1 /*-
2 * Copyright (c) 1999 Berkeley Software Design, Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 * 3. Berkeley Software Design Inc's name may not be used to endorse or
13 * promote products derived from this software without specific prior
14 * written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 *
28 * From BSDI: daemon.c,v 1.2 1996/08/15 01:11:09 jch Exp
29 */
30
31 #include <sys/cdefs.h>
32 __FBSDID("$FreeBSD$");
33
34 #include <sys/param.h>
35 #include <sys/mman.h>
36 #include <sys/wait.h>
37
38 #include <err.h>
39 #include <errno.h>
40 #include <libutil.h>
41 #include <login_cap.h>
42 #include <pwd.h>
43 #include <signal.h>
44 #include <stdio.h>
45 #include <stdlib.h>
46 #include <unistd.h>
47
48 static void dummy_sighandler(int);
49 static void restrict_process(const char *);
50 static int wait_child(pid_t pid, sigset_t *mask);
51 static void usage(void);
52
53 int
main(int argc,char * argv[])54 main(int argc, char *argv[])
55 {
56 struct pidfh *ppfh, *pfh;
57 sigset_t mask, oldmask;
58 int ch, nochdir, noclose, restart, serrno;
59 const char *pidfile, *ppidfile, *user;
60 pid_t otherpid, pid;
61
62 nochdir = noclose = 1;
63 restart = 0;
64 ppidfile = pidfile = user = NULL;
65 while ((ch = getopt(argc, argv, "cfp:P:ru:")) != -1) {
66 switch (ch) {
67 case 'c':
68 nochdir = 0;
69 break;
70 case 'f':
71 noclose = 0;
72 break;
73 case 'p':
74 pidfile = optarg;
75 break;
76 case 'P':
77 ppidfile = optarg;
78 break;
79 case 'r':
80 restart = 1;
81 break;
82 case 'u':
83 user = optarg;
84 break;
85 default:
86 usage();
87 }
88 }
89 argc -= optind;
90 argv += optind;
91
92 if (argc == 0)
93 usage();
94
95 ppfh = pfh = NULL;
96 /*
97 * Try to open the pidfile before calling daemon(3),
98 * to be able to report the error intelligently
99 */
100 if (pidfile != NULL) {
101 pfh = pidfile_open(pidfile, 0600, &otherpid);
102 if (pfh == NULL) {
103 if (errno == EEXIST) {
104 errx(3, "process already running, pid: %d",
105 otherpid);
106 }
107 err(2, "pidfile ``%s''", pidfile);
108 }
109 }
110 /* Do the same for actual daemon process. */
111 if (ppidfile != NULL) {
112 ppfh = pidfile_open(ppidfile, 0600, &otherpid);
113 if (ppfh == NULL) {
114 serrno = errno;
115 pidfile_remove(pfh);
116 errno = serrno;
117 if (errno == EEXIST) {
118 errx(3, "process already running, pid: %d",
119 otherpid);
120 }
121 err(2, "ppidfile ``%s''", ppidfile);
122 }
123 }
124
125 if (daemon(nochdir, noclose) == -1) {
126 warn("daemon");
127 goto exit;
128 }
129 /* Write out parent pidfile if needed. */
130 pidfile_write(ppfh);
131
132 /*
133 * If the pidfile or restart option is specified the daemon
134 * executes the command in a forked process and wait on child
135 * exit to remove the pidfile or restart the command. Normally
136 * we don't want the monitoring daemon to be terminated
137 * leaving the running process and the stale pidfile, so we
138 * catch SIGTERM and forward it to the children expecting to
139 * get SIGCHLD eventually.
140 */
141 pid = -1;
142 if (pidfile != NULL || ppidfile != NULL || restart) {
143 /*
144 * Restore default action for SIGTERM in case the
145 * parent process decided to ignore it.
146 */
147 if (signal(SIGTERM, SIG_DFL) == SIG_ERR) {
148 warn("signal");
149 goto exit;
150 }
151 /*
152 * Because SIGCHLD is ignored by default, setup dummy handler
153 * for it, so we can mask it.
154 */
155 if (signal(SIGCHLD, dummy_sighandler) == SIG_ERR) {
156 warn("signal");
157 goto exit;
158 }
159 /*
160 * Block interesting signals.
161 */
162 sigemptyset(&mask);
163 sigaddset(&mask, SIGTERM);
164 sigaddset(&mask, SIGCHLD);
165 if (sigprocmask(SIG_SETMASK, &mask, &oldmask) == -1) {
166 warn("sigprocmask");
167 goto exit;
168 }
169 /*
170 * Try to protect against pageout kill. Ignore the
171 * error, madvise(2) will fail only if a process does
172 * not have superuser privileges.
173 */
174 (void)madvise(NULL, 0, MADV_PROTECT);
175 restart:
176 /*
177 * Spawn a child to exec the command, so in the parent
178 * we could wait for it to exit and remove pidfile.
179 */
180 pid = fork();
181 if (pid == -1) {
182 warn("fork");
183 goto exit;
184 }
185 }
186 if (pid <= 0) {
187 if (pid == 0) {
188 /* Restore old sigmask in the child. */
189 if (sigprocmask(SIG_SETMASK, &oldmask, NULL) == -1)
190 err(1, "sigprocmask");
191 }
192 /* Now that we are the child, write out the pid. */
193 pidfile_write(pfh);
194
195 if (user != NULL)
196 restrict_process(user);
197
198 execvp(argv[0], argv);
199
200 /*
201 * execvp() failed -- report the error. The child is
202 * now running, so the exit status doesn't matter.
203 */
204 err(1, "%s", argv[0]);
205 }
206
207 setproctitle("%s[%d]", argv[0], pid);
208 if (wait_child(pid, &mask) == 0 && restart) {
209 sleep(1);
210 goto restart;
211 }
212 exit:
213 pidfile_remove(pfh);
214 pidfile_remove(ppfh);
215 exit(1); /* If daemon(3) succeeded exit status does not matter. */
216 }
217
218 static void
dummy_sighandler(int sig __unused)219 dummy_sighandler(int sig __unused)
220 {
221 /* Nothing to do. */
222 }
223
224 static void
restrict_process(const char * user)225 restrict_process(const char *user)
226 {
227 struct passwd *pw = NULL;
228
229 pw = getpwnam(user);
230 if (pw == NULL)
231 errx(1, "unknown user: %s", user);
232
233 if (setusercontext(NULL, pw, pw->pw_uid, LOGIN_SETALL) != 0)
234 errx(1, "failed to set user environment");
235 }
236
237 static int
wait_child(pid_t pid,sigset_t * mask)238 wait_child(pid_t pid, sigset_t *mask)
239 {
240 int terminate, signo;
241
242 terminate = 0;
243 for (;;) {
244 if (sigwait(mask, &signo) == -1) {
245 warn("sigwaitinfo");
246 return (-1);
247 }
248 switch (signo) {
249 case SIGCHLD:
250 if (waitpid(pid, NULL, WNOHANG) == -1) {
251 warn("waitpid");
252 return (-1);
253 }
254 return (terminate);
255 case SIGTERM:
256 terminate = 1;
257 if (kill(pid, signo) == -1) {
258 warn("kill");
259 return (-1);
260 }
261 continue;
262 default:
263 warnx("sigwaitinfo: invalid signal: %d", signo);
264 return (-1);
265 }
266 }
267 }
268
269 static void
usage(void)270 usage(void)
271 {
272 (void)fprintf(stderr,
273 "usage: daemon [-cfr] [-p child_pidfile] [-P supervisor_pidfile] "
274 "[-u user]\n command arguments ...\n");
275 exit(1);
276 }
277