]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd/sd-daemon/sd-daemon.c
projects / thirdparty / systemd.git / blob
? search:


bdcbb106ce4f3c3ab97a15d79ae22ea49c38bb6e
[thirdparty/systemd.git] / src / libsystemd / sd-daemon / sd-daemon.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <errno.h>
4 #include <limits.h>
5 #include <mqueue.h>
6 #include <netinet/in.h>
7 #include <poll.h>
8 #include <stdarg.h>
9 #include <stddef.h>
10 #include <stdio.h>
11 #include <stdlib.h>
12 #include <sys/stat.h>
13 #include <sys/un.h>
14 #include <unistd.h>
15
16 #include "sd-daemon.h"
17
18 #include "alloc-util.h"
19 #include "fd-util.h"
20 #include "fs-util.h"
21 #include "io-util.h"
22 #include "parse-util.h"
23 #include "path-util.h"
24 #include "process-util.h"
25 #include "socket-util.h"
26 #include "strv.h"
27 #include "time-util.h"
28 #include "util.h"
29
30 #define SNDBUF_SIZE (8*1024*1024)
31
32 static void unsetenv_all(bool unset_environment) {
33
34 if (!unset_environment)
35 return;
36
37 unsetenv("LISTEN_PID");
38 unsetenv("LISTEN_FDS");
39 unsetenv("LISTEN_FDNAMES");
40 }
41
42 _public_ int sd_listen_fds(int unset_environment) {
43 const char *e;
44 int n, r, fd;
45 pid_t pid;
46
47 e = getenv("LISTEN_PID");
48 if (!e) {
49 r = 0;
50 goto finish;
51 }
52
53 r = parse_pid(e, &pid);
54 if (r < 0)
55 goto finish;
56
57 /* Is this for us? */
58 if (getpid_cached() != pid) {
59 r = 0;
60 goto finish;
61 }
62
63 e = getenv("LISTEN_FDS");
64 if (!e) {
65 r = 0;
66 goto finish;
67 }
68
69 r = safe_atoi(e, &n);
70 if (r < 0)
71 goto finish;
72
73 assert_cc(SD_LISTEN_FDS_START < INT_MAX);
74 if (n <= 0 || n > INT_MAX - SD_LISTEN_FDS_START) {
75 r = -EINVAL;
76 goto finish;
77 }
78
79 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++) {
80 r = fd_cloexec(fd, true);
81 if (r < 0)
82 goto finish;
83 }
84
85 r = n;
86
87 finish:
88 unsetenv_all(unset_environment);
89 return r;
90 }
91
92 _public_ int sd_listen_fds_with_names(int unset_environment, char ***names) {
93 _cleanup_strv_free_ char **l = NULL;
94 bool have_names;
95 int n_names = 0, n_fds;
96 const char *e;
97 int r;
98
99 if (!names)
100 return sd_listen_fds(unset_environment);
101
102 e = getenv("LISTEN_FDNAMES");
103 if (e) {
104 n_names = strv_split_full(&l, e, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
105 if (n_names < 0) {
106 unsetenv_all(unset_environment);
107 return n_names;
108 }
109
110 have_names = true;
111 } else
112 have_names = false;
113
114 n_fds = sd_listen_fds(unset_environment);
115 if (n_fds <= 0)
116 return n_fds;
117
118 if (have_names) {
119 if (n_names != n_fds)
120 return -EINVAL;
121 } else {
122 r = strv_extend_n(&l, "unknown", n_fds);
123 if (r < 0)
124 return r;
125 }
126
127 *names = TAKE_PTR(l);
128
129 return n_fds;
130 }
131
132 _public_ int sd_is_fifo(int fd, const char *path) {
133 struct stat st_fd;
134
135 assert_return(fd >= 0, -EBADF);
136
137 if (fstat(fd, &st_fd) < 0)
138 return -errno;
139
140 if (!S_ISFIFO(st_fd.st_mode))
141 return 0;
142
143 if (path) {
144 struct stat st_path;
145
146 if (stat(path, &st_path) < 0) {
147
148 if (IN_SET(errno, ENOENT, ENOTDIR))
149 return 0;
150
151 return -errno;
152 }
153
154 return
155 st_path.st_dev == st_fd.st_dev &&
156 st_path.st_ino == st_fd.st_ino;
157 }
158
159 return 1;
160 }
161
162 _public_ int sd_is_special(int fd, const char *path) {
163 struct stat st_fd;
164
165 assert_return(fd >= 0, -EBADF);
166
167 if (fstat(fd, &st_fd) < 0)
168 return -errno;
169
170 if (!S_ISREG(st_fd.st_mode) && !S_ISCHR(st_fd.st_mode))
171 return 0;
172
173 if (path) {
174 struct stat st_path;
175
176 if (stat(path, &st_path) < 0) {
177
178 if (IN_SET(errno, ENOENT, ENOTDIR))
179 return 0;
180
181 return -errno;
182 }
183
184 if (S_ISREG(st_fd.st_mode) && S_ISREG(st_path.st_mode))
185 return
186 st_path.st_dev == st_fd.st_dev &&
187 st_path.st_ino == st_fd.st_ino;
188 else if (S_ISCHR(st_fd.st_mode) && S_ISCHR(st_path.st_mode))
189 return st_path.st_rdev == st_fd.st_rdev;
190 else
191 return 0;
192 }
193
194 return 1;
195 }
196
197 static int sd_is_socket_internal(int fd, int type, int listening) {
198 struct stat st_fd;
199
200 assert_return(fd >= 0, -EBADF);
201 assert_return(type >= 0, -EINVAL);
202
203 if (fstat(fd, &st_fd) < 0)
204 return -errno;
205
206 if (!S_ISSOCK(st_fd.st_mode))
207 return 0;
208
209 if (type != 0) {
210 int other_type = 0;
211 socklen_t l = sizeof(other_type);
212
213 if (getsockopt(fd, SOL_SOCKET, SO_TYPE, &other_type, &l) < 0)
214 return -errno;
215
216 if (l != sizeof(other_type))
217 return -EINVAL;
218
219 if (other_type != type)
220 return 0;
221 }
222
223 if (listening >= 0) {
224 int accepting = 0;
225 socklen_t l = sizeof(accepting);
226
227 if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &accepting, &l) < 0)
228 return -errno;
229
230 if (l != sizeof(accepting))
231 return -EINVAL;
232
233 if (!accepting != !listening)
234 return 0;
235 }
236
237 return 1;
238 }
239
240 _public_ int sd_is_socket(int fd, int family, int type, int listening) {
241 int r;
242
243 assert_return(fd >= 0, -EBADF);
244 assert_return(family >= 0, -EINVAL);
245
246 r = sd_is_socket_internal(fd, type, listening);
247 if (r <= 0)
248 return r;
249
250 if (family > 0) {
251 union sockaddr_union sockaddr = {};
252 socklen_t l = sizeof(sockaddr);
253
254 if (getsockname(fd, &sockaddr.sa, &l) < 0)
255 return -errno;
256
257 if (l < sizeof(sa_family_t))
258 return -EINVAL;
259
260 return sockaddr.sa.sa_family == family;
261 }
262
263 return 1;
264 }
265
266 _public_ int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port) {
267 union sockaddr_union sockaddr = {};
268 socklen_t l = sizeof(sockaddr);
269 int r;
270
271 assert_return(fd >= 0, -EBADF);
272 assert_return(IN_SET(family, 0, AF_INET, AF_INET6), -EINVAL);
273
274 r = sd_is_socket_internal(fd, type, listening);
275 if (r <= 0)
276 return r;
277
278 if (getsockname(fd, &sockaddr.sa, &l) < 0)
279 return -errno;
280
281 if (l < sizeof(sa_family_t))
282 return -EINVAL;
283
284 if (!IN_SET(sockaddr.sa.sa_family, AF_INET, AF_INET6))
285 return 0;
286
287 if (family != 0)
288 if (sockaddr.sa.sa_family != family)
289 return 0;
290
291 if (port > 0) {
292 unsigned sa_port;
293
294 r = sockaddr_port(&sockaddr.sa, &sa_port);
295 if (r < 0)
296 return r;
297
298 return port == sa_port;
299 }
300
301 return 1;
302 }
303
304 _public_ int sd_is_socket_sockaddr(int fd, int type, const struct sockaddr* addr, unsigned addr_len, int listening) {
305 union sockaddr_union sockaddr = {};
306 socklen_t l = sizeof(sockaddr);
307 int r;
308
309 assert_return(fd >= 0, -EBADF);
310 assert_return(addr, -EINVAL);
311 assert_return(addr_len >= sizeof(sa_family_t), -ENOBUFS);
312 assert_return(IN_SET(addr->sa_family, AF_INET, AF_INET6), -EPFNOSUPPORT);
313
314 r = sd_is_socket_internal(fd, type, listening);
315 if (r <= 0)
316 return r;
317
318 if (getsockname(fd, &sockaddr.sa, &l) < 0)
319 return -errno;
320
321 if (l < sizeof(sa_family_t))
322 return -EINVAL;
323
324 if (sockaddr.sa.sa_family != addr->sa_family)
325 return 0;
326
327 if (sockaddr.sa.sa_family == AF_INET) {
328 const struct sockaddr_in *in = (const struct sockaddr_in *) addr;
329
330 if (l < sizeof(struct sockaddr_in) || addr_len < sizeof(struct sockaddr_in))
331 return -EINVAL;
332
333 if (in->sin_port != 0 &&
334 sockaddr.in.sin_port != in->sin_port)
335 return false;
336
337 return sockaddr.in.sin_addr.s_addr == in->sin_addr.s_addr;
338
339 } else {
340 const struct sockaddr_in6 *in = (const struct sockaddr_in6 *) addr;
341
342 if (l < sizeof(struct sockaddr_in6) || addr_len < sizeof(struct sockaddr_in6))
343 return -EINVAL;
344
345 if (in->sin6_port != 0 &&
346 sockaddr.in6.sin6_port != in->sin6_port)
347 return false;
348
349 if (in->sin6_flowinfo != 0 &&
350 sockaddr.in6.sin6_flowinfo != in->sin6_flowinfo)
351 return false;
352
353 if (in->sin6_scope_id != 0 &&
354 sockaddr.in6.sin6_scope_id != in->sin6_scope_id)
355 return false;
356
357 return memcmp(sockaddr.in6.sin6_addr.s6_addr, in->sin6_addr.s6_addr,
358 sizeof(in->sin6_addr.s6_addr)) == 0;
359 }
360 }
361
362 _public_ int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length) {
363 union sockaddr_union sockaddr = {};
364 socklen_t l = sizeof(sockaddr);
365 int r;
366
367 assert_return(fd >= 0, -EBADF);
368
369 r = sd_is_socket_internal(fd, type, listening);
370 if (r <= 0)
371 return r;
372
373 if (getsockname(fd, &sockaddr.sa, &l) < 0)
374 return -errno;
375
376 if (l < sizeof(sa_family_t))
377 return -EINVAL;
378
379 if (sockaddr.sa.sa_family != AF_UNIX)
380 return 0;
381
382 if (path) {
383 if (length == 0)
384 length = strlen(path);
385
386 if (length == 0)
387 /* Unnamed socket */
388 return l == offsetof(struct sockaddr_un, sun_path);
389
390 if (path[0])
391 /* Normal path socket */
392 return
393 (l >= offsetof(struct sockaddr_un, sun_path) + length + 1) &&
394 memcmp(path, sockaddr.un.sun_path, length+1) == 0;
395 else
396 /* Abstract namespace socket */
397 return
398 (l == offsetof(struct sockaddr_un, sun_path) + length) &&
399 memcmp(path, sockaddr.un.sun_path, length) == 0;
400 }
401
402 return 1;
403 }
404
405 _public_ int sd_is_mq(int fd, const char *path) {
406 struct mq_attr attr;
407
408 /* Check that the fd is valid */
409 assert_return(fcntl(fd, F_GETFD) >= 0, -errno);
410
411 if (mq_getattr(fd, &attr) < 0) {
412 if (errno == EBADF)
413 /* A non-mq fd (or an invalid one, but we ruled that out above) */
414 return 0;
415 return -errno;
416 }
417
418 if (path) {
419 char fpath[PATH_MAX];
420 struct stat a, b;
421
422 assert_return(path_is_absolute(path), -EINVAL);
423
424 if (fstat(fd, &a) < 0)
425 return -errno;
426
427 strncpy(stpcpy(fpath, "/dev/mqueue"), path, sizeof(fpath) - 12);
428 fpath[sizeof(fpath)-1] = 0;
429
430 if (stat(fpath, &b) < 0)
431 return -errno;
432
433 if (a.st_dev != b.st_dev ||
434 a.st_ino != b.st_ino)
435 return 0;
436 }
437
438 return 1;
439 }
440
441 _public_ int sd_pid_notify_with_fds(
442 pid_t pid,
443 int unset_environment,
444 const char *state,
445 const int *fds,
446 unsigned n_fds) {
447
448 union sockaddr_union sockaddr;
449 struct iovec iovec;
450 struct msghdr msghdr = {
451 .msg_iov = &iovec,
452 .msg_iovlen = 1,
453 .msg_name = &sockaddr,
454 };
455 _cleanup_close_ int fd = -1;
456 struct cmsghdr *cmsg = NULL;
457 const char *e;
458 bool send_ucred;
459 int r;
460
461 if (!state) {
462 r = -EINVAL;
463 goto finish;
464 }
465
466 if (n_fds > 0 && !fds) {
467 r = -EINVAL;
468 goto finish;
469 }
470
471 e = getenv("NOTIFY_SOCKET");
472 if (!e)
473 return 0;
474
475 r = sockaddr_un_set_path(&sockaddr.un, e);
476 if (r < 0)
477 goto finish;
478 msghdr.msg_namelen = r;
479
480 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0);
481 if (fd < 0) {
482 r = -errno;
483 goto finish;
484 }
485
486 (void) fd_inc_sndbuf(fd, SNDBUF_SIZE);
487
488 iovec = IOVEC_MAKE_STRING(state);
489
490 send_ucred =
491 (pid != 0 && pid != getpid_cached()) ||
492 getuid() != geteuid() ||
493 getgid() != getegid();
494
495 if (n_fds > 0 || send_ucred) {
496 /* CMSG_SPACE(0) may return value different than zero, which results in miscalculated controllen. */
497 msghdr.msg_controllen =
498 (n_fds > 0 ? CMSG_SPACE(sizeof(int) * n_fds) : 0) +
499 (send_ucred ? CMSG_SPACE(sizeof(struct ucred)) : 0);
500
501 msghdr.msg_control = alloca0(msghdr.msg_controllen);
502
503 cmsg = CMSG_FIRSTHDR(&msghdr);
504 if (n_fds > 0) {
505 cmsg->cmsg_level = SOL_SOCKET;
506 cmsg->cmsg_type = SCM_RIGHTS;
507 cmsg->cmsg_len = CMSG_LEN(sizeof(int) * n_fds);
508
509 memcpy(CMSG_DATA(cmsg), fds, sizeof(int) * n_fds);
510
511 if (send_ucred)
512 assert_se(cmsg = CMSG_NXTHDR(&msghdr, cmsg));
513 }
514
515 if (send_ucred) {
516 struct ucred *ucred;
517
518 cmsg->cmsg_level = SOL_SOCKET;
519 cmsg->cmsg_type = SCM_CREDENTIALS;
520 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
521
522 ucred = (struct ucred*) CMSG_DATA(cmsg);
523 ucred->pid = pid != 0 ? pid : getpid_cached();
524 ucred->uid = getuid();
525 ucred->gid = getgid();
526 }
527 }
528
529 /* First try with fake ucred data, as requested */
530 if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) >= 0) {
531 r = 1;
532 goto finish;
533 }
534
535 /* If that failed, try with our own ucred instead */
536 if (send_ucred) {
537 msghdr.msg_controllen -= CMSG_SPACE(sizeof(struct ucred));
538 if (msghdr.msg_controllen == 0)
539 msghdr.msg_control = NULL;
540
541 if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) >= 0) {
542 r = 1;
543 goto finish;
544 }
545 }
546
547 r = -errno;
548
549 finish:
550 if (unset_environment)
551 unsetenv("NOTIFY_SOCKET");
552
553 return r;
554 }
555
556 _public_ int sd_notify_barrier(int unset_environment, uint64_t timeout) {
557 _cleanup_close_pair_ int pipe_fd[2] = { -1, -1 };
558 int r;
559
560 if (pipe2(pipe_fd, O_CLOEXEC) < 0)
561 return -errno;
562
563 r = sd_pid_notify_with_fds(0, unset_environment, "BARRIER=1", &pipe_fd[1], 1);
564 if (r <= 0)
565 return r;
566
567 pipe_fd[1] = safe_close(pipe_fd[1]);
568
569 r = fd_wait_for_event(pipe_fd[0], 0 /* POLLHUP is implicit */, timeout);
570 if (r < 0)
571 return r;
572 if (r == 0)
573 return -ETIMEDOUT;
574
575 return 1;
576 }
577
578 _public_ int sd_pid_notify(pid_t pid, int unset_environment, const char *state) {
579 return sd_pid_notify_with_fds(pid, unset_environment, state, NULL, 0);
580 }
581
582 _public_ int sd_notify(int unset_environment, const char *state) {
583 return sd_pid_notify_with_fds(0, unset_environment, state, NULL, 0);
584 }
585
586 _public_ int sd_pid_notifyf(pid_t pid, int unset_environment, const char *format, ...) {
587 _cleanup_free_ char *p = NULL;
588 int r;
589
590 if (format) {
591 va_list ap;
592
593 va_start(ap, format);
594 r = vasprintf(&p, format, ap);
595 va_end(ap);
596
597 if (r < 0 || !p)
598 return -ENOMEM;
599 }
600
601 return sd_pid_notify(pid, unset_environment, p);
602 }
603
604 _public_ int sd_notifyf(int unset_environment, const char *format, ...) {
605 _cleanup_free_ char *p = NULL;
606 int r;
607
608 if (format) {
609 va_list ap;
610
611 va_start(ap, format);
612 r = vasprintf(&p, format, ap);
613 va_end(ap);
614
615 if (r < 0 || !p)
616 return -ENOMEM;
617 }
618
619 return sd_pid_notify(0, unset_environment, p);
620 }
621
622 _public_ int sd_booted(void) {
623 /* We test whether the runtime unit file directory has been
624 * created. This takes place in mount-setup.c, so is
625 * guaranteed to happen very early during boot. */
626
627 if (laccess("/run/systemd/system/", F_OK) >= 0)
628 return true;
629
630 if (errno == ENOENT)
631 return false;
632
633 return -errno;
634 }
635
636 _public_ int sd_watchdog_enabled(int unset_environment, uint64_t *usec) {
637 const char *s, *p = ""; /* p is set to dummy value to do unsetting */
638 uint64_t u;
639 int r = 0;
640
641 s = getenv("WATCHDOG_USEC");
642 if (!s)
643 goto finish;
644
645 r = safe_atou64(s, &u);
646 if (r < 0)
647 goto finish;
648 if (u <= 0 || u >= USEC_INFINITY) {
649 r = -EINVAL;
650 goto finish;
651 }
652
653 p = getenv("WATCHDOG_PID");
654 if (p) {
655 pid_t pid;
656
657 r = parse_pid(p, &pid);
658 if (r < 0)
659 goto finish;
660
661 /* Is this for us? */
662 if (getpid_cached() != pid) {
663 r = 0;
664 goto finish;
665 }
666 }
667
668 if (usec)
669 *usec = u;
670
671 r = 1;
672
673 finish:
674 if (unset_environment && s)
675 unsetenv("WATCHDOG_USEC");
676 if (unset_environment && p)
677 unsetenv("WATCHDOG_PID");
678
679 return r;
680 }
Unnamed repository; edit this file 'description' to name the repository.