1 /*- 2 * Copyright (c) 2005 Pawel Jakub Dawidek <pjd@FreeBSD.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27 #include <sys/cdefs.h> 28 __FBSDID("$FreeBSD$"); 29 30 #include <sys/param.h> 31 #include <sys/capsicum.h> 32 #include <sys/file.h> 33 #include <sys/stat.h> 34 35 #include <err.h> 36 #include <errno.h> 37 #include <fcntl.h> 38 #include <libgen.h> 39 #include <libutil.h> 40 #include <stdio.h> 41 #include <stdlib.h> 42 #include <string.h> 43 #include <time.h> 44 #include <unistd.h> 45 46 struct pidfh { 47 int pf_dirfd; 48 int pf_fd; 49 char pf_dir[MAXPATHLEN + 1]; 50 char pf_filename[MAXPATHLEN + 1]; 51 dev_t pf_dev; 52 ino_t pf_ino; 53 }; 54 55 static int _pidfile_remove(struct pidfh *pfh, int freeit); 56 57 static int 58 pidfile_verify(const struct pidfh *pfh) 59 { 60 struct stat sb; 61 62 if (pfh == NULL || pfh->pf_fd == -1) 63 return (EDOOFUS); 64 /* 65 * Check remembered descriptor. 66 */ 67 if (fstat(pfh->pf_fd, &sb) == -1) 68 return (errno); 69 if (sb.st_dev != pfh->pf_dev || sb.st_ino != pfh->pf_ino) 70 return (EDOOFUS); 71 return (0); 72 } 73 74 static int 75 pidfile_read(int dirfd, const char *filename, pid_t *pidptr) 76 { 77 char buf[16], *endptr; 78 int error, fd, i; 79 80 fd = openat(dirfd, filename, O_RDONLY | O_CLOEXEC); 81 if (fd == -1) 82 return (errno); 83 84 i = read(fd, buf, sizeof(buf) - 1); 85 error = errno; /* Remember errno in case close() wants to change it. */ 86 close(fd); 87 if (i == -1) 88 return (error); 89 else if (i == 0) 90 return (EAGAIN); 91 buf[i] = '\0'; 92 93 *pidptr = strtol(buf, &endptr, 10); 94 if (endptr != &buf[i]) 95 return (EINVAL); 96 97 return (0); 98 } 99 100 struct pidfh * 101 pidfile_open(const char *path, mode_t mode, pid_t *pidptr) 102 { 103 struct pidfh *pfh; 104 struct stat sb; 105 int error, fd, dirfd, dirlen, filenamelen, count; 106 struct timespec rqtp; 107 cap_rights_t caprights; 108 109 pfh = malloc(sizeof(*pfh)); 110 if (pfh == NULL) 111 return (NULL); 112 113 if (path == NULL) { 114 dirlen = snprintf(pfh->pf_dir, sizeof(pfh->pf_dir), 115 "/var/run/"); 116 filenamelen = snprintf(pfh->pf_filename, 117 sizeof(pfh->pf_filename), "%s.pid", getprogname()); 118 } else { 119 dirlen = snprintf(pfh->pf_dir, sizeof(pfh->pf_dir), 120 "%s", path); 121 filenamelen = snprintf(pfh->pf_filename, 122 sizeof(pfh->pf_filename), "%s", path); 123 124 dirname(pfh->pf_dir); 125 basename(pfh->pf_filename); 126 } 127 128 if (dirlen >= (int)sizeof(pfh->pf_dir) || 129 filenamelen >= (int)sizeof(pfh->pf_filename)) { 130 free(pfh); 131 errno = ENAMETOOLONG; 132 return (NULL); 133 } 134 135 dirfd = open(pfh->pf_dir, O_CLOEXEC | O_DIRECTORY | O_NONBLOCK); 136 if (dirfd == -1) { 137 error = errno; 138 free(pfh); 139 errno = error; 140 return (NULL); 141 } 142 143 /* 144 * Open the PID file and obtain exclusive lock. 145 * We truncate PID file here only to remove old PID immediately, 146 * PID file will be truncated again in pidfile_write(), so 147 * pidfile_write() can be called multiple times. 148 */ 149 fd = flopenat(dirfd, pfh->pf_filename, 150 O_WRONLY | O_CREAT | O_TRUNC | O_CLOEXEC | O_NONBLOCK, mode); 151 if (fd == -1) { 152 if (errno == EWOULDBLOCK) { 153 if (pidptr == NULL) { 154 errno = EEXIST; 155 } else { 156 count = 20; 157 rqtp.tv_sec = 0; 158 rqtp.tv_nsec = 5000000; 159 for (;;) { 160 errno = pidfile_read(dirfd, 161 pfh->pf_filename, pidptr); 162 if (errno != EAGAIN || --count == 0) 163 break; 164 nanosleep(&rqtp, 0); 165 } 166 if (errno == EAGAIN) 167 *pidptr = -1; 168 if (errno == 0 || errno == EAGAIN) 169 errno = EEXIST; 170 } 171 } 172 error = errno; 173 close(dirfd); 174 free(pfh); 175 errno = error; 176 return (NULL); 177 } 178 179 /* 180 * Remember file information, so in pidfile_write() we are sure we write 181 * to the proper descriptor. 182 */ 183 if (fstat(fd, &sb) == -1) { 184 goto failed; 185 } 186 187 if (cap_rights_limit(dirfd, 188 cap_rights_init(&caprights, CAP_UNLINKAT)) < 0 && errno != ENOSYS) { 189 goto failed; 190 } 191 192 if (cap_rights_limit(fd, cap_rights_init(&caprights, CAP_PWRITE, 193 CAP_FSTAT, CAP_FTRUNCATE)) < 0 && 194 errno != ENOSYS) { 195 goto failed; 196 } 197 198 pfh->pf_dirfd = dirfd; 199 pfh->pf_fd = fd; 200 pfh->pf_dev = sb.st_dev; 201 pfh->pf_ino = sb.st_ino; 202 203 return (pfh); 204 205 failed: 206 error = errno; 207 unlinkat(dirfd, pfh->pf_filename, 0); 208 close(dirfd); 209 close(fd); 210 free(pfh); 211 errno = error; 212 return (NULL); 213 } 214 215 int 216 pidfile_write(struct pidfh *pfh) 217 { 218 char pidstr[16]; 219 int error, fd; 220 221 /* 222 * Check remembered descriptor, so we don't overwrite some other 223 * file if pidfile was closed and descriptor reused. 224 */ 225 errno = pidfile_verify(pfh); 226 if (errno != 0) { 227 /* 228 * Don't close descriptor, because we are not sure if it's ours. 229 */ 230 return (-1); 231 } 232 fd = pfh->pf_fd; 233 234 /* 235 * Truncate PID file, so multiple calls of pidfile_write() are allowed. 236 */ 237 if (ftruncate(fd, 0) == -1) { 238 error = errno; 239 _pidfile_remove(pfh, 0); 240 errno = error; 241 return (-1); 242 } 243 244 snprintf(pidstr, sizeof(pidstr), "%u", getpid()); 245 if (pwrite(fd, pidstr, strlen(pidstr), 0) != (ssize_t)strlen(pidstr)) { 246 error = errno; 247 _pidfile_remove(pfh, 0); 248 errno = error; 249 return (-1); 250 } 251 252 return (0); 253 } 254 255 int 256 pidfile_close(struct pidfh *pfh) 257 { 258 int error; 259 260 error = pidfile_verify(pfh); 261 if (error != 0) { 262 errno = error; 263 return (-1); 264 } 265 266 if (close(pfh->pf_fd) == -1) 267 error = errno; 268 if (close(pfh->pf_dirfd) == -1 && error == 0) 269 error = errno; 270 271 free(pfh); 272 if (error != 0) { 273 errno = error; 274 return (-1); 275 } 276 return (0); 277 } 278 279 static int 280 _pidfile_remove(struct pidfh *pfh, int freeit) 281 { 282 int error; 283 284 error = pidfile_verify(pfh); 285 if (error != 0) { 286 errno = error; 287 return (-1); 288 } 289 290 if (unlinkat(pfh->pf_dirfd, pfh->pf_filename, 0) == -1) 291 error = errno; 292 if (close(pfh->pf_fd) == -1 && error == 0) 293 error = errno; 294 if (close(pfh->pf_dirfd) == -1 && error == 0) 295 error = errno; 296 if (freeit) 297 free(pfh); 298 else 299 pfh->pf_fd = -1; 300 if (error != 0) { 301 errno = error; 302 return (-1); 303 } 304 return (0); 305 } 306 307 int 308 pidfile_remove(struct pidfh *pfh) 309 { 310 311 return (_pidfile_remove(pfh, 1)); 312 } 313 314 int 315 pidfile_fileno(const struct pidfh *pfh) 316 { 317 318 if (pfh == NULL || pfh->pf_fd == -1) { 319 errno = EDOOFUS; 320 return (-1); 321 } 322 return (pfh->pf_fd); 323 } 324