* setuid()
*/
+//usage:#define inetd_trivial_usage
+//usage: "[-fe] [-q N] [-R N] [CONFFILE]"
+//usage:#define inetd_full_usage "\n\n"
+//usage: "Listen for network connections and launch programs\n"
+//usage: "\n -f Run in foreground"
+//usage: "\n -e Log to stderr"
+//usage: "\n -q N Socket listen queue (default: 128)"
+//usage: "\n -R N Pause services after N connects/min"
+//usage: "\n (default: 0 - disabled)"
+
#include <syslog.h>
+#include <sys/resource.h> /* setrlimit */
+#include <sys/socket.h> /* un.h may need this */
#include <sys/un.h>
#include "libbb.h"
#if ENABLE_FEATURE_INETD_RPC
-#include <rpc/rpc.h>
-#include <rpc/pmap_clnt.h>
+# if defined(__UCLIBC__) && ! defined(__UCLIBC_HAS_RPC__)
+# error "You need to build uClibc with UCLIBC_HAS_RPC for NFS support"
+# endif
+# include <rpc/rpc.h>
+# include <rpc/pmap_clnt.h>
#endif
#if !BB_MMU
#define ENABLE_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN 0
#endif
-#define _PATH_INETDPID "/var/run/inetd.pid"
-
#define CNT_INTERVAL 60 /* servers in CNT_INTERVAL sec. */
#define RETRYTIME 60 /* retry after bind or server fail */
config_filename = "/etc/inetd.conf"; \
} while (0)
+#if 1
+# define dbg(...) ((void)0)
+#else
+# define dbg(...) \
+do { \
+ int dbg_fd = open("inetd_debug.log", O_WRONLY | O_CREAT | O_APPEND, 0666); \
+ if (dbg_fd >= 0) { \
+ fdprintf(dbg_fd, "%d: ", getpid()); \
+ fdprintf(dbg_fd, __VA_ARGS__); \
+ close(dbg_fd); \
+ } \
+} while (0)
+#endif
+
static void maybe_close(int fd)
{
- if (fd >= 0)
+ if (fd >= 0) {
close(fd);
+ dbg("closed fd:%d\n", fd);
+ }
}
// TODO: move to libbb?
{
if (fd >= 0) {
FD_CLR(fd, &allsock);
+ dbg("stopped listening on fd:%d\n", fd);
maxsock = -1;
+ dbg("maxsock:%d\n", maxsock);
}
}
{
if (fd >= 0) {
FD_SET(fd, &allsock);
+ dbg("started listening on fd:%d\n", fd);
if (maxsock >= 0 && fd > maxsock) {
prev_maxsock = maxsock = fd;
+ dbg("maxsock:%d\n", maxsock);
if ((rlim_t)fd > rlim_ofile_cur - FD_MARGIN)
bump_nofile();
}
maxsock = fd;
fd++;
}
+ dbg("recalculated maxsock:%d\n", maxsock);
prev_maxsock = maxsock;
if ((rlim_t)maxsock > rlim_ofile_cur - FD_MARGIN)
bump_nofile();
/* zero out the port for all RPC services; let bind()
* find one. */
- set_nport(sep->se_lsa, 0);
+ set_nport(&sep->se_lsa->u.sa, 0);
/* for RPC services, attempt to use a reserved port
* if they are going to be running as root. */
rearm_alarm();
return;
}
- if (sep->se_socktype == SOCK_STREAM)
+
+ if (sep->se_socktype == SOCK_STREAM) {
listen(fd, global_queuelen);
+ dbg("new sep->se_fd:%d (stream)\n", fd);
+ } else {
+ dbg("new sep->se_fd:%d (!stream)\n", fd);
+ }
add_fd_to_set(fd);
sep->se_fd = fd;
}
if (LONE_CHAR(sep->se_local_hostname, '*')) {
lsa = xzalloc_lsa(sep->se_family);
- set_nport(lsa, port);
+ set_nport(&lsa->u.sa, port);
} else {
lsa = host_and_af2sockaddr(sep->se_local_hostname,
ntohs(port), sep->se_family);
* new config file doesnt have them. */
block_CHLD_HUP_ALRM(&omask);
sepp = &serv_list;
- while ((sep = *sepp)) {
+ while ((sep = *sepp) != NULL) {
if (sep->se_checked) {
sepp = &sep->se_next;
continue;
if (ENABLE_FEATURE_CLEAN_UP)
close(sep->se_fd);
}
- remove_pidfile(_PATH_INETDPID);
+ remove_pidfile(CONFIG_PID_FILE_PATH "/inetd.pid");
exit(EXIT_SUCCESS);
}
setgroups(1, &gid);
}
- write_pidfile(_PATH_INETDPID);
+ write_pidfile(CONFIG_PID_FILE_PATH "/inetd.pid");
/* never fails under Linux (except if you pass it bad arguments) */
getrlimit(RLIMIT_NOFILE, &rlim_ofile);
sigaddset(&sa.sa_mask, SIGALRM);
sigaddset(&sa.sa_mask, SIGCHLD);
sigaddset(&sa.sa_mask, SIGHUP);
+//FIXME: explain why no SA_RESTART
+//FIXME: retry_network_setup is unsafe to run in signal handler (many reasons)!
sa.sa_handler = retry_network_setup;
sigaction_set(SIGALRM, &sa);
+//FIXME: reread_config_file is unsafe to run in signal handler(many reasons)!
sa.sa_handler = reread_config_file;
sigaction_set(SIGHUP, &sa);
+//FIXME: reap_child is unsafe to run in signal handler (uses stdio)!
sa.sa_handler = reap_child;
sigaction_set(SIGCHLD, &sa);
+//FIXME: clean_up_and_exit is unsafe to run in signal handler (uses stdio)!
sa.sa_handler = clean_up_and_exit;
sigaction_set(SIGTERM, &sa);
sa.sa_handler = clean_up_and_exit;
}
continue;
}
+ dbg("ready_fd_cnt:%d\n", ready_fd_cnt);
for (sep = serv_list; ready_fd_cnt && sep; sep = sep->se_next) {
if (sep->se_fd == -1 || !FD_ISSET(sep->se_fd, &readable))
continue;
+ dbg("ready fd:%d\n", sep->se_fd);
ready_fd_cnt--;
ctrl = sep->se_fd;
accepted_fd = -1;
if (!sep->se_wait) {
if (sep->se_socktype == SOCK_STREAM) {
ctrl = accepted_fd = accept(sep->se_fd, NULL, NULL);
+ dbg("accepted_fd:%d\n", accepted_fd);
if (ctrl < 0) {
if (errno != EINTR)
bb_perror_msg("accept (for %s)", sep->se_service);
* (can create many copies of same child, etc).
* Parent must create and use new socket instead. */
new_udp_fd = socket(sep->se_family, SOCK_DGRAM, 0);
+ dbg("new_udp_fd:%d\n", new_udp_fd);
if (new_udp_fd < 0) { /* error: eat packet, forget about it */
udp_err:
recv(sep->se_fd, line, LINE_SIZE, MSG_DONTWAIT);
continue;
}
setsockopt_reuseaddr(new_udp_fd);
- /* TODO: better do bind after vfork in parent,
+ /* TODO: better do bind after fork in parent,
* so that we don't have two wildcard bound sockets
* even for a brief moment? */
if (bind(new_udp_fd, &sep->se_lsa->u.sa, sep->se_lsa->len) < 0) {
+ dbg("bind(new_udp_fd) failed\n");
close(new_udp_fd);
goto udp_err;
}
+ dbg("bind(new_udp_fd) succeeded\n");
}
}
sep->se_count = 0;
rearm_alarm(); /* will revive it in RETRYTIME sec */
restore_sigmask(&omask);
+ maybe_close(new_udp_fd);
maybe_close(accepted_fd);
continue; /* -> check next fd in fd set */
}
bb_perror_msg("vfork"+1);
sleep(1);
restore_sigmask(&omask);
+ maybe_close(new_udp_fd);
maybe_close(accepted_fd);
continue; /* -> check next fd in fd set */
}
if (pid == 0)
pid--; /* -1: "we did fork and we are child" */
}
- /* if pid == 0 here, we never forked */
+ /* if pid == 0 here, we didn't fork */
if (pid > 0) { /* parent */
if (sep->se_wait) {
- /* tcp wait: we passed listening socket to child,
+ /* wait: we passed socket to child,
* will wait for child to terminate */
sep->se_wait = pid;
remove_fd_from_set(sep->se_fd);
/* udp nowait: child connected the socket,
* we created and will use new, unconnected one */
xmove_fd(new_udp_fd, sep->se_fd);
+ dbg("moved new_udp_fd:%d to sep->se_fd:%d\n", new_udp_fd, sep->se_fd);
}
restore_sigmask(&omask);
maybe_close(accepted_fd);
continue; /* -> check next fd in fd set */
}
- /* we are either child or didn't vfork at all */
+ /* we are either child or didn't fork at all */
#ifdef INETD_BUILTINS_ENABLED
if (sep->se_builtin) {
- if (pid) { /* "pid" is -1: we did vfork */
+ if (pid) { /* "pid" is -1: we did fork */
close(sep->se_fd); /* listening socket */
+ dbg("closed sep->se_fd:%d\n", sep->se_fd);
logmode = LOGMODE_NONE; /* make xwrite etc silent */
}
restore_sigmask(&omask);
sep->se_builtin->bi_stream_fn(ctrl, sep);
else
sep->se_builtin->bi_dgram_fn(ctrl, sep);
- if (pid) /* we did vfork */
+ if (pid) /* we did fork */
_exit(EXIT_FAILURE);
maybe_close(accepted_fd);
continue; /* -> check next fd in fd set */
setsid();
/* "nowait" udp */
if (new_udp_fd >= 0) {
- len_and_sockaddr *lsa = xzalloc_lsa(sep->se_family);
+ len_and_sockaddr *lsa;
+ int r;
+
+ close(new_udp_fd);
+ dbg("closed new_udp_fd:%d\n", new_udp_fd);
+ lsa = xzalloc_lsa(sep->se_family);
/* peek at the packet and remember peer addr */
- int r = recvfrom(ctrl, NULL, 0, MSG_PEEK|MSG_DONTWAIT,
+ r = recvfrom(ctrl, NULL, 0, MSG_PEEK|MSG_DONTWAIT,
&lsa->u.sa, &lsa->len);
if (r < 0)
goto do_exit1;
* only packets from this peer will be recv'ed,
* and bare write()/send() will work on it */
connect(ctrl, &lsa->u.sa, lsa->len);
+ dbg("connected ctrl:%d to remote peer\n", ctrl);
free(lsa);
}
/* prepare env and exec program */
bb_error_msg("non-root must run services as himself");
goto do_exit1;
}
- if (pwd->pw_uid) {
+ if (pwd->pw_uid != 0) {
if (sep->se_group)
pwd->pw_gid = grp->gr_gid;
/* initgroups, setgid, setuid: */
*/
xmove_fd(ctrl, STDIN_FILENO);
xdup2(STDIN_FILENO, STDOUT_FILENO);
+ dbg("moved ctrl:%d to fd 0,1[,2]\n", ctrl);
/* manpages of inetd I managed to find either say
* that stderr is also redirected to the network,
* or do not talk about redirection at all (!) */
maybe_close(sep2->se_fd);
sigaction_set(SIGPIPE, &saved_pipe_handler);
restore_sigmask(&omask);
+ dbg("execing:'%s'\n", sep->se_program);
BB_EXECVP(sep->se_program, sep->se_argv);
bb_perror_msg("can't execute '%s'", sep->se_program);
do_exit1:
projects / platform / upstream / busybox.git / blobdiff