1 /***
2   This file is part of libdaemon.
3 
4   Copyright 2003-2008 Lennart Poettering
5 
6   Permission is hereby granted, free of charge, to any person obtaining a copy
7   of this software and associated documentation files (the "Software"), to deal
8   in the Software without restriction, including without limitation the rights
9   to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10   copies of the Software, and to permit persons to whom the Software is
11   furnished to do so, subject to the following conditions:
12 
13   The above copyright notice and this permission notice shall be included in
14   all copies or substantial portions of the Software.
15 
16   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17   IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
19   AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20   LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21   OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
22   SOFTWARE.
23 
24 ***/
25 
26 #ifdef HAVE_CONFIG_H
27 #include <config.h>
28 #endif
29 
30 #include <sys/types.h>
31 #include <unistd.h>
32 #include <errno.h>
33 #include <string.h>
34 #include <fcntl.h>
35 #include <sys/stat.h>
36 #include <stdio.h>
37 #include <stdlib.h>
38 #include <sys/wait.h>
39 #include <assert.h>
40 #include <sys/ioctl.h>
41 #include <signal.h>
42 #include <sys/time.h>
43 #include <sys/resource.h>
44 #include <dirent.h>
45 
46 #include "dfork.h"
47 #include "dnonblock.h"
48 #include "dlog.h"
49 
50 #if defined(_NSIG) /* On glibc NSIG does not count RT signals */
51 # define SIGNAL_UPPER_BOUND _NSIG
52 #elif defined(NSIG) /* Solaris defines just this */
53 # define SIGNAL_UPPER_BOUND NSIG
54 #else
55 # error "Unknown upper bound for signals"
56 #endif
57 
58 static int _daemon_retval_pipe[2] = { -1, -1 };
59 
_null_open(int f,int fd)60 static int _null_open(int f, int fd) {
61     int fd2;
62 
63     if ((fd2 = open("/dev/null", f)) < 0)
64         return -1;
65 
66     if (fd2 == fd)
67         return fd;
68 
69     if (dup2(fd2, fd) < 0)
70         return -1;
71 
72     close(fd2);
73     return fd;
74 }
75 
atomic_read(int fd,void * d,size_t l)76 static ssize_t atomic_read(int fd, void *d, size_t l) {
77     ssize_t t = 0;
78 
79     while (l > 0) {
80         ssize_t r;
81 
82         if ((r = read(fd, d, l)) <= 0) {
83 
84             if (r < 0)
85                 return t > 0 ? t : -1;
86             else
87                 return t;
88         }
89 
90         t += r;
91         d = (char*) d + r;
92         l -= r;
93     }
94 
95     return t;
96 }
97 
atomic_write(int fd,const void * d,size_t l)98 static ssize_t atomic_write(int fd, const void *d, size_t l) {
99     ssize_t t = 0;
100 
101     while (l > 0) {
102         ssize_t r;
103 
104         if ((r = write(fd, d, l)) <= 0) {
105 
106             if (r < 0)
107                 return t > 0 ? t : -1;
108             else
109                 return t;
110         }
111 
112         t += r;
113         d = (const char*) d + r;
114         l -= r;
115     }
116 
117     return t;
118 }
119 
move_fd_up(int * fd)120 static int move_fd_up(int *fd) {
121     assert(fd);
122 
123     while (*fd <= 2) {
124         if ((*fd = dup(*fd)) < 0) {
125             daemon_log(LOG_ERR, "dup(): %s", strerror(errno));
126             return -1;
127         }
128     }
129 
130     return 0;
131 }
132 
sigchld(int s)133 static void sigchld(int s) {
134 }
135 
daemon_fork(void)136 pid_t daemon_fork(void) {
137     pid_t pid;
138     int pipe_fds[2] = {-1, -1};
139     struct sigaction sa_old, sa_new;
140     sigset_t ss_old, ss_new;
141     int saved_errno;
142 
143     memset(&sa_new, 0, sizeof(sa_new));
144     sa_new.sa_handler = sigchld;
145     sa_new.sa_flags = SA_RESTART;
146 
147     if (sigemptyset(&ss_new) < 0) {
148         daemon_log(LOG_ERR, "sigemptyset() failed: %s", strerror(errno));
149         return (pid_t) -1;
150     }
151 
152     if (sigaddset(&ss_new, SIGCHLD) < 0) {
153         daemon_log(LOG_ERR, "sigaddset() failed: %s", strerror(errno));
154         return (pid_t) -1;
155     }
156 
157     if (sigaction(SIGCHLD, &sa_new, &sa_old) < 0) {
158         daemon_log(LOG_ERR, "sigaction() failed: %s", strerror(errno));
159         return (pid_t) -1;
160     }
161 
162     if (sigprocmask(SIG_UNBLOCK, &ss_new, &ss_old) < 0) {
163         daemon_log(LOG_ERR, "sigprocmask() failed: %s", strerror(errno));
164 
165         saved_errno = errno;
166         sigaction(SIGCHLD, &sa_old, NULL);
167         errno = saved_errno;
168 
169         return (pid_t) -1;
170     }
171 
172     if (pipe(pipe_fds) < 0) {
173         daemon_log(LOG_ERR, "pipe() failed: %s", strerror(errno));
174 
175         saved_errno = errno;
176         sigaction(SIGCHLD, &sa_old, NULL);
177         sigprocmask(SIG_SETMASK, &ss_old, NULL);
178         errno = saved_errno;
179 
180         return (pid_t) -1;
181     }
182 
183     if ((pid = fork()) < 0) { /* First fork */
184         daemon_log(LOG_ERR, "First fork() failed: %s", strerror(errno));
185 
186         saved_errno = errno;
187         close(pipe_fds[0]);
188         close(pipe_fds[1]);
189         sigaction(SIGCHLD, &sa_old, NULL);
190         sigprocmask(SIG_SETMASK, &ss_old, NULL);
191         errno = saved_errno;
192 
193         return (pid_t) -1;
194 
195     } else if (pid == 0) {
196         pid_t dpid;
197 
198         /* First child. Now we are sure not to be a session leader or
199          * process group leader anymore, i.e. we know that setsid()
200          * will succeed. */
201 
202         if (daemon_log_use & DAEMON_LOG_AUTO)
203             daemon_log_use = DAEMON_LOG_SYSLOG;
204 
205         if (close(pipe_fds[0]) < 0) {
206             daemon_log(LOG_ERR, "close() failed: %s", strerror(errno));
207             goto fail;
208         }
209 
210         /* Move file descriptors up*/
211         if (move_fd_up(&pipe_fds[1]) < 0)
212             goto fail;
213 
214         if (_daemon_retval_pipe[0] >= 0 && move_fd_up(&_daemon_retval_pipe[0]) < 0)
215             goto fail;
216         if (_daemon_retval_pipe[1] >= 0 && move_fd_up(&_daemon_retval_pipe[1]) < 0)
217             goto fail;
218 
219         if (_null_open(O_RDONLY, 0) < 0) {
220             daemon_log(LOG_ERR, "Failed to open /dev/null for STDIN: %s", strerror(errno));
221             goto fail;
222         }
223 
224         if (_null_open(O_WRONLY, 1) < 0) {
225             daemon_log(LOG_ERR, "Failed to open /dev/null for STDOUT: %s", strerror(errno));
226             goto fail;
227         }
228 
229         if (_null_open(O_WRONLY, 2) < 0) {
230             daemon_log(LOG_ERR, "Failed to open /dev/null for STDERR: %s", strerror(errno));
231             goto fail;
232         }
233 
234         /* Create a new session. This will create a new session and a
235          * new process group for us and we will be the ledaer of
236          * both. This should always succeed because we cannot be the
237          * process group leader because we just forked. */
238         if (setsid() < 0) {
239             daemon_log(LOG_ERR, "setsid() failed: %s", strerror(errno));
240             goto fail;
241         }
242 
243         umask(0077);
244 
245         if (chdir("/") < 0) {
246             daemon_log(LOG_ERR, "chdir() failed: %s", strerror(errno));
247             goto fail;
248         }
249 
250         if ((pid = fork()) < 0) { /* Second fork */
251             daemon_log(LOG_ERR, "Second fork() failed: %s", strerror(errno));
252             goto fail;
253 
254         } else if (pid == 0) {
255             /* Second child. Our father will exit right-away. That way
256              * we can be sure that we are a child of init now, even if
257              * the process which spawned us stays around for a longer
258              * time. Also, since we are no session leader anymore we
259              * can be sure that we will never acquire a controlling
260              * TTY. */
261 
262             if (sigaction(SIGCHLD, &sa_old, NULL) < 0) {
263                 daemon_log(LOG_ERR, "close() failed: %s", strerror(errno));
264                 goto fail;
265             }
266 
267             if (sigprocmask(SIG_SETMASK, &ss_old, NULL) < 0) {
268                 daemon_log(LOG_ERR, "sigprocmask() failed: %s", strerror(errno));
269                 goto fail;
270             }
271 
272             if (signal(SIGTTOU, SIG_IGN) == SIG_ERR) {
273                 daemon_log(LOG_ERR, "signal(SIGTTOU, SIG_IGN) failed: %s", strerror(errno));
274                 goto fail;
275             }
276 
277             if (signal(SIGTTIN, SIG_IGN) == SIG_ERR) {
278                 daemon_log(LOG_ERR, "signal(SIGTTIN, SIG_IGN) failed: %s", strerror(errno));
279                 goto fail;
280             }
281 
282             if (signal(SIGTSTP, SIG_IGN) == SIG_ERR) {
283                 daemon_log(LOG_ERR, "signal(SIGTSTP, SIG_IGN) failed: %s", strerror(errno));
284                 goto fail;
285             }
286 
287             dpid = getpid();
288             if (atomic_write(pipe_fds[1], &dpid, sizeof(dpid)) != sizeof(dpid)) {
289                 daemon_log(LOG_ERR, "write() failed: %s", strerror(errno));
290                 goto fail;
291             }
292 
293             if (close(pipe_fds[1]) < 0) {
294                 daemon_log(LOG_ERR, "close() failed: %s", strerror(errno));
295                 goto fail;
296             }
297 
298             return 0;
299 
300         } else {
301             /* Second father */
302             close(pipe_fds[1]);
303             _exit(0);
304         }
305 
306     fail:
307         dpid = (pid_t) -1;
308 
309         if (atomic_write(pipe_fds[1], &dpid, sizeof(dpid)) != sizeof(dpid))
310             daemon_log(LOG_ERR, "Failed to write error PID: %s", strerror(errno));
311 
312         close(pipe_fds[1]);
313         _exit(0);
314 
315     } else {
316         /* First father */
317         pid_t dpid;
318 
319         close(pipe_fds[1]);
320 
321         if (waitpid(pid, NULL, WUNTRACED) < 0) {
322             saved_errno = errno;
323             close(pipe_fds[0]);
324             sigaction(SIGCHLD, &sa_old, NULL);
325             sigprocmask(SIG_SETMASK, &ss_old, NULL);
326             errno = saved_errno;
327             return -1;
328         }
329 
330         sigprocmask(SIG_SETMASK, &ss_old, NULL);
331         sigaction(SIGCHLD, &sa_old, NULL);
332 
333         if (atomic_read(pipe_fds[0], &dpid, sizeof(dpid)) != sizeof(dpid)) {
334             daemon_log(LOG_ERR, "Failed to read daemon PID.");
335             dpid = (pid_t) -1;
336             errno = EINVAL;
337         } else if (dpid == (pid_t) -1)
338             errno = EIO;
339 
340         saved_errno = errno;
341         close(pipe_fds[0]);
342         errno = saved_errno;
343 
344         return dpid;
345     }
346 }
347 
daemon_retval_init(void)348 int daemon_retval_init(void) {
349 
350     if (_daemon_retval_pipe[0] < 0 || _daemon_retval_pipe[1] < 0) {
351 
352         if (pipe(_daemon_retval_pipe) < 0) {
353             daemon_log(LOG_ERR, "pipe(): %s", strerror(errno));
354             return -1;
355         }
356     }
357 
358     return 0;
359 }
360 
daemon_retval_done(void)361 void daemon_retval_done(void) {
362     int saved_errno = errno;
363 
364     if (_daemon_retval_pipe[0] >= 0)
365         close(_daemon_retval_pipe[0]);
366 
367     if (_daemon_retval_pipe[1] >= 0)
368         close(_daemon_retval_pipe[1]);
369 
370     _daemon_retval_pipe[0] = _daemon_retval_pipe[1] = -1;
371 
372     errno = saved_errno;
373 }
374 
daemon_retval_send(int i)375 int daemon_retval_send(int i) {
376     ssize_t r;
377 
378     if (_daemon_retval_pipe[1] < 0) {
379         errno = EINVAL;
380         return -1;
381     }
382 
383     r = atomic_write(_daemon_retval_pipe[1], &i, sizeof(i));
384 
385     daemon_retval_done();
386 
387     if (r != sizeof(i)) {
388 
389         if (r < 0)
390             daemon_log(LOG_ERR, "write() failed while writing return value to pipe: %s", strerror(errno));
391         else {
392             daemon_log(LOG_ERR, "write() too short while writing return value from pipe");
393             errno = EINVAL;
394         }
395 
396         return -1;
397     }
398 
399     return 0;
400 }
401 
daemon_retval_wait(int timeout)402 int daemon_retval_wait(int timeout) {
403     ssize_t r;
404     int i;
405 
406     if (timeout > 0) {
407         struct timeval tv;
408         int s;
409         fd_set fds;
410 
411         tv.tv_sec = timeout;
412         tv.tv_usec = 0;
413 
414         FD_ZERO(&fds);
415         FD_SET(_daemon_retval_pipe[0], &fds);
416 
417         if ((s = select(FD_SETSIZE, &fds, 0, 0, &tv)) != 1) {
418 
419             if (s < 0)
420                 daemon_log(LOG_ERR, "select() failed while waiting for return value: %s", strerror(errno));
421             else {
422                 errno = ETIMEDOUT;
423                 daemon_log(LOG_ERR, "Timeout reached while wating for return value");
424             }
425 
426             return -1;
427         }
428     }
429 
430     if ((r = atomic_read(_daemon_retval_pipe[0], &i, sizeof(i))) != sizeof(i)) {
431 
432         if (r < 0)
433             daemon_log(LOG_ERR, "read() failed while reading return value from pipe: %s", strerror(errno));
434         else if (r == 0) {
435             daemon_log(LOG_ERR, "read() failed with EOF while reading return value from pipe.");
436             errno = EINVAL;
437         } else if (r > 0) {
438             daemon_log(LOG_ERR, "read() too short while reading return value from pipe.");
439             errno = EINVAL;
440         }
441 
442         return -1;
443     }
444 
445     daemon_retval_done();
446 
447     return i;
448 }
449 
daemon_close_all(int except_fd,...)450 int daemon_close_all(int except_fd, ...) {
451     va_list ap;
452     int n = 0, i, r;
453     int *p;
454     int saved_errno;
455 
456     va_start(ap, except_fd);
457 
458     if (except_fd >= 0)
459         for (n = 1; va_arg(ap, int) >= 0; n++)
460             ;
461 
462     va_end(ap);
463 
464     if (!(p = malloc(sizeof(int) * (n+1))))
465         return -1;
466 
467     va_start(ap, except_fd);
468 
469     i = 0;
470     if (except_fd >= 0) {
471         int fd;
472         p[i++] = except_fd;
473 
474         while ((fd = va_arg(ap, int)) >= 0)
475             p[i++] = fd;
476     }
477     p[i] = -1;
478 
479     va_end(ap);
480 
481     r = daemon_close_allv(p);
482 
483     saved_errno = errno;
484     free(p);
485     errno = saved_errno;
486 
487     return r;
488 }
489 
490 /** Same as daemon_close_all but takes an array of fds, terminated by -1 */
daemon_close_allv(const int except_fds[])491 int daemon_close_allv(const int except_fds[]) {
492     struct rlimit rl;
493     int fd, maxfd;
494 
495 #ifdef __linux__
496     int saved_errno;
497 
498     DIR *d;
499 
500     if ((d = opendir("/proc/self/fd"))) {
501 
502         struct dirent *de;
503 
504         while ((de = readdir(d))) {
505             int found;
506             long l;
507             char *e = NULL;
508             int i;
509 
510             if (de->d_name[0] == '.')
511                 continue;
512 
513             errno = 0;
514             l = strtol(de->d_name, &e, 10);
515             if (errno != 0 || !e || *e) {
516                 closedir(d);
517                 errno = EINVAL;
518                 return -1;
519             }
520 
521             fd = (int) l;
522 
523             if ((long) fd != l) {
524                 closedir(d);
525                 errno = EINVAL;
526                 return -1;
527             }
528 
529             if (fd < 3)
530                 continue;
531 
532             if (fd == dirfd(d))
533                 continue;
534 
535             if (fd == _daemon_retval_pipe[1])
536                 continue;
537 
538             found = 0;
539             for (i = 0; except_fds[i] >= 0; i++)
540                 if (except_fds[i] == fd) {
541                     found = 1;
542                     break;
543                 }
544 
545             if (found)
546                 continue;
547 
548             if (close(fd) < 0) {
549                 saved_errno = errno;
550                 closedir(d);
551                 errno = saved_errno;
552 
553                 return -1;
554             }
555 
556             if (fd == _daemon_retval_pipe[0])
557                 _daemon_retval_pipe[0] = -1;    /* mark as closed */
558         }
559 
560         closedir(d);
561         return 0;
562     }
563 
564 #endif
565 
566     if (getrlimit(RLIMIT_NOFILE, &rl) > 0)
567         maxfd = (int) rl.rlim_max;
568     else
569         maxfd = sysconf(_SC_OPEN_MAX);
570 
571     for (fd = 3; fd < maxfd; fd++) {
572         int i, found;
573 
574         if (fd == _daemon_retval_pipe[1])
575             continue;
576 
577         found = 0;
578         for (i = 0; except_fds[i] >= 0; i++)
579             if (except_fds[i] == fd) {
580                 found = 1;
581                 break;
582             }
583 
584         if (found)
585             continue;
586 
587         if (close(fd) < 0 && errno != EBADF)
588             return -1;
589 
590         if (fd == _daemon_retval_pipe[0])
591             _daemon_retval_pipe[0] = -1;        /* mark as closed */
592     }
593 
594     return 0;
595 }
596 
daemon_unblock_sigs(int except,...)597 int daemon_unblock_sigs(int except, ...) {
598     va_list ap;
599     int n = 0, i, r;
600     int *p;
601     int saved_errno;
602 
603     va_start(ap, except);
604 
605     if (except >= 1)
606         for (n = 1; va_arg(ap, int) >= 0; n++)
607             ;
608 
609     va_end(ap);
610 
611     if (!(p = malloc(sizeof(int) * (n+1))))
612         return -1;
613 
614     va_start(ap, except);
615 
616     i = 0;
617     if (except >= 1) {
618         int sig;
619         p[i++] = except;
620 
621         while ((sig = va_arg(ap, int)) >= 0)
622             p[i++] = sig;
623     }
624     p[i] = -1;
625 
626     va_end(ap);
627 
628     r = daemon_unblock_sigsv(p);
629 
630     saved_errno = errno;
631     free(p);
632     errno = saved_errno;
633 
634     return r;
635 }
636 
daemon_unblock_sigsv(const int except[])637 int daemon_unblock_sigsv(const int except[]) {
638     int i;
639     sigset_t ss;
640 
641     if (sigemptyset(&ss) < 0)
642         return -1;
643 
644     for (i = 0; except[i] > 0; i++)
645         if (sigaddset(&ss, except[i]) < 0)
646             return -1;
647 
648     return sigprocmask(SIG_SETMASK, &ss, NULL);
649 }
650 
daemon_reset_sigs(int except,...)651 int daemon_reset_sigs(int except, ...) {
652     va_list ap;
653     int n = 0, i, r;
654     int *p;
655     int saved_errno;
656 
657     va_start(ap, except);
658 
659     if (except >= 1)
660         for (n = 1; va_arg(ap, int) >= 0; n++)
661             ;
662 
663     va_end(ap);
664 
665     if (!(p = malloc(sizeof(int) * (n+1))))
666         return -1;
667 
668     va_start(ap, except);
669 
670     i = 0;
671     if (except >= 1) {
672         int sig;
673         p[i++] = except;
674 
675         while ((sig = va_arg(ap, int)) >= 0)
676             p[i++] = sig;
677     }
678     p[i] = -1;
679 
680     va_end(ap);
681 
682     r = daemon_reset_sigsv(p);
683 
684     saved_errno = errno;
685     free(p);
686     errno = saved_errno;
687 
688     return r;
689 }
690 
daemon_reset_sigsv(const int except[])691 int daemon_reset_sigsv(const int except[]) {
692     int sig;
693 
694     for (sig = 1; sig < SIGNAL_UPPER_BOUND; sig++) {
695         int reset = 1;
696 
697         switch (sig) {
698             case SIGKILL:
699             case SIGSTOP:
700                 reset = 0;
701                 break;
702 
703             default: {
704                 int i;
705 
706                 for (i = 0; except[i] > 0; i++) {
707                     if (sig == except[i]) {
708                         reset = 0;
709                         break;
710                     }
711                 }
712             }
713         }
714 
715         if (reset) {
716             struct sigaction sa;
717 
718             memset(&sa, 0, sizeof(sa));
719             sa.sa_handler = SIG_DFL;
720 
721             /* On Linux the first two RT signals are reserved by
722              * glibc, and sigaction() will return EINVAL for them. */
723             if ((sigaction(sig, &sa, NULL) < 0))
724                 if (errno != EINVAL)
725                     return -1;
726         }
727     }
728 
729     return 0;
730 }
731