]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/activate/activate.c
projects / thirdparty / systemd.git / blob
? search:


0c321526719fd30b2cf7b3010f11892ab229ca83
[thirdparty/systemd.git] / src / activate / activate.c
1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <getopt.h>
4 #include <sys/epoll.h>
5 #include <sys/prctl.h>
6 #include <sys/wait.h>
7 #include <unistd.h>
8
9 #include "sd-daemon.h"
10
11 #include "alloc-util.h"
12 #include "env-util.h"
13 #include "errno-util.h"
14 #include "escape.h"
15 #include "fd-util.h"
16 #include "log.h"
17 #include "macro.h"
18 #include "pretty-print.h"
19 #include "process-util.h"
20 #include "signal-util.h"
21 #include "socket-netlink.h"
22 #include "socket-util.h"
23 #include "string-util.h"
24 #include "strv.h"
25 #include "terminal-util.h"
26 #include "util.h"
27
28 static char **arg_listen = NULL;
29 static bool arg_accept = false;
30 static int arg_socket_type = SOCK_STREAM;
31 static char **arg_args = NULL;
32 static char **arg_setenv = NULL;
33 static char **arg_fdnames = NULL;
34 static bool arg_inetd = false;
35
36 static int add_epoll(int epoll_fd, int fd) {
37 struct epoll_event ev = {
38 .events = EPOLLIN,
39 .data.fd = fd,
40 };
41
42 assert(epoll_fd >= 0);
43 assert(fd >= 0);
44
45 if (epoll_ctl(epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0)
46 return log_error_errno(errno, "Failed to add event on epoll fd:%d for fd:%d: %m", epoll_fd, fd);
47
48 return 0;
49 }
50
51 static int open_sockets(int *epoll_fd, bool accept) {
52 char **address;
53 int n, fd, r, count = 0;
54
55 n = sd_listen_fds(true);
56 if (n < 0)
57 return log_error_errno(n, "Failed to read listening file descriptors from environment: %m");
58 if (n > 0) {
59 log_info("Received %i descriptors via the environment.", n);
60
61 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
62 r = fd_cloexec(fd, arg_accept);
63 if (r < 0)
64 return r;
65
66 count++;
67 }
68 }
69
70 /* Close logging and all other descriptors */
71 if (arg_listen) {
72 _cleanup_free_ int *except = NULL;
73 int i;
74
75 except = new(int, n);
76 if (!except)
77 return log_oom();
78
79 for (i = 0; i < n; i++)
80 except[i] = SD_LISTEN_FDS_START + i;
81
82 log_close();
83 r = close_all_fds(except, n);
84 if (r < 0)
85 return log_error_errno(r, "Failed to close all file descriptors: %m");
86 }
87
88 /** Note: we leak some fd's on error here. I doesn't matter
89 * much, since the program will exit immediately anyway, but
90 * would be a pain to fix.
91 */
92
93 STRV_FOREACH(address, arg_listen) {
94 fd = make_socket_fd(LOG_DEBUG, *address, arg_socket_type, (arg_accept * SOCK_CLOEXEC));
95 if (fd < 0) {
96 log_open();
97 return log_error_errno(fd, "Failed to open '%s': %m", *address);
98 }
99
100 assert(fd == SD_LISTEN_FDS_START + count);
101 count++;
102 }
103
104 if (arg_listen)
105 log_open();
106
107 *epoll_fd = epoll_create1(EPOLL_CLOEXEC);
108 if (*epoll_fd < 0)
109 return log_error_errno(errno, "Failed to create epoll object: %m");
110
111 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + count; fd++) {
112 _cleanup_free_ char *name = NULL;
113
114 getsockname_pretty(fd, &name);
115 log_info("Listening on %s as %i.", strna(name), fd);
116
117 r = add_epoll(*epoll_fd, fd);
118 if (r < 0)
119 return r;
120 }
121
122 return count;
123 }
124
125 static int exec_process(const char *name, char **argv, int start_fd, size_t n_fds) {
126 _cleanup_strv_free_ char **envp = NULL;
127 const char *var;
128 char **s;
129 int r;
130
131 if (arg_inetd && n_fds != 1)
132 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
133 "--inetd only supported for single file descriptors.");
134
135 FOREACH_STRING(var, "TERM", "PATH", "USER", "HOME") {
136 const char *n;
137
138 n = strv_find_prefix(environ, var);
139 if (!n)
140 continue;
141
142 r = strv_extend(&envp, n);
143 if (r < 0)
144 return r;
145 }
146
147 if (arg_inetd) {
148 assert(n_fds == 1);
149
150 r = rearrange_stdio(start_fd, start_fd, STDERR_FILENO); /* invalidates start_fd on success + error */
151 if (r < 0)
152 return log_error_errno(r, "Failed to move fd to stdin+stdout: %m");
153
154 } else {
155 if (start_fd != SD_LISTEN_FDS_START) {
156 assert(n_fds == 1);
157
158 if (dup2(start_fd, SD_LISTEN_FDS_START) < 0)
159 return log_error_errno(errno, "Failed to dup connection: %m");
160
161 safe_close(start_fd);
162 }
163
164 r = strv_extendf(&envp, "LISTEN_FDS=%zu", n_fds);
165 if (r < 0)
166 return r;
167
168 r = strv_extendf(&envp, "LISTEN_PID=" PID_FMT, getpid_cached());
169 if (r < 0)
170 return r;
171
172 if (arg_fdnames) {
173 _cleanup_free_ char *names = NULL;
174 size_t len;
175
176 len = strv_length(arg_fdnames);
177 if (len == 1)
178 for (size_t i = 1; i < n_fds; i++) {
179 r = strv_extend(&arg_fdnames, arg_fdnames[0]);
180 if (r < 0)
181 return log_oom();
182 }
183 else if (len != n_fds)
184 log_warning("The number of fd names is different than number of fds: %zu vs %zu", len, n_fds);
185
186 names = strv_join(arg_fdnames, ":");
187 if (!names)
188 return log_oom();
189
190 char *t = strjoin("LISTEN_FDNAMES=", names);
191 if (!t)
192 return log_oom();
193
194 r = strv_consume(&envp, t);
195 if (r < 0)
196 return r;
197 }
198 }
199
200 STRV_FOREACH(s, arg_setenv) {
201 r = strv_env_replace_strdup(&envp, *s);
202 if (r < 0)
203 return r;
204 }
205
206 _cleanup_free_ char *joined = strv_join(argv, " ");
207 if (!joined)
208 return log_oom();
209
210 log_info("Execing %s (%s)", name, joined);
211 execvpe(name, argv, envp);
212
213 return log_error_errno(errno, "Failed to execp %s (%s): %m", name, joined);
214 }
215
216 static int fork_and_exec_process(const char *child, char **argv, int fd) {
217 _cleanup_free_ char *joined = NULL;
218 pid_t child_pid;
219 int r;
220
221 joined = strv_join(argv, " ");
222 if (!joined)
223 return log_oom();
224
225 r = safe_fork("(activate)",
226 FORK_RESET_SIGNALS | FORK_DEATHSIG | FORK_RLIMIT_NOFILE_SAFE | FORK_LOG,
227 &child_pid);
228 if (r < 0)
229 return r;
230 if (r == 0) {
231 /* In the child */
232 exec_process(child, argv, fd, 1);
233 _exit(EXIT_FAILURE);
234 }
235
236 log_info("Spawned %s (%s) as PID " PID_FMT ".", child, joined, child_pid);
237 return 0;
238 }
239
240 static int do_accept(const char *name, char **argv, int fd) {
241 _cleanup_free_ char *local = NULL, *peer = NULL;
242 _cleanup_close_ int fd_accepted = -1;
243
244 fd_accepted = accept4(fd, NULL, NULL, 0);
245 if (fd_accepted < 0) {
246 if (ERRNO_IS_ACCEPT_AGAIN(errno))
247 return 0;
248
249 return log_error_errno(errno, "Failed to accept connection on fd:%d: %m", fd);
250 }
251
252 (void) getsockname_pretty(fd_accepted, &local);
253 (void) getpeername_pretty(fd_accepted, true, &peer);
254 log_info("Connection from %s to %s", strna(peer), strna(local));
255
256 return fork_and_exec_process(name, argv, fd_accepted);
257 }
258
259 /* SIGCHLD handler. */
260 static void sigchld_hdl(int sig) {
261 PROTECT_ERRNO;
262
263 for (;;) {
264 siginfo_t si;
265 int r;
266
267 si.si_pid = 0;
268 r = waitid(P_ALL, 0, &si, WEXITED | WNOHANG);
269 if (r < 0) {
270 if (errno != ECHILD)
271 log_error_errno(errno, "Failed to reap children: %m");
272 return;
273 }
274 if (si.si_pid == 0)
275 return;
276
277 log_info("Child %d died with code %d", si.si_pid, si.si_status);
278 }
279 }
280
281 static int install_chld_handler(void) {
282 static const struct sigaction act = {
283 .sa_flags = SA_NOCLDSTOP | SA_RESTART,
284 .sa_handler = sigchld_hdl,
285 };
286
287 if (sigaction(SIGCHLD, &act, 0) < 0)
288 return log_error_errno(errno, "Failed to install SIGCHLD handler: %m");
289
290 return 0;
291 }
292
293 static int help(void) {
294 _cleanup_free_ char *link = NULL;
295 int r;
296
297 r = terminal_urlify_man("systemd-socket-activate", "1", &link);
298 if (r < 0)
299 return log_oom();
300
301 printf("%s [OPTIONS...]\n"
302 "\n%sListen on sockets and launch child on connection.%s\n"
303 "\nOptions:\n"
304 " -h --help Show this help and exit\n"
305 " --version Print version string and exit\n"
306 " -l --listen=ADDR Listen for raw connections at ADDR\n"
307 " -d --datagram Listen on datagram instead of stream socket\n"
308 " --seqpacket Listen on SOCK_SEQPACKET instead of stream socket\n"
309 " -a --accept Spawn separate child for each connection\n"
310 " -E --setenv=NAME[=VALUE] Pass an environment variable to children\n"
311 " --fdname=NAME[:NAME...] Specify names for file descriptors\n"
312 " --inetd Enable inetd file descriptor passing protocol\n"
313 "\nNote: file descriptors from sd_listen_fds() will be passed through.\n"
314 "\nSee the %s for details.\n",
315 program_invocation_short_name,
316 ansi_highlight(),
317 ansi_normal(),
318 link);
319
320 return 0;
321 }
322
323 static int parse_argv(int argc, char *argv[]) {
324 enum {
325 ARG_VERSION = 0x100,
326 ARG_FDNAME,
327 ARG_SEQPACKET,
328 ARG_INETD,
329 };
330
331 static const struct option options[] = {
332 { "help", no_argument, NULL, 'h' },
333 { "version", no_argument, NULL, ARG_VERSION },
334 { "datagram", no_argument, NULL, 'd' },
335 { "seqpacket", no_argument, NULL, ARG_SEQPACKET },
336 { "listen", required_argument, NULL, 'l' },
337 { "accept", no_argument, NULL, 'a' },
338 { "setenv", required_argument, NULL, 'E' },
339 { "environment", required_argument, NULL, 'E' }, /* legacy alias */
340 { "fdname", required_argument, NULL, ARG_FDNAME },
341 { "inetd", no_argument, NULL, ARG_INETD },
342 {}
343 };
344
345 int c, r;
346
347 assert(argc >= 0);
348 assert(argv);
349
350 while ((c = getopt_long(argc, argv, "+hl:aE:d", options, NULL)) >= 0)
351 switch (c) {
352 case 'h':
353 return help();
354
355 case ARG_VERSION:
356 return version();
357
358 case 'l':
359 r = strv_extend(&arg_listen, optarg);
360 if (r < 0)
361 return log_oom();
362
363 break;
364
365 case 'd':
366 if (arg_socket_type == SOCK_SEQPACKET)
367 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
368 "--datagram may not be combined with --seqpacket.");
369
370 arg_socket_type = SOCK_DGRAM;
371 break;
372
373 case ARG_SEQPACKET:
374 if (arg_socket_type == SOCK_DGRAM)
375 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
376 "--seqpacket may not be combined with --datagram.");
377
378 arg_socket_type = SOCK_SEQPACKET;
379 break;
380
381 case 'a':
382 arg_accept = true;
383 break;
384
385 case 'E':
386 r = strv_env_replace_strdup_passthrough(&arg_setenv, optarg);
387 if (r < 0)
388 return log_error_errno(r, "Cannot assign environment variable %s: %m", optarg);
389 break;
390
391 case ARG_FDNAME: {
392 _cleanup_strv_free_ char **names = NULL;
393 char **s;
394
395 names = strv_split(optarg, ":");
396 if (!names)
397 return log_oom();
398
399 STRV_FOREACH(s, names)
400 if (!fdname_is_valid(*s)) {
401 _cleanup_free_ char *esc = NULL;
402
403 esc = cescape(*s);
404 log_warning("File descriptor name \"%s\" is not valid.", esc);
405 }
406
407 /* Empty optargs means one empty name */
408 r = strv_extend_strv(&arg_fdnames,
409 strv_isempty(names) ? STRV_MAKE("") : names,
410 false);
411 if (r < 0)
412 return log_error_errno(r, "strv_extend_strv: %m");
413 break;
414 }
415
416 case ARG_INETD:
417 arg_inetd = true;
418 break;
419
420 case '?':
421 return -EINVAL;
422
423 default:
424 assert_not_reached();
425 }
426
427 if (optind == argc)
428 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
429 "%s: command to execute is missing.",
430 program_invocation_short_name);
431
432 if (arg_socket_type == SOCK_DGRAM && arg_accept)
433 return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
434 "Datagram sockets do not accept connections. "
435 "The --datagram and --accept options may not be combined.");
436
437 arg_args = argv + optind;
438
439 return 1 /* work to do */;
440 }
441
442 int main(int argc, char **argv) {
443 int r, n;
444 int epoll_fd = -1;
445
446 log_show_color(true);
447 log_parse_environment();
448 log_open();
449
450 r = parse_argv(argc, argv);
451 if (r <= 0)
452 return r == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
453
454 r = install_chld_handler();
455 if (r < 0)
456 return EXIT_FAILURE;
457
458 n = open_sockets(&epoll_fd, arg_accept);
459 if (n < 0)
460 return EXIT_FAILURE;
461 if (n == 0) {
462 log_error("No sockets to listen on specified or passed in.");
463 return EXIT_FAILURE;
464 }
465
466 for (;;) {
467 struct epoll_event event;
468
469 if (epoll_wait(epoll_fd, &event, 1, -1) < 0) {
470 if (errno == EINTR)
471 continue;
472
473 log_error_errno(errno, "epoll_wait() failed: %m");
474 return EXIT_FAILURE;
475 }
476
477 log_info("Communication attempt on fd %i.", event.data.fd);
478 if (arg_accept) {
479 r = do_accept(argv[optind], argv + optind, event.data.fd);
480 if (r < 0)
481 return EXIT_FAILURE;
482 } else
483 break;
484 }
485
486 exec_process(argv[optind], argv + optind, SD_LISTEN_FDS_START, (size_t) n);
487
488 return EXIT_SUCCESS;
489 }
Unnamed repository; edit this file 'description' to name the repository.