[thirdparty/systemd.git] / src / userdb / userdbd-manager.c

/* SPDX-License-Identifier: LGPL-2.1-or-later */

#include <sys/wait.h>

#include "sd-daemon.h"

#include "fd-util.h"
#include "fs-util.h"
#include "mkdir.h"
#include "process-util.h"
#include "set.h"
#include "signal-util.h"
#include "socket-util.h"
#include "stdio-util.h"
#include "umask-util.h"
#include "userdbd-manager.h"

#define LISTEN_TIMEOUT_USEC (25 * USEC_PER_SEC)

static int start_workers(Manager *m, bool explicit_request);

static int on_sigchld(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
        Manager *m = ASSERT_PTR(userdata);

        assert(s);

        for (;;) {
                siginfo_t siginfo = {};
                bool removed = false;

                if (waitid(P_ALL, 0, &siginfo, WNOHANG|WEXITED) < 0) {
                        if (errno == ECHILD)
                                break;

                        log_warning_errno(errno, "Failed to invoke waitid(): %m");
                        break;
                }
                if (siginfo.si_pid == 0)
                        break;

                if (set_remove(m->workers_dynamic, PID_TO_PTR(siginfo.si_pid)))
                        removed = true;
                if (set_remove(m->workers_fixed, PID_TO_PTR(siginfo.si_pid)))
                        removed = true;

                if (!removed) {
                        log_warning("Weird, got SIGCHLD for unknown child " PID_FMT ", ignoring.", siginfo.si_pid);
                        continue;
                }

                if (siginfo.si_code == CLD_EXITED) {
                        if (siginfo.si_status == EXIT_SUCCESS)
                                log_debug("Worker " PID_FMT " exited successfully.", siginfo.si_pid);
                        else
                                log_warning("Worker " PID_FMT " died with a failure exit status %i, ignoring.", siginfo.si_pid, siginfo.si_status);
                } else if (siginfo.si_code == CLD_KILLED)
                        log_warning("Worker " PID_FMT " was killed by signal %s, ignoring.", siginfo.si_pid, signal_to_string(siginfo.si_status));
                else if (siginfo.si_code == CLD_DUMPED)
                        log_warning("Worker " PID_FMT " dumped core by signal %s, ignoring.", siginfo.si_pid, signal_to_string(siginfo.si_status));
                else
                        log_warning("Can't handle SIGCHLD of this type");
        }

        (void) start_workers(m, false); /* Fill up workers again if we fell below the low watermark */
        return 0;
}

static int on_sigusr2(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
        Manager *m = ASSERT_PTR(userdata);

        assert(s);

        (void) start_workers(m, true); /* Workers told us there's more work, let's add one more worker as long as we are below the high watermark */
        return 0;
}

int manager_new(Manager **ret) {
        _cleanup_(manager_freep) Manager *m = NULL;
        int r;

        m = new(Manager, 1);
        if (!m)
                return -ENOMEM;

        *m = (Manager) {
                .listen_fd = -1,
                .worker_ratelimit = {
                        .interval = 5 * USEC_PER_SEC,
                        .burst = 50,
                },
        };

        r = sd_event_new(&m->event);
        if (r < 0)
                return r;

        r = sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
        if (r < 0)
                return r;

        r = sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
        if (r < 0)
                return r;

        (void) sd_event_set_watchdog(m->event, true);

        m->workers_fixed = set_new(NULL);
        m->workers_dynamic = set_new(NULL);

        if (!m->workers_fixed || !m->workers_dynamic)
                return -ENOMEM;

        r = sd_event_add_signal(m->event, &m->sigusr2_event_source, SIGUSR2, on_sigusr2, m);
        if (r < 0)
                return r;

        r = sd_event_add_signal(m->event, &m->sigchld_event_source, SIGCHLD, on_sigchld, m);
        if (r < 0)
                return r;

        *ret = TAKE_PTR(m);
        return 0;
}

Manager* manager_free(Manager *m) {
        if (!m)
                return NULL;

        set_free(m->workers_fixed);
        set_free(m->workers_dynamic);

        sd_event_source_disable_unref(m->sigusr2_event_source);
        sd_event_source_disable_unref(m->sigchld_event_source);

        sd_event_unref(m->event);

        return mfree(m);
}

static size_t manager_current_workers(Manager *m) {
        assert(m);

        return set_size(m->workers_fixed) + set_size(m->workers_dynamic);
}

static int start_one_worker(Manager *m) {
        bool fixed;
        pid_t pid;
        int r;

        assert(m);

        fixed = set_size(m->workers_fixed) < USERDB_WORKERS_MIN;

        r = safe_fork("(sd-worker)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG, &pid);
        if (r < 0)
                return log_error_errno(r, "Failed to fork new worker child: %m");
        if (r == 0) {
                char pids[DECIMAL_STR_MAX(pid_t)];
                /* Child */

                log_close();

                r = close_all_fds(&m->listen_fd, 1);
                if (r < 0) {
                        log_error_errno(r, "Failed to close fds in child: %m");
                        _exit(EXIT_FAILURE);
                }

                log_open();

                if (m->listen_fd == 3) {
                        r = fd_cloexec(3, false);
                        if (r < 0) {
                                log_error_errno(r, "Failed to turn off O_CLOEXEC for fd 3: %m");
                                _exit(EXIT_FAILURE);
                        }
                } else {
                        if (dup2(m->listen_fd, 3) < 0) { /* dup2() creates with O_CLOEXEC off */
                                log_error_errno(errno, "Failed to move listen fd to 3: %m");
                                _exit(EXIT_FAILURE);
                        }

                        safe_close(m->listen_fd);
                }

                xsprintf(pids, PID_FMT, pid);
                if (setenv("LISTEN_PID", pids, 1) < 0) {
                        log_error_errno(errno, "Failed to set $LISTEN_PID: %m");
                        _exit(EXIT_FAILURE);
                }

                if (setenv("LISTEN_FDS", "1", 1) < 0) {
                        log_error_errno(errno, "Failed to set $LISTEN_FDS: %m");
                        _exit(EXIT_FAILURE);
                }


                if (setenv("USERDB_FIXED_WORKER", one_zero(fixed), 1) < 0) {
                        log_error_errno(errno, "Failed to set $USERDB_FIXED_WORKER: %m");
                        _exit(EXIT_FAILURE);
                }

                /* execl("/home/lennart/projects/systemd/build/systemd-userwork", "systemd-userwork", "xxxxxxxxxxxxxxxx", NULL); /\* With some extra space rename_process() can make use of *\/ */
                /* execl("/usr/bin/valgrind", "valgrind", "/home/lennart/projects/systemd/build/systemd-userwork", "systemd-userwork", "xxxxxxxxxxxxxxxx", NULL); /\* With some extra space rename_process() can make use of *\/ */

                execl(SYSTEMD_USERWORK_PATH, "systemd-userwork", "xxxxxxxxxxxxxxxx", NULL); /* With some extra space rename_process() can make use of */
                log_error_errno(errno, "Failed start worker process: %m");
                _exit(EXIT_FAILURE);
        }

        if (fixed)
                r = set_put(m->workers_fixed, PID_TO_PTR(pid));
        else
                r = set_put(m->workers_dynamic, PID_TO_PTR(pid));
        if (r < 0)
                return log_error_errno(r, "Failed to add child process to set: %m");

        return 0;
}

static int start_workers(Manager *m, bool explicit_request) {
        int r;

        assert(m);

        for (;;)  {
                size_t n;

                n = manager_current_workers(m);
                if (n >= USERDB_WORKERS_MIN && (!explicit_request || n >= USERDB_WORKERS_MAX))
                        break;

                if (!ratelimit_below(&m->worker_ratelimit)) {
                        /* If we keep starting workers too often, let's fail the whole daemon, something is wrong */
                        sd_event_exit(m->event, EXIT_FAILURE);

                        return log_error_errno(SYNTHETIC_ERRNO(EUCLEAN), "Worker threads requested too frequently, something is wrong.");
                }

                r = start_one_worker(m);
                if (r < 0)
                        return r;

                explicit_request = false;
        }

        return 0;
}

int manager_startup(Manager *m) {
        int n, r;

        assert(m);
        assert(m->listen_fd < 0);

        n = sd_listen_fds(false);
        if (n < 0)
                return log_error_errno(n, "Failed to determine number of passed file descriptors: %m");
        if (n > 1)
                return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Expected one listening fd, got %i.", n);
        if (n == 1)
                m->listen_fd = SD_LISTEN_FDS_START;
        else {
                union sockaddr_union sockaddr = {
                        .un.sun_family = AF_UNIX,
                        .un.sun_path = "/run/systemd/userdb/io.systemd.Multiplexer",
                };

                r = mkdir_p("/run/systemd/userdb", 0755);
                if (r < 0)
                        return log_error_errno(r, "Failed to create /run/systemd/userdb: %m");

                m->listen_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
                if (m->listen_fd < 0)
                        return log_error_errno(errno, "Failed to bind on socket: %m");

                (void) sockaddr_un_unlink(&sockaddr.un);

                WITH_UMASK(0000)
                        if (bind(m->listen_fd, &sockaddr.sa, SOCKADDR_UN_LEN(sockaddr.un)) < 0)
                                return log_error_errno(errno, "Failed to bind socket: %m");

                r = symlink_idempotent("io.systemd.Multiplexer",
                                       "/run/systemd/userdb/io.systemd.NameServiceSwitch", false);
                if (r < 0)
                        return log_error_errno(r, "Failed to bind io.systemd.Multiplexer: %m");

                r = symlink_idempotent("io.systemd.Multiplexer",
                                       "/run/systemd/userdb/io.systemd.DropIn", false);
                if (r < 0)
                        return log_error_errno(r, "Failed to bind io.systemd.Multiplexer: %m");

                if (listen(m->listen_fd, SOMAXCONN) < 0)
                        return log_error_errno(errno, "Failed to listen on socket: %m");
        }

        /* Let's make sure every accept() call on this socket times out after 25s. This allows workers to be
         * GC'ed on idle */
        if (setsockopt(m->listen_fd, SOL_SOCKET, SO_RCVTIMEO, TIMEVAL_STORE(LISTEN_TIMEOUT_USEC), sizeof(struct timeval)) < 0)
                return log_error_errno(errno, "Failed to se SO_RCVTIMEO: %m");

        return start_workers(m, false);
}
Commit	Line	Data
db9ecf05	1	/* SPDX-License-Identifier: LGPL-2.1-or-later */
d093b62c LP	2
	3	#include <sys/wait.h>
	4
	5	#include "sd-daemon.h"
	6
	7	#include "fd-util.h"
	8	#include "fs-util.h"
	9	#include "mkdir.h"
	10	#include "process-util.h"
	11	#include "set.h"
	12	#include "signal-util.h"
	13	#include "socket-util.h"
	14	#include "stdio-util.h"
	15	#include "umask-util.h"
	16	#include "userdbd-manager.h"
	17
	18	#define LISTEN_TIMEOUT_USEC (25 * USEC_PER_SEC)
	19
	20	static int start_workers(Manager *m, bool explicit_request);
	21
	22	static int on_sigchld(sd_event_source s, const struct signalfd_siginfo si, void *userdata) {
99534007	23	Manager *m = ASSERT_PTR(userdata);
d093b62c LP	24
d093b62c LP	25	assert(s);
d093b62c LP	26
	27	for (;;) {
	28	siginfo_t siginfo = {};
	29	bool removed = false;
	30
	31	if (waitid(P_ALL, 0, &siginfo, WNOHANG\|WEXITED) < 0) {
	32	if (errno == ECHILD)
	33	break;
	34
	35	log_warning_errno(errno, "Failed to invoke waitid(): %m");
	36	break;
	37	}
	38	if (siginfo.si_pid == 0)
	39	break;
	40
	41	if (set_remove(m->workers_dynamic, PID_TO_PTR(siginfo.si_pid)))
	42	removed = true;
	43	if (set_remove(m->workers_fixed, PID_TO_PTR(siginfo.si_pid)))
	44	removed = true;
	45
	46	if (!removed) {
	47	log_warning("Weird, got SIGCHLD for unknown child " PID_FMT ", ignoring.", siginfo.si_pid);
	48	continue;
	49	}
	50
	51	if (siginfo.si_code == CLD_EXITED) {
	52	if (siginfo.si_status == EXIT_SUCCESS)
	53	log_debug("Worker " PID_FMT " exited successfully.", siginfo.si_pid);
	54	else
	55	log_warning("Worker " PID_FMT " died with a failure exit status %i, ignoring.", siginfo.si_pid, siginfo.si_status);
	56	} else if (siginfo.si_code == CLD_KILLED)
	57	log_warning("Worker " PID_FMT " was killed by signal %s, ignoring.", siginfo.si_pid, signal_to_string(siginfo.si_status));
	58	else if (siginfo.si_code == CLD_DUMPED)
	59	log_warning("Worker " PID_FMT " dumped core by signal %s, ignoring.", siginfo.si_pid, signal_to_string(siginfo.si_status));
	60	else
	61	log_warning("Can't handle SIGCHLD of this type");
	62	}
	63
	64	(void) start_workers(m, false); /* Fill up workers again if we fell below the low watermark */
	65	return 0;
	66	}
	67
	68	static int on_sigusr2(sd_event_source s, const struct signalfd_siginfo si, void *userdata) {
99534007	69	Manager *m = ASSERT_PTR(userdata);
d093b62c LP	70
d093b62c LP	71	assert(s);
d093b62c LP	72
	73	(void) start_workers(m, true); /* Workers told us there's more work, let's add one more worker as long as we are below the high watermark */
	74	return 0;
	75	}
	76
	77	int manager_new(Manager **ret) {
b44b735a	78	_cleanup_(manager_freep) Manager *m = NULL;
d093b62c LP	79	int r;
	80
	81	m = new(Manager, 1);
	82	if (!m)
	83	return -ENOMEM;
	84
	85	*m = (Manager) {
	86	.listen_fd = -1,
	87	.worker_ratelimit = {
	88	.interval = 5 * USEC_PER_SEC,
	89	.burst = 50,
	90	},
	91	};
	92
	93	r = sd_event_new(&m->event);
	94	if (r < 0)
	95	return r;
	96
	97	r = sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
	98	if (r < 0)
	99	return r;
	100
	101	r = sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
	102	if (r < 0)
	103	return r;
	104
	105	(void) sd_event_set_watchdog(m->event, true);
	106
	107	m->workers_fixed = set_new(NULL);
	108	m->workers_dynamic = set_new(NULL);
	109
	110	if (!m->workers_fixed \|\| !m->workers_dynamic)
	111	return -ENOMEM;
	112
	113	r = sd_event_add_signal(m->event, &m->sigusr2_event_source, SIGUSR2, on_sigusr2, m);
	114	if (r < 0)
	115	return r;
	116
	117	r = sd_event_add_signal(m->event, &m->sigchld_event_source, SIGCHLD, on_sigchld, m);
	118	if (r < 0)
	119	return r;
	120
	121	*ret = TAKE_PTR(m);
	122	return 0;
	123	}
	124
	125	Manager* manager_free(Manager *m) {
	126	if (!m)
	127	return NULL;
	128
	129	set_free(m->workers_fixed);
	130	set_free(m->workers_dynamic);
	131
	132	sd_event_source_disable_unref(m->sigusr2_event_source);
	133	sd_event_source_disable_unref(m->sigchld_event_source);
	134
	135	sd_event_unref(m->event);
	136
	137	return mfree(m);
	138	}
	139
	140	static size_t manager_current_workers(Manager *m) {
	141	assert(m);
	142
143	return set_size(m->workers_fixed) + set_size(m->workers_dynamic);
144	}
145
146	static int start_one_worker(Manager *m) {
147	bool fixed;
148	pid_t pid;
149	int r;
150
151	assert(m);
152
153	fixed = set_size(m->workers_fixed) < USERDB_WORKERS_MIN;
154
155	r = safe_fork("(sd-worker)", FORK_RESET_SIGNALS\|FORK_DEATHSIG\|FORK_LOG, &pid);
156	if (r < 0)
157	return log_error_errno(r, "Failed to fork new worker child: %m");
158	if (r == 0) {
159	char pids[DECIMAL_STR_MAX(pid_t)];
160	/* Child */
161
162	log_close();
163
164	r = close_all_fds(&m->listen_fd, 1);
165	if (r < 0) {
166	log_error_errno(r, "Failed to close fds in child: %m");
167	_exit(EXIT_FAILURE);
168	}
169
170	log_open();
171
172	if (m->listen_fd == 3) {
173	r = fd_cloexec(3, false);
174	if (r < 0) {
175	log_error_errno(r, "Failed to turn off O_CLOEXEC for fd 3: %m");
176	_exit(EXIT_FAILURE);
177	}
178	} else {
179	if (dup2(m->listen_fd, 3) < 0) { /* dup2() creates with O_CLOEXEC off */
180	log_error_errno(errno, "Failed to move listen fd to 3: %m");
181	_exit(EXIT_FAILURE);
182	}
183
184	safe_close(m->listen_fd);
185	}
186
187	xsprintf(pids, PID_FMT, pid);
188	if (setenv("LISTEN_PID", pids, 1) < 0) {
189	log_error_errno(errno, "Failed to set $LISTEN_PID: %m");
190	_exit(EXIT_FAILURE);
191	}
192
193	if (setenv("LISTEN_FDS", "1", 1) < 0) {
194	log_error_errno(errno, "Failed to set $LISTEN_FDS: %m");
195	_exit(EXIT_FAILURE);
196	}
197
198
199	if (setenv("USERDB_FIXED_WORKER", one_zero(fixed), 1) < 0) {
200	log_error_errno(errno, "Failed to set $USERDB_FIXED_WORKER: %m");
201	_exit(EXIT_FAILURE);
202	}
203
204	/* execl("/home/lennart/projects/systemd/build/systemd-userwork", "systemd-userwork", "xxxxxxxxxxxxxxxx", NULL); /\* With some extra space rename_process() can make use of \/ /
205	/* execl("/usr/bin/valgrind", "valgrind", "/home/lennart/projects/systemd/build/systemd-userwork", "systemd-userwork", "xxxxxxxxxxxxxxxx", NULL); /\* With some extra space rename_process() can make use of \/ /
206
207	execl(SYSTEMD_USERWORK_PATH, "systemd-userwork", "xxxxxxxxxxxxxxxx", NULL); /* With some extra space rename_process() can make use of */
208	log_error_errno(errno, "Failed start worker process: %m");
209	_exit(EXIT_FAILURE);
210	}
211
212	if (fixed)
213	r = set_put(m->workers_fixed, PID_TO_PTR(pid));
214	else
215	r = set_put(m->workers_dynamic, PID_TO_PTR(pid));
216	if (r < 0)
217	return log_error_errno(r, "Failed to add child process to set: %m");
218
219	return 0;
220	}
221
222	static int start_workers(Manager *m, bool explicit_request) {
223	int r;
224
225	assert(m);
226
227	for (;;) {
228	size_t n;
229
230	n = manager_current_workers(m);
231	if (n >= USERDB_WORKERS_MIN && (!explicit_request \|\| n >= USERDB_WORKERS_MAX))
232	break;
233
234	if (!ratelimit_below(&m->worker_ratelimit)) {
235	/* If we keep starting workers too often, let's fail the whole daemon, something is wrong */
236	sd_event_exit(m->event, EXIT_FAILURE);
237
238	return log_error_errno(SYNTHETIC_ERRNO(EUCLEAN), "Worker threads requested too frequently, something is wrong.");
239	}
240
241	r = start_one_worker(m);
242	if (r < 0)
243	return r;
244
245	explicit_request = false;
246	}
247
248	return 0;
249	}
250
251	int manager_startup(Manager *m) {
d093b62c LP	252	int n, r;
	253
	254	assert(m);
	255	assert(m->listen_fd < 0);
	256
	257	n = sd_listen_fds(false);
	258	if (n < 0)
	259	return log_error_errno(n, "Failed to determine number of passed file descriptors: %m");
	260	if (n > 1)
	261	return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Expected one listening fd, got %i.", n);
	262	if (n == 1)
	263	m->listen_fd = SD_LISTEN_FDS_START;
	264	else {
425d925f ZJS	265	union sockaddr_union sockaddr = {
425d925f ZJS	266	.un.sun_family = AF_UNIX,
bbfb8c87	267	.un.sun_path = "/run/systemd/userdb/io.systemd.Multiplexer",
425d925f	268	};
d093b62c LP	269
	270	r = mkdir_p("/run/systemd/userdb", 0755);
	271	if (r < 0)
	272	return log_error_errno(r, "Failed to create /run/systemd/userdb: %m");
	273
	274	m->listen_fd = socket(AF_UNIX, SOCK_STREAM\|SOCK_CLOEXEC, 0);
	275	if (m->listen_fd < 0)
	276	return log_error_errno(errno, "Failed to bind on socket: %m");
	277
	278	(void) sockaddr_un_unlink(&sockaddr.un);
	279
2053593f	280	WITH_UMASK(0000)
d093b62c LP	281	if (bind(m->listen_fd, &sockaddr.sa, SOCKADDR_UN_LEN(sockaddr.un)) < 0)
	282	return log_error_errno(errno, "Failed to bind socket: %m");
	283
bbfb8c87 LP	284	r = symlink_idempotent("io.systemd.Multiplexer",
bbfb8c87 LP	285	"/run/systemd/userdb/io.systemd.NameServiceSwitch", false);
d093b62c LP	286	if (r < 0)
	287	return log_error_errno(r, "Failed to bind io.systemd.Multiplexer: %m");
	288
8fbb1941 LP	289	r = symlink_idempotent("io.systemd.Multiplexer",
	290	"/run/systemd/userdb/io.systemd.DropIn", false);
	291	if (r < 0)
	292	return log_error_errno(r, "Failed to bind io.systemd.Multiplexer: %m");
	293
d093b62c LP	294	if (listen(m->listen_fd, SOMAXCONN) < 0)
	295	return log_error_errno(errno, "Failed to listen on socket: %m");
	296	}
	297
	298	/* Let's make sure every accept() call on this socket times out after 25s. This allows workers to be
	299	* GC'ed on idle */
52bb308c	300	if (setsockopt(m->listen_fd, SOL_SOCKET, SO_RCVTIMEO, TIMEVAL_STORE(LISTEN_TIMEOUT_USEC), sizeof(struct timeval)) < 0)
d093b62c LP	301	return log_error_errno(errno, "Failed to se SO_RCVTIMEO: %m");
	302
	303	return start_workers(m, false);
	304	}