]>
Commit | Line | Data |
---|---|---|
db9ecf05 | 1 | /* SPDX-License-Identifier: LGPL-2.1-or-later */ |
2ca0435b | 2 | |
3f6fd1ba | 3 | #include <getopt.h> |
2ca0435b ZJS |
4 | #include <sys/epoll.h> |
5 | #include <sys/prctl.h> | |
2ca0435b | 6 | #include <sys/wait.h> |
3f6fd1ba | 7 | #include <unistd.h> |
2ca0435b | 8 | |
8dd4c05b | 9 | #include "sd-daemon.h" |
2ca0435b | 10 | |
b5efdb8a | 11 | #include "alloc-util.h" |
76e68b3d | 12 | #include "env-util.h" |
2b2fec7d | 13 | #include "errno-util.h" |
cf98937c | 14 | #include "escape.h" |
b5efdb8a | 15 | #include "fd-util.h" |
2ca0435b | 16 | #include "log.h" |
2ca0435b | 17 | #include "macro.h" |
294bf0c3 | 18 | #include "pretty-print.h" |
df0ff127 | 19 | #include "process-util.h" |
ce30c8dc | 20 | #include "signal-util.h" |
5c3fa98d | 21 | #include "socket-netlink.h" |
3f6fd1ba | 22 | #include "socket-util.h" |
07630cea | 23 | #include "string-util.h" |
3f6fd1ba | 24 | #include "strv.h" |
37ec0fdd | 25 | #include "terminal-util.h" |
ca78ad1d | 26 | #include "util.h" |
2ca0435b | 27 | |
1ace223c | 28 | static char **arg_listen = NULL; |
2ca0435b | 29 | static bool arg_accept = false; |
d31e430f | 30 | static int arg_socket_type = SOCK_STREAM; |
1ace223c SJ |
31 | static char **arg_args = NULL; |
32 | static char **arg_setenv = NULL; | |
cf98937c | 33 | static char **arg_fdnames = NULL; |
eef0a274 | 34 | static bool arg_inetd = false; |
2ca0435b ZJS |
35 | |
36 | static int add_epoll(int epoll_fd, int fd) { | |
30374ebe | 37 | struct epoll_event ev = { |
b1c05b98 ZJS |
38 | .events = EPOLLIN, |
39 | .data.fd = fd, | |
30374ebe | 40 | }; |
2ca0435b ZJS |
41 | |
42 | assert(epoll_fd >= 0); | |
43 | assert(fd >= 0); | |
44 | ||
b1c05b98 | 45 | if (epoll_ctl(epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) |
4a62c710 | 46 | return log_error_errno(errno, "Failed to add event on epoll fd:%d for fd:%d: %m", epoll_fd, fd); |
603938e0 LP |
47 | |
48 | return 0; | |
2ca0435b ZJS |
49 | } |
50 | ||
51 | static int open_sockets(int *epoll_fd, bool accept) { | |
49aca3b1 | 52 | int n, fd, r, count = 0; |
2ca0435b ZJS |
53 | |
54 | n = sd_listen_fds(true); | |
eb56eb9b MS |
55 | if (n < 0) |
56 | return log_error_errno(n, "Failed to read listening file descriptors from environment: %m"); | |
30374ebe LP |
57 | if (n > 0) { |
58 | log_info("Received %i descriptors via the environment.", n); | |
2ca0435b | 59 | |
30374ebe LP |
60 | for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) { |
61 | r = fd_cloexec(fd, arg_accept); | |
62 | if (r < 0) | |
63 | return r; | |
2ca0435b | 64 | |
313cefa1 | 65 | count++; |
30374ebe | 66 | } |
2ca0435b ZJS |
67 | } |
68 | ||
c0997164 ZJS |
69 | /* Close logging and all other descriptors */ |
70 | if (arg_listen) { | |
49aca3b1 LP |
71 | _cleanup_free_ int *except = NULL; |
72 | int i; | |
c0997164 | 73 | |
49aca3b1 LP |
74 | except = new(int, n); |
75 | if (!except) | |
76 | return log_oom(); | |
77 | ||
78 | for (i = 0; i < n; i++) | |
79 | except[i] = SD_LISTEN_FDS_START + i; | |
c0997164 ZJS |
80 | |
81 | log_close(); | |
49aca3b1 | 82 | r = close_all_fds(except, n); |
7acf581a ZJS |
83 | if (r < 0) |
84 | return log_error_errno(r, "Failed to close all file descriptors: %m"); | |
c0997164 ZJS |
85 | } |
86 | ||
fff40a51 ZJS |
87 | /** Note: we leak some fd's on error here. I doesn't matter |
88 | * much, since the program will exit immediately anyway, but | |
89 | * would be a pain to fix. | |
90 | */ | |
91 | ||
2ca0435b | 92 | STRV_FOREACH(address, arg_listen) { |
1ace223c | 93 | fd = make_socket_fd(LOG_DEBUG, *address, arg_socket_type, (arg_accept * SOCK_CLOEXEC)); |
2ca0435b | 94 | if (fd < 0) { |
c0997164 | 95 | log_open(); |
23bbb0de | 96 | return log_error_errno(fd, "Failed to open '%s': %m", *address); |
2ca0435b ZJS |
97 | } |
98 | ||
175a3d25 | 99 | assert(fd == SD_LISTEN_FDS_START + count); |
313cefa1 | 100 | count++; |
2ca0435b ZJS |
101 | } |
102 | ||
c0997164 ZJS |
103 | if (arg_listen) |
104 | log_open(); | |
105 | ||
2ca0435b | 106 | *epoll_fd = epoll_create1(EPOLL_CLOEXEC); |
4a62c710 MS |
107 | if (*epoll_fd < 0) |
108 | return log_error_errno(errno, "Failed to create epoll object: %m"); | |
2ca0435b ZJS |
109 | |
110 | for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + count; fd++) { | |
30374ebe LP |
111 | _cleanup_free_ char *name = NULL; |
112 | ||
113 | getsockname_pretty(fd, &name); | |
2c408cb6 | 114 | log_info("Listening on %s as %i.", strna(name), fd); |
30374ebe | 115 | |
29a5ca9b | 116 | r = add_epoll(*epoll_fd, fd); |
2ca0435b ZJS |
117 | if (r < 0) |
118 | return r; | |
119 | } | |
120 | ||
121 | return count; | |
122 | } | |
123 | ||
2f400671 | 124 | static int exec_process(const char *name, char **argv, int start_fd, size_t n_fds) { |
30374ebe | 125 | _cleanup_strv_free_ char **envp = NULL; |
76e68b3d | 126 | const char *var; |
eef0a274 LP |
127 | int r; |
128 | ||
baaa35ad ZJS |
129 | if (arg_inetd && n_fds != 1) |
130 | return log_error_errno(SYNTHETIC_ERRNO(EINVAL), | |
131 | "--inetd only supported for single file descriptors."); | |
2ca0435b | 132 | |
76e68b3d | 133 | FOREACH_STRING(var, "TERM", "PATH", "USER", "HOME") { |
fa994f91 LP |
134 | const char *n; |
135 | ||
76e68b3d | 136 | n = strv_find_prefix(environ, var); |
fa994f91 LP |
137 | if (!n) |
138 | continue; | |
139 | ||
76e68b3d ZJS |
140 | r = strv_extend(&envp, n); |
141 | if (r < 0) | |
142 | return r; | |
2ca0435b ZJS |
143 | } |
144 | ||
eef0a274 LP |
145 | if (arg_inetd) { |
146 | assert(n_fds == 1); | |
2ca0435b | 147 | |
2b33ab09 | 148 | r = rearrange_stdio(start_fd, start_fd, STDERR_FILENO); /* invalidates start_fd on success + error */ |
eef0a274 | 149 | if (r < 0) |
4355f1c9 | 150 | return log_error_errno(r, "Failed to move fd to stdin+stdout: %m"); |
8dd4c05b | 151 | |
eef0a274 LP |
152 | } else { |
153 | if (start_fd != SD_LISTEN_FDS_START) { | |
154 | assert(n_fds == 1); | |
155 | ||
b1c05b98 | 156 | if (dup2(start_fd, SD_LISTEN_FDS_START) < 0) |
eef0a274 LP |
157 | return log_error_errno(errno, "Failed to dup connection: %m"); |
158 | ||
159 | safe_close(start_fd); | |
eef0a274 LP |
160 | } |
161 | ||
76e68b3d ZJS |
162 | r = strv_extendf(&envp, "LISTEN_FDS=%zu", n_fds); |
163 | if (r < 0) | |
164 | return r; | |
8dd4c05b | 165 | |
76e68b3d ZJS |
166 | r = strv_extendf(&envp, "LISTEN_PID=" PID_FMT, getpid_cached()); |
167 | if (r < 0) | |
168 | return r; | |
8dd4c05b | 169 | |
cf98937c ZJS |
170 | if (arg_fdnames) { |
171 | _cleanup_free_ char *names = NULL; | |
172 | size_t len; | |
cf98937c ZJS |
173 | |
174 | len = strv_length(arg_fdnames); | |
4ffd4705 ZJS |
175 | if (len == 1) |
176 | for (size_t i = 1; i < n_fds; i++) { | |
cf98937c ZJS |
177 | r = strv_extend(&arg_fdnames, arg_fdnames[0]); |
178 | if (r < 0) | |
4ffd4705 | 179 | return log_oom(); |
cf98937c | 180 | } |
4ffd4705 | 181 | else if (len != n_fds) |
da6053d0 | 182 | log_warning("The number of fd names is different than number of fds: %zu vs %zu", len, n_fds); |
eef0a274 | 183 | |
cf98937c ZJS |
184 | names = strv_join(arg_fdnames, ":"); |
185 | if (!names) | |
8dd4c05b | 186 | return log_oom(); |
eef0a274 | 187 | |
76e68b3d ZJS |
188 | char *t = strjoin("LISTEN_FDNAMES=", names); |
189 | if (!t) | |
cf98937c | 190 | return log_oom(); |
8dd4c05b | 191 | |
76e68b3d ZJS |
192 | r = strv_consume(&envp, t); |
193 | if (r < 0) | |
194 | return r; | |
8dd4c05b | 195 | } |
8dd4c05b LP |
196 | } |
197 | ||
76e68b3d ZJS |
198 | STRV_FOREACH(s, arg_setenv) { |
199 | r = strv_env_replace_strdup(&envp, *s); | |
200 | if (r < 0) | |
201 | return r; | |
202 | } | |
203 | ||
204 | _cleanup_free_ char *joined = strv_join(argv, " "); | |
eef0a274 | 205 | if (!joined) |
2ca0435b ZJS |
206 | return log_oom(); |
207 | ||
eef0a274 | 208 | log_info("Execing %s (%s)", name, joined); |
2ca0435b | 209 | execvpe(name, argv, envp); |
30374ebe | 210 | |
eef0a274 | 211 | return log_error_errno(errno, "Failed to execp %s (%s): %m", name, joined); |
2ca0435b ZJS |
212 | } |
213 | ||
2f400671 | 214 | static int fork_and_exec_process(const char *child, char **argv, int fd) { |
eef0a274 | 215 | _cleanup_free_ char *joined = NULL; |
4c253ed1 LP |
216 | pid_t child_pid; |
217 | int r; | |
2ca0435b | 218 | |
eef0a274 LP |
219 | joined = strv_join(argv, " "); |
220 | if (!joined) | |
2ca0435b ZJS |
221 | return log_oom(); |
222 | ||
1ace223c SJ |
223 | r = safe_fork("(activate)", |
224 | FORK_RESET_SIGNALS | FORK_DEATHSIG | FORK_RLIMIT_NOFILE_SAFE | FORK_LOG, | |
225 | &child_pid); | |
4c253ed1 | 226 | if (r < 0) |
b6e1fff1 | 227 | return r; |
4c253ed1 LP |
228 | if (r == 0) { |
229 | /* In the child */ | |
2f400671 | 230 | exec_process(child, argv, fd, 1); |
2ca0435b ZJS |
231 | _exit(EXIT_FAILURE); |
232 | } | |
233 | ||
4c253ed1 | 234 | log_info("Spawned %s (%s) as PID " PID_FMT ".", child, joined, child_pid); |
2ca0435b ZJS |
235 | return 0; |
236 | } | |
237 | ||
2f400671 | 238 | static int do_accept(const char *name, char **argv, int fd) { |
30374ebe | 239 | _cleanup_free_ char *local = NULL, *peer = NULL; |
eef0a274 | 240 | _cleanup_close_ int fd_accepted = -1; |
2ca0435b | 241 | |
eef0a274 | 242 | fd_accepted = accept4(fd, NULL, NULL, 0); |
4ff9bc2e LP |
243 | if (fd_accepted < 0) { |
244 | if (ERRNO_IS_ACCEPT_AGAIN(errno)) | |
245 | return 0; | |
246 | ||
08719b64 | 247 | return log_error_errno(errno, "Failed to accept connection on fd:%d: %m", fd); |
4ff9bc2e | 248 | } |
2ca0435b | 249 | |
7ebd758c LP |
250 | (void) getsockname_pretty(fd_accepted, &local); |
251 | (void) getpeername_pretty(fd_accepted, true, &peer); | |
30374ebe | 252 | log_info("Connection from %s to %s", strna(peer), strna(local)); |
2ca0435b | 253 | |
2f400671 | 254 | return fork_and_exec_process(name, argv, fd_accepted); |
2ca0435b ZJS |
255 | } |
256 | ||
257 | /* SIGCHLD handler. */ | |
5488e52d | 258 | static void sigchld_hdl(int sig) { |
9d458c09 LP |
259 | PROTECT_ERRNO; |
260 | ||
5488e52d EV |
261 | for (;;) { |
262 | siginfo_t si; | |
263 | int r; | |
08719b64 | 264 | |
5488e52d | 265 | si.si_pid = 0; |
1ace223c | 266 | r = waitid(P_ALL, 0, &si, WEXITED | WNOHANG); |
5488e52d EV |
267 | if (r < 0) { |
268 | if (errno != ECHILD) | |
269 | log_error_errno(errno, "Failed to reap children: %m"); | |
270 | return; | |
271 | } | |
272 | if (si.si_pid == 0) | |
273 | return; | |
274 | ||
275 | log_info("Child %d died with code %d", si.si_pid, si.si_status); | |
276 | } | |
2ca0435b ZJS |
277 | } |
278 | ||
279 | static int install_chld_handler(void) { | |
08719b64 | 280 | static const struct sigaction act = { |
1ace223c | 281 | .sa_flags = SA_NOCLDSTOP | SA_RESTART, |
5488e52d | 282 | .sa_handler = sigchld_hdl, |
c0997164 | 283 | }; |
2ca0435b | 284 | |
b1c05b98 | 285 | if (sigaction(SIGCHLD, &act, 0) < 0) |
08719b64 LP |
286 | return log_error_errno(errno, "Failed to install SIGCHLD handler: %m"); |
287 | ||
288 | return 0; | |
2ca0435b ZJS |
289 | } |
290 | ||
37ec0fdd LP |
291 | static int help(void) { |
292 | _cleanup_free_ char *link = NULL; | |
293 | int r; | |
294 | ||
295 | r = terminal_urlify_man("systemd-socket-activate", "1", &link); | |
296 | if (r < 0) | |
297 | return log_oom(); | |
298 | ||
353b2baa LP |
299 | printf("%s [OPTIONS...]\n" |
300 | "\n%sListen on sockets and launch child on connection.%s\n" | |
301 | "\nOptions:\n" | |
cf98937c ZJS |
302 | " -h --help Show this help and exit\n" |
303 | " --version Print version string and exit\n" | |
304 | " -l --listen=ADDR Listen for raw connections at ADDR\n" | |
305 | " -d --datagram Listen on datagram instead of stream socket\n" | |
306 | " --seqpacket Listen on SOCK_SEQPACKET instead of stream socket\n" | |
307 | " -a --accept Spawn separate child for each connection\n" | |
308 | " -E --setenv=NAME[=VALUE] Pass an environment variable to children\n" | |
309 | " --fdname=NAME[:NAME...] Specify names for file descriptors\n" | |
310 | " --inetd Enable inetd file descriptor passing protocol\n" | |
37ec0fdd | 311 | "\nNote: file descriptors from sd_listen_fds() will be passed through.\n" |
bc556335 DDM |
312 | "\nSee the %s for details.\n", |
313 | program_invocation_short_name, | |
314 | ansi_highlight(), | |
315 | ansi_normal(), | |
316 | link); | |
37ec0fdd LP |
317 | |
318 | return 0; | |
2ca0435b ZJS |
319 | } |
320 | ||
321 | static int parse_argv(int argc, char *argv[]) { | |
322 | enum { | |
323 | ARG_VERSION = 0x100, | |
8dd4c05b | 324 | ARG_FDNAME, |
d31e430f | 325 | ARG_SEQPACKET, |
eef0a274 | 326 | ARG_INETD, |
2ca0435b ZJS |
327 | }; |
328 | ||
329 | static const struct option options[] = { | |
892213bf ZJS |
330 | { "help", no_argument, NULL, 'h' }, |
331 | { "version", no_argument, NULL, ARG_VERSION }, | |
7b7afdfc | 332 | { "datagram", no_argument, NULL, 'd' }, |
d31e430f | 333 | { "seqpacket", no_argument, NULL, ARG_SEQPACKET }, |
892213bf ZJS |
334 | { "listen", required_argument, NULL, 'l' }, |
335 | { "accept", no_argument, NULL, 'a' }, | |
336 | { "setenv", required_argument, NULL, 'E' }, | |
8dd4c05b LP |
337 | { "environment", required_argument, NULL, 'E' }, /* legacy alias */ |
338 | { "fdname", required_argument, NULL, ARG_FDNAME }, | |
eef0a274 | 339 | { "inetd", no_argument, NULL, ARG_INETD }, |
eb9da376 | 340 | {} |
2ca0435b ZJS |
341 | }; |
342 | ||
8dd4c05b | 343 | int c, r; |
2ca0435b ZJS |
344 | |
345 | assert(argc >= 0); | |
346 | assert(argv); | |
347 | ||
b722348d | 348 | while ((c = getopt_long(argc, argv, "+hl:aE:d", options, NULL)) >= 0) |
1ace223c | 349 | switch (c) { |
2ca0435b | 350 | case 'h': |
37ec0fdd | 351 | return help(); |
2ca0435b ZJS |
352 | |
353 | case ARG_VERSION: | |
3f6fd1ba | 354 | return version(); |
2ca0435b | 355 | |
8dd4c05b LP |
356 | case 'l': |
357 | r = strv_extend(&arg_listen, optarg); | |
2ca0435b | 358 | if (r < 0) |
8dd4c05b | 359 | return log_oom(); |
2ca0435b ZJS |
360 | |
361 | break; | |
2ca0435b | 362 | |
7b7afdfc | 363 | case 'd': |
baaa35ad ZJS |
364 | if (arg_socket_type == SOCK_SEQPACKET) |
365 | return log_error_errno(SYNTHETIC_ERRNO(EINVAL), | |
366 | "--datagram may not be combined with --seqpacket."); | |
d31e430f LP |
367 | |
368 | arg_socket_type = SOCK_DGRAM; | |
369 | break; | |
370 | ||
371 | case ARG_SEQPACKET: | |
baaa35ad ZJS |
372 | if (arg_socket_type == SOCK_DGRAM) |
373 | return log_error_errno(SYNTHETIC_ERRNO(EINVAL), | |
374 | "--seqpacket may not be combined with --datagram."); | |
d31e430f LP |
375 | |
376 | arg_socket_type = SOCK_SEQPACKET; | |
7b7afdfc SS |
377 | break; |
378 | ||
2ca0435b ZJS |
379 | case 'a': |
380 | arg_accept = true; | |
381 | break; | |
382 | ||
8dd4c05b | 383 | case 'E': |
76e68b3d | 384 | r = strv_env_replace_strdup_passthrough(&arg_setenv, optarg); |
5e65c93a | 385 | if (r < 0) |
76e68b3d | 386 | return log_error_errno(r, "Cannot assign environment variable %s: %m", optarg); |
5e65c93a | 387 | break; |
8dd4c05b | 388 | |
cf98937c | 389 | case ARG_FDNAME: { |
c2b2df60 | 390 | _cleanup_strv_free_ char **names = NULL; |
cf98937c ZJS |
391 | |
392 | names = strv_split(optarg, ":"); | |
393 | if (!names) | |
394 | return log_oom(); | |
395 | ||
396 | STRV_FOREACH(s, names) | |
397 | if (!fdname_is_valid(*s)) { | |
c2b2df60 | 398 | _cleanup_free_ char *esc = NULL; |
163c76c9 | 399 | |
cf98937c ZJS |
400 | esc = cescape(*s); |
401 | log_warning("File descriptor name \"%s\" is not valid.", esc); | |
402 | } | |
403 | ||
404 | /* Empty optargs means one empty name */ | |
405 | r = strv_extend_strv(&arg_fdnames, | |
406 | strv_isempty(names) ? STRV_MAKE("") : names, | |
407 | false); | |
408 | if (r < 0) | |
409 | return log_error_errno(r, "strv_extend_strv: %m"); | |
8dd4c05b | 410 | break; |
cf98937c | 411 | } |
5e65c93a | 412 | |
eef0a274 LP |
413 | case ARG_INETD: |
414 | arg_inetd = true; | |
415 | break; | |
416 | ||
2ca0435b ZJS |
417 | case '?': |
418 | return -EINVAL; | |
419 | ||
420 | default: | |
04499a70 | 421 | assert_not_reached(); |
2ca0435b ZJS |
422 | } |
423 | ||
baaa35ad ZJS |
424 | if (optind == argc) |
425 | return log_error_errno(SYNTHETIC_ERRNO(EINVAL), | |
426 | "%s: command to execute is missing.", | |
427 | program_invocation_short_name); | |
2ca0435b | 428 | |
baaa35ad ZJS |
429 | if (arg_socket_type == SOCK_DGRAM && arg_accept) |
430 | return log_error_errno(SYNTHETIC_ERRNO(EINVAL), | |
431 | "Datagram sockets do not accept connections. " | |
432 | "The --datagram and --accept options may not be combined."); | |
7b7afdfc | 433 | |
2ca0435b ZJS |
434 | arg_args = argv + optind; |
435 | ||
436 | return 1 /* work to do */; | |
437 | } | |
438 | ||
2f400671 | 439 | int main(int argc, char **argv) { |
2ca0435b ZJS |
440 | int r, n; |
441 | int epoll_fd = -1; | |
442 | ||
1a043959 | 443 | log_show_color(true); |
2ca0435b | 444 | log_parse_environment(); |
eceb8483 | 445 | log_open(); |
2ca0435b ZJS |
446 | |
447 | r = parse_argv(argc, argv); | |
448 | if (r <= 0) | |
449 | return r == 0 ? EXIT_SUCCESS : EXIT_FAILURE; | |
450 | ||
451 | r = install_chld_handler(); | |
452 | if (r < 0) | |
453 | return EXIT_FAILURE; | |
454 | ||
455 | n = open_sockets(&epoll_fd, arg_accept); | |
456 | if (n < 0) | |
457 | return EXIT_FAILURE; | |
2c408cb6 LP |
458 | if (n == 0) { |
459 | log_error("No sockets to listen on specified or passed in."); | |
460 | return EXIT_FAILURE; | |
461 | } | |
2ca0435b | 462 | |
eceb8483 | 463 | for (;;) { |
2ca0435b ZJS |
464 | struct epoll_event event; |
465 | ||
b1c05b98 | 466 | if (epoll_wait(epoll_fd, &event, 1, -1) < 0) { |
2ca0435b ZJS |
467 | if (errno == EINTR) |
468 | continue; | |
469 | ||
56f64d95 | 470 | log_error_errno(errno, "epoll_wait() failed: %m"); |
2ca0435b ZJS |
471 | return EXIT_FAILURE; |
472 | } | |
473 | ||
2c408cb6 | 474 | log_info("Communication attempt on fd %i.", event.data.fd); |
2ca0435b | 475 | if (arg_accept) { |
2f400671 | 476 | r = do_accept(argv[optind], argv + optind, event.data.fd); |
2ca0435b ZJS |
477 | if (r < 0) |
478 | return EXIT_FAILURE; | |
479 | } else | |
480 | break; | |
481 | } | |
482 | ||
2f400671 | 483 | exec_process(argv[optind], argv + optind, SD_LISTEN_FDS_START, (size_t) n); |
2ca0435b ZJS |
484 | |
485 | return EXIT_SUCCESS; | |
486 | } |