]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/libsystemd/sd-daemon/sd-daemon.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tree-wide: remove Lennart's copyright lines
[thirdparty/systemd.git] / src / libsystemd / sd-daemon / sd-daemon.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 ***/
4
5 #include <errno.h>
6 #include <limits.h>
7 #include <mqueue.h>
8 #include <netinet/in.h>
9 #include <stdarg.h>
10 #include <stddef.h>
11 #include <stdio.h>
12 #include <stdlib.h>
13 #include <string.h>
14 #include <sys/socket.h>
15 #include <sys/stat.h>
16 #include <sys/un.h>
17 #include <unistd.h>
18
19 #include "sd-daemon.h"
20
21 #include "alloc-util.h"
22 #include "fd-util.h"
23 #include "fs-util.h"
24 #include "parse-util.h"
25 #include "path-util.h"
26 #include "process-util.h"
27 #include "socket-util.h"
28 #include "strv.h"
29 #include "util.h"
30
31 #define SNDBUF_SIZE (8*1024*1024)
32
33 static void unsetenv_all(bool unset_environment) {
34
35 if (!unset_environment)
36 return;
37
38 unsetenv("LISTEN_PID");
39 unsetenv("LISTEN_FDS");
40 unsetenv("LISTEN_FDNAMES");
41 }
42
43 _public_ int sd_listen_fds(int unset_environment) {
44 const char *e;
45 int n, r, fd;
46 pid_t pid;
47
48 e = getenv("LISTEN_PID");
49 if (!e) {
50 r = 0;
51 goto finish;
52 }
53
54 r = parse_pid(e, &pid);
55 if (r < 0)
56 goto finish;
57
58 /* Is this for us? */
59 if (getpid_cached() != pid) {
60 r = 0;
61 goto finish;
62 }
63
64 e = getenv("LISTEN_FDS");
65 if (!e) {
66 r = 0;
67 goto finish;
68 }
69
70 r = safe_atoi(e, &n);
71 if (r < 0)
72 goto finish;
73
74 assert_cc(SD_LISTEN_FDS_START < INT_MAX);
75 if (n <= 0 || n > INT_MAX - SD_LISTEN_FDS_START) {
76 r = -EINVAL;
77 goto finish;
78 }
79
80 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd ++) {
81 r = fd_cloexec(fd, true);
82 if (r < 0)
83 goto finish;
84 }
85
86 r = n;
87
88 finish:
89 unsetenv_all(unset_environment);
90 return r;
91 }
92
93 _public_ int sd_listen_fds_with_names(int unset_environment, char ***names) {
94 _cleanup_strv_free_ char **l = NULL;
95 bool have_names;
96 int n_names = 0, n_fds;
97 const char *e;
98 int r;
99
100 if (!names)
101 return sd_listen_fds(unset_environment);
102
103 e = getenv("LISTEN_FDNAMES");
104 if (e) {
105 n_names = strv_split_extract(&l, e, ":", EXTRACT_DONT_COALESCE_SEPARATORS);
106 if (n_names < 0) {
107 unsetenv_all(unset_environment);
108 return n_names;
109 }
110
111 have_names = true;
112 } else
113 have_names = false;
114
115 n_fds = sd_listen_fds(unset_environment);
116 if (n_fds <= 0)
117 return n_fds;
118
119 if (have_names) {
120 if (n_names != n_fds)
121 return -EINVAL;
122 } else {
123 r = strv_extend_n(&l, "unknown", n_fds);
124 if (r < 0)
125 return r;
126 }
127
128 *names = TAKE_PTR(l);
129
130 return n_fds;
131 }
132
133 _public_ int sd_is_fifo(int fd, const char *path) {
134 struct stat st_fd;
135
136 assert_return(fd >= 0, -EBADF);
137
138 if (fstat(fd, &st_fd) < 0)
139 return -errno;
140
141 if (!S_ISFIFO(st_fd.st_mode))
142 return 0;
143
144 if (path) {
145 struct stat st_path;
146
147 if (stat(path, &st_path) < 0) {
148
149 if (IN_SET(errno, ENOENT, ENOTDIR))
150 return 0;
151
152 return -errno;
153 }
154
155 return
156 st_path.st_dev == st_fd.st_dev &&
157 st_path.st_ino == st_fd.st_ino;
158 }
159
160 return 1;
161 }
162
163 _public_ int sd_is_special(int fd, const char *path) {
164 struct stat st_fd;
165
166 assert_return(fd >= 0, -EBADF);
167
168 if (fstat(fd, &st_fd) < 0)
169 return -errno;
170
171 if (!S_ISREG(st_fd.st_mode) && !S_ISCHR(st_fd.st_mode))
172 return 0;
173
174 if (path) {
175 struct stat st_path;
176
177 if (stat(path, &st_path) < 0) {
178
179 if (IN_SET(errno, ENOENT, ENOTDIR))
180 return 0;
181
182 return -errno;
183 }
184
185 if (S_ISREG(st_fd.st_mode) && S_ISREG(st_path.st_mode))
186 return
187 st_path.st_dev == st_fd.st_dev &&
188 st_path.st_ino == st_fd.st_ino;
189 else if (S_ISCHR(st_fd.st_mode) && S_ISCHR(st_path.st_mode))
190 return st_path.st_rdev == st_fd.st_rdev;
191 else
192 return 0;
193 }
194
195 return 1;
196 }
197
198 static int sd_is_socket_internal(int fd, int type, int listening) {
199 struct stat st_fd;
200
201 assert_return(fd >= 0, -EBADF);
202 assert_return(type >= 0, -EINVAL);
203
204 if (fstat(fd, &st_fd) < 0)
205 return -errno;
206
207 if (!S_ISSOCK(st_fd.st_mode))
208 return 0;
209
210 if (type != 0) {
211 int other_type = 0;
212 socklen_t l = sizeof(other_type);
213
214 if (getsockopt(fd, SOL_SOCKET, SO_TYPE, &other_type, &l) < 0)
215 return -errno;
216
217 if (l != sizeof(other_type))
218 return -EINVAL;
219
220 if (other_type != type)
221 return 0;
222 }
223
224 if (listening >= 0) {
225 int accepting = 0;
226 socklen_t l = sizeof(accepting);
227
228 if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &accepting, &l) < 0)
229 return -errno;
230
231 if (l != sizeof(accepting))
232 return -EINVAL;
233
234 if (!accepting != !listening)
235 return 0;
236 }
237
238 return 1;
239 }
240
241 _public_ int sd_is_socket(int fd, int family, int type, int listening) {
242 int r;
243
244 assert_return(fd >= 0, -EBADF);
245 assert_return(family >= 0, -EINVAL);
246
247 r = sd_is_socket_internal(fd, type, listening);
248 if (r <= 0)
249 return r;
250
251 if (family > 0) {
252 union sockaddr_union sockaddr = {};
253 socklen_t l = sizeof(sockaddr);
254
255 if (getsockname(fd, &sockaddr.sa, &l) < 0)
256 return -errno;
257
258 if (l < sizeof(sa_family_t))
259 return -EINVAL;
260
261 return sockaddr.sa.sa_family == family;
262 }
263
264 return 1;
265 }
266
267 _public_ int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port) {
268 union sockaddr_union sockaddr = {};
269 socklen_t l = sizeof(sockaddr);
270 int r;
271
272 assert_return(fd >= 0, -EBADF);
273 assert_return(IN_SET(family, 0, AF_INET, AF_INET6), -EINVAL);
274
275 r = sd_is_socket_internal(fd, type, listening);
276 if (r <= 0)
277 return r;
278
279 if (getsockname(fd, &sockaddr.sa, &l) < 0)
280 return -errno;
281
282 if (l < sizeof(sa_family_t))
283 return -EINVAL;
284
285 if (!IN_SET(sockaddr.sa.sa_family, AF_INET, AF_INET6))
286 return 0;
287
288 if (family != 0)
289 if (sockaddr.sa.sa_family != family)
290 return 0;
291
292 if (port > 0) {
293 unsigned sa_port;
294
295 r = sockaddr_port(&sockaddr.sa, &sa_port);
296 if (r < 0)
297 return r;
298
299 return port == sa_port;
300 }
301
302 return 1;
303 }
304
305 _public_ int sd_is_socket_sockaddr(int fd, int type, const struct sockaddr* addr, unsigned addr_len, int listening) {
306 union sockaddr_union sockaddr = {};
307 socklen_t l = sizeof(sockaddr);
308 int r;
309
310 assert_return(fd >= 0, -EBADF);
311 assert_return(addr, -EINVAL);
312 assert_return(addr_len >= sizeof(sa_family_t), -ENOBUFS);
313 assert_return(IN_SET(addr->sa_family, AF_INET, AF_INET6), -EPFNOSUPPORT);
314
315 r = sd_is_socket_internal(fd, type, listening);
316 if (r <= 0)
317 return r;
318
319 if (getsockname(fd, &sockaddr.sa, &l) < 0)
320 return -errno;
321
322 if (l < sizeof(sa_family_t))
323 return -EINVAL;
324
325 if (sockaddr.sa.sa_family != addr->sa_family)
326 return 0;
327
328 if (sockaddr.sa.sa_family == AF_INET) {
329 const struct sockaddr_in *in = (const struct sockaddr_in *) addr;
330
331 if (l < sizeof(struct sockaddr_in) || addr_len < sizeof(struct sockaddr_in))
332 return -EINVAL;
333
334 if (in->sin_port != 0 &&
335 sockaddr.in.sin_port != in->sin_port)
336 return false;
337
338 return sockaddr.in.sin_addr.s_addr == in->sin_addr.s_addr;
339
340 } else {
341 const struct sockaddr_in6 *in = (const struct sockaddr_in6 *) addr;
342
343 if (l < sizeof(struct sockaddr_in6) || addr_len < sizeof(struct sockaddr_in6))
344 return -EINVAL;
345
346 if (in->sin6_port != 0 &&
347 sockaddr.in6.sin6_port != in->sin6_port)
348 return false;
349
350 if (in->sin6_flowinfo != 0 &&
351 sockaddr.in6.sin6_flowinfo != in->sin6_flowinfo)
352 return false;
353
354 if (in->sin6_scope_id != 0 &&
355 sockaddr.in6.sin6_scope_id != in->sin6_scope_id)
356 return false;
357
358 return memcmp(sockaddr.in6.sin6_addr.s6_addr, in->sin6_addr.s6_addr,
359 sizeof(in->sin6_addr.s6_addr)) == 0;
360 }
361 }
362
363 _public_ int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length) {
364 union sockaddr_union sockaddr = {};
365 socklen_t l = sizeof(sockaddr);
366 int r;
367
368 assert_return(fd >= 0, -EBADF);
369
370 r = sd_is_socket_internal(fd, type, listening);
371 if (r <= 0)
372 return r;
373
374 if (getsockname(fd, &sockaddr.sa, &l) < 0)
375 return -errno;
376
377 if (l < sizeof(sa_family_t))
378 return -EINVAL;
379
380 if (sockaddr.sa.sa_family != AF_UNIX)
381 return 0;
382
383 if (path) {
384 if (length == 0)
385 length = strlen(path);
386
387 if (length == 0)
388 /* Unnamed socket */
389 return l == offsetof(struct sockaddr_un, sun_path);
390
391 if (path[0])
392 /* Normal path socket */
393 return
394 (l >= offsetof(struct sockaddr_un, sun_path) + length + 1) &&
395 memcmp(path, sockaddr.un.sun_path, length+1) == 0;
396 else
397 /* Abstract namespace socket */
398 return
399 (l == offsetof(struct sockaddr_un, sun_path) + length) &&
400 memcmp(path, sockaddr.un.sun_path, length) == 0;
401 }
402
403 return 1;
404 }
405
406 _public_ int sd_is_mq(int fd, const char *path) {
407 struct mq_attr attr;
408
409 /* Check that the fd is valid */
410 assert_return(fcntl(fd, F_GETFD) >= 0, -errno);
411
412 if (mq_getattr(fd, &attr) < 0) {
413 if (errno == EBADF)
414 /* A non-mq fd (or an invalid one, but we ruled that out above) */
415 return 0;
416 return -errno;
417 }
418
419 if (path) {
420 char fpath[PATH_MAX];
421 struct stat a, b;
422
423 assert_return(path_is_absolute(path), -EINVAL);
424
425 if (fstat(fd, &a) < 0)
426 return -errno;
427
428 strncpy(stpcpy(fpath, "/dev/mqueue"), path, sizeof(fpath) - 12);
429 fpath[sizeof(fpath)-1] = 0;
430
431 if (stat(fpath, &b) < 0)
432 return -errno;
433
434 if (a.st_dev != b.st_dev ||
435 a.st_ino != b.st_ino)
436 return 0;
437 }
438
439 return 1;
440 }
441
442 _public_ int sd_pid_notify_with_fds(
443 pid_t pid,
444 int unset_environment,
445 const char *state,
446 const int *fds,
447 unsigned n_fds) {
448
449 union sockaddr_union sockaddr = {
450 .sa.sa_family = AF_UNIX,
451 };
452 struct iovec iovec = {
453 .iov_base = (char*) state,
454 };
455 struct msghdr msghdr = {
456 .msg_iov = &iovec,
457 .msg_iovlen = 1,
458 .msg_name = &sockaddr,
459 };
460 _cleanup_close_ int fd = -1;
461 struct cmsghdr *cmsg = NULL;
462 const char *e;
463 bool send_ucred;
464 int r;
465
466 if (!state) {
467 r = -EINVAL;
468 goto finish;
469 }
470
471 if (n_fds > 0 && !fds) {
472 r = -EINVAL;
473 goto finish;
474 }
475
476 e = getenv("NOTIFY_SOCKET");
477 if (!e)
478 return 0;
479
480 /* Must be an abstract socket, or an absolute path */
481 if (!IN_SET(e[0], '@', '/') || e[1] == 0) {
482 r = -EINVAL;
483 goto finish;
484 }
485
486 if (strlen(e) > sizeof(sockaddr.un.sun_path)) {
487 r = -EINVAL;
488 goto finish;
489 }
490
491 fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0);
492 if (fd < 0) {
493 r = -errno;
494 goto finish;
495 }
496
497 (void) fd_inc_sndbuf(fd, SNDBUF_SIZE);
498
499 iovec.iov_len = strlen(state);
500
501 strncpy(sockaddr.un.sun_path, e, sizeof(sockaddr.un.sun_path));
502 if (sockaddr.un.sun_path[0] == '@')
503 sockaddr.un.sun_path[0] = 0;
504
505 msghdr.msg_namelen = SOCKADDR_UN_LEN(sockaddr.un);
506
507 send_ucred =
508 (pid != 0 && pid != getpid_cached()) ||
509 getuid() != geteuid() ||
510 getgid() != getegid();
511
512 if (n_fds > 0 || send_ucred) {
513 /* CMSG_SPACE(0) may return value different than zero, which results in miscalculated controllen. */
514 msghdr.msg_controllen =
515 (n_fds > 0 ? CMSG_SPACE(sizeof(int) * n_fds) : 0) +
516 (send_ucred ? CMSG_SPACE(sizeof(struct ucred)) : 0);
517
518 msghdr.msg_control = alloca0(msghdr.msg_controllen);
519
520 cmsg = CMSG_FIRSTHDR(&msghdr);
521 if (n_fds > 0) {
522 cmsg->cmsg_level = SOL_SOCKET;
523 cmsg->cmsg_type = SCM_RIGHTS;
524 cmsg->cmsg_len = CMSG_LEN(sizeof(int) * n_fds);
525
526 memcpy(CMSG_DATA(cmsg), fds, sizeof(int) * n_fds);
527
528 if (send_ucred)
529 assert_se(cmsg = CMSG_NXTHDR(&msghdr, cmsg));
530 }
531
532 if (send_ucred) {
533 struct ucred *ucred;
534
535 cmsg->cmsg_level = SOL_SOCKET;
536 cmsg->cmsg_type = SCM_CREDENTIALS;
537 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
538
539 ucred = (struct ucred*) CMSG_DATA(cmsg);
540 ucred->pid = pid != 0 ? pid : getpid_cached();
541 ucred->uid = getuid();
542 ucred->gid = getgid();
543 }
544 }
545
546 /* First try with fake ucred data, as requested */
547 if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) >= 0) {
548 r = 1;
549 goto finish;
550 }
551
552 /* If that failed, try with our own ucred instead */
553 if (send_ucred) {
554 msghdr.msg_controllen -= CMSG_SPACE(sizeof(struct ucred));
555 if (msghdr.msg_controllen == 0)
556 msghdr.msg_control = NULL;
557
558 if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) >= 0) {
559 r = 1;
560 goto finish;
561 }
562 }
563
564 r = -errno;
565
566 finish:
567 if (unset_environment)
568 unsetenv("NOTIFY_SOCKET");
569
570 return r;
571 }
572
573 _public_ int sd_pid_notify(pid_t pid, int unset_environment, const char *state) {
574 return sd_pid_notify_with_fds(pid, unset_environment, state, NULL, 0);
575 }
576
577 _public_ int sd_notify(int unset_environment, const char *state) {
578 return sd_pid_notify_with_fds(0, unset_environment, state, NULL, 0);
579 }
580
581 _public_ int sd_pid_notifyf(pid_t pid, int unset_environment, const char *format, ...) {
582 _cleanup_free_ char *p = NULL;
583 int r;
584
585 if (format) {
586 va_list ap;
587
588 va_start(ap, format);
589 r = vasprintf(&p, format, ap);
590 va_end(ap);
591
592 if (r < 0 || !p)
593 return -ENOMEM;
594 }
595
596 return sd_pid_notify(pid, unset_environment, p);
597 }
598
599 _public_ int sd_notifyf(int unset_environment, const char *format, ...) {
600 _cleanup_free_ char *p = NULL;
601 int r;
602
603 if (format) {
604 va_list ap;
605
606 va_start(ap, format);
607 r = vasprintf(&p, format, ap);
608 va_end(ap);
609
610 if (r < 0 || !p)
611 return -ENOMEM;
612 }
613
614 return sd_pid_notify(0, unset_environment, p);
615 }
616
617 _public_ int sd_booted(void) {
618 /* We test whether the runtime unit file directory has been
619 * created. This takes place in mount-setup.c, so is
620 * guaranteed to happen very early during boot. */
621
622 return laccess("/run/systemd/system/", F_OK) >= 0;
623 }
624
625 _public_ int sd_watchdog_enabled(int unset_environment, uint64_t *usec) {
626 const char *s, *p = ""; /* p is set to dummy value to do unsetting */
627 uint64_t u;
628 int r = 0;
629
630 s = getenv("WATCHDOG_USEC");
631 if (!s)
632 goto finish;
633
634 r = safe_atou64(s, &u);
635 if (r < 0)
636 goto finish;
637 if (u <= 0 || u >= USEC_INFINITY) {
638 r = -EINVAL;
639 goto finish;
640 }
641
642 p = getenv("WATCHDOG_PID");
643 if (p) {
644 pid_t pid;
645
646 r = parse_pid(p, &pid);
647 if (r < 0)
648 goto finish;
649
650 /* Is this for us? */
651 if (getpid_cached() != pid) {
652 r = 0;
653 goto finish;
654 }
655 }
656
657 if (usec)
658 *usec = u;
659
660 r = 1;
661
662 finish:
663 if (unset_environment && s)
664 unsetenv("WATCHDOG_USEC");
665 if (unset_environment && p)
666 unsetenv("WATCHDOG_PID");
667
668 return r;
669 }
Unnamed repository; edit this file 'description' to name the repository.