1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-27 07:22:31 +03:00

sd-daemon: introduce sd_pid_notify() and sd_pid_notifyf()

sd_pid_notify() operates like sd_notify(), however operates on a
different PID (for example the parent PID of a process).

Make use of this in systemd-notify, so that message are sent from the
PID specified with --pid= rather than the usually shortlived PID of
systemd-notify itself.

This should increase the likelyhood that PID 1 can identify the cgroup
that the notification message was sent from properly.
This commit is contained in:
Lennart Poettering 2014-06-05 17:05:18 +02:00
parent 03da8f9459
commit be8f4e9e8e
4 changed files with 164 additions and 134 deletions

View File

@ -36,13 +36,14 @@
#include <mqueue.h>
#include "util.h"
#include "path-util.h"
#include "sd-daemon.h"
_public_ int sd_listen_fds(int unset_environment) {
int r, fd;
const char *e;
char *p = NULL;
unsigned long l;
unsigned n;
int r, fd;
pid_t pid;
e = getenv("LISTEN_PID");
if (!e) {
@ -50,21 +51,12 @@ _public_ int sd_listen_fds(int unset_environment) {
goto finish;
}
errno = 0;
l = strtoul(e, &p, 10);
if (errno > 0) {
r = -errno;
r = parse_pid(e, &pid);
if (r < 0)
goto finish;
}
if (!p || p == e || *p || l <= 0) {
r = -EINVAL;
goto finish;
}
/* Is this for us? */
if (getpid() != (pid_t) l) {
if (getpid() != pid) {
r = 0;
goto finish;
}
@ -75,38 +67,17 @@ _public_ int sd_listen_fds(int unset_environment) {
goto finish;
}
errno = 0;
l = strtoul(e, &p, 10);
if (errno > 0) {
r = -errno;
r = safe_atou(e, &n);
if (r < 0)
goto finish;
}
if (!p || p == e || *p) {
r = -EINVAL;
goto finish;
}
for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + (int) l; fd ++) {
int flags;
flags = fcntl(fd, F_GETFD);
if (flags < 0) {
r = -errno;
for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + (int) n; fd ++) {
r = fd_cloexec(fd, true);
if (r < 0)
goto finish;
}
if (flags & FD_CLOEXEC)
continue;
if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) < 0) {
r = -errno;
goto finish;
}
}
r = (int) l;
r = (int) n;
finish:
if (unset_environment) {
@ -120,8 +91,7 @@ finish:
_public_ int sd_is_fifo(int fd, const char *path) {
struct stat st_fd;
if (fd < 0)
return -EINVAL;
assert_return(fd >= 0, -EINVAL);
if (fstat(fd, &st_fd) < 0)
return -errno;
@ -151,8 +121,7 @@ _public_ int sd_is_fifo(int fd, const char *path) {
_public_ int sd_is_special(int fd, const char *path) {
struct stat st_fd;
if (fd < 0)
return -EINVAL;
assert_return(fd >= 0, -EINVAL);
if (fstat(fd, &st_fd) < 0)
return -errno;
@ -187,8 +156,8 @@ _public_ int sd_is_special(int fd, const char *path) {
static int sd_is_socket_internal(int fd, int type, int listening) {
struct stat st_fd;
if (fd < 0 || type < 0)
return -EINVAL;
assert_return(fd >= 0, -EINVAL);
assert_return(type >= 0, -EINVAL);
if (fstat(fd, &st_fd) < 0)
return -errno;
@ -238,8 +207,8 @@ union sockaddr_union {
_public_ int sd_is_socket(int fd, int family, int type, int listening) {
int r;
if (family < 0)
return -EINVAL;
assert_return(fd >= 0, -EINVAL);
assert_return(family >= 0, -EINVAL);
r = sd_is_socket_internal(fd, type, listening);
if (r <= 0)
@ -266,8 +235,8 @@ _public_ int sd_is_socket_inet(int fd, int family, int type, int listening, uint
socklen_t l = sizeof(sockaddr);
int r;
if (family != 0 && family != AF_INET && family != AF_INET6)
return -EINVAL;
assert_return(fd >= 0, -EINVAL);
assert_return(IN_SET(family, 0, AF_INET, AF_INET6), -EINVAL);
r = sd_is_socket_internal(fd, type, listening);
if (r <= 0)
@ -283,7 +252,7 @@ _public_ int sd_is_socket_inet(int fd, int family, int type, int listening, uint
sockaddr.sa.sa_family != AF_INET6)
return 0;
if (family > 0)
if (family != 0)
if (sockaddr.sa.sa_family != family)
return 0;
@ -309,6 +278,8 @@ _public_ int sd_is_socket_unix(int fd, int type, int listening, const char *path
socklen_t l = sizeof(sockaddr);
int r;
assert_return(fd >= 0, -EINVAL);
r = sd_is_socket_internal(fd, type, listening);
if (r <= 0)
return r;
@ -348,8 +319,7 @@ _public_ int sd_is_socket_unix(int fd, int type, int listening, const char *path
_public_ int sd_is_mq(int fd, const char *path) {
struct mq_attr attr;
if (fd < 0)
return -EINVAL;
assert_return(fd >= 0, -EINVAL);
if (mq_getattr(fd, &attr) < 0)
return -errno;
@ -358,8 +328,7 @@ _public_ int sd_is_mq(int fd, const char *path) {
char fpath[PATH_MAX];
struct stat a, b;
if (path[0] != '/')
return -EINVAL;
assert_return(path_is_absolute(path), -EINVAL);
if (fstat(fd, &a) < 0)
return -errno;
@ -378,12 +347,17 @@ _public_ int sd_is_mq(int fd, const char *path) {
return 1;
}
_public_ int sd_notify(int unset_environment, const char *state) {
int fd = -1, r;
struct msghdr msghdr;
struct iovec iovec;
union sockaddr_union sockaddr;
_public_ int sd_pid_notify(pid_t pid, int unset_environment, const char *state) {
union sockaddr_union sockaddr = {};
_cleanup_close_ int fd = -1;
struct msghdr msghdr = {};
struct iovec iovec = {};
const char *e;
union {
struct cmsghdr cmsghdr;
uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
} control = {};
int r;
if (!state) {
r = -EINVAL;
@ -406,18 +380,15 @@ _public_ int sd_notify(int unset_environment, const char *state) {
goto finish;
}
memzero(&sockaddr, sizeof(sockaddr));
sockaddr.sa.sa_family = AF_UNIX;
strncpy(sockaddr.un.sun_path, e, sizeof(sockaddr.un.sun_path));
if (sockaddr.un.sun_path[0] == '@')
sockaddr.un.sun_path[0] = 0;
memzero(&iovec, sizeof(iovec));
iovec.iov_base = (char*) state;
iovec.iov_len = strlen(state);
memzero(&msghdr, sizeof(msghdr));
msghdr.msg_name = &sockaddr;
msghdr.msg_namelen = offsetof(struct sockaddr_un, sun_path) + strlen(e);
@ -427,39 +398,90 @@ _public_ int sd_notify(int unset_environment, const char *state) {
msghdr.msg_iov = &iovec;
msghdr.msg_iovlen = 1;
if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) < 0) {
r = -errno;
if (pid != 0 && pid != getpid()) {
struct cmsghdr *cmsg;
struct ucred ucred = {};
msghdr.msg_control = &control;
msghdr.msg_controllen = sizeof(control);
cmsg = CMSG_FIRSTHDR(&msghdr);
cmsg->cmsg_level = SOL_SOCKET;
cmsg->cmsg_type = SCM_CREDENTIALS;
cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
ucred.pid = pid;
ucred.uid = getuid();
ucred.gid = getgid();
memcpy(CMSG_DATA(cmsg), &ucred, sizeof(struct ucred));
msghdr.msg_controllen = cmsg->cmsg_len;
}
/* First try with fake ucred data, as requested */
if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) >= 0) {
r = 1;
goto finish;
}
r = 1;
/* If that failed, try with our own instead */
if (msghdr.msg_control) {
msghdr.msg_control = NULL;
msghdr.msg_controllen = 0;
if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) >= 0) {
r = 1;
goto finish;
}
}
r = -errno;
finish:
if (unset_environment)
unsetenv("NOTIFY_SOCKET");
if (fd >= 0)
close(fd);
return r;
}
_public_ int sd_notifyf(int unset_environment, const char *format, ...) {
va_list ap;
char *p = NULL;
_public_ int sd_notify(int unset_environment, const char *state) {
return sd_pid_notify(0, unset_environment, state);
}
_public_ int sd_pid_notifyf(pid_t pid, int unset_environment, const char *format, ...) {
_cleanup_free_ char *p = NULL;
int r;
va_start(ap, format);
r = vasprintf(&p, format, ap);
va_end(ap);
if (format) {
va_list ap;
if (r < 0 || !p)
return -ENOMEM;
va_start(ap, format);
r = vasprintf(&p, format, ap);
va_end(ap);
r = sd_notify(unset_environment, p);
free(p);
if (r < 0 || !p)
return -ENOMEM;
}
return r;
return sd_pid_notify(pid, unset_environment, p);
}
_public_ int sd_notifyf(int unset_environment, const char *format, ...) {
_cleanup_free_ char *p = NULL;
int r;
if (format) {
va_list ap;
va_start(ap, format);
r = vasprintf(&p, format, ap);
va_end(ap);
if (r < 0 || !p)
return -ENOMEM;
}
return sd_pid_notify(0, unset_environment, p);
}
_public_ int sd_booted(void) {
@ -476,10 +498,9 @@ _public_ int sd_booted(void) {
}
_public_ int sd_watchdog_enabled(int unset_environment, uint64_t *usec) {
unsigned long long ll;
unsigned long l;
const char *e;
char *p = NULL;
uint64_t u;
pid_t pid;
int r;
e = getenv("WATCHDOG_PID");
@ -488,19 +509,12 @@ _public_ int sd_watchdog_enabled(int unset_environment, uint64_t *usec) {
goto finish;
}
errno = 0;
l = strtoul(e, &p, 10);
if (errno > 0) {
r = -errno;
r = parse_pid(e, &pid);
if (r < 0)
goto finish;
}
if (!p || p == e || *p || l <= 0) {
r = -EINVAL;
goto finish;
}
/* Is this for us? */
if (getpid() != (pid_t) l) {
if (getpid() != pid) {
r = 0;
goto finish;
}
@ -511,19 +525,16 @@ _public_ int sd_watchdog_enabled(int unset_environment, uint64_t *usec) {
goto finish;
}
errno = 0;
ll = strtoull(e, &p, 10);
if (errno > 0) {
r = -errno;
r = safe_atou64(e, &u);
if (r < 0)
goto finish;
}
if (!p || p == e || *p || ll <= 0) {
if (u <= 0) {
r = -EINVAL;
goto finish;
}
if (usec)
*usec = ll;
*usec = u;
r = 1;

View File

@ -147,25 +147,25 @@ static int parse_argv(int argc, char *argv[]) {
}
int main(int argc, char* argv[]) {
char* our_env[4], **final_env = NULL;
_cleanup_free_ char *status = NULL, *cpid = NULL, *n = NULL;
_cleanup_strv_free_ char **final_env = NULL;
char* our_env[4];
unsigned i = 0;
char *status = NULL, *cpid = NULL, *n = NULL;
int r, retval = EXIT_FAILURE;
int r;
log_parse_environment();
log_open();
r = parse_argv(argc, argv);
if (r <= 0) {
retval = r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
if (r <= 0)
goto finish;
}
if (arg_booted)
return sd_booted() <= 0;
if (arg_readahead) {
if ((r = sd_readahead(arg_readahead)) < 0) {
r = sd_readahead(arg_readahead);
if (r < 0) {
log_error("Failed to issue read-ahead control command: %s", strerror(-r));
goto finish;
}
@ -175,8 +175,9 @@ int main(int argc, char* argv[]) {
our_env[i++] = (char*) "READY=1";
if (arg_status) {
if (!(status = strappend("STATUS=", arg_status))) {
log_error("Failed to allocate STATUS string.");
status = strappend("STATUS=", arg_status);
if (!status) {
r = log_oom();
goto finish;
}
@ -185,7 +186,7 @@ int main(int argc, char* argv[]) {
if (arg_pid > 0) {
if (asprintf(&cpid, "MAINPID="PID_FMT, arg_pid) < 0) {
log_error("Failed to allocate MAINPID string.");
r = log_oom();
goto finish;
}
@ -194,34 +195,32 @@ int main(int argc, char* argv[]) {
our_env[i++] = NULL;
if (!(final_env = strv_env_merge(2, our_env, argv + optind))) {
log_error("Failed to merge string sets.");
final_env = strv_env_merge(2, our_env, argv + optind);
if (!final_env) {
r = log_oom();
goto finish;
}
if (strv_length(final_env) <= 0) {
retval = EXIT_SUCCESS;
r = 0;
goto finish;
}
if (!(n = strv_join(final_env, "\n"))) {
log_error("Failed to concatenate strings.");
n = strv_join(final_env, "\n");
if (!n) {
r = log_oom();
goto finish;
}
if ((r = sd_notify(false, n)) < 0) {
r = sd_pid_notify(arg_pid, false, n);
if (r < 0) {
log_error("Failed to notify init system: %s", strerror(-r));
goto finish;
}
retval = r <= 0 ? EXIT_FAILURE : EXIT_SUCCESS;
if (r == 0)
r = -ENOTSUP;
finish:
free(status);
free(cpid);
free(n);
strv_free(final_env);
return retval;
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}

View File

@ -1377,17 +1377,21 @@ bool ignore_file(const char *filename) {
}
int fd_nonblock(int fd, bool nonblock) {
int flags;
int flags, nflags;
assert(fd >= 0);
if ((flags = fcntl(fd, F_GETFL, 0)) < 0)
flags = fcntl(fd, F_GETFL, 0);
if (flags < 0)
return -errno;
if (nonblock)
flags |= O_NONBLOCK;
nflags = flags | O_NONBLOCK;
else
flags &= ~O_NONBLOCK;
nflags = flags & ~O_NONBLOCK;
if (nflags == flags)
return 0;
if (fcntl(fd, F_SETFL, flags) < 0)
return -errno;
@ -1396,17 +1400,21 @@ int fd_nonblock(int fd, bool nonblock) {
}
int fd_cloexec(int fd, bool cloexec) {
int flags;
int flags, nflags;
assert(fd >= 0);
if ((flags = fcntl(fd, F_GETFD, 0)) < 0)
flags = fcntl(fd, F_GETFD, 0);
if (flags < 0)
return -errno;
if (cloexec)
flags |= FD_CLOEXEC;
nflags = flags | FD_CLOEXEC;
else
flags &= ~FD_CLOEXEC;
nflags = flags & ~FD_CLOEXEC;
if (nflags == flags)
return 0;
if (fcntl(fd, F_SETFD, flags) < 0)
return -errno;

View File

@ -230,6 +230,18 @@ int sd_notify(int unset_environment, const char *state);
*/
int sd_notifyf(int unset_environment, const char *format, ...) _sd_printf_(2,3);
/*
Similar to sd_notify(), but send the message on behalf of another
process, if the appropriate permissions are available.
*/
int sd_pid_notify(pid_t pid, int unset_environment, const char *state);
/*
Similar to sd_notifyf(), but send the message on behalf of another
process, if the appropriate permissions are available.
*/
int sd_pid_notifyf(pid_t pid, int unset_environment, const char *format, ...) _sd_printf_(3,4);
/*
Returns > 0 if the system was booted with systemd. Returns < 0 on
error. Returns 0 if the system was not booted with systemd. Note