1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1999 Berkeley Software Design, Inc. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. Berkeley Software Design Inc's name may not be used to endorse or 15 * promote products derived from this software without specific prior 16 * written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 * 30 * From BSDI: daemon.c,v 1.2 1996/08/15 01:11:09 jch Exp 31 */ 32 33 #include <sys/cdefs.h> 34 __FBSDID("$FreeBSD$"); 35 36 #include <sys/param.h> 37 #include <sys/mman.h> 38 #include <sys/wait.h> 39 40 #include <fcntl.h> 41 #include <err.h> 42 #include <errno.h> 43 #include <getopt.h> 44 #include <libutil.h> 45 #include <login_cap.h> 46 #include <paths.h> 47 #include <pwd.h> 48 #include <signal.h> 49 #include <stdio.h> 50 #include <stdbool.h> 51 #include <stdlib.h> 52 #include <unistd.h> 53 #include <string.h> 54 #include <strings.h> 55 #define SYSLOG_NAMES 56 #include <syslog.h> 57 #include <time.h> 58 #include <assert.h> 59 60 #define LBUF_SIZE 4096 61 62 struct daemon_state { 63 sigset_t mask_orig; 64 sigset_t mask_read; 65 sigset_t mask_term; 66 sigset_t mask_susp; 67 int pipe_fd[2]; 68 char **argv; 69 const char *child_pidfile; 70 const char *parent_pidfile; 71 const char *output_filename; 72 const char *syslog_tag; 73 const char *title; 74 const char *user; 75 struct pidfh *parent_pidfh; 76 struct pidfh *child_pidfh; 77 int keep_cur_workdir; 78 int restart_delay; 79 int stdmask; 80 int syslog_priority; 81 int syslog_facility; 82 int keep_fds_open; 83 int output_fd; 84 bool supervision_enabled; 85 bool child_eof; 86 bool restart_enabled; 87 bool syslog_enabled; 88 bool log_reopen; 89 }; 90 91 static void setup_signals(struct daemon_state *); 92 static void restrict_process(const char *); 93 static void handle_term(int); 94 static void handle_chld(int); 95 static void handle_hup(int); 96 static int open_log(const char *); 97 static void reopen_log(struct daemon_state *); 98 static bool listen_child(int, struct daemon_state *); 99 static int get_log_mapping(const char *, const CODE *); 100 static void open_pid_files(struct daemon_state *); 101 static void do_output(const unsigned char *, size_t, struct daemon_state *); 102 static void daemon_sleep(time_t, long); 103 static void daemon_state_init(struct daemon_state *); 104 static void daemon_eventloop(struct daemon_state *); 105 static void daemon_terminate(struct daemon_state *); 106 107 static volatile sig_atomic_t terminate = 0; 108 static volatile sig_atomic_t child_gone = 0; 109 static volatile sig_atomic_t pid = 0; 110 static volatile sig_atomic_t do_log_reopen = 0; 111 112 static const char shortopts[] = "+cfHSp:P:ru:o:s:l:t:m:R:T:h"; 113 114 static const struct option longopts[] = { 115 { "change-dir", no_argument, NULL, 'c' }, 116 { "close-fds", no_argument, NULL, 'f' }, 117 { "sighup", no_argument, NULL, 'H' }, 118 { "syslog", no_argument, NULL, 'S' }, 119 { "output-file", required_argument, NULL, 'o' }, 120 { "output-mask", required_argument, NULL, 'm' }, 121 { "child-pidfile", required_argument, NULL, 'p' }, 122 { "supervisor-pidfile", required_argument, NULL, 'P' }, 123 { "restart", no_argument, NULL, 'r' }, 124 { "restart-delay", required_argument, NULL, 'R' }, 125 { "title", required_argument, NULL, 't' }, 126 { "user", required_argument, NULL, 'u' }, 127 { "syslog-priority", required_argument, NULL, 's' }, 128 { "syslog-facility", required_argument, NULL, 'l' }, 129 { "syslog-tag", required_argument, NULL, 'T' }, 130 { "help", no_argument, NULL, 'h' }, 131 { NULL, 0, NULL, 0 } 132 }; 133 134 static _Noreturn void 135 usage(int exitcode) 136 { 137 (void)fprintf(stderr, 138 "usage: daemon [-cfHrS] [-p child_pidfile] [-P supervisor_pidfile]\n" 139 " [-u user] [-o output_file] [-t title]\n" 140 " [-l syslog_facility] [-s syslog_priority]\n" 141 " [-T syslog_tag] [-m output_mask] [-R restart_delay_secs]\n" 142 "command arguments ...\n"); 143 144 (void)fprintf(stderr, 145 " --change-dir -c Change the current working directory to root\n" 146 " --close-fds -f Set stdin, stdout, stderr to /dev/null\n" 147 " --sighup -H Close and re-open output file on SIGHUP\n" 148 " --syslog -S Send output to syslog\n" 149 " --output-file -o <file> Append output of the child process to file\n" 150 " --output-mask -m <mask> What to send to syslog/file\n" 151 " 1=stdout, 2=stderr, 3=both\n" 152 " --child-pidfile -p <file> Write PID of the child process to file\n" 153 " --supervisor-pidfile -P <file> Write PID of the supervisor process to file\n" 154 " --restart -r Restart child if it terminates (1 sec delay)\n" 155 " --restart-delay -R <N> Restart child if it terminates after N sec\n" 156 " --title -t <title> Set the title of the supervisor process\n" 157 " --user -u <user> Drop privileges, run as given user\n" 158 " --syslog-priority -s <prio> Set syslog priority\n" 159 " --syslog-facility -l <flty> Set syslog facility\n" 160 " --syslog-tag -T <tag> Set syslog tag\n" 161 " --help -h Show this help\n"); 162 163 exit(exitcode); 164 } 165 166 int 167 main(int argc, char *argv[]) 168 { 169 char *p = NULL; 170 int ch = 0; 171 struct daemon_state state; 172 173 daemon_state_init(&state); 174 175 /* 176 * Supervision mode is enabled if one of the following options are used: 177 * --child-pidfile -p 178 * --supervisor-pidfile -P 179 * --restart -r / --restart-delay -R 180 * --syslog -S 181 * --syslog-facility -l 182 * --syslog-priority -s 183 * --syslog-tag -T 184 * 185 * In supervision mode daemon executes the command in a forked process 186 * and observes the child by waiting for SIGCHILD. In supervision mode 187 * daemon must never exit before the child, this is necessary to prevent 188 * orphaning the child and leaving a stale pid file. 189 * To achieve this daemon catches SIGTERM and 190 * forwards it to the child, expecting to get SIGCHLD eventually. 191 */ 192 while ((ch = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { 193 switch (ch) { 194 case 'c': 195 state.keep_cur_workdir = 0; 196 break; 197 case 'f': 198 state.keep_fds_open = 0; 199 break; 200 case 'H': 201 state.log_reopen = true; 202 break; 203 case 'l': 204 state.syslog_facility = get_log_mapping(optarg, 205 facilitynames); 206 if (state.syslog_facility == -1) { 207 errx(5, "unrecognized syslog facility"); 208 } 209 state.syslog_enabled = true; 210 state.supervision_enabled = true; 211 break; 212 case 'm': 213 state.stdmask = strtol(optarg, &p, 10); 214 if (p == optarg || state.stdmask < 0 || state.stdmask > 3) { 215 errx(6, "unrecognized listening mask"); 216 } 217 break; 218 case 'o': 219 state.output_filename = optarg; 220 /* 221 * TODO: setting output filename doesn't have to turn 222 * the supervision mode on. For non-supervised mode 223 * daemon could open the specified file and set it's 224 * descriptor as both stderr and stout before execve() 225 */ 226 state.supervision_enabled = true; 227 break; 228 case 'p': 229 state.child_pidfile = optarg; 230 state.supervision_enabled = true; 231 break; 232 case 'P': 233 state.parent_pidfile = optarg; 234 state.supervision_enabled = true; 235 break; 236 case 'r': 237 state.restart_enabled = true; 238 state.supervision_enabled = true; 239 break; 240 case 'R': 241 state.restart_enabled = true; 242 state.restart_delay = strtol(optarg, &p, 0); 243 if (p == optarg || state.restart_delay < 1) { 244 errx(6, "invalid restart delay"); 245 } 246 break; 247 case 's': 248 state.syslog_priority = get_log_mapping(optarg, 249 prioritynames); 250 if (state.syslog_priority == -1) { 251 errx(4, "unrecognized syslog priority"); 252 } 253 state.syslog_enabled = true; 254 state.supervision_enabled = true; 255 break; 256 case 'S': 257 state.syslog_enabled = true; 258 state.supervision_enabled = true; 259 break; 260 case 't': 261 state.title = optarg; 262 break; 263 case 'T': 264 state.syslog_tag = optarg; 265 state.syslog_enabled = true; 266 state.supervision_enabled = true; 267 break; 268 case 'u': 269 state.user = optarg; 270 break; 271 case 'h': 272 usage(0); 273 __builtin_unreachable(); 274 default: 275 usage(1); 276 } 277 } 278 argc -= optind; 279 argv += optind; 280 state.argv = argv; 281 282 if (argc == 0) { 283 usage(1); 284 } 285 286 if (!state.title) { 287 state.title = argv[0]; 288 } 289 290 if (state.output_filename) { 291 state.output_fd = open_log(state.output_filename); 292 if (state.output_fd == -1) { 293 err(7, "open"); 294 } 295 } 296 297 if (state.syslog_enabled) { 298 openlog(state.syslog_tag, LOG_PID | LOG_NDELAY, 299 state.syslog_facility); 300 } 301 302 /* 303 * Try to open the pidfile before calling daemon(3), 304 * to be able to report the error intelligently 305 */ 306 open_pid_files(&state); 307 if (daemon(state.keep_cur_workdir, state.keep_fds_open) == -1) { 308 warn("daemon"); 309 daemon_terminate(&state); 310 } 311 /* Write out parent pidfile if needed. */ 312 pidfile_write(state.parent_pidfh); 313 314 if (state.supervision_enabled) { 315 /* Block SIGTERM to avoid racing until the child is spawned. */ 316 if (sigprocmask(SIG_BLOCK, &state.mask_term, &state.mask_orig)) { 317 warn("sigprocmask"); 318 daemon_terminate(&state); 319 } 320 321 setup_signals(&state); 322 323 /* 324 * Try to protect against pageout kill. Ignore the 325 * error, madvise(2) will fail only if a process does 326 * not have superuser privileges. 327 */ 328 (void)madvise(NULL, 0, MADV_PROTECT); 329 } 330 do { 331 daemon_eventloop(&state); 332 close(state.pipe_fd[0]); 333 state.pipe_fd[0] = -1; 334 } while (state.restart_enabled && !terminate); 335 336 daemon_terminate(&state); 337 } 338 339 340 /* 341 * Main event loop: fork the child and watch for events. 342 * In legacy mode simply execve into the target process. 343 * 344 * Signal handling logic: 345 * 346 * - SIGTERM is masked while there is no child. 347 * 348 * - SIGCHLD is masked while reading from the pipe. SIGTERM has to be 349 * caught, to avoid indefinite blocking on read(). 350 * 351 * - Both SIGCHLD and SIGTERM are masked before calling sigsuspend() 352 * to avoid racing. 353 * 354 * - After SIGTERM is recieved and propagated to the child there are 355 * several options on what to do next: 356 * - read until EOF 357 * - read until EOF but only for a while 358 * - bail immediately 359 * Currently the third option is used, because otherwise there is no 360 * guarantee that read() won't block indefinitely if the child refuses 361 * to depart. To handle the second option, a different approach 362 * would be needed (procctl()?). 363 * 364 * - Child's exit might be detected by receiveing EOF from the pipe. 365 * But the child might have closed its stdout and stderr, so deamon 366 * must wait for the SIGCHLD to ensure that the child is actually gone. 367 */ 368 static void 369 daemon_eventloop(struct daemon_state *state) 370 { 371 if (state->supervision_enabled) { 372 if (pipe(state->pipe_fd)) { 373 err(1, "pipe"); 374 } 375 /* 376 * Spawn a child to exec the command. 377 */ 378 child_gone = 0; 379 pid = fork(); 380 } 381 382 /* fork failed, this can only happen when supervision is enabled */ 383 if (pid == -1) { 384 warn("fork"); 385 daemon_terminate(state); 386 } 387 388 /* fork succeeded, this is child's branch or supervision is disabled */ 389 if (pid == 0) { 390 pidfile_write(state->child_pidfh); 391 392 if (state->user != NULL) { 393 restrict_process(state->user); 394 } 395 /* 396 * In supervision mode, the child gets the original sigmask, 397 * and dup'd pipes. 398 */ 399 if (state->supervision_enabled) { 400 close(state->pipe_fd[0]); 401 if (sigprocmask(SIG_SETMASK, &state->mask_orig, NULL)) { 402 err(1, "sigprogmask"); 403 } 404 if (state->stdmask & STDERR_FILENO) { 405 if (dup2(state->pipe_fd[1], STDERR_FILENO) == -1) { 406 err(1, "dup2"); 407 } 408 } 409 if (state->stdmask & STDOUT_FILENO) { 410 if (dup2(state->pipe_fd[1], STDOUT_FILENO) == -1) { 411 err(1, "dup2"); 412 } 413 } 414 if (state->pipe_fd[1] != STDERR_FILENO && 415 state->pipe_fd[1] != STDOUT_FILENO) { 416 close(state->pipe_fd[1]); 417 } 418 } 419 execvp(state->argv[0], state->argv); 420 /* execvp() failed - report error and exit this process */ 421 err(1, "%s", state->argv[0]); 422 } 423 424 /* 425 * else: pid > 0 426 * fork succeeded, this is the parent branch, this can only happen when 427 * supervision is enabled. 428 * 429 * Unblock SIGTERM - now there is a valid child PID to signal to. 430 */ 431 if (sigprocmask(SIG_UNBLOCK, &state->mask_term, NULL)) { 432 warn("sigprocmask"); 433 daemon_terminate(state); 434 } 435 close(state->pipe_fd[1]); 436 state->pipe_fd[1] = -1; 437 438 setproctitle("%s[%d]", state->title, (int)pid); 439 for (;;) { 440 if (child_gone && state->child_eof) { 441 break; 442 } 443 444 if (terminate) { 445 daemon_terminate(state); 446 } 447 448 if (state->child_eof) { 449 if (sigprocmask(SIG_BLOCK, &state->mask_susp, NULL)) { 450 warn("sigprocmask"); 451 daemon_terminate(state); 452 } 453 while (!terminate && !child_gone) { 454 sigsuspend(&state->mask_orig); 455 } 456 if (sigprocmask(SIG_UNBLOCK, &state->mask_susp, NULL)) { 457 warn("sigprocmask"); 458 daemon_terminate(state); 459 } 460 continue; 461 } 462 463 if (sigprocmask(SIG_BLOCK, &state->mask_read, NULL)) { 464 warn("sigprocmask"); 465 daemon_terminate(state); 466 } 467 468 state->child_eof = !listen_child(state->pipe_fd[0], state); 469 470 if (sigprocmask(SIG_UNBLOCK, &state->mask_read, NULL)) { 471 warn("sigprocmask"); 472 daemon_terminate(state); 473 } 474 475 } 476 477 /* 478 * At the end of the loop the the child is already gone. 479 * Block SIGTERM to avoid racing until the child is spawned. 480 */ 481 if (sigprocmask(SIG_BLOCK, &state->mask_term, NULL)) { 482 warn("sigprocmask"); 483 daemon_terminate(state); 484 } 485 486 /* sleep before exiting mainloop if restart is enabled */ 487 if (state->restart_enabled && !terminate) { 488 daemon_sleep(state->restart_delay, 0); 489 } 490 } 491 492 static void 493 daemon_sleep(time_t secs, long nsecs) 494 { 495 struct timespec ts = { secs, nsecs }; 496 497 while (!terminate && nanosleep(&ts, &ts) == -1) { 498 if (errno != EINTR) { 499 err(1, "nanosleep"); 500 } 501 } 502 } 503 504 /* 505 * Setup SIGTERM, SIGCHLD and SIGHUP handlers. 506 * To avoid racing SIGCHLD with SIGTERM corresponding 507 * signal handlers mask the other signal. 508 */ 509 static void 510 setup_signals(struct daemon_state *state) 511 { 512 struct sigaction act_term = { 0 }; 513 struct sigaction act_chld = { 0 }; 514 struct sigaction act_hup = { 0 }; 515 516 /* Setup SIGTERM */ 517 act_term.sa_handler = handle_term; 518 sigemptyset(&act_term.sa_mask); 519 sigaddset(&act_term.sa_mask, SIGCHLD); 520 if (sigaction(SIGTERM, &act_term, NULL) == -1) { 521 warn("sigaction"); 522 daemon_terminate(state); 523 } 524 525 /* Setup SIGCHLD */ 526 act_chld.sa_handler = handle_chld; 527 sigemptyset(&act_chld.sa_mask); 528 sigaddset(&act_chld.sa_mask, SIGTERM); 529 if (sigaction(SIGCHLD, &act_chld, NULL) == -1) { 530 warn("sigaction"); 531 daemon_terminate(state); 532 } 533 534 /* Setup SIGHUP if configured */ 535 if (!state->log_reopen || state->output_fd < 0) { 536 return; 537 } 538 539 act_hup.sa_handler = handle_hup; 540 sigemptyset(&act_hup.sa_mask); 541 if (sigaction(SIGHUP, &act_hup, NULL) == -1) { 542 warn("sigaction"); 543 daemon_terminate(state); 544 } 545 } 546 547 static void 548 open_pid_files(struct daemon_state *state) 549 { 550 pid_t fpid; 551 int serrno; 552 553 if (state->child_pidfile) { 554 state->child_pidfh = pidfile_open(state->child_pidfile, 0600, &fpid); 555 if (state->child_pidfh == NULL) { 556 if (errno == EEXIST) { 557 errx(3, "process already running, pid: %d", 558 fpid); 559 } 560 err(2, "pidfile ``%s''", state->child_pidfile); 561 } 562 } 563 /* Do the same for the actual daemon process. */ 564 if (state->parent_pidfile) { 565 state->parent_pidfh= pidfile_open(state->parent_pidfile, 0600, &fpid); 566 if (state->parent_pidfh == NULL) { 567 serrno = errno; 568 pidfile_remove(state->child_pidfh); 569 errno = serrno; 570 if (errno == EEXIST) { 571 errx(3, "process already running, pid: %d", 572 fpid); 573 } 574 err(2, "ppidfile ``%s''", state->parent_pidfile); 575 } 576 } 577 } 578 579 static int 580 get_log_mapping(const char *str, const CODE *c) 581 { 582 const CODE *cp; 583 for (cp = c; cp->c_name; cp++) 584 if (strcmp(cp->c_name, str) == 0) { 585 return cp->c_val; 586 } 587 return -1; 588 } 589 590 static void 591 restrict_process(const char *user) 592 { 593 struct passwd *pw = NULL; 594 595 pw = getpwnam(user); 596 if (pw == NULL) { 597 errx(1, "unknown user: %s", user); 598 } 599 600 if (setusercontext(NULL, pw, pw->pw_uid, LOGIN_SETALL) != 0) { 601 errx(1, "failed to set user environment"); 602 } 603 604 setenv("USER", pw->pw_name, 1); 605 setenv("HOME", pw->pw_dir, 1); 606 setenv("SHELL", *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL, 1); 607 } 608 609 /* 610 * We try to collect whole lines terminated by '\n'. Otherwise we collect a 611 * full buffer, and then output it. 612 * 613 * Return value of false is assumed to mean EOF or error, and true indicates to 614 * continue reading. 615 */ 616 static bool 617 listen_child(int fd, struct daemon_state *state) 618 { 619 static unsigned char buf[LBUF_SIZE]; 620 static size_t bytes_read = 0; 621 int rv; 622 623 assert(state != NULL); 624 assert(bytes_read < LBUF_SIZE - 1); 625 626 if (do_log_reopen) { 627 reopen_log(state); 628 } 629 rv = read(fd, buf + bytes_read, LBUF_SIZE - bytes_read - 1); 630 if (rv > 0) { 631 unsigned char *cp; 632 633 bytes_read += rv; 634 assert(bytes_read <= LBUF_SIZE - 1); 635 /* Always NUL-terminate just in case. */ 636 buf[LBUF_SIZE - 1] = '\0'; 637 /* 638 * Chomp line by line until we run out of buffer. 639 * This does not take NUL characters into account. 640 */ 641 while ((cp = memchr(buf, '\n', bytes_read)) != NULL) { 642 size_t bytes_line = cp - buf + 1; 643 assert(bytes_line <= bytes_read); 644 do_output(buf, bytes_line, state); 645 bytes_read -= bytes_line; 646 memmove(buf, cp + 1, bytes_read); 647 } 648 /* Wait until the buffer is full. */ 649 if (bytes_read < LBUF_SIZE - 1) { 650 return true; 651 } 652 do_output(buf, bytes_read, state); 653 bytes_read = 0; 654 return true; 655 } else if (rv == -1) { 656 /* EINTR should trigger another read. */ 657 if (errno == EINTR) { 658 return true; 659 } else { 660 warn("read"); 661 return false; 662 } 663 } 664 /* Upon EOF, we have to flush what's left of the buffer. */ 665 if (bytes_read > 0) { 666 do_output(buf, bytes_read, state); 667 bytes_read = 0; 668 } 669 return false; 670 } 671 672 /* 673 * The default behavior is to stay silent if the user wants to redirect 674 * output to a file and/or syslog. If neither are provided, then we bounce 675 * everything back to parent's stdout. 676 */ 677 static void 678 do_output(const unsigned char *buf, size_t len, struct daemon_state *state) 679 { 680 assert(len <= LBUF_SIZE); 681 assert(state != NULL); 682 683 if (len < 1) { 684 return; 685 } 686 if (state->syslog_enabled) { 687 syslog(state->syslog_priority, "%.*s", (int)len, buf); 688 } 689 if (state->output_fd != -1) { 690 if (write(state->output_fd, buf, len) == -1) 691 warn("write"); 692 } 693 if (state->keep_fds_open && 694 !state->syslog_enabled && 695 state->output_fd == -1) { 696 printf("%.*s", (int)len, buf); 697 } 698 } 699 700 /* 701 * We use the global PID acquired directly from fork. If there is no valid 702 * child pid, the handler should be blocked and/or child_gone == 1. 703 */ 704 static void 705 handle_term(int signo) 706 { 707 if (pid > 0 && !child_gone) { 708 kill(pid, signo); 709 } 710 terminate = 1; 711 } 712 713 static void 714 handle_chld(int signo __unused) 715 { 716 717 for (;;) { 718 int rv = waitpid(-1, NULL, WNOHANG); 719 if (pid == rv) { 720 child_gone = 1; 721 break; 722 } else if (rv == -1 && errno != EINTR) { 723 warn("waitpid"); 724 return; 725 } 726 } 727 } 728 729 static void 730 handle_hup(int signo __unused) 731 { 732 733 do_log_reopen = 1; 734 } 735 736 static int 737 open_log(const char *outfn) 738 { 739 740 return open(outfn, O_CREAT | O_WRONLY | O_APPEND | O_CLOEXEC, 0600); 741 } 742 743 static void 744 reopen_log(struct daemon_state *state) 745 { 746 int outfd; 747 748 do_log_reopen = 0; 749 outfd = open_log(state->output_filename); 750 if (state->output_fd >= 0) { 751 close(state->output_fd); 752 } 753 state->output_fd = outfd; 754 } 755 756 static void 757 daemon_state_init(struct daemon_state *state) 758 { 759 *state = (struct daemon_state) { 760 .pipe_fd = { -1, -1 }, 761 .argv = NULL, 762 .parent_pidfh = NULL, 763 .child_pidfh = NULL, 764 .child_pidfile = NULL, 765 .parent_pidfile = NULL, 766 .title = NULL, 767 .user = NULL, 768 .supervision_enabled = false, 769 .child_eof = false, 770 .restart_enabled = false, 771 .keep_cur_workdir = 1, 772 .restart_delay = 1, 773 .stdmask = STDOUT_FILENO | STDERR_FILENO, 774 .syslog_enabled = false, 775 .log_reopen = false, 776 .syslog_priority = LOG_NOTICE, 777 .syslog_tag = "daemon", 778 .syslog_facility = LOG_DAEMON, 779 .keep_fds_open = 1, 780 .output_fd = -1, 781 .output_filename = NULL, 782 }; 783 784 sigemptyset(&state->mask_susp); 785 sigemptyset(&state->mask_read); 786 sigemptyset(&state->mask_term); 787 sigemptyset(&state->mask_orig); 788 sigaddset(&state->mask_susp, SIGTERM); 789 sigaddset(&state->mask_susp, SIGCHLD); 790 sigaddset(&state->mask_term, SIGTERM); 791 sigaddset(&state->mask_read, SIGCHLD); 792 793 } 794 795 static _Noreturn void 796 daemon_terminate(struct daemon_state *state) 797 { 798 assert(state != NULL); 799 close(state->output_fd); 800 close(state->pipe_fd[0]); 801 close(state->pipe_fd[1]); 802 if (state->syslog_enabled) { 803 closelog(); 804 } 805 pidfile_remove(state->child_pidfh); 806 pidfile_remove(state->parent_pidfh); 807 808 /* 809 * Note that the exit value here doesn't matter in the case of a clean 810 * exit; daemon(3) already detached us from the caller, nothing is left 811 * to care about this one. 812 */ 813 exit(1); 814 } 815