xref: /freebsd/usr.sbin/daemon/daemon.c (revision f6c0136c7fb87ab8277221a306291e386fe944fb) 
1 /*-
2  * Copyright (c) 1999 Berkeley Software Design, Inc. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions
6  * are met:
7  * 1. Redistributions of source code must retain the above copyright
8  *    notice, this list of conditions and the following disclaimer.
9  * 2. Redistributions in binary form must reproduce the above copyright
10  *    notice, this list of conditions and the following disclaimer in the
11  *    documentation and/or other materials provided with the distribution.
12  * 3. Berkeley Software Design Inc's name may not be used to endorse or
13  *    promote products derived from this software without specific prior
14  *    written permission.
15  *
16  * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND
17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED.  IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE
20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  *
28  *	From BSDI: daemon.c,v 1.2 1996/08/15 01:11:09 jch Exp
29  */
30 
31 #include <sys/cdefs.h>
32 __FBSDID("$FreeBSD$");
33 
34 #include <sys/param.h>
35 
36 #include <err.h>
37 #include <errno.h>
38 #include <pwd.h>
39 #include <grp.h>
40 #include <libutil.h>
41 #include <stdio.h>
42 #include <stdlib.h>
43 #include <unistd.h>
44 
45 static void restrict_process(const char *, const char *);
46 static void usage(void);
47 
48 int
49 main(int argc, char *argv[])
50 {
51 	struct pidfh *pfh = NULL;
52 	int ch, nochdir, noclose, errcode;
53 	const char *pidfile, *user, *group;
54 	pid_t otherpid;
55 
56 	nochdir = noclose = 1;
57 	pidfile = user = group = NULL;
58 	while ((ch = getopt(argc, argv, "-cfg:p:u:")) != -1) {
59 		switch (ch) {
60 		case 'c':
61 			nochdir = 0;
62 			break;
63 		case 'f':
64 			noclose = 0;
65 			break;
66 		case 'u':
67 			user = optarg;
68 			break;
69 		case 'g':
70 			group = optarg;
71 			break;
72 		case 'p':
73 			pidfile = optarg;
74 			break;
75 		default:
76 			usage();
77 		}
78 	}
79 	argc -= optind;
80 	argv += optind;
81 
82 	if (argc == 0)
83 		usage();
84 
85 	if (user || group) {
86 		if (getuid() != 0)
87 			errx(1, "only root user is allowed to chroot "
88 			    "and change UID/GID");
89 		restrict_process(user, group);
90 	}
91 
92 	/*
93 	 * Try to open the pidfile before calling daemon(3),
94 	 * to be able to report the error intelligently
95 	 */
96 	if (pidfile) {
97 		pfh = pidfile_open(pidfile, 0600, &otherpid);
98 		if (pfh == NULL) {
99 			if (errno == EEXIST) {
100 				errx(3, "process already running, pid: %d",
101 				    otherpid);
102 			}
103 			err(2, "pidfile ``%s''", pidfile);
104 		}
105 	}
106 
107 	if (daemon(nochdir, noclose) == -1)
108 		err(1, NULL);
109 
110 	/* Now that we are the child, write out the pid */
111 	if (pidfile)
112 		pidfile_write(pfh);
113 
114 	execvp(argv[0], argv);
115 
116 	/*
117 	 * execvp() failed -- unlink pidfile if any, and
118 	 * report the error
119 	 */
120 	errcode = errno; /* Preserve errcode -- unlink may reset it */
121 	if (pidfile)
122 		pidfile_remove(pfh);
123 
124 	/* The child is now running, so the exit status doesn't matter. */
125 	errc(1, errcode, "%s", argv[0]);
126 }
127 
128 static void
129 restrict_process(const char *user, const char *group)
130 {
131 	struct group *gr = NULL;
132 	struct passwd *pw = NULL;
133 	errno = 0;
134 
135 	if (group != NULL) {
136 		if (initgroups(user, gr->gr_gid) == -1)
137 			errx(1, "User not in group list");
138 		if ((gr = getgrnam(group)) == NULL)
139 			errx(1, "Group %s does not exist", group);
140 		if (setgid(gr->gr_gid) == -1)
141 			err(1, "%s", group);
142 	}
143 
144 	if (user != NULL) {
145 		if ((pw = getpwnam(user)) == NULL)
146 			errx(1, "User %s does not exist", user);
147 		if (setuid(pw->pw_uid) == -1)
148 			err(1, "%s", user);
149 	}
150 }
151 
152 static void
153 usage(void)
154 {
155 	(void)fprintf(stderr,
156 	    "usage: daemon [-cf] [-g group] [-p pidfile] [-u user] command "
157 		"arguments ...\n");
158 	exit(1);
159 }
160