d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

daemon: Allow logging daemon stdout/stderr to file or syslog.

Browse Source 
There are various new options, documented in the man page, to send the
daemon's standard output and/or standard error to a file or to syslog.

Submitted by:	ank at iki.fi
Reviewed by:	wblock (man page only)
Relnotes:	yes
Differential Revision:	https://reviews.freebsd.org/D7993
This commit is contained in:
jilles 2016-10-22 11:26:22 +00:00
parent 3a60e23b83
commit 0808a69a8d
2 changed files with 449 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
usr.sbin/daemon/daemon.8
View File

@ -26,7 +26,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd March 2, 2016
.Dd October 22, 2016
.Dt DAEMON 8
.Os
.Sh NAME
@ -34,11 +34,16 @@
.Nd run detached from the controlling terminal
.Sh SYNOPSIS
.Nm
.Op Fl cfr
.Op Fl cfrS
.Op Fl p Ar child_pidfile
.Op Fl P Ar supervisor_pidfile
.Op Fl t Ar title
.Op Fl u Ar user
.Op Fl m Ar output_mask
.Op Fl o Ar output_file
.Op Fl s Ar syslog_priority
.Op Fl T Ar syslog_tag
.Op Fl s Ar syslog_facility
.Ar command arguments ...
.Sh DESCRIPTION
The
@ -46,6 +51,8 @@ The
utility detaches itself from the controlling terminal and
executes the program specified by its arguments.
Privileges may be lowered to the specified user.
The output of the daemonized process may be redirected to syslog and to a
log file.
.Pp
The options are as follows:
.Bl -tag -width indent
@ -55,6 +62,19 @@ Change the current working directory to the root
.It Fl f
Redirect standard input, standard output and standard error to
.Pa /dev/null .
.It Fl S
Enable syslog output.
This is implicitly applied if other syslog parameters are provided.
The default values are daemon, notice, and daemon for facility, priority, and
tag, respectively.
.It Fl o Ar output_file
Append output from the daemonized process to
.Pa output_file .
If the file does not exist, it is created with permissions 0600.
.It Fl m Ar output_mask
Redirect output from the child process stdout (1), stderr (2), or both (3).
This value specifies what is sent to syslog and the log file.
The default is 3.
.It Fl p Ar child_pidfile
Write the ID of the created process into the
.Ar child_pidfile
@ -96,18 +116,37 @@ option is used or not.
.It Fl r
Supervise and restart the program if it has been terminated.
.It Fl t Ar title
Process title for the daemon to make it easily identifiable.
Set the title for the daemon process.
The default is the daemonized invocation.
.It Fl u Ar user
Login name of the user to execute the program under.
Requires adequate superuser privileges.
.It Fl s Ar syslog_priority
These priorities are accepted: emerg, alert, crit, err, warning,
notice, info, and debug.
The default is info.
.It Fl l Ar syslog_facility
These facilities are accepted: auth, authpriv, console, cron, daemon,
ftp, kern, lpr, mail, news, ntp, security, syslog, user, uucp, and
local0, ..., local7.
The default is daemon.
.It Fl T Ar syslog_tag
Set the tag which is appended to all syslog messages.
The default is daemon.
.El
.Pp
If the
If any of the options
.Fl p ,
.Fl P
.Fl P ,
.Fl r ,
.Fl o ,
.Fl s ,
.Fl T ,
.Fl m ,
.Fl S ,
or
.Fl r
option is specified the program is executed in a spawned child process.
.Fl l
are specified, the program is executed in a spawned child process.
The
.Nm
waits until it terminates to keep the pid file(s) locked and removes them
@ -119,6 +158,13 @@ spawned process.
Normally it will cause the child to exit, remove the pidfile(s)
and then terminate.
.Pp
If neither file or syslog output are selected, all output is redirected to the
.Nm
process and written to stdout.
The
.Fl f
option may be used to suppress the stdout output completely.
.Pp
The
.Fl P
option is useful combined with the
@ -145,13 +191,21 @@ library routine, 2 if
or
.Ar supervisor_pidfile
is requested, but cannot be opened, 3 if process is already running (pidfile
exists and is locked),
otherwise 0.
exists and is locked), 4 if
.Ar syslog_priority
is not accepted, 5 if
.Ar syslog_facility
is not accepted, 6 if
.Ar output_mask
is not within the accepted range, 7 if
.Ar output_file
cannot be opened for appending, and otherwise 0.
.Sh DIAGNOSTICS
If the command cannot be executed, an error message is displayed on
standard error unless the
If the command cannot be executed, an error message is printed to
standard error.
The exact behavior depends on the logging parameters and the
.Fl f
flag is specified.
flag.
.Sh SEE ALSO
.Xr setregid 2 ,
.Xr setreuid 2 ,

486
usr.sbin/daemon/daemon.c
View File

@ -35,6 +35,7 @@ __FBSDID("$FreeBSD$");
#include <sys/mman.h>
#include <sys/wait.h>
#include <fcntl.h>
#include <err.h>
#include <errno.h>
#include <libutil.h>
@ -44,25 +45,59 @@ __FBSDID("$FreeBSD$");
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <strings.h>
#define SYSLOG_NAMES
#include <syslog.h>
#include <time.h>
#include <assert.h>
#define LBUF_SIZE 4096
struct log_params {
int dosyslog;
int logpri;
int noclose;
int outfd;
};
static void dummy_sighandler(int);
static void restrict_process(const char *);
static int wait_child(pid_t pid, sigset_t *mask);
static void handle_term(int);
static void handle_chld(int);
static int listen_child(int, struct log_params *);
static int get_log_mapping(const char *, const CODE *);
static void open_pid_files(const char *, const char *, struct pidfh **,
struct pidfh **);
static void do_output(const unsigned char *, size_t, struct log_params *);
static void daemon_sleep(time_t, long);
static void usage(void);
static volatile sig_atomic_t terminate = 0, child_gone = 0, pid = 0;
int
main(int argc, char *argv[])
{
struct pidfh *ppfh, *pfh;
sigset_t mask, oldmask;
int ch, nochdir, noclose, restart, serrno;
const char *pidfile, *ppidfile, *title, *user;
pid_t otherpid, pid;
const char *pidfile, *ppidfile, *title, *user, *outfn, *logtag;
int ch, nochdir, noclose, restart, dosyslog, child_eof;
sigset_t mask_susp, mask_orig, mask_read, mask_term;
struct log_params logpar;
int pfd[2] = { -1, -1 }, outfd = -1;
int stdmask, logpri, logfac;
struct pidfh *ppfh, *pfh;
char *p;
memset(&logpar, 0, sizeof(logpar));
stdmask = STDOUT_FILENO | STDERR_FILENO;
ppidfile = pidfile = user = NULL;
nochdir = noclose = 1;
logpri = LOG_NOTICE;
logfac = LOG_DAEMON;
logtag = "daemon";
restart = 0;
ppidfile = pidfile = title = user = NULL;
while ((ch = getopt(argc, argv, "cfp:P:rt:u:")) != -1) {
dosyslog = 0;
outfn = NULL;
title = NULL;
while ((ch = getopt(argc, argv, "cfSp:P:ru:o:s:l:t:l:m:T:")) != -1) {
switch (ch) {
case 'c':
nochdir = 0;
@ -70,6 +105,20 @@ main(int argc, char *argv[])
case 'f':
noclose = 0;
break;
case 'l':
logfac = get_log_mapping(optarg, facilitynames);
if (logfac == -1)
errx(5, "unrecognized syslog facility");
dosyslog = 1;
break;
case 'm':
stdmask = strtol(optarg, &p, 10);
if (p == optarg || stdmask < 0 || stdmask > 3)
errx(6, "unrecognized listening mask");
break;
case 'o':
outfn = optarg;
break;
case 'p':
pidfile = optarg;
break;
@ -79,9 +128,22 @@ main(int argc, char *argv[])
case 'r':
restart = 1;
break;
case 's':
logpri = get_log_mapping(optarg, prioritynames);
if (logpri == -1)
errx(4, "unrecognized syslog priority");
dosyslog = 1;
break;
case 'S':
dosyslog = 1;
break;
case 't':
title = optarg;
break;
case 'T':
logtag = optarg;
dosyslog = 1;
break;
case 'u':
user = optarg;
break;
@ -95,43 +157,30 @@ main(int argc, char *argv[])
if (argc == 0)
usage();
if (!title)
title = argv[0];
if (outfn) {
outfd = open(outfn, O_CREAT | O_WRONLY | O_APPEND | O_CLOEXEC, 0600);
if (outfd == -1)
err(7, "open");
}
if (dosyslog)
openlog(logtag, LOG_PID | LOG_NDELAY, logfac);
ppfh = pfh = NULL;
/*
* Try to open the pidfile before calling daemon(3),
* to be able to report the error intelligently
*/
if (pidfile != NULL) {
pfh = pidfile_open(pidfile, 0600, &otherpid);
if (pfh == NULL) {
if (errno == EEXIST) {
errx(3, "process already running, pid: %d",
otherpid);
}
err(2, "pidfile ``%s''", pidfile);
}
}
/* Do the same for actual daemon process. */
if (ppidfile != NULL) {
ppfh = pidfile_open(ppidfile, 0600, &otherpid);
if (ppfh == NULL) {
serrno = errno;
pidfile_remove(pfh);
errno = serrno;
if (errno == EEXIST) {
errx(3, "process already running, pid: %d",
otherpid);
}
err(2, "ppidfile ``%s''", ppidfile);
}
}
open_pid_files(pidfile, ppidfile, &pfh, &ppfh);
if (daemon(nochdir, noclose) == -1) {
warn("daemon");
goto exit;
}
/* Write out parent pidfile if needed. */
pidfile_write(ppfh);
/*
* If the pidfile or restart option is specified the daemon
* executes the command in a forked process and wait on child
@ -139,92 +188,242 @@ main(int argc, char *argv[])
* we don't want the monitoring daemon to be terminated
* leaving the running process and the stale pidfile, so we
* catch SIGTERM and forward it to the children expecting to
* get SIGCHLD eventually.
* get SIGCHLD eventually. We also must fork() to obtain a
* readable pipe with the child for writing to a log file
* and syslog.
*/
pid = -1;
if (pidfile != NULL || ppidfile != NULL || restart) {
if (pidfile || ppidfile || restart || outfd != -1 || dosyslog) {
struct sigaction act_term, act_chld;
/* Avoid PID racing with SIGCHLD and SIGTERM. */
memset(&act_term, 0, sizeof(act_term));
act_term.sa_handler = handle_term;
sigemptyset(&act_term.sa_mask);
sigaddset(&act_term.sa_mask, SIGCHLD);
memset(&act_chld, 0, sizeof(act_chld));
act_chld.sa_handler = handle_chld;
sigemptyset(&act_chld.sa_mask);
sigaddset(&act_chld.sa_mask, SIGTERM);
/* Block these when avoiding racing before sigsuspend(). */
sigemptyset(&mask_susp);
sigaddset(&mask_susp, SIGTERM);
sigaddset(&mask_susp, SIGCHLD);
/* Block SIGTERM when we lack a valid child PID. */
sigemptyset(&mask_term);
sigaddset(&mask_term, SIGTERM);
/*
* Restore default action for SIGTERM in case the
* parent process decided to ignore it.
* When reading, we wish to avoid SIGCHLD. SIGTERM
* has to be caught, otherwise we'll be stuck until
* the read() returns - if it returns.
*/
if (signal(SIGTERM, SIG_DFL) == SIG_ERR) {
warn("signal");
goto exit;
}
/*
* Because SIGCHLD is ignored by default, setup dummy handler
* for it, so we can mask it.
*/
if (signal(SIGCHLD, dummy_sighandler) == SIG_ERR) {
warn("signal");
goto exit;
}
/*
* Block interesting signals.
*/
sigemptyset(&mask);
sigaddset(&mask, SIGTERM);
sigaddset(&mask, SIGCHLD);
if (sigprocmask(SIG_SETMASK, &mask, &oldmask) == -1) {
sigemptyset(&mask_read);
sigaddset(&mask_read, SIGCHLD);
/* Block SIGTERM to avoid racing until we have forked. */
if (sigprocmask(SIG_BLOCK, &mask_term, &mask_orig)) {
warn("sigprocmask");
goto exit;
}
if (sigaction(SIGTERM, &act_term, NULL) == -1) {
warn("sigaction");
goto exit;
}
if (sigaction(SIGCHLD, &act_chld, NULL) == -1) {
warn("sigaction");
goto exit;
}
/*
* Try to protect against pageout kill. Ignore the
* error, madvise(2) will fail only if a process does
* not have superuser privileges.
*/
(void)madvise(NULL, 0, MADV_PROTECT);
logpar.outfd = outfd;
logpar.dosyslog = dosyslog;
logpar.logpri = logpri;
logpar.noclose = noclose;
restart:
if (pipe(pfd))
err(1, "pipe");
/*
* Spawn a child to exec the command, so in the parent
* we could wait for it to exit and remove pidfile.
* Spawn a child to exec the command.
*/
child_gone = 0;
pid = fork();
if (pid == -1) {
warn("fork");
goto exit;
} else if (pid > 0) {
/*
* Unblock SIGTERM after we know we have a valid
* child PID to signal.
*/
if (sigprocmask(SIG_UNBLOCK, &mask_term, NULL)) {
warn("sigprocmask");
goto exit;
}
close(pfd[1]);
pfd[1] = -1;
}
}
if (pid <= 0) {
if (pid == 0) {
/* Restore old sigmask in the child. */
if (sigprocmask(SIG_SETMASK, &oldmask, NULL) == -1)
err(1, "sigprocmask");
}
/* Now that we are the child, write out the pid. */
pidfile_write(pfh);
if (user != NULL)
restrict_process(user);
/*
* When forking, the child gets the original sigmask,
* and dup'd pipes.
*/
if (pid == 0) {
close(pfd[0]);
if (sigprocmask(SIG_SETMASK, &mask_orig, NULL))
err(1, "sigprogmask");
if (stdmask & STDERR_FILENO) {
if (dup2(pfd[1], STDERR_FILENO) == -1)
err(1, "dup2");
}
if (stdmask & STDOUT_FILENO) {
if (dup2(pfd[1], STDOUT_FILENO) == -1)
err(1, "dup2");
}
if (pfd[1] != STDERR_FILENO &&
pfd[1] != STDOUT_FILENO)
close(pfd[1]);
}
execvp(argv[0], argv);
/*
* execvp() failed -- report the error. The child is
* now running, so the exit status doesn't matter.
*/
err(1, "%s", argv[0]);
}
if (title != NULL)
setproctitle("%s[%d]", title, pid);
else
setproctitle("%s[%d]", argv[0], pid);
if (wait_child(pid, &mask) == 0 && restart) {
sleep(1);
setproctitle("%s[%d]", title, (int)pid);
/*
* As we have closed the write end of pipe for parent process,
* we might detect the child's exit by reading EOF. The child
* might have closed its stdout and stderr, so we must wait for
* the SIGCHLD to ensure that the process is actually gone.
*/
child_eof = 0;
for (;;) {
/*
* We block SIGCHLD when listening, but SIGTERM we accept
* so the read() won't block if we wish to depart.
*
* Upon receiving SIGTERM, we have several options after
* sending the SIGTERM to our child:
* - read until EOF
* - read until EOF but only for a while
* - bail immediately
*
* We go for the third, as otherwise we have no guarantee
* that we won't block indefinitely if the child refuses
* to depart. To handle the second option, a different
* approach would be needed (procctl()?)
*/
if (child_gone && child_eof) {
break;
} else if (terminate) {
goto exit;
} else if (!child_eof) {
if (sigprocmask(SIG_BLOCK, &mask_read, NULL)) {
warn("sigprocmask");
goto exit;
}
child_eof = !listen_child(pfd[0], &logpar);
if (sigprocmask(SIG_UNBLOCK, &mask_read, NULL)) {
warn("sigprocmask");
goto exit;
}
} else {
if (sigprocmask(SIG_BLOCK, &mask_susp, NULL)) {
warn("sigprocmask");
goto exit;
}
while (!terminate && !child_gone)
sigsuspend(&mask_orig);
if (sigprocmask(SIG_UNBLOCK, &mask_susp, NULL)) {
warn("sigprocmask");
goto exit;
}
}
}
if (sigprocmask(SIG_BLOCK, &mask_term, NULL)) {
warn("sigprocmask");
goto exit;
}
if (restart && !terminate) {
daemon_sleep(1, 0);
close(pfd[0]);
pfd[0] = -1;
goto restart;
}
exit:
close(outfd);
close(pfd[0]);
close(pfd[1]);
if (dosyslog)
closelog();
pidfile_remove(pfh);
pidfile_remove(ppfh);
exit(1); /* If daemon(3) succeeded exit status does not matter. */
}
static void
dummy_sighandler(int sig __unused)
daemon_sleep(time_t secs, long nsecs)
{
/* Nothing to do. */
struct timespec ts = { secs, nsecs };
while (nanosleep(&ts, &ts) == -1) {
if (errno != EINTR)
err(1, "nanosleep");
}
}
static void
open_pid_files(const char *pidfile, const char *ppidfile,
struct pidfh **pfh, struct pidfh **ppfh)
{
pid_t fpid;
int serrno;
if (pidfile) {
*pfh = pidfile_open(pidfile, 0600, &fpid);
if (*pfh == NULL) {
if (errno == EEXIST) {
errx(3, "process already running, pid: %d",
fpid);
}
err(2, "pidfile ``%s''", pidfile);
}
}
/* Do the same for the actual daemon process. */
if (ppidfile) {
*ppfh = pidfile_open(ppidfile, 0600, &fpid);
if (*ppfh == NULL) {
serrno = errno;
pidfile_remove(*pfh);
errno = serrno;
if (errno == EEXIST) {
errx(3, "process already running, pid: %d",
fpid);
}
err(2, "ppidfile ``%s''", ppidfile);
}
}
}
static int
get_log_mapping(const char *str, const CODE *c)
{
const CODE *cp;
for (cp = c; cp->c_name; cp++)
if (strcmp(cp->c_name, str) == 0)
return cp->c_val;
return -1;
}
static void
@ -240,34 +439,112 @@ restrict_process(const char *user)
errx(1, "failed to set user environment");
}
/*
* We try to collect whole lines terminated by '\n'. Otherwise we collect a
* full buffer, and then output it.
*
* Return value of 0 is assumed to mean EOF or error, and 1 indicates to
* continue reading.
*/
static int
wait_child(pid_t pid, sigset_t *mask)
listen_child(int fd, struct log_params *logpar)
{
int terminate, signo;
static unsigned char buf[LBUF_SIZE];
static size_t bytes_read = 0;
int rv;
terminate = 0;
for (;;) {
if (sigwait(mask, &signo) == -1) {
warn("sigwaitinfo");
return (-1);
assert(logpar);
assert(bytes_read < LBUF_SIZE - 1);
rv = read(fd, buf + bytes_read, LBUF_SIZE - bytes_read - 1);
if (rv > 0) {
unsigned char *cp;
bytes_read += rv;
assert(bytes_read <= LBUF_SIZE - 1);
/* Always NUL-terminate just in case. */
buf[LBUF_SIZE - 1] = '\0';
/*
* Chomp line by line until we run out of buffer.
* This does not take NUL characters into account.
*/
while ((cp = memchr(buf, '\n', bytes_read)) != NULL) {
size_t bytes_line = cp - buf + 1;
assert(bytes_line <= bytes_read);
do_output(buf, bytes_line, logpar);
bytes_read -= bytes_line;
memmove(buf, cp + 1, bytes_read);
}
switch (signo) {
case SIGCHLD:
if (waitpid(pid, NULL, WNOHANG) == -1) {
warn("waitpid");
return (-1);
}
return (terminate);
case SIGTERM:
terminate = 1;
if (kill(pid, signo) == -1) {
warn("kill");
return (-1);
}
continue;
default:
warnx("sigwaitinfo: invalid signal: %d", signo);
return (-1);
/* Wait until the buffer is full. */
if (bytes_read < LBUF_SIZE - 1)
return 1;
do_output(buf, bytes_read, logpar);
bytes_read = 0;
return 1;
} else if (rv == -1) {
/* EINTR should trigger another read. */
if (errno == EINTR) {
return 1;
} else {
warn("read");
return 0;
}
}
/* Upon EOF, we have to flush what's left of the buffer. */
if (bytes_read > 0) {
do_output(buf, bytes_read, logpar);
bytes_read = 0;
}
return 0;
}
/*
* The default behavior is to stay silent if the user wants to redirect
* output to a file and/or syslog. If neither are provided, then we bounce
* everything back to parent's stdout.
*/
static void
do_output(const unsigned char *buf, size_t len, struct log_params *logpar)
{
assert(len <= LBUF_SIZE);
assert(logpar);
if (len < 1)
return;
if (logpar->dosyslog)
syslog(logpar->logpri, "%.*s", (int)len, buf);
if (logpar->outfd != -1) {
if (write(logpar->outfd, buf, len) == -1)
warn("write");
}
if (logpar->noclose && !logpar->dosyslog && logpar->outfd == -1)
printf("%.*s", (int)len, buf);
}
/*
* We use the global PID acquired directly from fork. If there is no valid
* child pid, the handler should be blocked and/or child_gone == 1.
*/
static void
handle_term(int signo)
{
if (pid > 0 && !child_gone)
kill(pid, signo);
terminate = 1;
}
static void
handle_chld(int signo)
{
(void)signo;
for (;;) {
int rv = waitpid(-1, NULL, WNOHANG);
if (pid == rv) {
child_gone = 1;
break;
} else if (rv == -1 && errno != EINTR) {
warn("waitpid");
return;
}
}
}
@ -275,8 +552,11 @@ wait_child(pid_t pid, sigset_t *mask)
static void
usage(void)
{
(void)fprintf(stderr, "%s\n\t%s\n",
"usage: daemon [-cfr] [-p child_pidfile] [-P supervisor_pidfile]",
"[-t title] [-u user] command arguments ...");
(void)fprintf(stderr,
"usage: daemon [-cfrS] [-p child_pidfile] [-P supervisor_pidfile]\n"
" [-u user] [-o output_file] [-t title]\n"
" [-l syslog_facility] [-s syslog_priority]\n"
" [-T syslog_tag] [-m output_mask]\n"
"command arguments ...\n");
exit(1);
}