From eef0a274e6187d1efb8fffaf66db94b8738662a0 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Mon, 8 Feb 2016 21:13:09 +0100 Subject: [PATCH] activate: add a new switch --inetd to enable inetd-style socket activation Previously, using --accept would enable inetd-style socket activation in addition to per-connection operation. This is now split into two switches: --accept only switches between per-connection or single-instance operation. --inetd switches between inetd-style or new-style fd passing. This breaks the interface of the tool, but given that it is a debugging tool shipped in /usr/lib/systemd/ it's not really a public interface. This change allows testing new-style per-connection daemons. --- man/systemd-activate.xml | 39 ++++++------- src/activate/activate.c | 143 +++++++++++++++++++++++++++-------------------- 2 files changed, 103 insertions(+), 79 deletions(-) diff --git a/man/systemd-activate.xml b/man/systemd-activate.xml index 61a2bc8..995e6ee 100644 --- a/man/systemd-activate.xml +++ b/man/systemd-activate.xml @@ -60,27 +60,21 @@ Description - systemd-activate can be used to - launch a socket-activated daemon from the command line for - testing purposes. It can also be used to launch single instances - of the daemon per connection (inetd-style). + systemd-activate may be used to launch a socket-activated service binary from the command + line for testing purposes. It may also be used to launch individual instances of the service binary per connection. The daemon to launch and its options should be specified after options intended for systemd-activate. - If the option is given, file descriptor - of the connection will be used as the standard input and output of - the launched process. Otherwise, standard input and output will be - inherited, and sockets will be passed through file descriptors 3 - and higher. Sockets passed through $LISTEN_FDS - to systemd-activate will be passed through to - the daemon, in the original positions. Other sockets specified - with will use consecutive descriptors. - By default, systemd-activate listens on a - stream socket, use to listen on - a datagram socket instead (see below). + If the option is given, the socket file descriptor will be used as the standard + input and output of the launched process. Otherwise, standard input and output will be inherited, and sockets will + be passed through file descriptors 3 and higher. Sockets passed through $LISTEN_FDS to + systemd-activate will be passed through to the daemon, in the original positions. Other sockets + specified with will use consecutive descriptors. By default, + systemd-activate listens on a stream socket, use and + to listen on datagram or sequential packet sockets instead (see below). @@ -101,9 +95,8 @@ - Launch a separate instance of daemon per - connection and pass the connection socket as standard input - and standard output. + Launch an instance of the service binary for each connection and pass the connection + socket. @@ -123,6 +116,14 @@ + + + Use the inetd protocol for passing file descriptors, i.e. as standard input and standard + output, instead of the new-style protocol for passing file descriptors using $LISTEN_FDS + (see above). + + + @@ -179,7 +180,7 @@ Run an echo server on port 2000 - $ /usr/lib/systemd/systemd-activate -l 2000 -a cat + $ /usr/lib/systemd/systemd-activate -l 2000 --inetd -a cat diff --git a/src/activate/activate.c b/src/activate/activate.c index 559ce33..0db4967 100644 --- a/src/activate/activate.c +++ b/src/activate/activate.c @@ -41,6 +41,7 @@ static int arg_socket_type = SOCK_STREAM; static char** arg_args = NULL; static char** arg_setenv = NULL; static const char *arg_fdname = NULL; +static bool arg_inetd = false; static int add_epoll(int epoll_fd, int fd) { struct epoll_event ev = { @@ -127,14 +128,20 @@ static int open_sockets(int *epoll_fd, bool accept) { return count; } -static int launch(char* name, char **argv, char **env, int fds) { +static int exec_process(const char* name, char **argv, char **env, int start_fd, int n_fds) { - static const char* tocopy[] = {"TERM=", "PATH=", "USER=", "HOME="}; _cleanup_strv_free_ char **envp = NULL; - _cleanup_free_ char *tmp = NULL; + _cleanup_free_ char *joined = NULL; unsigned n_env = 0, length; - char **s; + const char *tocopy; unsigned i; + char **s; + int r; + + if (arg_inetd && n_fds != 1) { + log_error("--inetd only supported for single file descriptors."); + return -EINVAL; + } length = strv_length(arg_setenv); @@ -144,6 +151,7 @@ static int launch(char* name, char **argv, char **env, int fds) { return log_oom(); STRV_FOREACH(s, arg_setenv) { + if (strchr(*s, '=')) { char *k; @@ -167,13 +175,15 @@ static int launch(char* name, char **argv, char **env, int fds) { envp[n_env] = strdup(n); if (!envp[n_env]) return log_oom(); + + n_env ++; } } - for (i = 0; i < ELEMENTSOF(tocopy); i++) { + FOREACH_STRING(tocopy, "TERM=", "PATH=", "USER=", "HOME=") { const char *n; - n = strv_find_prefix(env, tocopy[i]); + n = strv_find_prefix(env, tocopy); if (!n) continue; @@ -184,50 +194,76 @@ static int launch(char* name, char **argv, char **env, int fds) { n_env ++; } - if ((asprintf((char**)(envp + n_env++), "LISTEN_FDS=%d", fds) < 0) || - (asprintf((char**)(envp + n_env++), "LISTEN_PID=%d", getpid()) < 0)) - return log_oom(); + if (arg_inetd) { + assert(n_fds == 1); - if (arg_fdname) { - char *e; + r = dup2(start_fd, STDIN_FILENO); + if (r < 0) + return log_error_errno(errno, "Failed to dup connection to stdin: %m"); - e = strappend("LISTEN_FDNAMES=", arg_fdname); - if (!e) + r = dup2(start_fd, STDOUT_FILENO); + if (r < 0) + return log_error_errno(errno, "Failed to dup connection to stdout: %m"); + + start_fd = safe_close(start_fd); + } else { + if (start_fd != SD_LISTEN_FDS_START) { + assert(n_fds == 1); + + r = dup2(start_fd, SD_LISTEN_FDS_START); + if (r < 0) + return log_error_errno(errno, "Failed to dup connection: %m"); + + safe_close(start_fd); + start_fd = SD_LISTEN_FDS_START; + } + + if (asprintf((char**)(envp + n_env++), "LISTEN_FDS=%i", n_fds) < 0) return log_oom(); - for (i = 1; i < (unsigned) fds; i++) { - char *c; + if (asprintf((char**)(envp + n_env++), "LISTEN_PID=" PID_FMT, getpid()) < 0) + return log_oom(); - c = strjoin(e, ":", arg_fdname, NULL); - if (!c) { - free(e); + if (arg_fdname) { + char *e; + + e = strappend("LISTEN_FDNAMES=", arg_fdname); + if (!e) return log_oom(); + + for (i = 1; i < (unsigned) n_fds; i++) { + char *c; + + c = strjoin(e, ":", arg_fdname, NULL); + if (!c) { + free(e); + return log_oom(); + } + + free(e); + e = c; } - free(e); - e = c; + envp[n_env++] = e; } - - envp[n_env++] = e; } - tmp = strv_join(argv, " "); - if (!tmp) + joined = strv_join(argv, " "); + if (!joined) return log_oom(); - log_info("Execing %s (%s)", name, tmp); + log_info("Execing %s (%s)", name, joined); execvpe(name, argv, envp); - return log_error_errno(errno, "Failed to execp %s (%s): %m", name, tmp); + return log_error_errno(errno, "Failed to execp %s (%s): %m", name, joined); } -static int launch1(const char* child, char** argv, char **env, int fd) { - _cleanup_free_ char *tmp = NULL; +static int fork_and_exec_process(const char* child, char** argv, char **env, int fd) { + _cleanup_free_ char *joined = NULL; pid_t parent_pid, child_pid; - int r; - tmp = strv_join(argv, " "); - if (!tmp) + joined = strv_join(argv, " "); + if (!joined) return log_oom(); parent_pid = getpid(); @@ -242,24 +278,6 @@ static int launch1(const char* child, char** argv, char **env, int fd) { (void) reset_all_signal_handlers(); (void) reset_signal_mask(); - r = dup2(fd, STDIN_FILENO); - if (r < 0) { - log_error_errno(errno, "Failed to dup connection to stdin: %m"); - _exit(EXIT_FAILURE); - } - - r = dup2(fd, STDOUT_FILENO); - if (r < 0) { - log_error_errno(errno, "Failed to dup connection to stdout: %m"); - _exit(EXIT_FAILURE); - } - - r = close(fd); - if (r < 0) { - log_error_errno(errno, "Failed to close dupped connection: %m"); - _exit(EXIT_FAILURE); - } - /* Make sure the child goes away when the parent dies */ if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0) _exit(EXIT_FAILURE); @@ -269,29 +287,27 @@ static int launch1(const char* child, char** argv, char **env, int fd) { if (getppid() != parent_pid) _exit(EXIT_SUCCESS); - execvp(child, argv); - log_error_errno(errno, "Failed to exec child %s: %m", child); + exec_process(child, argv, env, fd, 1); _exit(EXIT_FAILURE); } - log_info("Spawned %s (%s) as PID %d", child, tmp, child_pid); - + log_info("Spawned %s (%s) as PID %d", child, joined, child_pid); return 0; } static int do_accept(const char* name, char **argv, char **envp, int fd) { _cleanup_free_ char *local = NULL, *peer = NULL; - _cleanup_close_ int fd2 = -1; + _cleanup_close_ int fd_accepted = -1; - fd2 = accept4(fd, NULL, NULL, 0); - if (fd2 < 0) + fd_accepted = accept4(fd, NULL, NULL, 0); + if (fd_accepted < 0) return log_error_errno(errno, "Failed to accept connection on fd:%d: %m", fd); - getsockname_pretty(fd2, &local); - getpeername_pretty(fd2, true, &peer); + getsockname_pretty(fd_accepted, &local); + getpeername_pretty(fd_accepted, true, &peer); log_info("Connection from %s to %s", strna(peer), strna(local)); - return launch1(name, argv, envp, fd2); + return fork_and_exec_process(name, argv, envp, fd_accepted); } /* SIGCHLD handler. */ @@ -330,6 +346,7 @@ static void help(void) { " --seqpacket Listen on SOCK_SEQPACKET instead of stream socket\n" " -a --accept Spawn separate child for each connection\n" " -E --setenv=NAME[=VALUE] Pass an environment variable to children\n" + " --inetd Enable inetd file descriptor passing protocol\n" "\n" "Note: file descriptors from sd_listen_fds() will be passed through.\n" , program_invocation_short_name); @@ -340,6 +357,7 @@ static int parse_argv(int argc, char *argv[]) { ARG_VERSION = 0x100, ARG_FDNAME, ARG_SEQPACKET, + ARG_INETD, }; static const struct option options[] = { @@ -352,6 +370,7 @@ static int parse_argv(int argc, char *argv[]) { { "setenv", required_argument, NULL, 'E' }, { "environment", required_argument, NULL, 'E' }, /* legacy alias */ { "fdname", required_argument, NULL, ARG_FDNAME }, + { "inetd", no_argument, NULL, ARG_INETD }, {} }; @@ -414,6 +433,10 @@ static int parse_argv(int argc, char *argv[]) { arg_fdname = optarg; break; + case ARG_INETD: + arg_inetd = true; + break; + case '?': return -EINVAL; @@ -482,7 +505,7 @@ int main(int argc, char **argv, char **envp) { break; } - launch(argv[optind], argv + optind, envp, n); + exec_process(argv[optind], argv + optind, envp, SD_LISTEN_FDS_START, n); return EXIT_SUCCESS; } -- 2.7.4