->sa_bind_prepare = g_sockaddr_inet_bind_prepare; + addr->sa_funcs->sa_format = g_sockaddr_inet_format; + addr->sa_funcs->freefn = g_sockaddr_inet_free; return (GSockAddr *) addr; } @@ -331,14 +337,6 @@ g_sockaddr_inet_range_bind(int sock, GSockAddr *a) return G_IO_STATUS_ERROR; } -static GSockAddrFuncs inet_range_sockaddr_funcs = -{ - NULL, - g_sockaddr_inet_range_bind, - g_sockaddr_inet_format, - g_sockaddr_inet_free, -}; - GSockAddr * g_sockaddr_inet_range_new(gchar *ip, guint16 min_port, guint16 max_port) { @@ -350,7 +348,13 @@ g_sockaddr_inet_range_new(gchar *ip, guint16 min_port, guint16 max_port) addr->sin.sin_family = AF_INET; inet_aton(ip, &addr->sin.sin_addr); addr->sin.sin_port = 0; - addr->sa_funcs = &inet_range_sockaddr_funcs; + + addr->sa_funcs = g_new0(GSockAddrFuncs, 1); + addr->sa_funcs->sa_bind_prepare = NULL; + addr->sa_funcs->sa_bind = g_sockaddr_inet_range_bind; + addr->sa_funcs->sa_format = g_sockaddr_inet_format; + addr->sa_funcs->freefn = g_sockaddr_inet_free; + if (max_port > min_port) { addr->last_port = (rand() % (max_port - min_port)) + min_port; @@ -405,21 +409,18 @@ g_sockaddr_inet6_format(GSockAddr *addr, gchar *text, gulong n, gint format) static void g_sockaddr_inet6_free(GSockAddr *addr) { + g_free(addr->sa_funcs); g_free(addr); } -static GSockAddrFuncs inet6_sockaddr_funcs = -{ - g_sockaddr_inet_bind_prepare, - NULL, - g_sockaddr_inet6_format, - g_sockaddr_inet6_free -}; - gboolean g_sockaddr_inet6_check(GSockAddr *a) { - return a->sa_funcs == &inet6_sockaddr_funcs; + return (a->sa_funcs && + a->sa_funcs->sa_bind_prepare == g_sockaddr_inet_bind_prepare && + a->sa_funcs->sa_bind == NULL && + a->sa_funcs->sa_format == g_sockaddr_inet6_format && + a->sa_funcs->freefn == g_sockaddr_inet6_free); } @@ -446,7 +447,10 @@ g_sockaddr_inet6_new(gchar *ip, guint16 port) addr->sin6.sin6_family = AF_INET6; inet_pton(AF_INET6, ip, &addr->sin6.sin6_addr); addr->sin6.sin6_port = htons(port); - addr->sa_funcs = &inet6_sockaddr_funcs; + addr->sa_funcs = g_new0(GSockAddrFuncs, 1); + addr->sa_funcs->sa_bind_prepare = g_sockaddr_inet_bind_prepare; + addr->sa_funcs->sa_format = g_sockaddr_inet6_format; + addr->sa_funcs->freefn = g_sockaddr_inet6_free; return (GSockAddr *) addr; } @@ -473,7 +477,10 @@ g_sockaddr_inet6_new2(struct sockaddr_in6 *sin6) addr->flags = 0; addr->salen = sizeof(struct sockaddr_in6); addr->sin6 = *sin6; - addr->sa_funcs = &inet6_sockaddr_funcs; + addr->sa_funcs = g_new0(GSockAddrFuncs, 1); + addr->sa_funcs->sa_bind_prepare = g_sockaddr_inet_bind_prepare; + addr->sa_funcs->sa_format = g_sockaddr_inet6_format; + addr->sa_funcs->freefn = g_sockaddr_inet6_free; return (GSockAddr *) addr; } @@ -501,13 +508,6 @@ static GIOStatus g_sockaddr_unix_bind_prepare(int sock, GSockAddr *addr); static GIOStatus g_sockaddr_unix_bind(int sock, GSockAddr *addr); static gchar *g_sockaddr_unix_format(GSockAddr *addr, gchar *text, gulong n, gint format); -static GSockAddrFuncs unix_sockaddr_funcs = -{ - g_sockaddr_unix_bind_prepare, - g_sockaddr_unix_bind, - g_sockaddr_unix_format -}; - /* anonymous if name == NULL */ /*+ @@ -528,7 +528,10 @@ g_sockaddr_unix_new(const gchar *name) g_atomic_counter_set(&addr->refcnt, 1); addr->flags = 0; - addr->sa_funcs = &unix_sockaddr_funcs; + addr->sa_funcs = g_new0(GSockAddrFuncs, 1); + addr->sa_funcs->sa_bind_prepare = g_sockaddr_unix_bind_prepare; + addr->sa_funcs->sa_bind = g_sockaddr_unix_bind; + addr->sa_funcs->sa_format = g_sockaddr_unix_format; addr->saun.sun_family = AF_UNIX; if (name) { @@ -564,7 +567,10 @@ g_sockaddr_unix_new2(struct sockaddr_un *saun, int sunlen) g_atomic_counter_set(&addr->refcnt, 1); addr->flags = 0; - addr->sa_funcs = &unix_sockaddr_funcs; + addr->sa_funcs = g_new0(GSockAddrFuncs, 1); + addr->sa_funcs->sa_bind_prepare = g_sockaddr_unix_bind_prepare; + addr->sa_funcs->sa_bind = g_sockaddr_unix_bind; + addr->sa_funcs->sa_format = g_sockaddr_unix_format; addr->salen = sunlen; addr->saun = *saun; return (GSockAddr *) addr; diff --git a/modules/afsocket/Makefile.am b/modules/afsocket/Makefile.am index 40d9dd8..fdd2ee6 100644 --- a/modules/afsocket/Makefile.am +++ b/modules/afsocket/Makefile.am @@ -7,7 +7,8 @@ noinst_DATA = libafsocket.la libafsocket_notls_la_SOURCES = \ afsocket.c afsocket.h afunix.c afunix.h afinet.c afinet.h \ tlscontext.c tlscontext.h tlstransport.c tlstransport.h \ - afsocket-grammar.y afsocket-parser.c afsocket-parser.h afsocket-plugin.c + afsocket-grammar.y afsocket-parser.c afsocket-parser.h afsocket-plugin.c \ + sd-daemon.c sd-daemon.h libafsocket_notls_la_CPPFLAGS = $(AM_CPPFLAGS) libafsocket_notls_la_LIBADD = ../../lib/libsyslog-ng.la $(LIBNET_LIBS) $(LIBWRAP_LIBS) libafsocket_notls_la_LDFLAGS = -avoid-version -module -no-undefined @@ -17,7 +18,8 @@ module_LTLIBRARIES += libafsocket-tls.la libafsocket_tls_la_SOURCES = \ afsocket.c afsocket.h afunix.c afunix.h afinet.c afinet.h \ tlscontext.c tlscontext.h tlstransport.c tlstransport.h \ - afsocket-grammar.y afsocket-parser.c afsocket-parser.h afsocket-plugin.c + afsocket-grammar.y afsocket-parser.c afsocket-parser.h afsocket-plugin.c \ + sd-daemon.c sd-daemon.h libafsocket_tls_la_CPPFLAGS = $(AM_CPPFLAGS) -DENABLE_SSL=1 libafsocket_tls_la_LIBADD = ../../lib/libsyslog-ng.la $(OPENSSL_LIBS) $(ZLIB_LIBS) $(LIBNET_LIBS) $(LIBWRAP_LIBS) libafsocket_tls_la_LDFLAGS = -avoid-version -module -no-undefined diff --git a/modules/afsocket/afsocket.c b/modules/afsocket/afsocket.c index 499cfb1..67f9499 100644 --- a/modules/afsocket/afsocket.c +++ b/modules/afsocket/afsocket.c @@ -529,6 +529,16 @@ afsocket_sd_init(LogPipe *s) gboolean res = FALSE; GlobalConfig *cfg = log_pipe_get_config(s); + if (self->systemd_sock != -1) + { + /* TODO: another socket types */ + if ((self->bind_addr->sa.sa_family != AF_UNIX) || !(self->flags & AFSOCKET_DGRAM)) + { + msg_error("Systemd activation implemented for unix datagram sockets only", NULL); + return FALSE; + } + } + #if ENABLE_SSL if (self->flags & AFSOCKET_REQUIRE_TLS && !self->tls_context) { @@ -604,14 +614,22 @@ afsocket_sd_init(LogPipe *s) { if (!self->connections) { - if (!afsocket_open_socket(self->bind_addr, !!(self->flags & AFSOCKET_STREAM), &sock)) + if (self->systemd_sock != -1) + { + sock = self->systemd_sock; + g_fd_set_nonblock(sock, TRUE); + self->bind_addr->sa_funcs->sa_bind = NULL; + self->bind_addr->sa_funcs->sa_bind_prepare = NULL; + } + else if (!afsocket_open_socket(self->bind_addr, !!(self->flags & AFSOCKET_STREAM), &sock)) return self->super.optional; } self->fd = -1; if (!self->setup_socket(self, sock)) { - close(sock); + if (self->systemd_sock == -1) + close(sock); return FALSE; } @@ -738,6 +756,7 @@ afsocket_sd_init_instance(AFSocketSourceDriver *self, SocketOptions *sock_option self->setup_socket = afsocket_sd_setup_socket; self->max_connections = 10; self->listen_backlog = 255; + self->systemd_sock = -1; self->flags = flags | AFSOCKET_KEEP_ALIVE; log_reader_options_defaults(&self->reader_options); diff --git a/modules/afsocket/afsocket.h b/modules/afsocket/afsocket.h index bf1c74f..f172db8 100644 --- a/modules/afsocket/afsocket.h +++ b/modules/afsocket/afsocket.h @@ -77,6 +77,7 @@ struct _AFSocketSourceDriver GList *connections; SocketOptions *sock_options_ptr; gboolean (*setup_socket)(AFSocketSourceDriver *s, gint fd); + gint systemd_sock; }; void afsocket_sd_set_keep_alive(LogDriver *self, gint enable); diff --git a/modules/afsocket/afunix.c b/modules/afsocket/afunix.c index b486b6b..4d45c60 100644 --- a/modules/afsocket/afunix.c +++ b/modules/afsocket/afunix.c @@ -25,12 +25,14 @@ #include "misc.h" #include "messages.h" #include "gprocess.h" +#include "sd-daemon.h" #include <sys/types.h> #include <sys/socket.h> #include <sys/un.h> #include <sys/stat.h> #include <unistd.h> +#include <stdlib.h> void afunix_sd_set_uid(LogDriver *s, gchar *owner) @@ -67,6 +69,34 @@ afunix_sd_init(LogPipe *s) { AFUnixSourceDriver *self = (AFUnixSourceDriver *) s; cap_t saved_caps; + int fds, fd, t, r; + + fd = -1; + fds = sd_listen_fds(0); + msg_debug( "Systemd socket activation", + evt_tag_int("systemd-sockets", fds), + evt_tag_str("systemd-listen-pid", getenv("LISTEN_PID")), + evt_tag_str("systemd-listen-fds", getenv("LISTEN_FDS")), + NULL); + if (fds < 0) + { + msg_error("Failed to acquire systemd sockets", NULL); + return FALSE; + } + else if (fds > 0) + { + for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + fds; fd++) + { + t = (self->super.flags & AFSOCKET_STREAM) ? SOCK_STREAM : SOCK_DGRAM; + r = sd_is_socket_unix(fd, t, -1, self->filename, 0); + if (r == 1) + { + /* OK, remember this systemd socket */ + self->super.systemd_sock = fd; + break; + } + } + } if (afsocket_sd_init(s)) { @@ -83,9 +113,27 @@ afunix_sd_init(LogPipe *s) if (self->perm >= 0) chmod(self->filename, (mode_t) self->perm); g_process_cap_restore(saved_caps); + + if (self->super.systemd_sock != -1) + { + msg_verbose("Acquired systemd socket", + evt_tag_int("systemd-sock-fd", self->super.systemd_sock), + evt_tag_str("systemd-sock-name", self->filename), + NULL); + } return TRUE; } - return FALSE; + else + { + if (self->super.systemd_sock != -1) + { + msg_error("Failed to acquire systemd socket", + evt_tag_int("systemd-sock-fd", self->super.systemd_sock), + evt_tag_str("systemd-sock-name", self->filename), + NULL); + } + return FALSE; + } } static void diff --git a/modules/afsocket/sd-daemon.c b/modules/afsocket/sd-daemon.c new file mode 100644 index 0000000..6d1eebf --- /dev/null +++ b/modules/afsocket/sd-daemon.c @@ -0,0 +1,436 @@ +/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ + +/*** + Copyright 2010 Lennart Poettering + + Permission is hereby granted, free of charge, to any person + obtaining a copy of this software and associated documentation files + (the "Software"), to deal in the Software without restriction, + including without limitation the rights to use, copy, modify, merge, + publish, distribute, sublicense, and/or sell copies of the Software, + and to permit persons to whom the Software is furnished to do so, + subject to the following conditions: + + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE. +***/ + +#ifndef _GNU_SOURCE +#define _GNU_SOURCE +#endif + +#include <sys/types.h> +#include <sys/stat.h> +#include <sys/socket.h> +#include <sys/un.h> +#include <sys/fcntl.h> +#include <netinet/in.h> +#include <stdlib.h> +#include <errno.h> +#include <unistd.h> +#include <string.h> +#include <stdarg.h> +#include <stdio.h> +#include <stddef.h> + +#include "sd-daemon.h" + +int sd_listen_fds(int unset_environment) { + +#if defined(DISABLE_SYSTEMD) || !defined(__linux__) + return 0; +#else + int r, fd; + const char *e; + char *p = NULL; + unsigned long l; + + if (!(e = getenv("LISTEN_PID"))) { + r = 0; + goto finish; + } + + errno = 0; + l = strtoul(e, &p, 10); + + if (errno != 0) { + r = -errno; + goto finish; + } + + if (!p || *p || l <= 0) { + r = -EINVAL; + goto finish; + } + + /* Is this for us? */ + if (getpid() != (pid_t) l) { + r = 0; + goto finish; + } + + if (!(e = getenv("LISTEN_FDS"))) { + r = 0; + goto finish; + } + + errno = 0; + l = strtoul(e, &p, 10); + + if (errno != 0) { + r = -errno; + goto finish; + } + + if (!p || *p) { + r = -EINVAL; + goto finish; + } + + for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + (int) l; fd ++) { + int flags; + + if ((flags = fcntl(fd, F_GETFD)) < 0) { + r = -errno; + goto finish; + } + + if (flags & FD_CLOEXEC) + continue; + + if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) < 0) { + r = -errno; + goto finish; + } + } + + r = (int) l; + +finish: + if (unset_environment) { + unsetenv("LISTEN_PID"); + unsetenv("LISTEN_FDS"); + } + + return r; +#endif +} + +int sd_is_fifo(int fd, const char *path) { + struct stat st_fd; + + if (fd < 0) + return -EINVAL; + + memset(&st_fd, 0, sizeof(st_fd)); + if (fstat(fd, &st_fd) < 0) + return -errno; + + if (!S_ISFIFO(st_fd.st_mode)) + return 0; + + if (path) { + struct stat st_path; + + memset(&st_path, 0, sizeof(st_path)); + if (stat(path, &st_path) < 0) { + + if (errno == ENOENT || errno == ENOTDIR) + return 0; + + return -errno; + } + + return + st_path.st_dev == st_fd.st_dev && + st_path.st_ino == st_fd.st_ino; + } + + return 1; +} + +static int sd_is_socket_internal(int fd, int type, int listening) { + struct stat st_fd; + + if (fd < 0 || type < 0) + return -EINVAL; + + if (fstat(fd, &st_fd) < 0) + return -errno; + + if (!S_ISSOCK(st_fd.st_mode)) + return 0; + + if (type != 0) { + int other_type = 0; + socklen_t l = sizeof(other_type); + + if (getsockopt(fd, SOL_SOCKET, SO_TYPE, &other_type, &l) < 0) + return -errno; + + if (l != sizeof(other_type)) + return -EINVAL; + + if (other_type != type) + return 0; + } + + if (listening >= 0) { + int accepting = 0; + socklen_t l = sizeof(accepting); + + if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &accepting, &l) < 0) + return -errno; + + if (l != sizeof(accepting)) + return -EINVAL; + + if (!accepting != !listening) + return 0; + } + + return 1; +} + +union sockaddr_union { + struct sockaddr sa; + struct sockaddr_in in4; + struct sockaddr_in6 in6; + struct sockaddr_un un; + struct sockaddr_storage storage; +}; + +int sd_is_socket(int fd, int family, int type, int listening) { + int r; + + if (family < 0) + return -EINVAL; + + if ((r = sd_is_socket_internal(fd, type, listening)) <= 0) + return r; + + if (family > 0) { + union sockaddr_union sockaddr; + socklen_t l; + + memset(&sockaddr, 0, sizeof(sockaddr)); + l = sizeof(sockaddr); + + if (getsockname(fd, &sockaddr.sa, &l) < 0) + return -errno; + + if (l < sizeof(sa_family_t)) + return -EINVAL; + + return sockaddr.sa.sa_family == family; + } + + return 1; +} + +int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port) { + union sockaddr_union sockaddr; + socklen_t l; + int r; + + if (family != 0 && family != AF_INET && family != AF_INET6) + return -EINVAL; + + if ((r = sd_is_socket_internal(fd, type, listening)) <= 0) + return r; + + memset(&sockaddr, 0, sizeof(sockaddr)); + l = sizeof(sockaddr); + + if (getsockname(fd, &sockaddr.sa, &l) < 0) + return -errno; + + if (l < sizeof(sa_family_t)) + return -EINVAL; + + if (sockaddr.sa.sa_family != AF_INET && + sockaddr.sa.sa_family != AF_INET6) + return 0; + + if (family > 0) + if (sockaddr.sa.sa_family != family) + return 0; + + if (port > 0) { + if (sockaddr.sa.sa_family == AF_INET) { + if (l < sizeof(struct sockaddr_in)) + return -EINVAL; + + return htons(port) == sockaddr.in4.sin_port; + } else { + if (l < sizeof(struct sockaddr_in6)) + return -EINVAL; + + return htons(port) == sockaddr.in6.sin6_port; + } + } + + return 1; +} + +int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length) { + union sockaddr_union sockaddr; + socklen_t l; + int r; + + if ((r = sd_is_socket_internal(fd, type, listening)) <= 0) + return r; + + memset(&sockaddr, 0, sizeof(sockaddr)); + l = sizeof(sockaddr); + + if (getsockname(fd, &sockaddr.sa, &l) < 0) + return -errno; + + if (l < sizeof(sa_family_t)) + return -EINVAL; + + if (sockaddr.sa.sa_family != AF_UNIX) + return 0; + + if (path) { + if (length <= 0) + length = strlen(path); + + if (length <= 0) + /* Unnamed socket */ + return l == offsetof(struct sockaddr_un, sun_path); + + if (path[0]) + /* Normal path socket */ + return + (l >= offsetof(struct sockaddr_un, sun_path) + length + 1) && + memcmp(path, sockaddr.un.sun_path, length+1) == 0; + else + /* Abstract namespace socket */ + return + (l == offsetof(struct sockaddr_un, sun_path) + length) && + memcmp(path, sockaddr.un.sun_path, length) == 0; + } + + return 1; +} + +int sd_notify(int unset_environment, const char *state) { +#if defined(DISABLE_SYSTEMD) || !defined(__linux__) || !defined(SOCK_CLOEXEC) + return 0; +#else + int fd = -1, r; + struct msghdr msghdr; + struct iovec iovec; + union sockaddr_union sockaddr; + const char *e; + + if (!state) { + r = -EINVAL; + goto finish; + } + + if (!(e = getenv("NOTIFY_SOCKET"))) + return 0; + + /* Must be an abstract socket, or an absolute path */ + if ((e[0] != '@' && e[0] != '/') || e[1] == 0) { + r = -EINVAL; + goto finish; + } + + if ((fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0)) < 0) { + r = -errno; + goto finish; + } + + memset(&sockaddr, 0, sizeof(sockaddr)); + sockaddr.sa.sa_family = AF_UNIX; + strncpy(sockaddr.un.sun_path, e, sizeof(sockaddr.un.sun_path)); + + if (sockaddr.un.sun_path[0] == '@') + sockaddr.un.sun_path[0] = 0; + + memset(&iovec, 0, sizeof(iovec)); + iovec.iov_base = (char*) state; + iovec.iov_len = strlen(state); + + memset(&msghdr, 0, sizeof(msghdr)); + msghdr.msg_name = &sockaddr; + msghdr.msg_namelen = offsetof(struct sockaddr_un, sun_path) + strlen(e); + + if (msghdr.msg_namelen > sizeof(struct sockaddr_un)) + msghdr.msg_namelen = sizeof(struct sockaddr_un); + + msghdr.msg_iov = &iovec; + msghdr.msg_iovlen = 1; + + if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) < 0) { + r = -errno; + goto finish; + } + + r = 1; + +finish: + if (unset_environment) + unsetenv("NOTIFY_SOCKET"); + + if (fd >= 0) + close(fd); + + return r; +#endif +} + +int sd_notifyf(int unset_environment, const char *format, ...) { +#if defined(DISABLE_SYSTEMD) || !defined(__linux__) + return 0; +#else + va_list ap; + char *p = NULL; + int r; + + va_start(ap, format); + r = vasprintf(&p, format, ap); + va_end(ap); + + if (r < 0 || !p) + return -ENOMEM; + + r = sd_notify(unset_environment, p); + free(p); + + return r; +#endif +} + +int sd_booted(void) { +#if defined(DISABLE_SYSTEMD) || !defined(__linux__) + return 0; +#else + + struct stat a, b; + + /* We simply test whether the systemd cgroup hierarchy is + * mounted */ + + if (lstat("/sys/fs/cgroup", &a) < 0) + return 0; + + if (lstat("/sys/fs/cgroup/systemd", &b) < 0) + return 0; + + return a.st_dev != b.st_dev; +#endif +} diff --git a/modules/afsocket/sd-daemon.h b/modules/afsocket/sd-daemon.h new file mode 100644 index 0000000..d0a0a94 --- /dev/null +++ b/modules/afsocket/sd-daemon.h @@ -0,0 +1,265 @@ +/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ + +#ifndef foosddaemonhfoo +#define foosddaemonhfoo + +/*** + Copyright 2010 Lennart Poettering + + Permission is hereby granted, free of charge, to any person + obtaining a copy of this software and associated documentation files + (the "Software"), to deal in the Software without restriction, + including without limitation the rights to use, copy, modify, merge, + publish, distribute, sublicense, and/or sell copies of the Software, + and to permit persons to whom the Software is furnished to do so, + subject to the following conditions: + + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS + BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN + ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN + CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE. +***/ + +#include <sys/types.h> +#include <inttypes.h> + +#ifdef __cplusplus +extern "C" { +#endif + +/* + Reference implementation of a few systemd related interfaces for + writing daemons. These interfaces are trivial to implement. To + simplify porting we provide this reference implementation. + Applications are welcome to reimplement the algorithms described + here if they do not want to include these two source files. + + The following functionality is provided: + + - Support for logging with log levels on stderr + - File descriptor passing for socket-based activation + - Daemon startup and status notification + - Detection of systemd boots + + You may compile this with -DDISABLE_SYSTEMD to disable systemd + support. This makes all those calls NOPs that are directly related to + systemd (i.e. only sd_is_xxx() will stay useful). + + Since this is drop-in code we don't want any of our symbols to be + exported in any case. Hence we declare hidden visibility for all of + them. + + You may find an up-to-date version of these source files online: + + http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.h + http://cgit.freedesktop.org/systemd/plain/src/sd-daemon.c + + This should compile on non-Linux systems, too, but with the + exception of the sd_is_xxx() calls all functions will become NOPs. + + See sd-daemon(7) for more information. +*/ + +#ifndef _sd_printf_attr_ +#if __GNUC__ >= 4 +#define _sd_printf_attr_(a,b) __attribute__ ((format (printf, a, b))) +#else +#define _sd_printf_attr_(a,b) +#endif +#endif + +#ifndef _sd_hidden_ +#if (__GNUC__ >= 4) && !defined(SD_EXPORT_SYMBOLS) +#define _sd_hidden_ __attribute__ ((visibility("hidden"))) +#else +#define _sd_hidden_ +#endif +#endif + +/* + Log levels for usage on stderr: + + fprintf(stderr, SD_NOTICE "Hello World!\n"); + + This is similar to printk() usage in the kernel. +*/ +#define SD_EMERG "<0>" /* system is unusable */ +#define SD_ALERT "<1>" /* action must be taken immediately */ +#define SD_CRIT "<2>" /* critical conditions */ +#define SD_ERR "<3>" /* error conditions */ +#define SD_WARNING "<4>" /* warning conditions */ +#define SD_NOTICE "<5>" /* normal but significant condition */ +#define SD_INFO "<6>" /* informational */ +#define SD_DEBUG "<7>" /* debug-level messages */ + +/* The first passed file descriptor is fd 3 */ +#define SD_LISTEN_FDS_START 3 + +/* + Returns how many file descriptors have been passed, or a negative + errno code on failure. Optionally, removes the $LISTEN_FDS and + $LISTEN_PID file descriptors from the environment (recommended, but + problematic in threaded environments). If r is the return value of + this function you'll find the file descriptors passed as fds + SD_LISTEN_FDS_START to SD_LISTEN_FDS_START+r-1. Returns a negative + errno style error code on failure. This function call ensures that + the FD_CLOEXEC flag is set for the passed file descriptors, to make + sure they are not passed on to child processes. If FD_CLOEXEC shall + not be set, the caller needs to unset it after this call for all file + descriptors that are used. + + See sd_listen_fds(3) for more information. +*/ +int sd_listen_fds(int unset_environment) _sd_hidden_; + +/* + Helper call for identifying a passed file descriptor. Returns 1 if + the file descriptor is a FIFO in the file system stored under the + specified path, 0 otherwise. If path is NULL a path name check will + not be done and the call only verifies if the file descriptor + refers to a FIFO. Returns a negative errno style error code on + failure. + + See sd_is_fifo(3) for more information. +*/ +int sd_is_fifo(int fd, const char *path) _sd_hidden_; + +/* + Helper call for identifying a passed file descriptor. Returns 1 if + the file descriptor is a socket of the specified family (AF_INET, + ...) and type (SOCK_DGRAM, SOCK_STREAM, ...), 0 otherwise. If + family is 0 a socket family check will not be done. If type is 0 a + socket type check will not be done and the call only verifies if + the file descriptor refers to a socket. If listening is > 0 it is + verified that the socket is in listening mode. (i.e. listen() has + been called) If listening is == 0 it is verified that the socket is + not in listening mode. If listening is < 0 no listening mode check + is done. Returns a negative errno style error code on failure. + + See sd_is_socket(3) for more information. +*/ +int sd_is_socket(int fd, int family, int type, int listening) _sd_hidden_; + +/* + Helper call for identifying a passed file descriptor. Returns 1 if + the file descriptor is an Internet socket, of the specified family + (either AF_INET or AF_INET6) and the specified type (SOCK_DGRAM, + SOCK_STREAM, ...), 0 otherwise. If version is 0 a protocol version + check is not done. If type is 0 a socket type check will not be + done. If port is 0 a socket port check will not be done. The + listening flag is used the same way as in sd_is_socket(). Returns a + negative errno style error code on failure. + + See sd_is_socket_inet(3) for more information. +*/ +int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port) _sd_hidden_; + +/* + Helper call for identifying a passed file descriptor. Returns 1 if + the file descriptor is an AF_UNIX socket of the specified type + (SOCK_DGRAM, SOCK_STREAM, ...) and path, 0 otherwise. If type is 0 + a socket type check will not be done. If path is NULL a socket path + check will not be done. For normal AF_UNIX sockets set length to + 0. For abstract namespace sockets set length to the length of the + socket name (including the initial 0 byte), and pass the full + socket path in path (including the initial 0 byte). The listening + flag is used the same way as in sd_is_socket(). Returns a negative + errno style error code on failure. + + See sd_is_socket_unix(3) for more information. +*/ +int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length) _sd_hidden_; + +/* + Informs systemd about changed daemon state. This takes a number of + newline separated environment-style variable assignments in a + string. The following variables are known: + + READY=1 Tells systemd that daemon startup is finished (only + relevant for services of Type=notify). The passed + argument is a boolean "1" or "0". Since there is + little value in signalling non-readiness the only + value daemons should send is "READY=1". + + STATUS=... Passes a single-line status string back to systemd + that describes the daemon state. This is free-from + and can be used for various purposes: general state + feedback, fsck-like programs could pass completion + percentages and failing programs could pass a human + readable error message. Example: "STATUS=Completed + 66% of file system check..." + + ERRNO=... If a daemon fails, the errno-style error code, + formatted as string. Example: "ERRNO=2" for ENOENT. + + BUSERROR=... If a daemon fails, the D-Bus error-style error + code. Example: "BUSERROR=org.freedesktop.DBus.Error.TimedOut" + + MAINPID=... The main pid of a daemon, in case systemd did not + fork off the process itself. Example: "MAINPID=4711" + + Daemons can choose to send additional variables. However, it is + recommened to prefix variable names not listed above with X_. + + Returns a negative errno-style error code on failure. Returns > 0 + if systemd could be notified, 0 if it couldn't possibly because + systemd is not running. + + Example: When a daemon finished starting up, it could issue this + call to notify systemd about it: + + sd_notify(0, "READY=1"); + + See sd_notifyf() for more complete examples. + + See sd_notify(3) for more information. +*/ +int sd_notify(int unset_environment, const char *state) _sd_hidden_; + +/* + Similar to sd_notify() but takes a format string. + + Example 1: A daemon could send the following after initialization: + + sd_notifyf(0, "READY=1\n" + "STATUS=Processing requests...\n" + "MAINPID=%lu", + (unsigned long) getpid()); + + Example 2: A daemon could send the following shortly before + exiting, on failure: + + sd_notifyf(0, "STATUS=Failed to start up: %s\n" + "ERRNO=%i", + strerror(errno), + errno); + + See sd_notifyf(3) for more information. +*/ +int sd_notifyf(int unset_environment, const char *format, ...) _sd_printf_attr_(2,3) _sd_hidden_; + +/* + Returns > 0 if the system was booted with systemd. Returns < 0 on + error. Returns 0 if the system was not booted with systemd. Note + that all of the functions above handle non-systemd boots just + fine. You should NOT protect them with a call to this function. Also + note that this function checks whether the system, not the user + session is controlled by systemd. However the functions above work + for both user and system services. + + See sd_booted(3) for more information. +*/ +int sd_booted(void) _sd_hidden_; + +#ifdef __cplusplus +} +#endif + +#endif
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor