-#include <stdio.h>
-#include <stdlib.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <errno.h>
-#include <signal.h>
-#include <string.h>
-#include <sys/types.h>
-#include <pwd.h>
-#include <pthread.h>
-#include <sys/wait.h>
-#include <sys/stat.h>
-
-#include "config.h"
-#include "log.h"
#include "common.h"
-#include "web_client.h"
-#include "plugins_d.h"
-#include "rrd.h"
-#include "popen.h"
-#include "main.h"
-#include "daemon.h"
-
-void sig_handler(int signo)
+#include <sched.h>
+
+char pidfile[FILENAME_MAX + 1] = "";
+
+void sig_handler_exit(int signo)
{
- switch(signo) {
- case SIGTERM:
- case SIGQUIT:
- case SIGINT:
- case SIGHUP:
- case SIGFPE:
- case SIGSEGV:
- debug(D_EXIT, "Signaled exit (signal %d). Errno: %d (%s)", signo, errno, strerror(errno));
- signal(SIGCHLD, SIG_IGN);
- signal(SIGPIPE, SIG_IGN);
- signal(SIGTERM, SIG_IGN);
- signal(SIGQUIT, SIG_IGN);
- signal(SIGHUP, SIG_IGN);
- signal(SIGINT, SIG_IGN);
- kill_childs();
- process_childs(0);
- rrd_stats_free_all();
- //unlink("/var/run/netdata.pid");
- info("NetData exiting. Bye bye...");
- exit(1);
- break;
-
- case SIGPIPE:
- info("Ignoring signal %d. Errno: %d (%s)", signo, errno, strerror(errno));
- break;
-
-
- case SIGCHLD:
- info("Received SIGCHLD (signal %d).", signo);
- process_childs(0);
- break;
-
- default:
- info("Signal %d received. Falling back to default action for it.", signo);
- signal(signo, SIG_DFL);
- break;
- }
+ if(signo) {
+ error_log_limit_unlimited();
+ error("Received signal %d. Exiting...", signo);
+ netdata_exit = 1;
+ }
}
-char rundir[FILENAME_MAX + 1] = "/var/run/netdata";
-char pidfile[FILENAME_MAX + 1] = "";
-void prepare_rundir() {
- if(getuid() != 0) {
- mkdir("/run/user", 0775);
- snprintf(rundir, FILENAME_MAX, "/run/user/%d", getpid());
- mkdir(rundir, 0775);
- snprintf(rundir, FILENAME_MAX, "/run/user/%d/netdata", getpid());
- }
-
- snprintf(pidfile, FILENAME_MAX, "%s/netdata.pid", rundir);
-
- if(mkdir(rundir, 0775) != 0)
- fprintf(stderr, "Cannot create directory '%s' (%s).", rundir, strerror(errno));
+void sig_handler_logrotate(int signo)
+{
+ if(signo) {
+ error_log_limit_unlimited();
+ info("Received signal %d to re-open the log files", signo);
+ reopen_all_log_files();
+ error_log_limit_reset();
+ }
+}
+
+void sig_handler_save(int signo)
+{
+ if(signo) {
+ error_log_limit_unlimited();
+ info("Received signal %d to save the database...", signo);
+ rrdset_save_all();
+ error_log_limit_reset();
+ }
+}
+
+void sig_handler_reload_health(int signo)
+{
+ if(signo) {
+ error_log_limit_unlimited();
+ info("Received signal %d to reload health configuration...", signo);
+ health_reload();
+ error_log_limit_reset();
+ }
+}
+
+static void chown_open_file(int fd, uid_t uid, gid_t gid) {
+ if(fd == -1) return;
+
+ struct stat buf;
+
+ if(fstat(fd, &buf) == -1) {
+ error("Cannot fstat() fd %d", fd);
+ return;
+ }
+
+ if((buf.st_uid != uid || buf.st_gid != gid) && S_ISREG(buf.st_mode)) {
+ if(fchown(fd, uid, gid) == -1)
+ error("Cannot fchown() fd %d.", fd);
+ }
+}
+
+void create_needed_dir(const char *dir, uid_t uid, gid_t gid)
+{
+ // attempt to create the directory
+ if(mkdir(dir, 0755) == 0) {
+ // we created it
+
+ // chown it to match the required user
+ if(chown(dir, uid, gid) == -1)
+ error("Cannot chown directory '%s' to %u:%u", dir, (unsigned int)uid, (unsigned int)gid);
+ }
+ else if(errno != EEXIST)
+ // log an error only if the directory does not exist
+ error("Cannot create directory '%s'", dir);
}
-int become_user(const char *username)
+int become_user(const char *username, int pid_fd)
{
- struct passwd *pw = getpwnam(username);
- if(!pw) {
- fprintf(stderr, "User %s is not present. Error: %s\n", username, strerror(errno));
- return -1;
- }
-
- if(chown(rundir, pw->pw_uid, pw->pw_gid) != 0) {
- fprintf(stderr, "Cannot chown directory '%s' to user %s. Error: %s\n", rundir, username, strerror(errno));
- return -1;
- }
-
- if(setgid(pw->pw_gid) != 0) {
- fprintf(stderr, "Cannot switch to user's %s group (gid: %d). Error: %s\n", username, pw->pw_gid, strerror(errno));
- return -1;
- }
- if(setegid(pw->pw_gid) != 0) {
- fprintf(stderr, "Cannot effectively switch to user's %s group (gid: %d). Error: %s\n", username, pw->pw_gid, strerror(errno));
- return -1;
- }
- if(setuid(pw->pw_uid) != 0) {
- fprintf(stderr, "Cannot switch to user %s (uid: %d). Error: %s\n", username, pw->pw_uid, strerror(errno));
- return -1;
- }
- if(seteuid(pw->pw_uid) != 0) {
- fprintf(stderr, "Cannot effectively switch to user %s (uid: %d). Error: %s\n", username, pw->pw_uid, strerror(errno));
- return -1;
- }
-
- return(0);
+ struct passwd *pw = getpwnam(username);
+ if(!pw) {
+ error("User %s is not present.", username);
+ return -1;
+ }
+
+ uid_t uid = pw->pw_uid;
+ gid_t gid = pw->pw_gid;
+
+ create_needed_dir(CACHE_DIR, uid, gid);
+ create_needed_dir(VARLIB_DIR, uid, gid);
+
+ if(pidfile[0]) {
+ if(chown(pidfile, uid, gid) == -1)
+ error("Cannot chown '%s' to %u:%u", pidfile, (unsigned int)uid, (unsigned int)gid);
+ }
+
+ int ngroups = (int)sysconf(_SC_NGROUPS_MAX);
+ gid_t *supplementary_groups = NULL;
+ if(ngroups) {
+ supplementary_groups = mallocz(sizeof(gid_t) * ngroups);
+ if(getgrouplist(username, gid, supplementary_groups, &ngroups) == -1) {
+ error("Cannot get supplementary groups of user '%s'.", username);
+ freez(supplementary_groups);
+ supplementary_groups = NULL;
+ ngroups = 0;
+ }
+ }
+
+ chown_open_file(STDOUT_FILENO, uid, gid);
+ chown_open_file(STDERR_FILENO, uid, gid);
+ chown_open_file(stdaccess_fd, uid, gid);
+ chown_open_file(pid_fd, uid, gid);
+
+ if(supplementary_groups && ngroups) {
+ if(setgroups(ngroups, supplementary_groups) == -1)
+ error("Cannot set supplementary groups for user '%s'", username);
+
+ freez(supplementary_groups);
+ supplementary_groups = NULL;
+ ngroups = 0;
+ }
+
+ if(setresgid(gid, gid, gid) != 0) {
+ error("Cannot switch to user's %s group (gid: %u).", username, gid);
+ return -1;
+ }
+
+ if(setresuid(uid, uid, uid) != 0) {
+ error("Cannot switch to user %s (uid: %u).", username, uid);
+ return -1;
+ }
+
+ if(setgid(gid) != 0) {
+ error("Cannot switch to user's %s group (gid: %u).", username, gid);
+ return -1;
+ }
+ if(setegid(gid) != 0) {
+ error("Cannot effectively switch to user's %s group (gid: %u).", username, gid);
+ return -1;
+ }
+ if(setuid(uid) != 0) {
+ error("Cannot switch to user %s (uid: %u).", username, uid);
+ return -1;
+ }
+ if(seteuid(uid) != 0) {
+ error("Cannot effectively switch to user %s (uid: %u).", username, uid);
+ return -1;
+ }
+
+ return(0);
+}
+
+void oom_score_adj(int score) {
+ int done = 0;
+ int fd = open("/proc/self/oom_score_adj", O_WRONLY);
+ if(fd != -1) {
+ char buf[10 + 1];
+ ssize_t len = snprintfz(buf, 10, "%d", score);
+ if(write(fd, buf, len) == len) done = 1;
+ close(fd);
+ }
+
+ if(!done)
+ error("Cannot adjust my Out-Of-Memory score to %d.", score);
+ else
+ debug(D_SYSTEM, "Adjusted my Out-Of-Memory score to %d.", score);
+}
+
+int sched_setscheduler_idle(void) {
+#ifdef SCHED_IDLE
+ const struct sched_param param = {
+ .sched_priority = 0
+ };
+
+ int i = sched_setscheduler(0, SCHED_IDLE, ¶m);
+ if(i != 0)
+ error("Cannot adjust my scheduling priority to IDLE.");
+ else
+ debug(D_SYSTEM, "Adjusted my scheduling priority to IDLE.");
+
+ return i;
+#else
+ return -1;
+#endif
}
-int become_daemon(int close_all_files, const char *input, const char *output, const char *error, const char *access, int *access_fd, FILE **access_fp)
+int become_daemon(int dont_fork, const char *user)
{
- fflush(NULL);
-
- // open the files before forking
- int input_fd = -1, output_fd = -1, error_fd = -1, dev_null = -1;
-
- if(input && *input) {
- if((input_fd = open(input, O_RDONLY, 0666)) == -1) {
- fprintf(stderr, "Cannot open input file '%s' (%s).", input, strerror(errno));
- return -1;
- }
- }
-
- if(output && *output) {
- if((output_fd = open(output, O_RDWR | O_APPEND | O_CREAT, 0666)) == -1) {
- fprintf(stderr, "Cannot open output log file '%s' (%s).", output, strerror(errno));
- if(input_fd != -1) close(input_fd);
- return -1;
- }
- }
-
- if(error && *error) {
- if((error_fd = open(error, O_RDWR | O_APPEND | O_CREAT, 0666)) == -1) {
- fprintf(stderr, "Cannot open error log file '%s' (%s).", error, strerror(errno));
- if(input_fd != -1) close(input_fd);
- if(output_fd != -1) close(output_fd);
- return -1;
- }
- }
-
- if(access && *access && access_fd) {
- if((*access_fd = open(access, O_RDWR | O_APPEND | O_CREAT, 0666)) == -1) {
- fprintf(stderr, "Cannot open access log file '%s' (%s).", access, strerror(errno));
- if(input_fd != -1) close(input_fd);
- if(output_fd != -1) close(output_fd);
- if(error_fd != -1) close(error_fd);
- return -1;
- }
-
- if(access_fp) {
- *access_fp = fdopen(*access_fd, "w");
- if(!*access_fp) {
- fprintf(stderr, "Cannot migrate file's '%s' fd %d (%s).\n", access, *access_fd, strerror(errno));
- if(input_fd != -1) close(input_fd);
- if(output_fd != -1) close(output_fd);
- if(error_fd != -1) close(error_fd);
- close(*access_fd);
- *access_fd = -1;
- return -1;
- }
- }
- }
-
- if((dev_null = open("/dev/null", O_RDWR, 0666)) == -1) {
- perror("Cannot open /dev/null");
- if(input_fd != -1) close(input_fd);
- if(output_fd != -1) close(output_fd);
- if(error_fd != -1) close(error_fd);
- if(access && access_fd && *access_fd != -1) {
- close(*access_fd);
- *access_fd = -1;
- if(access_fp) {
- fclose(*access_fp);
- *access_fp = NULL;
- }
- }
- return -1;
- }
-
- // all files opened
- // lets do it
-
- int i = fork();
- if(i == -1) {
- perror("cannot fork");
- exit(1);
- }
- if(i != 0) {
- exit(0); // the parent
- }
-
- // become session leader
- if (setsid() < 0)
- exit(2);
-
- signal(SIGCHLD, SIG_IGN);
- signal(SIGHUP, SIG_IGN);
- signal(SIGWINCH, SIG_IGN);
-
- // fork() again
- i = fork();
- if(i == -1) {
- perror("cannot fork");
- exit(1);
- }
- if(i != 0) {
- exit(0); // the parent
- }
-
- // Set new file permissions
- umask(0);
-
- // close all files
- if(close_all_files) {
- for(i = sysconf(_SC_OPEN_MAX); i > 0; i--)
- if(
- ((access_fd && i != *access_fd) || !access_fd)
- && i != dev_null
- && i != input_fd
- && i != output_fd
- && i != error_fd
- && fd_is_valid(i)
- ) close(i);
- }
- else {
- close(STDIN_FILENO);
- close(STDOUT_FILENO);
- close(STDERR_FILENO);
- }
-
- // put the opened files
- // to our standard file descriptors
- if(input_fd != -1) {
- if(input_fd != STDIN_FILENO) {
- dup2(input_fd, STDIN_FILENO);
- close(input_fd);
- }
- input_fd = -1;
- }
- else dup2(dev_null, STDIN_FILENO);
-
- if(output_fd != -1) {
- if(output_fd != STDOUT_FILENO) {
- dup2(output_fd, STDOUT_FILENO);
- close(output_fd);
- }
- output_fd = -1;
- }
- else dup2(dev_null, STDOUT_FILENO);
-
- if(error_fd != -1) {
- if(error_fd != STDERR_FILENO) {
- dup2(error_fd, STDERR_FILENO);
- close(error_fd);
- }
- error_fd = -1;
- }
- else dup2(dev_null, STDERR_FILENO);
-
- // close /dev/null
- if(dev_null != STDIN_FILENO && dev_null != STDOUT_FILENO && dev_null != STDERR_FILENO)
- close(dev_null);
-
- // generate our pid file
- {
- unlink(pidfile);
- int fd = open(pidfile, O_RDWR | O_CREAT, 0666);
- if(fd >= 0) {
- char b[100];
- sprintf(b, "%d\n", getpid());
- i = write(fd, b, strlen(b));
- close(fd);
- }
- }
-
- return(0);
+ if(!dont_fork) {
+ int i = fork();
+ if(i == -1) {
+ perror("cannot fork");
+ exit(1);
+ }
+ if(i != 0) {
+ exit(0); // the parent
+ }
+
+ // become session leader
+ if (setsid() < 0) {
+ perror("Cannot become session leader.");
+ exit(2);
+ }
+
+ // fork() again
+ i = fork();
+ if(i == -1) {
+ perror("cannot fork");
+ exit(1);
+ }
+ if(i != 0) {
+ exit(0); // the parent
+ }
+ }
+
+ // generate our pid file
+ int pidfd = -1;
+ if(pidfile[0]) {
+ pidfd = open(pidfile, O_WRONLY | O_CREAT, 0644);
+ if(pidfd >= 0) {
+ if(ftruncate(pidfd, 0) != 0)
+ error("Cannot truncate pidfile '%s'.", pidfile);
+
+ char b[100];
+ sprintf(b, "%d\n", getpid());
+ ssize_t i = write(pidfd, b, strlen(b));
+ if(i <= 0)
+ error("Cannot write pidfile '%s'.", pidfile);
+ }
+ else error("Failed to open pidfile '%s'.", pidfile);
+ }
+
+ // Set new file permissions
+ umask(0002);
+
+ // adjust my Out-Of-Memory score
+ oom_score_adj(1000);
+
+ // never become a problem
+ if(sched_setscheduler_idle() != 0) {
+ if(nice(19) == -1) error("Cannot lower my CPU priority.");
+ else debug(D_SYSTEM, "Set my nice value to 19.");
+ }
+
+ if(user && *user) {
+ if(become_user(user, pidfd) != 0) {
+ error("Cannot become user '%s'. Continuing as we are.", user);
+ }
+ else debug(D_SYSTEM, "Successfully became user '%s'.", user);
+ }
+ else {
+ create_needed_dir(CACHE_DIR, getuid(), getgid());
+ create_needed_dir(VARLIB_DIR, getuid(), getgid());
+ }
+
+ if(pidfd != -1) {
+ close(pidfd);
+ pidfd = -1;
+ }
+
+ return(0);
}