1 /*-
2 * SPDX-License-Identifier: BSD-3-Clause
3 *
4 * Copyright (c) 1999 Berkeley Software Design, Inc. All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
8 * are met:
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 3. Berkeley Software Design Inc's name may not be used to endorse or
15 * promote products derived from this software without specific prior
16 * written permission.
17 *
18 * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * SUCH DAMAGE.
29 *
30 * From BSDI: daemon.c,v 1.2 1996/08/15 01:11:09 jch Exp
31 */
32
33 #include <sys/event.h>
34 #include <sys/mman.h>
35 #include <sys/wait.h>
36
37 #include <fcntl.h>
38 #include <err.h>
39 #include <errno.h>
40 #include <getopt.h>
41 #include <libutil.h>
42 #include <login_cap.h>
43 #include <paths.h>
44 #include <pwd.h>
45 #include <signal.h>
46 #include <stdio.h>
47 #include <stdbool.h>
48 #include <stdlib.h>
49 #include <unistd.h>
50 #include <string.h>
51 #define SYSLOG_NAMES
52 #include <syslog.h>
53 #include <time.h>
54 #include <assert.h>
55
56 /* 1 year in seconds */
57 #define MAX_RESTART_DELAY 60*60*24*365
58
59 /* Maximum number of restarts */
60 #define MAX_RESTART_COUNT 128
61
62 #define LBUF_SIZE 4096
63
64 enum daemon_mode {
65 MODE_DAEMON = 0, /* simply daemonize, no supervision */
66 MODE_SUPERVISE, /* initial supervision state */
67 MODE_TERMINATING, /* user requested termination */
68 MODE_NOCHILD, /* child is terminated, final state of the event loop */
69 };
70
71
72 struct daemon_state {
73 unsigned char buf[LBUF_SIZE];
74 size_t pos;
75 char **argv;
76 const char *child_pidfile;
77 const char *parent_pidfile;
78 const char *output_filename;
79 const char *syslog_tag;
80 const char *title;
81 const char *user;
82 struct pidfh *parent_pidfh;
83 struct pidfh *child_pidfh;
84 enum daemon_mode mode;
85 int pid;
86 int pipe_rd;
87 int pipe_wr;
88 int keep_cur_workdir;
89 int kqueue_fd;
90 int restart_delay;
91 int stdmask;
92 int syslog_priority;
93 int syslog_facility;
94 int keep_fds_open;
95 int output_fd;
96 mode_t output_file_mode;
97 bool restart_enabled;
98 bool syslog_enabled;
99 bool log_reopen;
100 int restart_count;
101 int restarted_count;
102 };
103
104 static void restrict_process(const char *);
105 static int open_log(const char *, mode_t);
106 static void reopen_log(struct daemon_state *);
107 static bool listen_child(struct daemon_state *);
108 static int get_log_mapping(const char *, const CODE *);
109 static void open_pid_files(struct daemon_state *);
110 static void do_output(const unsigned char *, size_t, struct daemon_state *);
111 static void daemon_sleep(struct daemon_state *);
112 static void daemon_state_init(struct daemon_state *);
113 static void daemon_eventloop(struct daemon_state *);
114 static void daemon_terminate(struct daemon_state *);
115 static void daemon_exec(struct daemon_state *);
116 static bool daemon_is_child_dead(struct daemon_state *);
117 static void daemon_set_child_pipe(struct daemon_state *);
118 static int daemon_setup_kqueue(void);
119
120 static int pidfile_truncate(struct pidfh *);
121
122 static const char shortopts[] = "+cfHSp:P:ru:o:M:s:l:t:m:R:T:C:h";
123
124 static const struct option longopts[] = {
125 { "change-dir", no_argument, NULL, 'c' },
126 { "close-fds", no_argument, NULL, 'f' },
127 { "sighup", no_argument, NULL, 'H' },
128 { "syslog", no_argument, NULL, 'S' },
129 { "output-file", required_argument, NULL, 'o' },
130 { "output-file-mode", required_argument, NULL, 'M' },
131 { "output-mask", required_argument, NULL, 'm' },
132 { "child-pidfile", required_argument, NULL, 'p' },
133 { "supervisor-pidfile", required_argument, NULL, 'P' },
134 { "restart", no_argument, NULL, 'r' },
135 { "restart-count", required_argument, NULL, 'C' },
136 { "restart-delay", required_argument, NULL, 'R' },
137 { "title", required_argument, NULL, 't' },
138 { "user", required_argument, NULL, 'u' },
139 { "syslog-priority", required_argument, NULL, 's' },
140 { "syslog-facility", required_argument, NULL, 'l' },
141 { "syslog-tag", required_argument, NULL, 'T' },
142 { "help", no_argument, NULL, 'h' },
143 { NULL, 0, NULL, 0 }
144 };
145
146 static _Noreturn void
usage(int exitcode)147 usage(int exitcode)
148 {
149 (void)fprintf(stderr,
150 "usage: daemon [-cfHrS] [-p child_pidfile] [-P supervisor_pidfile]\n"
151 " [-u user] [-o output_file] [-M output_file_mode] [-t title]\n"
152 " [-l syslog_facility] [-s syslog_priority]\n"
153 " [-T syslog_tag] [-m output_mask] [-R restart_delay_secs]\n"
154 " [-C restart_count]\n"
155 "command arguments ...\n");
156
157 (void)fprintf(stderr,
158 " --change-dir -c Change the current working directory to root\n"
159 " --close-fds -f Set stdin, stdout, stderr to /dev/null\n"
160 " --sighup -H Close and re-open output file on SIGHUP\n"
161 " --syslog -S Send output to syslog\n"
162 " --output-file -o <file> Append output of the child process to file\n"
163 " --output-file-mode -M <mode> Output file mode of the child process\n"
164 " --output-mask -m <mask> What to send to syslog/file\n"
165 " 1=stdout, 2=stderr, 3=both\n"
166 " --child-pidfile -p <file> Write PID of the child process to file\n"
167 " --supervisor-pidfile -P <file> Write PID of the supervisor process to file\n"
168 " --restart -r Restart child if it terminates (1 sec delay)\n"
169 " --restart-count -C <N> Restart child at most N times, then exit\n"
170 " --restart-delay -R <N> Restart child if it terminates after N sec\n"
171 " --title -t <title> Set the title of the supervisor process\n"
172 " --user -u <user> Drop privileges, run as given user\n"
173 " --syslog-priority -s <prio> Set syslog priority\n"
174 " --syslog-facility -l <flty> Set syslog facility\n"
175 " --syslog-tag -T <tag> Set syslog tag\n"
176 " --help -h Show this help\n");
177
178 exit(exitcode);
179 }
180
181 int
main(int argc,char * argv[])182 main(int argc, char *argv[])
183 {
184 const char *e = NULL;
185 int ch = 0;
186 mode_t *set = NULL;
187 struct daemon_state state;
188
189 daemon_state_init(&state);
190
191 /* Signals are processed via kqueue */
192 signal(SIGHUP, SIG_IGN);
193 signal(SIGTERM, SIG_IGN);
194
195 /*
196 * Supervision mode is enabled if one of the following options are used:
197 * --output-file -o
198 * --child-pidfile -p
199 * --supervisor-pidfile -P
200 * --restart -r / --restart-delay -R
201 * --syslog -S
202 * --syslog-facility -l
203 * --syslog-priority -s
204 * --syslog-tag -T
205 *
206 * In supervision mode daemon executes the command in a forked process
207 * and observes the child by waiting for SIGCHILD. In supervision mode
208 * daemon must never exit before the child, this is necessary to prevent
209 * orphaning the child and leaving a stale pid file.
210 * To achieve this daemon catches SIGTERM and
211 * forwards it to the child, expecting to get SIGCHLD eventually.
212 */
213 while ((ch = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) {
214 switch (ch) {
215 case 'c':
216 state.keep_cur_workdir = 0;
217 break;
218 case 'C':
219 state.restart_count = (int)strtonum(optarg, 0,
220 MAX_RESTART_COUNT, &e);
221 if (e != NULL) {
222 errx(6, "invalid restart count: %s", e);
223 }
224 break;
225 case 'f':
226 state.keep_fds_open = 0;
227 break;
228 case 'H':
229 state.log_reopen = true;
230 break;
231 case 'l':
232 state.syslog_facility = get_log_mapping(optarg,
233 facilitynames);
234 if (state.syslog_facility == -1) {
235 errx(5, "unrecognized syslog facility");
236 }
237 state.syslog_enabled = true;
238 state.mode = MODE_SUPERVISE;
239 break;
240 case 'm':
241 state.stdmask = (int)strtonum(optarg, 0, 3, &e);
242 if (e != NULL) {
243 errx(6, "unrecognized listening mask: %s", e);
244 }
245 break;
246 case 'o':
247 state.output_filename = optarg;
248 /*
249 * TODO: setting output filename doesn't have to turn
250 * the supervision mode on. For non-supervised mode
251 * daemon could open the specified file and set it's
252 * descriptor as both stderr and stout before execve()
253 */
254 state.mode = MODE_SUPERVISE;
255 break;
256 case 'M':
257 if ((set = setmode(optarg)) == NULL) {
258 errx(6, "unrecognized output file mode: %s", optarg);
259 } else {
260 state.output_file_mode = getmode(set, 0);
261 }
262 free(set);
263 set = NULL;
264 break;
265 case 'p':
266 state.child_pidfile = optarg;
267 state.mode = MODE_SUPERVISE;
268 break;
269 case 'P':
270 state.parent_pidfile = optarg;
271 state.mode = MODE_SUPERVISE;
272 break;
273 case 'r':
274 state.restart_enabled = true;
275 state.mode = MODE_SUPERVISE;
276 break;
277 case 'R':
278 state.restart_enabled = true;
279 state.restart_delay = (int)strtonum(optarg, 1,
280 MAX_RESTART_DELAY, &e);
281 if (e != NULL) {
282 errx(6, "invalid restart delay: %s", e);
283 }
284 state.mode = MODE_SUPERVISE;
285 break;
286 case 's':
287 state.syslog_priority = get_log_mapping(optarg,
288 prioritynames);
289 if (state.syslog_priority == -1) {
290 errx(4, "unrecognized syslog priority");
291 }
292 state.syslog_enabled = true;
293 state.mode = MODE_SUPERVISE;
294 break;
295 case 'S':
296 state.syslog_enabled = true;
297 state.mode = MODE_SUPERVISE;
298 break;
299 case 't':
300 state.title = optarg;
301 break;
302 case 'T':
303 state.syslog_tag = optarg;
304 state.syslog_enabled = true;
305 state.mode = MODE_SUPERVISE;
306 break;
307 case 'u':
308 state.user = optarg;
309 break;
310 case 'h':
311 usage(0);
312 __unreachable();
313 default:
314 usage(1);
315 }
316 }
317 argc -= optind;
318 argv += optind;
319 state.argv = argv;
320
321 if (argc == 0) {
322 usage(1);
323 }
324
325 if (!state.title) {
326 state.title = argv[0];
327 }
328
329 if (state.output_filename) {
330 state.output_fd = open_log(state.output_filename, state.output_file_mode);
331 if (state.output_fd == -1) {
332 err(7, "open");
333 }
334 }
335
336 if (state.syslog_enabled) {
337 openlog(state.syslog_tag, LOG_PID | LOG_NDELAY,
338 state.syslog_facility);
339 }
340
341 /*
342 * Try to open the pidfile before calling daemon(3),
343 * to be able to report the error intelligently
344 */
345 open_pid_files(&state);
346
347 /*
348 * TODO: add feature to avoid backgrounding
349 * i.e. --foreground, -f
350 */
351 if (daemon(state.keep_cur_workdir, state.keep_fds_open) == -1) {
352 warn("daemon");
353 daemon_terminate(&state);
354 }
355
356 if (state.mode == MODE_DAEMON) {
357 daemon_exec(&state);
358 }
359
360 /* Write out parent pidfile if needed. */
361 pidfile_write(state.parent_pidfh);
362
363 state.kqueue_fd = daemon_setup_kqueue();
364
365 do {
366 state.mode = MODE_SUPERVISE;
367 daemon_eventloop(&state);
368 daemon_sleep(&state);
369 if (state.restart_enabled && state.restart_count > -1) {
370 if (state.restarted_count >= state.restart_count) {
371 state.restart_enabled = false;
372 }
373 state.restarted_count++;
374 }
375 } while (state.restart_enabled);
376
377 daemon_terminate(&state);
378 }
379
380 static void
daemon_exec(struct daemon_state * state)381 daemon_exec(struct daemon_state *state)
382 {
383 pidfile_write(state->child_pidfh);
384
385 if (state->user != NULL) {
386 restrict_process(state->user);
387 }
388
389 /* Ignored signals remain ignored after execve, unignore them */
390 signal(SIGHUP, SIG_DFL);
391 signal(SIGTERM, SIG_DFL);
392 execvp(state->argv[0], state->argv);
393 /* execvp() failed - report error and exit this process */
394 err(1, "%s", state->argv[0]);
395 }
396
397 /* Main event loop: fork the child and watch for events.
398 * After SIGTERM is received and propagated to the child there are
399 * several options on what to do next:
400 * - read until EOF
401 * - read until EOF but only for a while
402 * - bail immediately
403 * Currently the third option is used, because otherwise there is no
404 * guarantee that read() won't block indefinitely if the child refuses
405 * to depart. To handle the second option, a different approach
406 * would be needed (procctl()?).
407 */
408 static void
daemon_eventloop(struct daemon_state * state)409 daemon_eventloop(struct daemon_state *state)
410 {
411 struct kevent event;
412 int kq;
413 int ret;
414 int pipe_fd[2];
415
416 /*
417 * Try to protect against pageout kill. Ignore the
418 * error, madvise(2) will fail only if a process does
419 * not have superuser privileges.
420 */
421 (void)madvise(NULL, 0, MADV_PROTECT);
422
423 if (pipe(pipe_fd)) {
424 err(1, "pipe");
425 }
426 state->pipe_rd = pipe_fd[0];
427 state->pipe_wr = pipe_fd[1];
428
429 kq = state->kqueue_fd;
430 EV_SET(&event, state->pipe_rd, EVFILT_READ, EV_ADD|EV_CLEAR, 0, 0,
431 NULL);
432 if (kevent(kq, &event, 1, NULL, 0, NULL) == -1) {
433 err(EXIT_FAILURE, "failed to register kevent");
434 }
435
436 memset(&event, 0, sizeof(struct kevent));
437
438 /* Spawn a child to exec the command. */
439 state->pid = fork();
440
441 /* fork failed, this can only happen when supervision is enabled */
442 switch (state->pid) {
443 case -1:
444 warn("fork");
445 state->mode = MODE_NOCHILD;
446 return;
447 /* fork succeeded, this is child's branch */
448 case 0:
449 close(kq);
450 daemon_set_child_pipe(state);
451 daemon_exec(state);
452 break;
453 }
454
455 /* case: pid > 0; fork succeeded */
456 close(state->pipe_wr);
457 state->pipe_wr = -1;
458 setproctitle("%s[%d]", state->title, (int)state->pid);
459 setbuf(stdout, NULL);
460
461 while (state->mode != MODE_NOCHILD) {
462 ret = kevent(kq, NULL, 0, &event, 1, NULL);
463 switch (ret) {
464 case -1:
465 if (errno == EINTR)
466 continue;
467 err(EXIT_FAILURE, "kevent wait");
468 case 0:
469 continue;
470 }
471
472 if (event.flags & EV_ERROR) {
473 errx(EXIT_FAILURE, "Event error: %s",
474 strerror((int)event.data));
475 }
476
477 switch (event.filter) {
478 case EVFILT_SIGNAL:
479
480 switch (event.ident) {
481 case SIGCHLD:
482 if (daemon_is_child_dead(state)) {
483 /* child is dead, read all until EOF */
484 state->pid = -1;
485 state->mode = MODE_NOCHILD;
486 while (listen_child(state)) {
487 continue;
488 }
489 }
490 continue;
491 case SIGTERM:
492 if (state->mode != MODE_SUPERVISE) {
493 /* user is impatient */
494 /* TODO: warn about repeated SIGTERM? */
495 continue;
496 }
497
498 state->mode = MODE_TERMINATING;
499 state->restart_enabled = false;
500 if (state->pid > 0) {
501 kill(state->pid, SIGTERM);
502 }
503 /*
504 * TODO set kevent timer to exit
505 * unconditionally after some time
506 */
507 continue;
508 case SIGHUP:
509 if (state->log_reopen && state->output_fd >= 0) {
510 reopen_log(state);
511 }
512 continue;
513 }
514 break;
515
516 case EVFILT_READ:
517 /*
518 * detecting EOF is no longer necessary
519 * if child closes the pipe daemon will stop getting
520 * EVFILT_READ events
521 */
522
523 if (event.data > 0) {
524 (void)listen_child(state);
525 }
526 continue;
527 default:
528 assert(0 && "Unexpected kevent filter type");
529 continue;
530 }
531 }
532
533 /* EVFILT_READ kqueue filter goes away here. */
534 close(state->pipe_rd);
535 state->pipe_rd = -1;
536
537 /*
538 * We don't have to truncate the pidfile, but it's easier to test
539 * daemon(8) behavior in some respects if we do. We won't bother if
540 * the child won't be restarted.
541 */
542 if (state->child_pidfh != NULL && state->restart_enabled) {
543 pidfile_truncate(state->child_pidfh);
544 }
545 }
546
547 /*
548 * Note that daemon_sleep() should not be called with anything but the signal
549 * events in the kqueue without further consideration.
550 */
551 static void
daemon_sleep(struct daemon_state * state)552 daemon_sleep(struct daemon_state *state)
553 {
554 struct kevent event = { 0 };
555 int ret;
556
557 assert(state->pipe_rd == -1);
558 assert(state->pipe_wr == -1);
559
560 if (!state->restart_enabled) {
561 return;
562 }
563
564 EV_SET(&event, 0, EVFILT_TIMER, EV_ADD|EV_ONESHOT, NOTE_SECONDS,
565 state->restart_delay, NULL);
566 if (kevent(state->kqueue_fd, &event, 1, NULL, 0, NULL) == -1) {
567 err(1, "failed to register timer");
568 }
569
570 for (;;) {
571 ret = kevent(state->kqueue_fd, NULL, 0, &event, 1, NULL);
572 if (ret == -1) {
573 if (errno != EINTR) {
574 err(1, "kevent");
575 }
576
577 continue;
578 }
579
580 /*
581 * Any other events being raised are indicative of a problem
582 * that we need to investigate. Most likely being that
583 * something was not cleaned up from the eventloop.
584 */
585 assert(event.filter == EVFILT_TIMER ||
586 event.filter == EVFILT_SIGNAL);
587
588 if (event.filter == EVFILT_TIMER) {
589 /* Break's over, back to work. */
590 break;
591 }
592
593 /* Process any pending signals. */
594 switch (event.ident) {
595 case SIGTERM:
596 /*
597 * We could disarm the timer, but we'll be terminating
598 * promptly anyways.
599 */
600 state->restart_enabled = false;
601 return;
602 case SIGHUP:
603 if (state->log_reopen && state->output_fd >= 0) {
604 reopen_log(state);
605 }
606
607 break;
608 case SIGCHLD:
609 default:
610 /* Discard */
611 break;
612 }
613 }
614
615 /* SIGTERM should've returned immediately. */
616 assert(state->restart_enabled);
617 }
618
619 static void
open_pid_files(struct daemon_state * state)620 open_pid_files(struct daemon_state *state)
621 {
622 pid_t fpid;
623 int serrno;
624
625 if (state->child_pidfile) {
626 state->child_pidfh = pidfile_open(state->child_pidfile, 0600, &fpid);
627 if (state->child_pidfh == NULL) {
628 if (errno == EEXIST) {
629 errx(3, "process already running, pid: %d",
630 fpid);
631 }
632 err(2, "pidfile ``%s''", state->child_pidfile);
633 }
634 }
635 /* Do the same for the actual daemon process. */
636 if (state->parent_pidfile) {
637 state->parent_pidfh= pidfile_open(state->parent_pidfile, 0600, &fpid);
638 if (state->parent_pidfh == NULL) {
639 serrno = errno;
640 pidfile_remove(state->child_pidfh);
641 errno = serrno;
642 if (errno == EEXIST) {
643 errx(3, "process already running, pid: %d",
644 fpid);
645 }
646 err(2, "ppidfile ``%s''", state->parent_pidfile);
647 }
648 }
649 }
650
651 static int
get_log_mapping(const char * str,const CODE * c)652 get_log_mapping(const char *str, const CODE *c)
653 {
654 const CODE *cp;
655 for (cp = c; cp->c_name; cp++)
656 if (strcmp(cp->c_name, str) == 0) {
657 return cp->c_val;
658 }
659 return -1;
660 }
661
662 static void
restrict_process(const char * user)663 restrict_process(const char *user)
664 {
665 struct passwd *pw = NULL;
666
667 pw = getpwnam(user);
668 if (pw == NULL) {
669 errx(1, "unknown user: %s", user);
670 }
671
672 if (setusercontext(NULL, pw, pw->pw_uid, LOGIN_SETALL) != 0) {
673 errx(1, "failed to set user environment");
674 }
675
676 setenv("USER", pw->pw_name, 1);
677 setenv("HOME", pw->pw_dir, 1);
678 setenv("SHELL", *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL, 1);
679 }
680
681 /*
682 * We try to collect whole lines terminated by '\n'. Otherwise we collect a
683 * full buffer, and then output it.
684 *
685 * Return value of false is assumed to mean EOF or error, and true indicates to
686 * continue reading.
687 */
688 static bool
listen_child(struct daemon_state * state)689 listen_child(struct daemon_state *state)
690 {
691 ssize_t rv;
692 unsigned char *cp;
693
694 assert(state != NULL);
695 assert(state->pos < LBUF_SIZE - 1);
696
697 rv = read(state->pipe_rd, state->buf + state->pos,
698 LBUF_SIZE - state->pos - 1);
699 if (rv > 0) {
700 state->pos += rv;
701 assert(state->pos <= LBUF_SIZE - 1);
702 /* Always NUL-terminate just in case. */
703 state->buf[LBUF_SIZE - 1] = '\0';
704
705 /*
706 * Find position of the last newline in the buffer.
707 * The buffer is guaranteed to have one or more complete lines
708 * if at least one newline was found when searching in reverse.
709 * All complete lines are flushed.
710 * This does not take NUL characters into account.
711 */
712 cp = memrchr(state->buf, '\n', state->pos);
713 if (cp != NULL) {
714 size_t bytes_line = cp - state->buf + 1;
715 assert(bytes_line <= state->pos);
716 do_output(state->buf, bytes_line, state);
717 state->pos -= bytes_line;
718 memmove(state->buf, cp + 1, state->pos);
719 }
720 /* Wait until the buffer is full. */
721 if (state->pos < LBUF_SIZE - 1) {
722 return true;
723 }
724 do_output(state->buf, state->pos, state);
725 state->pos = 0;
726 return true;
727 } else if (rv == -1) {
728 /* EINTR should trigger another read. */
729 if (errno == EINTR) {
730 return true;
731 } else {
732 warn("read");
733 return false;
734 }
735 }
736 /* Upon EOF, we have to flush what's left of the buffer. */
737 if (state->pos > 0) {
738 do_output(state->buf, state->pos, state);
739 state->pos = 0;
740 }
741 return false;
742 }
743
744 /*
745 * The default behavior is to stay silent if the user wants to redirect
746 * output to a file and/or syslog. If neither are provided, then we bounce
747 * everything back to parent's stdout.
748 */
749 static void
do_output(const unsigned char * buf,size_t len,struct daemon_state * state)750 do_output(const unsigned char *buf, size_t len, struct daemon_state *state)
751 {
752 assert(len <= LBUF_SIZE);
753 assert(state != NULL);
754
755 if (len < 1) {
756 return;
757 }
758 if (state->syslog_enabled) {
759 syslog(state->syslog_priority, "%.*s", (int)len, buf);
760 }
761 if (state->output_fd != -1) {
762 if (write(state->output_fd, buf, len) == -1)
763 warn("write");
764 }
765 if (state->keep_fds_open &&
766 !state->syslog_enabled &&
767 state->output_fd == -1) {
768 printf("%.*s", (int)len, buf);
769 }
770 }
771
772 static int
open_log(const char * outfn,mode_t outfm)773 open_log(const char *outfn, mode_t outfm)
774 {
775
776 return open(outfn, O_CREAT | O_WRONLY | O_APPEND | O_CLOEXEC, outfm);
777 }
778
779 static void
reopen_log(struct daemon_state * state)780 reopen_log(struct daemon_state *state)
781 {
782 int outfd;
783
784 outfd = open_log(state->output_filename, state->output_file_mode);
785 if (state->output_fd >= 0) {
786 close(state->output_fd);
787 }
788 state->output_fd = outfd;
789 }
790
791 static void
daemon_state_init(struct daemon_state * state)792 daemon_state_init(struct daemon_state *state)
793 {
794 *state = (struct daemon_state) {
795 .buf = {0},
796 .pos = 0,
797 .argv = NULL,
798 .parent_pidfh = NULL,
799 .child_pidfh = NULL,
800 .child_pidfile = NULL,
801 .parent_pidfile = NULL,
802 .title = NULL,
803 .user = NULL,
804 .mode = MODE_DAEMON,
805 .restart_enabled = false,
806 .pid = 0,
807 .pipe_rd = -1,
808 .pipe_wr = -1,
809 .keep_cur_workdir = 1,
810 .kqueue_fd = -1,
811 .restart_delay = 1,
812 .stdmask = STDOUT_FILENO | STDERR_FILENO,
813 .syslog_enabled = false,
814 .log_reopen = false,
815 .syslog_priority = LOG_NOTICE,
816 .syslog_tag = "daemon",
817 .syslog_facility = LOG_DAEMON,
818 .keep_fds_open = 1,
819 .output_fd = -1,
820 .output_filename = NULL,
821 .output_file_mode = 0600,
822 .restart_count = -1,
823 .restarted_count = 0
824 };
825 }
826
827 static _Noreturn void
daemon_terminate(struct daemon_state * state)828 daemon_terminate(struct daemon_state *state)
829 {
830 assert(state != NULL);
831
832 if (state->kqueue_fd >= 0) {
833 close(state->kqueue_fd);
834 }
835 if (state->output_fd >= 0) {
836 close(state->output_fd);
837 }
838 if (state->pipe_rd >= 0) {
839 close(state->pipe_rd);
840 }
841
842 if (state->pipe_wr >= 0) {
843 close(state->pipe_wr);
844 }
845 if (state->syslog_enabled) {
846 closelog();
847 }
848 pidfile_remove(state->child_pidfh);
849 pidfile_remove(state->parent_pidfh);
850
851 /*
852 * Note that the exit value here doesn't matter in the case of a clean
853 * exit; daemon(3) already detached us from the caller, nothing is left
854 * to care about this one.
855 */
856 exit(1);
857 }
858
859 /*
860 * Returns true if SIGCHILD came from state->pid due to its exit.
861 */
862 static bool
daemon_is_child_dead(struct daemon_state * state)863 daemon_is_child_dead(struct daemon_state *state)
864 {
865 int status;
866
867 for (;;) {
868 int who = waitpid(-1, &status, WNOHANG);
869 if (state->pid == who && (WIFEXITED(status) ||
870 WIFSIGNALED(status))) {
871 return true;
872 }
873 if (who == 0) {
874 return false;
875 }
876 if (who == -1 && errno != EINTR) {
877 warn("waitpid");
878 return false;
879 }
880 }
881 }
882
883 static void
daemon_set_child_pipe(struct daemon_state * state)884 daemon_set_child_pipe(struct daemon_state *state)
885 {
886 if (state->stdmask & STDERR_FILENO) {
887 if (dup2(state->pipe_wr, STDERR_FILENO) == -1) {
888 err(1, "dup2");
889 }
890 }
891 if (state->stdmask & STDOUT_FILENO) {
892 if (dup2(state->pipe_wr, STDOUT_FILENO) == -1) {
893 err(1, "dup2");
894 }
895 }
896 if (state->pipe_wr != STDERR_FILENO &&
897 state->pipe_wr != STDOUT_FILENO) {
898 close(state->pipe_wr);
899 }
900
901 /* The child gets dup'd pipes. */
902 close(state->pipe_rd);
903 }
904
905 static int
daemon_setup_kqueue(void)906 daemon_setup_kqueue(void)
907 {
908 int kq;
909 struct kevent event = { 0 };
910
911 kq = kqueuex(KQUEUE_CLOEXEC);
912 if (kq == -1) {
913 err(EXIT_FAILURE, "kqueue");
914 }
915
916 EV_SET(&event, SIGHUP, EVFILT_SIGNAL, EV_ADD, 0, 0, NULL);
917 if (kevent(kq, &event, 1, NULL, 0, NULL) == -1) {
918 err(EXIT_FAILURE, "failed to register kevent");
919 }
920
921 EV_SET(&event, SIGTERM, EVFILT_SIGNAL, EV_ADD, 0, 0, NULL);
922 if (kevent(kq, &event, 1, NULL, 0, NULL) == -1) {
923 err(EXIT_FAILURE, "failed to register kevent");
924 }
925
926 EV_SET(&event, SIGCHLD, EVFILT_SIGNAL, EV_ADD, 0, 0, NULL);
927 if (kevent(kq, &event, 1, NULL, 0, NULL) == -1) {
928 err(EXIT_FAILURE, "failed to register kevent");
929 }
930
931 return (kq);
932 }
933
934 static int
pidfile_truncate(struct pidfh * pfh)935 pidfile_truncate(struct pidfh *pfh)
936 {
937 int pfd = pidfile_fileno(pfh);
938
939 assert(pfd >= 0);
940
941 if (ftruncate(pfd, 0) == -1)
942 return (-1);
943
944 /*
945 * pidfile_write(3) will always pwrite(..., 0) today, but let's assume
946 * it may not always and do a best-effort reset of the position just to
947 * set a good example.
948 */
949 (void)lseek(pfd, 0, SEEK_SET);
950 return (0);
951 }
952