3 char pidfile[FILENAME_MAX + 1] = "";
5 void sig_handler_exit(int signo)
8 error_log_limit_unlimited();
9 error("Received signal %d. Exiting...", signo);
14 void sig_handler_save(int signo)
17 info("Received signal %d to save the database...", signo);
22 static void properly_chown_netdata_generated_file(int fd, uid_t uid, gid_t gid) {
27 if(fstat(fd, &buf) == -1) {
28 error("Cannot fstat() fd %d", fd);
32 if((buf.st_uid != uid || buf.st_gid != gid) && S_ISREG(buf.st_mode)) {
33 if(fchown(fd, uid, gid) == -1)
34 error("Cannot fchown() fd %d.", fd);
38 int become_user(const char *username, int access_fd, int output_fd, int error_fd, int pid_fd)
40 struct passwd *pw = getpwnam(username);
42 error("User %s is not present.", username);
46 uid_t uid = pw->pw_uid;
47 gid_t gid = pw->pw_gid;
49 int ngroups = (int)sysconf(_SC_NGROUPS_MAX);
50 gid_t *supplementary_groups = NULL;
52 supplementary_groups = mallocz(sizeof(gid_t) * ngroups);
53 if(getgrouplist(username, gid, supplementary_groups, &ngroups) == -1) {
54 error("Cannot get supplementary groups of user '%s'.", username);
55 freez(supplementary_groups);
56 supplementary_groups = NULL;
61 properly_chown_netdata_generated_file(access_fd, uid, gid);
62 properly_chown_netdata_generated_file(output_fd, uid, gid);
63 properly_chown_netdata_generated_file(error_fd, uid, gid);
64 properly_chown_netdata_generated_file(pid_fd, uid, gid);
66 if(supplementary_groups && ngroups) {
67 if(setgroups(ngroups, supplementary_groups) == -1)
68 error("Cannot set supplementary groups for user '%s'", username);
70 freez(supplementary_groups);
71 supplementary_groups = NULL;
75 if(setresgid(gid, gid, gid) != 0) {
76 error("Cannot switch to user's %s group (gid: %u).", username, gid);
80 if(setresuid(uid, uid, uid) != 0) {
81 error("Cannot switch to user %s (uid: %u).", username, uid);
85 if(setgid(gid) != 0) {
86 error("Cannot switch to user's %s group (gid: %u).", username, gid);
89 if(setegid(gid) != 0) {
90 error("Cannot effectively switch to user's %s group (gid: %u).", username, gid);
93 if(setuid(uid) != 0) {
94 error("Cannot switch to user %s (uid: %u).", username, uid);
97 if(seteuid(uid) != 0) {
98 error("Cannot effectively switch to user %s (uid: %u).", username, uid);
105 int become_daemon(int dont_fork, int close_all_files, const char *user, const char *input, const char *output, const char *error, const char *access, int *access_fd, FILE **access_fp)
109 // open the files before forking
110 int input_fd = -1, output_fd = -1, error_fd = -1, dev_null;
112 if(input && *input) {
113 if((input_fd = open(input, O_RDONLY, 0666)) == -1) {
114 error("Cannot open input file '%s'.", input);
119 if(output && *output && strcmp(output, "/dev/null") != 0) {
120 if((output_fd = open(output, O_RDWR | O_APPEND | O_CREAT, 0666)) == -1) {
121 error("Cannot open output log file '%s'", output);
122 if(input_fd != -1) close(input_fd);
127 if(error && *error && strcmp(error, "/dev/null") != 0) {
128 if((error_fd = open(error, O_RDWR | O_APPEND | O_CREAT, 0666)) == -1) {
129 error("Cannot open error log file '%s'.", error);
130 if(input_fd != -1) close(input_fd);
131 if(output_fd != -1) close(output_fd);
136 if(access && *access && access_fd && strcmp(access, "/dev/null") != 0) {
137 if((*access_fd = open(access, O_RDWR | O_APPEND | O_CREAT, 0666)) == -1) {
138 error("Cannot open access log file '%s'", access);
139 if(input_fd != -1) close(input_fd);
140 if(output_fd != -1) close(output_fd);
141 if(error_fd != -1) close(error_fd);
146 *access_fp = fdopen(*access_fd, "w");
148 error("Cannot migrate file's '%s' fd %d.", access, *access_fd);
149 if(input_fd != -1) close(input_fd);
150 if(output_fd != -1) close(output_fd);
151 if(error_fd != -1) close(error_fd);
156 if(setvbuf(*access_fp, NULL, _IOLBF, 0) != 0)
157 error("Cannot set line buffering on access.log");
161 if((dev_null = open("/dev/null", O_RDWR, 0666)) == -1) {
162 perror("Cannot open /dev/null");
163 if(input_fd != -1) close(input_fd);
164 if(output_fd != -1) close(output_fd);
165 if(error_fd != -1) close(error_fd);
166 if(access && access_fd && *access_fd != -1) {
183 perror("cannot fork");
187 exit(0); // the parent
190 // become session leader
192 perror("Cannot become session leader.");
201 perror("cannot fork");
205 exit(0); // the parent
209 // Set new file permissions
213 if(close_all_files) {
215 for(i = (int) (sysconf(_SC_OPEN_MAX) - 1); i > 0; i--)
217 ((access_fd && i != *access_fd) || !access_fd)
227 close(STDOUT_FILENO);
228 close(STDERR_FILENO);
231 // put the opened files
232 // to our standard file descriptors
234 if(input_fd != STDIN_FILENO) {
235 dup2(input_fd, STDIN_FILENO);
240 else dup2(dev_null, STDIN_FILENO);
242 if(output_fd != -1) {
243 if(output_fd != STDOUT_FILENO) {
244 dup2(output_fd, STDOUT_FILENO);
248 if(setvbuf(stdout, NULL, _IOLBF, 0) != 0)
249 error("Cannot set line buffering on debug.log");
251 output_fd = STDOUT_FILENO;
253 else dup2(dev_null, STDOUT_FILENO);
256 if(error_fd != STDERR_FILENO) {
257 dup2(error_fd, STDERR_FILENO);
261 if(setvbuf(stderr, NULL, _IOLBF, 0) != 0)
262 error("Cannot set line buffering on error.log");
264 error_fd = STDERR_FILENO;
266 else dup2(dev_null, STDERR_FILENO);
269 if(dev_null != STDIN_FILENO && dev_null != STDOUT_FILENO && dev_null != STDERR_FILENO)
272 // generate our pid file
275 pidfd = open(pidfile, O_RDWR | O_CREAT, 0644);
277 if(ftruncate(pidfd, 0) != 0)
278 error("Cannot truncate pidfile '%s'.", pidfile);
281 sprintf(b, "%d\n", getpid());
282 ssize_t i = write(pidfd, b, strlen(b));
284 error("Cannot write pidfile '%s'.", pidfile);
286 else error("Failed to open pidfile '%s'.", pidfile);
290 if(become_user(user, (access_fd)?*access_fd:-1, output_fd, error_fd, pidfd) != 0) {
291 error("Cannot become user '%s'. Continuing as we are.", user);
293 else info("Successfully became user '%s'.", user);