1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 1999 Berkeley Software Design, Inc. All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 3. Berkeley Software Design Inc's name may not be used to endorse or 15 * promote products derived from this software without specific prior 16 * written permission. 17 * 18 * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 * 30 * From BSDI: daemon.c,v 1.2 1996/08/15 01:11:09 jch Exp 31 */ 32 33 #include <sys/event.h> 34 #include <sys/mman.h> 35 #include <sys/wait.h> 36 37 #include <fcntl.h> 38 #include <err.h> 39 #include <errno.h> 40 #include <getopt.h> 41 #include <libutil.h> 42 #include <login_cap.h> 43 #include <paths.h> 44 #include <pwd.h> 45 #include <signal.h> 46 #include <stdio.h> 47 #include <stdbool.h> 48 #include <stdlib.h> 49 #include <unistd.h> 50 #include <string.h> 51 #define SYSLOG_NAMES 52 #include <syslog.h> 53 #include <time.h> 54 #include <assert.h> 55 56 /* 1 year in seconds */ 57 #define MAX_RESTART_DELAY 60*60*24*365 58 59 /* Maximum number of restarts */ 60 #define MAX_RESTART_COUNT 128 61 62 #define LBUF_SIZE 4096 63 64 enum daemon_mode { 65 MODE_DAEMON = 0, /* simply daemonize, no supervision */ 66 MODE_SUPERVISE, /* initial supervision state */ 67 MODE_TERMINATING, /* user requested termination */ 68 MODE_NOCHILD, /* child is terminated, final state of the event loop */ 69 }; 70 71 72 struct daemon_state { 73 unsigned char buf[LBUF_SIZE]; 74 size_t pos; 75 char **argv; 76 const char *child_pidfile; 77 const char *parent_pidfile; 78 const char *output_filename; 79 const char *syslog_tag; 80 const char *title; 81 const char *user; 82 struct pidfh *parent_pidfh; 83 struct pidfh *child_pidfh; 84 enum daemon_mode mode; 85 int pid; 86 int pipe_rd; 87 int pipe_wr; 88 int keep_cur_workdir; 89 int kqueue_fd; 90 int restart_delay; 91 int stdmask; 92 int syslog_priority; 93 int syslog_facility; 94 int keep_fds_open; 95 int output_fd; 96 bool restart_enabled; 97 bool syslog_enabled; 98 bool log_reopen; 99 int restart_count; 100 int restarted_count; 101 }; 102 103 static void restrict_process(const char *); 104 static int open_log(const char *); 105 static void reopen_log(struct daemon_state *); 106 static bool listen_child(struct daemon_state *); 107 static int get_log_mapping(const char *, const CODE *); 108 static void open_pid_files(struct daemon_state *); 109 static void do_output(const unsigned char *, size_t, struct daemon_state *); 110 static void daemon_sleep(struct daemon_state *); 111 static void daemon_state_init(struct daemon_state *); 112 static void daemon_eventloop(struct daemon_state *); 113 static void daemon_terminate(struct daemon_state *); 114 static void daemon_exec(struct daemon_state *); 115 static bool daemon_is_child_dead(struct daemon_state *); 116 static void daemon_set_child_pipe(struct daemon_state *); 117 static int daemon_setup_kqueue(void); 118 119 static int pidfile_truncate(struct pidfh *); 120 121 static const char shortopts[] = "+cfHSp:P:ru:o:s:l:t:m:R:T:C:h"; 122 123 static const struct option longopts[] = { 124 { "change-dir", no_argument, NULL, 'c' }, 125 { "close-fds", no_argument, NULL, 'f' }, 126 { "sighup", no_argument, NULL, 'H' }, 127 { "syslog", no_argument, NULL, 'S' }, 128 { "output-file", required_argument, NULL, 'o' }, 129 { "output-mask", required_argument, NULL, 'm' }, 130 { "child-pidfile", required_argument, NULL, 'p' }, 131 { "supervisor-pidfile", required_argument, NULL, 'P' }, 132 { "restart", no_argument, NULL, 'r' }, 133 { "restart-count", required_argument, NULL, 'C' }, 134 { "restart-delay", required_argument, NULL, 'R' }, 135 { "title", required_argument, NULL, 't' }, 136 { "user", required_argument, NULL, 'u' }, 137 { "syslog-priority", required_argument, NULL, 's' }, 138 { "syslog-facility", required_argument, NULL, 'l' }, 139 { "syslog-tag", required_argument, NULL, 'T' }, 140 { "help", no_argument, NULL, 'h' }, 141 { NULL, 0, NULL, 0 } 142 }; 143 144 static _Noreturn void 145 usage(int exitcode) 146 { 147 (void)fprintf(stderr, 148 "usage: daemon [-cfHrS] [-p child_pidfile] [-P supervisor_pidfile]\n" 149 " [-u user] [-o output_file] [-t title]\n" 150 " [-l syslog_facility] [-s syslog_priority]\n" 151 " [-T syslog_tag] [-m output_mask] [-R restart_delay_secs]\n" 152 " [-C restart_count]\n" 153 "command arguments ...\n"); 154 155 (void)fprintf(stderr, 156 " --change-dir -c Change the current working directory to root\n" 157 " --close-fds -f Set stdin, stdout, stderr to /dev/null\n" 158 " --sighup -H Close and re-open output file on SIGHUP\n" 159 " --syslog -S Send output to syslog\n" 160 " --output-file -o <file> Append output of the child process to file\n" 161 " --output-mask -m <mask> What to send to syslog/file\n" 162 " 1=stdout, 2=stderr, 3=both\n" 163 " --child-pidfile -p <file> Write PID of the child process to file\n" 164 " --supervisor-pidfile -P <file> Write PID of the supervisor process to file\n" 165 " --restart -r Restart child if it terminates (1 sec delay)\n" 166 " --restart-count -C <N> Restart child at most N times, then exit\n" 167 " --restart-delay -R <N> Restart child if it terminates after N sec\n" 168 " --title -t <title> Set the title of the supervisor process\n" 169 " --user -u <user> Drop privileges, run as given user\n" 170 " --syslog-priority -s <prio> Set syslog priority\n" 171 " --syslog-facility -l <flty> Set syslog facility\n" 172 " --syslog-tag -T <tag> Set syslog tag\n" 173 " --help -h Show this help\n"); 174 175 exit(exitcode); 176 } 177 178 int 179 main(int argc, char *argv[]) 180 { 181 const char *e = NULL; 182 int ch = 0; 183 struct daemon_state state; 184 185 daemon_state_init(&state); 186 187 /* Signals are processed via kqueue */ 188 signal(SIGHUP, SIG_IGN); 189 signal(SIGTERM, SIG_IGN); 190 191 /* 192 * Supervision mode is enabled if one of the following options are used: 193 * --child-pidfile -p 194 * --supervisor-pidfile -P 195 * --restart -r / --restart-delay -R 196 * --syslog -S 197 * --syslog-facility -l 198 * --syslog-priority -s 199 * --syslog-tag -T 200 * 201 * In supervision mode daemon executes the command in a forked process 202 * and observes the child by waiting for SIGCHILD. In supervision mode 203 * daemon must never exit before the child, this is necessary to prevent 204 * orphaning the child and leaving a stale pid file. 205 * To achieve this daemon catches SIGTERM and 206 * forwards it to the child, expecting to get SIGCHLD eventually. 207 */ 208 while ((ch = getopt_long(argc, argv, shortopts, longopts, NULL)) != -1) { 209 switch (ch) { 210 case 'c': 211 state.keep_cur_workdir = 0; 212 break; 213 case 'C': 214 state.restart_count = (int)strtonum(optarg, 0, 215 MAX_RESTART_COUNT, &e); 216 if (e != NULL) { 217 errx(6, "invalid restart count: %s", e); 218 } 219 break; 220 case 'f': 221 state.keep_fds_open = 0; 222 break; 223 case 'H': 224 state.log_reopen = true; 225 break; 226 case 'l': 227 state.syslog_facility = get_log_mapping(optarg, 228 facilitynames); 229 if (state.syslog_facility == -1) { 230 errx(5, "unrecognized syslog facility"); 231 } 232 state.syslog_enabled = true; 233 state.mode = MODE_SUPERVISE; 234 break; 235 case 'm': 236 state.stdmask = (int)strtonum(optarg, 0, 3, &e); 237 if (e != NULL) { 238 errx(6, "unrecognized listening mask: %s", e); 239 } 240 break; 241 case 'o': 242 state.output_filename = optarg; 243 /* 244 * TODO: setting output filename doesn't have to turn 245 * the supervision mode on. For non-supervised mode 246 * daemon could open the specified file and set it's 247 * descriptor as both stderr and stout before execve() 248 */ 249 state.mode = MODE_SUPERVISE; 250 break; 251 case 'p': 252 state.child_pidfile = optarg; 253 state.mode = MODE_SUPERVISE; 254 break; 255 case 'P': 256 state.parent_pidfile = optarg; 257 state.mode = MODE_SUPERVISE; 258 break; 259 case 'r': 260 state.restart_enabled = true; 261 state.mode = MODE_SUPERVISE; 262 break; 263 case 'R': 264 state.restart_enabled = true; 265 state.restart_delay = (int)strtonum(optarg, 1, 266 MAX_RESTART_DELAY, &e); 267 if (e != NULL) { 268 errx(6, "invalid restart delay: %s", e); 269 } 270 state.mode = MODE_SUPERVISE; 271 break; 272 case 's': 273 state.syslog_priority = get_log_mapping(optarg, 274 prioritynames); 275 if (state.syslog_priority == -1) { 276 errx(4, "unrecognized syslog priority"); 277 } 278 state.syslog_enabled = true; 279 state.mode = MODE_SUPERVISE; 280 break; 281 case 'S': 282 state.syslog_enabled = true; 283 state.mode = MODE_SUPERVISE; 284 break; 285 case 't': 286 state.title = optarg; 287 break; 288 case 'T': 289 state.syslog_tag = optarg; 290 state.syslog_enabled = true; 291 state.mode = MODE_SUPERVISE; 292 break; 293 case 'u': 294 state.user = optarg; 295 break; 296 case 'h': 297 usage(0); 298 __unreachable(); 299 default: 300 usage(1); 301 } 302 } 303 argc -= optind; 304 argv += optind; 305 state.argv = argv; 306 307 if (argc == 0) { 308 usage(1); 309 } 310 311 if (!state.title) { 312 state.title = argv[0]; 313 } 314 315 if (state.output_filename) { 316 state.output_fd = open_log(state.output_filename); 317 if (state.output_fd == -1) { 318 err(7, "open"); 319 } 320 } 321 322 if (state.syslog_enabled) { 323 openlog(state.syslog_tag, LOG_PID | LOG_NDELAY, 324 state.syslog_facility); 325 } 326 327 /* 328 * Try to open the pidfile before calling daemon(3), 329 * to be able to report the error intelligently 330 */ 331 open_pid_files(&state); 332 333 /* 334 * TODO: add feature to avoid backgrounding 335 * i.e. --foreground, -f 336 */ 337 if (daemon(state.keep_cur_workdir, state.keep_fds_open) == -1) { 338 warn("daemon"); 339 daemon_terminate(&state); 340 } 341 342 if (state.mode == MODE_DAEMON) { 343 daemon_exec(&state); 344 } 345 346 /* Write out parent pidfile if needed. */ 347 pidfile_write(state.parent_pidfh); 348 349 state.kqueue_fd = daemon_setup_kqueue(); 350 351 do { 352 state.mode = MODE_SUPERVISE; 353 daemon_eventloop(&state); 354 daemon_sleep(&state); 355 if (state.restart_enabled && state.restart_count > -1) { 356 if (state.restarted_count >= state.restart_count) { 357 state.restart_enabled = false; 358 } 359 state.restarted_count++; 360 } 361 } while (state.restart_enabled); 362 363 daemon_terminate(&state); 364 } 365 366 static void 367 daemon_exec(struct daemon_state *state) 368 { 369 pidfile_write(state->child_pidfh); 370 371 if (state->user != NULL) { 372 restrict_process(state->user); 373 } 374 375 /* Ignored signals remain ignored after execve, unignore them */ 376 signal(SIGHUP, SIG_DFL); 377 signal(SIGTERM, SIG_DFL); 378 execvp(state->argv[0], state->argv); 379 /* execvp() failed - report error and exit this process */ 380 err(1, "%s", state->argv[0]); 381 } 382 383 /* Main event loop: fork the child and watch for events. 384 * After SIGTERM is received and propagated to the child there are 385 * several options on what to do next: 386 * - read until EOF 387 * - read until EOF but only for a while 388 * - bail immediately 389 * Currently the third option is used, because otherwise there is no 390 * guarantee that read() won't block indefinitely if the child refuses 391 * to depart. To handle the second option, a different approach 392 * would be needed (procctl()?). 393 */ 394 static void 395 daemon_eventloop(struct daemon_state *state) 396 { 397 struct kevent event; 398 int kq; 399 int ret; 400 int pipe_fd[2]; 401 402 /* 403 * Try to protect against pageout kill. Ignore the 404 * error, madvise(2) will fail only if a process does 405 * not have superuser privileges. 406 */ 407 (void)madvise(NULL, 0, MADV_PROTECT); 408 409 if (pipe(pipe_fd)) { 410 err(1, "pipe"); 411 } 412 state->pipe_rd = pipe_fd[0]; 413 state->pipe_wr = pipe_fd[1]; 414 415 kq = state->kqueue_fd; 416 EV_SET(&event, state->pipe_rd, EVFILT_READ, EV_ADD|EV_CLEAR, 0, 0, 417 NULL); 418 if (kevent(kq, &event, 1, NULL, 0, NULL) == -1) { 419 err(EXIT_FAILURE, "failed to register kevent"); 420 } 421 422 memset(&event, 0, sizeof(struct kevent)); 423 424 /* Spawn a child to exec the command. */ 425 state->pid = fork(); 426 427 /* fork failed, this can only happen when supervision is enabled */ 428 switch (state->pid) { 429 case -1: 430 warn("fork"); 431 state->mode = MODE_NOCHILD; 432 return; 433 /* fork succeeded, this is child's branch */ 434 case 0: 435 close(kq); 436 daemon_set_child_pipe(state); 437 daemon_exec(state); 438 break; 439 } 440 441 /* case: pid > 0; fork succeeded */ 442 close(state->pipe_wr); 443 state->pipe_wr = -1; 444 setproctitle("%s[%d]", state->title, (int)state->pid); 445 setbuf(stdout, NULL); 446 447 while (state->mode != MODE_NOCHILD) { 448 ret = kevent(kq, NULL, 0, &event, 1, NULL); 449 switch (ret) { 450 case -1: 451 if (errno == EINTR) 452 continue; 453 err(EXIT_FAILURE, "kevent wait"); 454 case 0: 455 continue; 456 } 457 458 if (event.flags & EV_ERROR) { 459 errx(EXIT_FAILURE, "Event error: %s", 460 strerror((int)event.data)); 461 } 462 463 switch (event.filter) { 464 case EVFILT_SIGNAL: 465 466 switch (event.ident) { 467 case SIGCHLD: 468 if (daemon_is_child_dead(state)) { 469 /* child is dead, read all until EOF */ 470 state->pid = -1; 471 state->mode = MODE_NOCHILD; 472 while (listen_child(state)) { 473 continue; 474 } 475 } 476 continue; 477 case SIGTERM: 478 if (state->mode != MODE_SUPERVISE) { 479 /* user is impatient */ 480 /* TODO: warn about repeated SIGTERM? */ 481 continue; 482 } 483 484 state->mode = MODE_TERMINATING; 485 state->restart_enabled = false; 486 if (state->pid > 0) { 487 kill(state->pid, SIGTERM); 488 } 489 /* 490 * TODO set kevent timer to exit 491 * unconditionally after some time 492 */ 493 continue; 494 case SIGHUP: 495 if (state->log_reopen && state->output_fd >= 0) { 496 reopen_log(state); 497 } 498 continue; 499 } 500 break; 501 502 case EVFILT_READ: 503 /* 504 * detecting EOF is no longer necessary 505 * if child closes the pipe daemon will stop getting 506 * EVFILT_READ events 507 */ 508 509 if (event.data > 0) { 510 (void)listen_child(state); 511 } 512 continue; 513 default: 514 assert(0 && "Unexpected kevent filter type"); 515 continue; 516 } 517 } 518 519 /* EVFILT_READ kqueue filter goes away here. */ 520 close(state->pipe_rd); 521 state->pipe_rd = -1; 522 523 /* 524 * We don't have to truncate the pidfile, but it's easier to test 525 * daemon(8) behavior in some respects if we do. We won't bother if 526 * the child won't be restarted. 527 */ 528 if (state->child_pidfh != NULL && state->restart_enabled) { 529 pidfile_truncate(state->child_pidfh); 530 } 531 } 532 533 /* 534 * Note that daemon_sleep() should not be called with anything but the signal 535 * events in the kqueue without further consideration. 536 */ 537 static void 538 daemon_sleep(struct daemon_state *state) 539 { 540 struct kevent event = { 0 }; 541 int ret; 542 543 assert(state->pipe_rd == -1); 544 assert(state->pipe_wr == -1); 545 546 if (!state->restart_enabled) { 547 return; 548 } 549 550 EV_SET(&event, 0, EVFILT_TIMER, EV_ADD|EV_ONESHOT, NOTE_SECONDS, 551 state->restart_delay, NULL); 552 if (kevent(state->kqueue_fd, &event, 1, NULL, 0, NULL) == -1) { 553 err(1, "failed to register timer"); 554 } 555 556 for (;;) { 557 ret = kevent(state->kqueue_fd, NULL, 0, &event, 1, NULL); 558 if (ret == -1) { 559 if (errno != EINTR) { 560 err(1, "kevent"); 561 } 562 563 continue; 564 } 565 566 /* 567 * Any other events being raised are indicative of a problem 568 * that we need to investigate. Most likely being that 569 * something was not cleaned up from the eventloop. 570 */ 571 assert(event.filter == EVFILT_TIMER || 572 event.filter == EVFILT_SIGNAL); 573 574 if (event.filter == EVFILT_TIMER) { 575 /* Break's over, back to work. */ 576 break; 577 } 578 579 /* Process any pending signals. */ 580 switch (event.ident) { 581 case SIGTERM: 582 /* 583 * We could disarm the timer, but we'll be terminating 584 * promptly anyways. 585 */ 586 state->restart_enabled = false; 587 return; 588 case SIGHUP: 589 if (state->log_reopen && state->output_fd >= 0) { 590 reopen_log(state); 591 } 592 593 break; 594 case SIGCHLD: 595 default: 596 /* Discard */ 597 break; 598 } 599 } 600 601 /* SIGTERM should've returned immediately. */ 602 assert(state->restart_enabled); 603 } 604 605 static void 606 open_pid_files(struct daemon_state *state) 607 { 608 pid_t fpid; 609 int serrno; 610 611 if (state->child_pidfile) { 612 state->child_pidfh = pidfile_open(state->child_pidfile, 0600, &fpid); 613 if (state->child_pidfh == NULL) { 614 if (errno == EEXIST) { 615 errx(3, "process already running, pid: %d", 616 fpid); 617 } 618 err(2, "pidfile ``%s''", state->child_pidfile); 619 } 620 } 621 /* Do the same for the actual daemon process. */ 622 if (state->parent_pidfile) { 623 state->parent_pidfh= pidfile_open(state->parent_pidfile, 0600, &fpid); 624 if (state->parent_pidfh == NULL) { 625 serrno = errno; 626 pidfile_remove(state->child_pidfh); 627 errno = serrno; 628 if (errno == EEXIST) { 629 errx(3, "process already running, pid: %d", 630 fpid); 631 } 632 err(2, "ppidfile ``%s''", state->parent_pidfile); 633 } 634 } 635 } 636 637 static int 638 get_log_mapping(const char *str, const CODE *c) 639 { 640 const CODE *cp; 641 for (cp = c; cp->c_name; cp++) 642 if (strcmp(cp->c_name, str) == 0) { 643 return cp->c_val; 644 } 645 return -1; 646 } 647 648 static void 649 restrict_process(const char *user) 650 { 651 struct passwd *pw = NULL; 652 653 pw = getpwnam(user); 654 if (pw == NULL) { 655 errx(1, "unknown user: %s", user); 656 } 657 658 if (setusercontext(NULL, pw, pw->pw_uid, LOGIN_SETALL) != 0) { 659 errx(1, "failed to set user environment"); 660 } 661 662 setenv("USER", pw->pw_name, 1); 663 setenv("HOME", pw->pw_dir, 1); 664 setenv("SHELL", *pw->pw_shell ? pw->pw_shell : _PATH_BSHELL, 1); 665 } 666 667 /* 668 * We try to collect whole lines terminated by '\n'. Otherwise we collect a 669 * full buffer, and then output it. 670 * 671 * Return value of false is assumed to mean EOF or error, and true indicates to 672 * continue reading. 673 */ 674 static bool 675 listen_child(struct daemon_state *state) 676 { 677 ssize_t rv; 678 unsigned char *cp; 679 680 assert(state != NULL); 681 assert(state->pos < LBUF_SIZE - 1); 682 683 rv = read(state->pipe_rd, state->buf + state->pos, 684 LBUF_SIZE - state->pos - 1); 685 if (rv > 0) { 686 state->pos += rv; 687 assert(state->pos <= LBUF_SIZE - 1); 688 /* Always NUL-terminate just in case. */ 689 state->buf[LBUF_SIZE - 1] = '\0'; 690 691 /* 692 * Find position of the last newline in the buffer. 693 * The buffer is guaranteed to have one or more complete lines 694 * if at least one newline was found when searching in reverse. 695 * All complete lines are flushed. 696 * This does not take NUL characters into account. 697 */ 698 cp = memrchr(state->buf, '\n', state->pos); 699 if (cp != NULL) { 700 size_t bytes_line = cp - state->buf + 1; 701 assert(bytes_line <= state->pos); 702 do_output(state->buf, bytes_line, state); 703 state->pos -= bytes_line; 704 memmove(state->buf, cp + 1, state->pos); 705 } 706 /* Wait until the buffer is full. */ 707 if (state->pos < LBUF_SIZE - 1) { 708 return true; 709 } 710 do_output(state->buf, state->pos, state); 711 state->pos = 0; 712 return true; 713 } else if (rv == -1) { 714 /* EINTR should trigger another read. */ 715 if (errno == EINTR) { 716 return true; 717 } else { 718 warn("read"); 719 return false; 720 } 721 } 722 /* Upon EOF, we have to flush what's left of the buffer. */ 723 if (state->pos > 0) { 724 do_output(state->buf, state->pos, state); 725 state->pos = 0; 726 } 727 return false; 728 } 729 730 /* 731 * The default behavior is to stay silent if the user wants to redirect 732 * output to a file and/or syslog. If neither are provided, then we bounce 733 * everything back to parent's stdout. 734 */ 735 static void 736 do_output(const unsigned char *buf, size_t len, struct daemon_state *state) 737 { 738 assert(len <= LBUF_SIZE); 739 assert(state != NULL); 740 741 if (len < 1) { 742 return; 743 } 744 if (state->syslog_enabled) { 745 syslog(state->syslog_priority, "%.*s", (int)len, buf); 746 } 747 if (state->output_fd != -1) { 748 if (write(state->output_fd, buf, len) == -1) 749 warn("write"); 750 } 751 if (state->keep_fds_open && 752 !state->syslog_enabled && 753 state->output_fd == -1) { 754 printf("%.*s", (int)len, buf); 755 } 756 } 757 758 static int 759 open_log(const char *outfn) 760 { 761 762 return open(outfn, O_CREAT | O_WRONLY | O_APPEND | O_CLOEXEC, 0600); 763 } 764 765 static void 766 reopen_log(struct daemon_state *state) 767 { 768 int outfd; 769 770 outfd = open_log(state->output_filename); 771 if (state->output_fd >= 0) { 772 close(state->output_fd); 773 } 774 state->output_fd = outfd; 775 } 776 777 static void 778 daemon_state_init(struct daemon_state *state) 779 { 780 *state = (struct daemon_state) { 781 .buf = {0}, 782 .pos = 0, 783 .argv = NULL, 784 .parent_pidfh = NULL, 785 .child_pidfh = NULL, 786 .child_pidfile = NULL, 787 .parent_pidfile = NULL, 788 .title = NULL, 789 .user = NULL, 790 .mode = MODE_DAEMON, 791 .restart_enabled = false, 792 .pid = 0, 793 .pipe_rd = -1, 794 .pipe_wr = -1, 795 .keep_cur_workdir = 1, 796 .kqueue_fd = -1, 797 .restart_delay = 1, 798 .stdmask = STDOUT_FILENO | STDERR_FILENO, 799 .syslog_enabled = false, 800 .log_reopen = false, 801 .syslog_priority = LOG_NOTICE, 802 .syslog_tag = "daemon", 803 .syslog_facility = LOG_DAEMON, 804 .keep_fds_open = 1, 805 .output_fd = -1, 806 .output_filename = NULL, 807 .restart_count = -1, 808 .restarted_count = 0 809 }; 810 } 811 812 static _Noreturn void 813 daemon_terminate(struct daemon_state *state) 814 { 815 assert(state != NULL); 816 817 if (state->kqueue_fd >= 0) { 818 close(state->kqueue_fd); 819 } 820 if (state->output_fd >= 0) { 821 close(state->output_fd); 822 } 823 if (state->pipe_rd >= 0) { 824 close(state->pipe_rd); 825 } 826 827 if (state->pipe_wr >= 0) { 828 close(state->pipe_wr); 829 } 830 if (state->syslog_enabled) { 831 closelog(); 832 } 833 pidfile_remove(state->child_pidfh); 834 pidfile_remove(state->parent_pidfh); 835 836 /* 837 * Note that the exit value here doesn't matter in the case of a clean 838 * exit; daemon(3) already detached us from the caller, nothing is left 839 * to care about this one. 840 */ 841 exit(1); 842 } 843 844 /* 845 * Returns true if SIGCHILD came from state->pid due to its exit. 846 */ 847 static bool 848 daemon_is_child_dead(struct daemon_state *state) 849 { 850 int status; 851 852 for (;;) { 853 int who = waitpid(-1, &status, WNOHANG); 854 if (state->pid == who && (WIFEXITED(status) || 855 WIFSIGNALED(status))) { 856 return true; 857 } 858 if (who == 0) { 859 return false; 860 } 861 if (who == -1 && errno != EINTR) { 862 warn("waitpid"); 863 return false; 864 } 865 } 866 } 867 868 static void 869 daemon_set_child_pipe(struct daemon_state *state) 870 { 871 if (state->stdmask & STDERR_FILENO) { 872 if (dup2(state->pipe_wr, STDERR_FILENO) == -1) { 873 err(1, "dup2"); 874 } 875 } 876 if (state->stdmask & STDOUT_FILENO) { 877 if (dup2(state->pipe_wr, STDOUT_FILENO) == -1) { 878 err(1, "dup2"); 879 } 880 } 881 if (state->pipe_wr != STDERR_FILENO && 882 state->pipe_wr != STDOUT_FILENO) { 883 close(state->pipe_wr); 884 } 885 886 /* The child gets dup'd pipes. */ 887 close(state->pipe_rd); 888 } 889 890 static int 891 daemon_setup_kqueue(void) 892 { 893 int kq; 894 struct kevent event = { 0 }; 895 896 kq = kqueuex(KQUEUE_CLOEXEC); 897 if (kq == -1) { 898 err(EXIT_FAILURE, "kqueue"); 899 } 900 901 EV_SET(&event, SIGHUP, EVFILT_SIGNAL, EV_ADD, 0, 0, NULL); 902 if (kevent(kq, &event, 1, NULL, 0, NULL) == -1) { 903 err(EXIT_FAILURE, "failed to register kevent"); 904 } 905 906 EV_SET(&event, SIGTERM, EVFILT_SIGNAL, EV_ADD, 0, 0, NULL); 907 if (kevent(kq, &event, 1, NULL, 0, NULL) == -1) { 908 err(EXIT_FAILURE, "failed to register kevent"); 909 } 910 911 EV_SET(&event, SIGCHLD, EVFILT_SIGNAL, EV_ADD, 0, 0, NULL); 912 if (kevent(kq, &event, 1, NULL, 0, NULL) == -1) { 913 err(EXIT_FAILURE, "failed to register kevent"); 914 } 915 916 return (kq); 917 } 918 919 static int 920 pidfile_truncate(struct pidfh *pfh) 921 { 922 int pfd = pidfile_fileno(pfh); 923 924 assert(pfd >= 0); 925 926 if (ftruncate(pfd, 0) == -1) 927 return (-1); 928 929 /* 930 * pidfile_write(3) will always pwrite(..., 0) today, but let's assume 931 * it may not always and do a best-effort reset of the position just to 932 * set a good example. 933 */ 934 (void)lseek(pfd, 0, SEEK_SET); 935 return (0); 936 } 937