search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
1:255.16-alt1
[systemd_ALT.git] / src / socket-activate / socket-activate.c
blob78ecb29e60624a01119a4b7b7c60f19dcc9bdf71
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <getopt.h>
4 #include <sys/epoll.h>
5 #include <sys/prctl.h>
6 #include <sys/wait.h>
7 #include <unistd.h>
8
9 #include "sd-daemon.h"
10
11 #include "alloc-util.h"
12 #include "build.h"
13 #include "env-util.h"
14 #include "errno-util.h"
15 #include "escape.h"
16 #include "fd-util.h"
17 #include "log.h"
18 #include "macro.h"
19 #include "main-func.h"
20 #include "pretty-print.h"
21 #include "process-util.h"
22 #include "signal-util.h"
23 #include "socket-netlink.h"
24 #include "socket-util.h"
25 #include "string-util.h"
26 #include "strv.h"
27 #include "terminal-util.h"
28
29 static char **arg_listen = NULL;
30 static bool arg_accept = false;
31 static int arg_socket_type = SOCK_STREAM;
32 static char **arg_args = NULL;
33 static char **arg_setenv = NULL;
34 static char **arg_fdnames = NULL;
35 static bool arg_inetd = false;
36
37 static int add_epoll(int epoll_fd, int fd) {
38 struct epoll_event ev = {
39 .events = EPOLLIN,
40 .data.fd = fd,
41 };
42
43 assert(epoll_fd >= 0);
44 assert(fd >= 0);
45
46 if (epoll_ctl(epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0)
47 return log_error_errno(errno, "Failed to add event on epoll fd:%d for fd:%d: %m", epoll_fd, fd);
48
49 return 0;
50 }
51
52 static int open_sockets(int *ret_epoll_fd, bool accept) {
53 _cleanup_close_ int epoll_fd = -EBADF;
54 int n, r, count = 0;
55
56 assert(ret_epoll_fd);
57
58 n = sd_listen_fds(true);
59 if (n < 0)
60 return log_error_errno(n, "Failed to read listening file descriptors from environment: %m");
61 if (n > 0) {
62 log_info("Received %i descriptors via the environment.", n);
63
64 for (int fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
65 r = fd_cloexec(fd, arg_accept);
66 if (r < 0)
67 return r;
68
69 count++;
70 }
71 }
72
73 /* Close logging and all other descriptors */
74 if (arg_listen) {
75 _cleanup_free_ int *except = new(int, n);
76 if (!except)
77 return log_oom();
78
79 for (int i = 0; i < n; i++)
80 except[i] = SD_LISTEN_FDS_START + i;
81
82 log_close();
83 log_set_open_when_needed(true);
84 log_settle_target();
85
86 r = close_all_fds(except, n);
87 if (r < 0)
88 return log_error_errno(r, "Failed to close all file descriptors: %m");
89 }
90
91 /* Note: we leak some fd's on error here. It doesn't matter much, since the program will exit
92 * immediately anyway, but would be a pain to fix. */
93
94 STRV_FOREACH(address, arg_listen) {
95 r = make_socket_fd(LOG_DEBUG, *address, arg_socket_type, (arg_accept * SOCK_CLOEXEC));
96 if (r < 0)
97 return log_error_errno(r, "Failed to open '%s': %m", *address);
98
99 assert(r == SD_LISTEN_FDS_START + count);
100 count++;
101 }
102
103 if (arg_listen) {
104 log_open();
105 log_set_open_when_needed(false);
106 }
107
108 epoll_fd = epoll_create1(EPOLL_CLOEXEC);
109 if (epoll_fd < 0)
110 return log_error_errno(errno, "Failed to create epoll object: %m");
111
112 for (int fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + count; fd++) {
113 _cleanup_free_ char *name = NULL;
114
115 getsockname_pretty(fd, &name);
116 log_info("Listening on %s as %i.", strna(name), fd);
117
118 r = add_epoll(epoll_fd, fd);
119 if (r < 0)
120 return r;
121 }
122
123 *ret_epoll_fd = TAKE_FD(epoll_fd);
124 return count;
125 }
126
127 static int exec_process(const char *name, char **argv, int start_fd, size_t n_fds) {
128 _cleanup_strv_free_ char **envp = NULL;
129 int r;
130
131 if (arg_inetd && n_fds != 1)
132 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
133 "--inetd only supported for single file descriptors.");
134
135 FOREACH_STRING(var, "TERM", "PATH", "USER", "HOME") {
136 const char *n;
137
138 n = strv_find_prefix(environ, var);
139 if (!n)
140 continue;
141
142 r = strv_extend(&envp, n);
143 if (r < 0)
144 return r;
145 }
146
147 if (arg_inetd) {
148 assert(n_fds == 1);
149
150 r = rearrange_stdio(start_fd, start_fd, STDERR_FILENO); /* invalidates start_fd on success + error */
151 if (r < 0)
152 return log_error_errno(r, "Failed to move fd to stdin+stdout: %m");
153
154 } else {
155 if (start_fd != SD_LISTEN_FDS_START) {
156 assert(n_fds == 1);
157
158 if (dup2(start_fd, SD_LISTEN_FDS_START) < 0)
159 return log_error_errno(errno, "Failed to dup connection: %m");
160
161 safe_close(start_fd);
162 }
163
164 r = strv_extendf(&envp, "LISTEN_FDS=%zu", n_fds);
165 if (r < 0)
166 return r;
167
168 r = strv_extendf(&envp, "LISTEN_PID=" PID_FMT, getpid_cached());
169 if (r < 0)
170 return r;
171
172 if (arg_fdnames) {
173 _cleanup_free_ char *names = NULL;
174 size_t len;
175
176 len = strv_length(arg_fdnames);
177 if (len == 1)
178 for (size_t i = 1; i < n_fds; i++) {
179 r = strv_extend(&arg_fdnames, arg_fdnames[0]);
180 if (r < 0)
181 return log_oom();
182 }
183 else if (len != n_fds)
184 log_warning("The number of fd names is different than number of fds: %zu vs %zu", len, n_fds);
185
186 names = strv_join(arg_fdnames, ":");
187 if (!names)
188 return log_oom();
189
190 char *t = strjoin("LISTEN_FDNAMES=", names);
191 if (!t)
192 return log_oom();
193
194 r = strv_consume(&envp, t);
195 if (r < 0)
196 return r;
197 }
198 }
199
200 STRV_FOREACH(s, arg_setenv) {
201 r = strv_env_replace_strdup(&envp, *s);
202 if (r < 0)
203 return r;
204 }
205
206 _cleanup_free_ char *joined = strv_join(argv, " ");
207 if (!joined)
208 return log_oom();
209
210 log_info("Execing %s (%s)", name, joined);
211 execvpe(name, argv, envp);
212
213 return log_error_errno(errno, "Failed to execp %s (%s): %m", name, joined);
214 }
215
216 static int fork_and_exec_process(const char *child, char **argv, int fd) {
217 _cleanup_free_ char *joined = NULL;
218 pid_t child_pid;
219 int r;
220
221 joined = strv_join(argv, " ");
222 if (!joined)
223 return log_oom();
224
225 r = safe_fork("(activate)",
226 FORK_RESET_SIGNALS | FORK_DEATHSIG_SIGTERM | FORK_RLIMIT_NOFILE_SAFE | FORK_LOG,
227 &child_pid);
228 if (r < 0)
229 return r;
230 if (r == 0) {
231 /* In the child */
232 exec_process(child, argv, fd, 1);
233 _exit(EXIT_FAILURE);
234 }
235
236 log_info("Spawned %s (%s) as PID " PID_FMT ".", child, joined, child_pid);
237 return 0;
238 }
239
240 static int do_accept(const char *name, char **argv, int fd) {
241 _cleanup_free_ char *local = NULL, *peer = NULL;
242 _cleanup_close_ int fd_accepted = -EBADF;
243
244 fd_accepted = accept4(fd, NULL, NULL, 0);
245 if (fd_accepted < 0) {
246 if (ERRNO_IS_ACCEPT_AGAIN(errno))
247 return 0;
248
249 return log_error_errno(errno, "Failed to accept connection on fd:%d: %m", fd);
250 }
251
252 (void) getsockname_pretty(fd_accepted, &local);
253 (void) getpeername_pretty(fd_accepted, true, &peer);
254 log_info("Connection from %s to %s", strna(peer), strna(local));
255
256 return fork_and_exec_process(name, argv, fd_accepted);
257 }
258
259 /* SIGCHLD handler. */
260 static void sigchld_hdl(int sig) {
261 PROTECT_ERRNO;
262
263 for (;;) {
264 siginfo_t si;
265 int r;
266
267 si.si_pid = 0;
268 r = waitid(P_ALL, 0, &si, WEXITED | WNOHANG);
269 if (r < 0) {
270 if (errno != ECHILD)
271 log_error_errno(errno, "Failed to reap children: %m");
272 return;
273 }
274 if (si.si_pid == 0)
275 return;
276
277 log_info("Child %d died with code %d", si.si_pid, si.si_status);
278 }
279 }
280
281 static int install_chld_handler(void) {
282 static const struct sigaction act = {
283 .sa_flags = SA_NOCLDSTOP | SA_RESTART,
284 .sa_handler = sigchld_hdl,
285 };
286
287 if (sigaction(SIGCHLD, &act, 0) < 0)
288 return log_error_errno(errno, "Failed to install SIGCHLD handler: %m");
289
290 return 0;
291 }
292
293 static int help(void) {
294 _cleanup_free_ char *link = NULL;
295 int r;
296
297 r = terminal_urlify_man("systemd-socket-activate", "1", &link);
298 if (r < 0)
299 return log_oom();
300
301 printf("%s [OPTIONS...]\n"
302 "\n%sListen on sockets and launch child on connection.%s\n"
303 "\nOptions:\n"
304 " -h --help Show this help and exit\n"
305 " --version Print version string and exit\n"
306 " -l --listen=ADDR Listen for raw connections at ADDR\n"
307 " -d --datagram Listen on datagram instead of stream socket\n"
308 " --seqpacket Listen on SOCK_SEQPACKET instead of stream socket\n"
309 " -a --accept Spawn separate child for each connection\n"
310 " -E --setenv=NAME[=VALUE] Pass an environment variable to children\n"
311 " --fdname=NAME[:NAME...] Specify names for file descriptors\n"
312 " --inetd Enable inetd file descriptor passing protocol\n"
313 "\nNote: file descriptors from sd_listen_fds() will be passed through.\n"
314 "\nSee the %s for details.\n",
315 program_invocation_short_name,
316 ansi_highlight(),
317 ansi_normal(),
318 link);
319
320 return 0;
321 }
322
323 static int parse_argv(int argc, char *argv[]) {
324 enum {
325 ARG_VERSION = 0x100,
326 ARG_FDNAME,
327 ARG_SEQPACKET,
328 ARG_INETD,
329 };
330
331 static const struct option options[] = {
332 { "help", no_argument, NULL, 'h' },
333 { "version", no_argument, NULL, ARG_VERSION },
334 { "datagram", no_argument, NULL, 'd' },
335 { "seqpacket", no_argument, NULL, ARG_SEQPACKET },
336 { "listen", required_argument, NULL, 'l' },
337 { "accept", no_argument, NULL, 'a' },
338 { "setenv", required_argument, NULL, 'E' },
339 { "environment", required_argument, NULL, 'E' }, /* legacy alias */
340 { "fdname", required_argument, NULL, ARG_FDNAME },
341 { "inetd", no_argument, NULL, ARG_INETD },
342 {}
343 };
344
345 int c, r;
346
347 assert(argc >= 0);
348 assert(argv);
349
350 /* Resetting to 0 forces the invocation of an internal initialization routine of getopt_long()
351 * that checks for GNU extensions in optstring ('-' or '+' at the beginning). */
352 optind = 0;
353 while ((c = getopt_long(argc, argv, "+hl:aE:d", options, NULL)) >= 0)
354 switch (c) {
355 case 'h':
356 return help();
357
358 case ARG_VERSION:
359 return version();
360
361 case 'l':
362 r = strv_extend(&arg_listen, optarg);
363 if (r < 0)
364 return log_oom();
365
366 break;
367
368 case 'd':
369 if (arg_socket_type == SOCK_SEQPACKET)
370 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
371 "--datagram may not be combined with --seqpacket.");
372
373 arg_socket_type = SOCK_DGRAM;
374 break;
375
376 case ARG_SEQPACKET:
377 if (arg_socket_type == SOCK_DGRAM)
378 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
379 "--seqpacket may not be combined with --datagram.");
380
381 arg_socket_type = SOCK_SEQPACKET;
382 break;
383
384 case 'a':
385 arg_accept = true;
386 break;
387
388 case 'E':
389 r = strv_env_replace_strdup_passthrough(&arg_setenv, optarg);
390 if (r < 0)
391 return log_error_errno(r, "Cannot assign environment variable %s: %m", optarg);
392 break;
393
394 case ARG_FDNAME: {
395 _cleanup_strv_free_ char **names = NULL;
396
397 names = strv_split(optarg, ":");
398 if (!names)
399 return log_oom();
400
401 STRV_FOREACH(s, names)
402 if (!fdname_is_valid(*s)) {
403 _cleanup_free_ char *esc = NULL;
404
405 esc = cescape(*s);
406 log_warning("File descriptor name \"%s\" is not valid.", esc);
407 }
408
409 /* Empty optargs means one empty name */
410 r = strv_extend_strv(&arg_fdnames,
411 strv_isempty(names) ? STRV_MAKE("") : names,
412 false);
413 if (r < 0)
414 return log_error_errno(r, "strv_extend_strv: %m");
415 break;
416 }
417
418 case ARG_INETD:
419 arg_inetd = true;
420 break;
421
422 case '?':
423 return -EINVAL;
424
425 default:
426 assert_not_reached();
427 }
428
429 if (optind == argc)
430 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
431 "%s: command to execute is missing.",
432 program_invocation_short_name);
433
434 if (arg_socket_type == SOCK_DGRAM && arg_accept)
435 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
436 "Datagram sockets do not accept connections. "
437 "The --datagram and --accept options may not be combined.");
438
439 arg_args = argv + optind;
440
441 return 1 /* work to do */;
442 }
443
444 static int run(int argc, char **argv) {
445 _cleanup_close_ int epoll_fd = -EBADF;
446 _cleanup_strv_free_ char **exec_argv = NULL;
447 int r, n;
448
449 log_show_color(true);
450 log_parse_environment();
451 log_open();
452
453 r = parse_argv(argc, argv);
454 if (r <= 0)
455 return r;
456
457 exec_argv = strv_copy(arg_args);
458 if (!exec_argv)
459 return log_oom();
460
461 assert(!strv_isempty(exec_argv));
462
463 r = install_chld_handler();
464 if (r < 0)
465 return r;
466
467 n = open_sockets(&epoll_fd, arg_accept);
468 if (n < 0)
469 return n;
470 if (n == 0)
471 return log_error_errno(SYNTHETIC_ERRNO(ENOENT), "No sockets to listen on specified or passed in.");
472
473 for (;;) {
474 struct epoll_event event;
475
476 if (epoll_wait(epoll_fd, &event, 1, -1) < 0) {
477 if (errno == EINTR)
478 continue;
479
480 return log_error_errno(errno, "epoll_wait() failed: %m");
481 }
482
483 log_info("Communication attempt on fd %i.", event.data.fd);
484 if (arg_accept) {
485 r = do_accept(exec_argv[0], exec_argv, event.data.fd);
486 if (r < 0)
487 return r;
488 } else
489 break;
490 }
491
492 return exec_process(exec_argv[0], exec_argv, SD_LISTEN_FDS_START, (size_t) n);
493 }
494
495 DEFINE_MAIN_FUNCTION(run);
A System and Session Manager (ALT Linux package)