11 #include <sys/types.h>
18 #include "appconfig.h"
20 #include "web_client.h"
21 #include "plugins_d.h"
27 char pidfile[FILENAME_MAX + 1] = "";
30 void sig_handler(int signo)
42 infoerr("Death signaled exit (signal %d).", signo);
43 signal(signo, SIG_DFL);
53 infoerr("Signaled exit (signal %d).", signo);
54 signal(SIGPIPE, SIG_IGN);
55 signal(SIGTERM, SIG_IGN);
56 signal(SIGQUIT, SIG_IGN);
57 signal(SIGHUP, SIG_IGN);
58 signal(SIGINT, SIG_IGN);
59 signal(SIGCHLD, SIG_IGN);
60 netdata_cleanup_and_exit(1);
64 infoerr("Signaled PIPE (signal %d).", signo);
65 // this is received when web clients send a reset
67 // infoerr("Ignoring signal %d.", signo);
71 info("Signal %d received. Falling back to default action for it.", signo);
72 signal(signo, SIG_DFL);
77 int become_user(const char *username)
79 struct passwd *pw = getpwnam(username);
81 error("User %s is not present.", username);
85 if(pidfile[0] && getuid() != pw->pw_uid) {
86 // we are dropping privileges
87 if(chown(pidfile, pw->pw_uid, pw->pw_gid) != 0)
88 error("Cannot chown pidfile '%s' to user '%s'", pidfile, username);
90 else if(pidfd != -1) {
91 // not need to keep it open
96 else if(pidfd != -1) {
97 // not need to keep it open
102 if(setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0) {
103 error("Cannot switch to user's %s group (gid: %d).", username, pw->pw_gid);
107 if(setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) != 0) {
108 error("Cannot switch to user %s (uid: %d).", username, pw->pw_uid);
112 if(setgid(pw->pw_gid) != 0) {
113 error("Cannot switch to user's %s group (gid: %d).", username, pw->pw_gid);
116 if(setegid(pw->pw_gid) != 0) {
117 error("Cannot effectively switch to user's %s group (gid: %d).", username, pw->pw_gid);
120 if(setuid(pw->pw_uid) != 0) {
121 error("Cannot switch to user %s (uid: %d).", username, pw->pw_uid);
124 if(seteuid(pw->pw_uid) != 0) {
125 error("Cannot effectively switch to user %s (uid: %d).", username, pw->pw_uid);
132 int become_daemon(int dont_fork, int close_all_files, const char *user, const char *input, const char *output, const char *error, const char *access, int *access_fd, FILE **access_fp)
136 // open the files before forking
137 int input_fd = -1, output_fd = -1, error_fd = -1, dev_null;
139 if(input && *input) {
140 if((input_fd = open(input, O_RDONLY, 0666)) == -1) {
141 error("Cannot open input file '%s'.", input);
146 if(output && *output) {
147 if((output_fd = open(output, O_RDWR | O_APPEND | O_CREAT, 0666)) == -1) {
148 error("Cannot open output log file '%s'", output);
149 if(input_fd != -1) close(input_fd);
154 if(error && *error) {
155 if((error_fd = open(error, O_RDWR | O_APPEND | O_CREAT, 0666)) == -1) {
156 error("Cannot open error log file '%s'.", error);
157 if(input_fd != -1) close(input_fd);
158 if(output_fd != -1) close(output_fd);
163 if(access && *access && access_fd) {
164 if((*access_fd = open(access, O_RDWR | O_APPEND | O_CREAT, 0666)) == -1) {
165 error("Cannot open access log file '%s'", access);
166 if(input_fd != -1) close(input_fd);
167 if(output_fd != -1) close(output_fd);
168 if(error_fd != -1) close(error_fd);
173 *access_fp = fdopen(*access_fd, "w");
175 error("Cannot migrate file's '%s' fd %d.", access, *access_fd);
176 if(input_fd != -1) close(input_fd);
177 if(output_fd != -1) close(output_fd);
178 if(error_fd != -1) close(error_fd);
186 if((dev_null = open("/dev/null", O_RDWR, 0666)) == -1) {
187 perror("Cannot open /dev/null");
188 if(input_fd != -1) close(input_fd);
189 if(output_fd != -1) close(output_fd);
190 if(error_fd != -1) close(error_fd);
191 if(access && access_fd && *access_fd != -1) {
208 perror("cannot fork");
212 exit(0); // the parent
215 // become session leader
217 perror("Cannot become session leader.");
222 signal(SIGCHLD, SIG_IGN);
223 signal(SIGHUP, SIG_IGN);
224 signal(SIGWINCH, SIG_IGN);
230 perror("cannot fork");
234 exit(0); // the parent
238 // Set new file permissions
242 if(close_all_files) {
244 for(i = (int) (sysconf(_SC_OPEN_MAX) - 1); i > 0; i--)
246 ((access_fd && i != *access_fd) || !access_fd)
256 close(STDOUT_FILENO);
257 close(STDERR_FILENO);
260 // put the opened files
261 // to our standard file descriptors
263 if(input_fd != STDIN_FILENO) {
264 dup2(input_fd, STDIN_FILENO);
269 else dup2(dev_null, STDIN_FILENO);
271 if(output_fd != -1) {
272 if(output_fd != STDOUT_FILENO) {
273 dup2(output_fd, STDOUT_FILENO);
278 else dup2(dev_null, STDOUT_FILENO);
281 if(error_fd != STDERR_FILENO) {
282 dup2(error_fd, STDERR_FILENO);
287 else dup2(dev_null, STDERR_FILENO);
290 if(dev_null != STDIN_FILENO && dev_null != STDOUT_FILENO && dev_null != STDERR_FILENO)
293 // generate our pid file
295 pidfd = open(pidfile, O_RDWR | O_CREAT, 0644);
297 if(ftruncate(pidfd, 0) != 0)
298 error("Cannot truncate pidfile '%s'.", pidfile);
301 sprintf(b, "%d\n", getpid());
302 ssize_t i = write(pidfd, b, strlen(b));
304 error("Cannot write pidfile '%s'.", pidfile);
306 // don't close it, we might need it at exit
309 else error("Failed to open pidfile '%s'.", pidfile);
313 if(become_user(user) != 0) {
314 error("Cannot become user '%s'. Continuing as we are.", user);
316 else info("Successfully became user '%s'.", user);
projects / netdata.git / blob