[mirror_lxc.git] / src / lxc / cmd / lxc_monitord.c

/*
 * lxc: linux Container library
 *
 * Copyright © 2012 Oracle.
 *
 * Authors:
 * Dwight Engen <dwight.engen@oracle.com>
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */

#define _GNU_SOURCE
#include <errno.h>
#include <fcntl.h>
#include <pthread.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <net/if.h>
#include <netinet/in.h>
#include <setjmp.h>
#include <sys/epoll.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/un.h>

#include <lxc/lxccontainer.h>

#include "af_unix.h"
#include "log.h"
#include "mainloop.h"
#include "monitor.h"
#include "utils.h"

#define CLIENTFDS_CHUNK 64

lxc_log_define(lxc_monitord, lxc);

sigjmp_buf mark;

static void lxc_monitord_cleanup(void);

/*
 * Defines the structure to store the monitor information
 * @lxcpath        : the path being monitored
 * @fifofd         : the file descriptor for publishers (containers) to write state
 * @listenfd       : the file descriptor for subscribers (lxc-monitors) to connect
 * @clientfds      : accepted client file descriptors
 * @clientfds_size : number of file descriptors clientfds can hold
 * @clientfds_cnt  : the count of valid fds in clientfds
 * @descr          : the lxc_mainloop state
 */
struct lxc_monitor {
	const char *lxcpath;
	int fifofd;
	int listenfd;
	int *clientfds;
	int clientfds_size;
	int clientfds_cnt;
	struct lxc_epoll_descr descr;
};

static struct lxc_monitor mon;
static int quit;

static int lxc_monitord_fifo_create(struct lxc_monitor *mon)
{
	struct flock lk;
	char fifo_path[PATH_MAX];
	int ret;

	ret = lxc_monitor_fifo_name(mon->lxcpath, fifo_path, sizeof(fifo_path), 1);
	if (ret < 0)
		return ret;

	ret = mknod(fifo_path, S_IFIFO|S_IRUSR|S_IWUSR, 0);
	if (ret < 0 && errno != EEXIST) {
		SYSINFO("Failed to mknod monitor fifo %s", fifo_path);
		return -1;
	}

	mon->fifofd = open(fifo_path, O_RDWR);
	if (mon->fifofd < 0) {
		SYSERROR("Failed to open monitor fifo %s", fifo_path);
		unlink(fifo_path);
		return -1;
	}

	lk.l_type = F_WRLCK;
	lk.l_whence = SEEK_SET;
	lk.l_start = 0;
	lk.l_len = 0;

	if (fcntl(mon->fifofd, F_SETLK, &lk) != 0) {
		/* another lxc-monitord is already running, don't start up */
		SYSDEBUG("lxc-monitord already running on lxcpath %s", mon->lxcpath);
		close(mon->fifofd);
		return -1;
	}

	return 0;
}

static int lxc_monitord_fifo_delete(struct lxc_monitor *mon)
{
	char fifo_path[PATH_MAX];
	int ret;

	ret = lxc_monitor_fifo_name(mon->lxcpath, fifo_path, sizeof(fifo_path), 0);
	if (ret < 0)
		return ret;

	unlink(fifo_path);
	return 0;
}

static void lxc_monitord_sockfd_remove(struct lxc_monitor *mon, int fd)
{
	int i;

	if (lxc_mainloop_del_handler(&mon->descr, fd))
		CRIT("File descriptor %d not found in mainloop", fd);
	close(fd);

	for (i = 0; i < mon->clientfds_cnt; i++)
		if (mon->clientfds[i] == fd)
			break;

	if (i >= mon->clientfds_cnt) {
		CRIT("File descriptor %d not found in clients array", fd);
		lxc_monitord_cleanup();
		exit(EXIT_FAILURE);
	}

	memmove(&mon->clientfds[i], &mon->clientfds[i+1],
		(mon->clientfds_cnt - i - 1) * sizeof(mon->clientfds[0]));
	mon->clientfds_cnt--;
}

static int lxc_monitord_sock_handler(int fd, uint32_t events, void *data,
				     struct lxc_epoll_descr *descr)
{
	struct lxc_monitor *mon = data;

	if (events & EPOLLIN) {
		int rc;
		char buf[4];

		rc = lxc_read_nointr(fd, buf, sizeof(buf));
		if (rc > 0 && !strncmp(buf, "quit", 4))
			quit = LXC_MAINLOOP_CLOSE;
	}

	if (events & EPOLLHUP)
		lxc_monitord_sockfd_remove(mon, fd);

	return quit;
}

static int lxc_monitord_sock_accept(int fd, uint32_t events, void *data,
				    struct lxc_epoll_descr *descr)
{
	int ret, clientfd;
	struct lxc_monitor *mon = data;
	struct ucred cred;
	socklen_t credsz = sizeof(cred);

	ret = LXC_MAINLOOP_ERROR;
	clientfd = accept(fd, NULL, 0);
	if (clientfd < 0) {
		SYSERROR("Failed to accept connection for client file descriptor %d", fd);
		goto out;
	}

	if (fcntl(clientfd, F_SETFD, FD_CLOEXEC)) {
		SYSERROR("Failed to set FD_CLOEXEC on client socket connection %d", clientfd);
		goto err1;
	}

	if (getsockopt(clientfd, SOL_SOCKET, SO_PEERCRED, &cred, &credsz)) {
		SYSERROR("Failed to get credentials on client socket connection %d", clientfd);
		goto err1;
	}

	if (cred.uid && cred.uid != geteuid()) {
		WARN("Monitor denied for uid %d on client socket connection %d", cred.uid, clientfd);
		goto err1;
	}

	if (mon->clientfds_cnt + 1 > mon->clientfds_size) {
		int *clientfds;

		clientfds = realloc(mon->clientfds,
				    (mon->clientfds_size + CLIENTFDS_CHUNK) * sizeof(mon->clientfds[0]));
		if (clientfds == NULL) {
			ERROR("Failed to realloc memory for %d client file descriptors",
			      mon->clientfds_size + CLIENTFDS_CHUNK);
			goto err1;
		}

		mon->clientfds = clientfds;
		mon->clientfds_size += CLIENTFDS_CHUNK;
	}

	ret = lxc_mainloop_add_handler(&mon->descr, clientfd,
				       lxc_monitord_sock_handler, mon);
	if (ret < 0) {
		ERROR("Failed to add socket handler");
		goto err1;
	}

	mon->clientfds[mon->clientfds_cnt++] = clientfd;
	INFO("Accepted client file descriptor %d. Number of accepted file descriptors is now %d",
	     clientfd, mon->clientfds_cnt);
	goto out;

err1:
	close(clientfd);

out:
	return ret;
}

static int lxc_monitord_sock_create(struct lxc_monitor *mon)
{
	struct sockaddr_un addr;
	int fd;

	if (lxc_monitor_sock_name(mon->lxcpath, &addr) < 0)
		return -1;

	fd = lxc_abstract_unix_open(addr.sun_path, SOCK_STREAM, O_TRUNC);
	if (fd < 0) {
		SYSERROR("Failed to open unix socket");
		return -1;
	}

	mon->listenfd = fd;
	return 0;
}

static int lxc_monitord_sock_delete(struct lxc_monitor *mon)
{
	struct sockaddr_un addr;

	if (lxc_monitor_sock_name(mon->lxcpath, &addr) < 0)
		return -1;

	if (addr.sun_path[0])
		unlink(addr.sun_path);

	return 0;
}

static int lxc_monitord_create(struct lxc_monitor *mon)
{
	int ret;

	ret = lxc_monitord_fifo_create(mon);
	if (ret < 0)
		return ret;

	return lxc_monitord_sock_create(mon);
}

static void lxc_monitord_delete(struct lxc_monitor *mon)
{
	int i;

	lxc_mainloop_del_handler(&mon->descr, mon->listenfd);
	lxc_abstract_unix_close(mon->listenfd);
	lxc_monitord_sock_delete(mon);

	lxc_mainloop_del_handler(&mon->descr, mon->fifofd);
	lxc_monitord_fifo_delete(mon);
	close(mon->fifofd);

	for (i = 0; i < mon->clientfds_cnt; i++) {
		lxc_mainloop_del_handler(&mon->descr, mon->clientfds[i]);
		close(mon->clientfds[i]);
	}

	mon->clientfds_cnt = 0;
}

static int lxc_monitord_fifo_handler(int fd, uint32_t events, void *data,
				     struct lxc_epoll_descr *descr)
{
	int ret, i;
	struct lxc_msg msglxc;
	struct lxc_monitor *mon = data;

	ret = lxc_read_nointr(fd, &msglxc, sizeof(msglxc));
	if (ret != sizeof(msglxc)) {
		SYSERROR("Reading from fifo failed");
		return LXC_MAINLOOP_CLOSE;
	}

	for (i = 0; i < mon->clientfds_cnt; i++) {
		ret = lxc_write_nointr(mon->clientfds[i], &msglxc, sizeof(msglxc));
		if (ret < 0)
			SYSERROR("Failed to send message to client file descriptor %d",
				 mon->clientfds[i]);
	}

	return LXC_MAINLOOP_CONTINUE;
}

static int lxc_monitord_mainloop_add(struct lxc_monitor *mon)
{
	int ret;

	ret = lxc_mainloop_add_handler(&mon->descr, mon->fifofd,
				       lxc_monitord_fifo_handler, mon);
	if (ret < 0) {
		ERROR("Failed to add to mainloop monitor handler for fifo");
		return -1;
	}

	ret = lxc_mainloop_add_handler(&mon->descr, mon->listenfd,
				       lxc_monitord_sock_accept, mon);
	if (ret < 0) {
		ERROR("Failed to add to mainloop monitor handler for listen socket");
		return -1;
	}

	return 0;
}

static void lxc_monitord_cleanup(void)
{
	lxc_monitord_delete(&mon);
}

static void lxc_monitord_sig_handler(int sig)
{
	siglongjmp(mark, 1);
}

int main(int argc, char *argv[])
{
	int ret, pipefd;
	char logpath[PATH_MAX];
	sigset_t mask;
	char *lxcpath = argv[1];
	bool mainloop_opened = false;
	bool monitord_created = false;
	struct lxc_log log;

	if (argc != 3) {
		fprintf(stderr,
			"Usage: lxc-monitord lxcpath sync-pipe-fd\n\n"
			"NOTE: lxc-monitord is intended for use by lxc internally\n"
			"      and does not need to be run by hand\n\n");
		exit(EXIT_FAILURE);
	}

	ret = snprintf(logpath, sizeof(logpath), "%s/lxc-monitord.log",
		       (strcmp(LXCPATH, lxcpath) ? lxcpath : LOGPATH));
	if (ret < 0 || ret >= sizeof(logpath))
		exit(EXIT_FAILURE);

	log.name = NULL;
	log.file = logpath;
	log.level = "DEBUG";
	log.prefix = "lxc-monitord";
	log.quiet = 0;
	log.lxcpath = lxcpath;

	ret = lxc_log_init(&log);
	if (ret)
		INFO("Failed to open log file %s, log will be lost", lxcpath);
	lxc_log_options_no_override();

	if (lxc_safe_int(argv[2], &pipefd) < 0)
		exit(EXIT_FAILURE);

	if (sigfillset(&mask) ||
	    sigdelset(&mask, SIGILL)  ||
	    sigdelset(&mask, SIGSEGV) ||
	    sigdelset(&mask, SIGBUS)  ||
	    sigdelset(&mask, SIGTERM) ||
	    pthread_sigmask(SIG_BLOCK, &mask, NULL)) {
		SYSERROR("Failed to set signal mask");
		exit(EXIT_FAILURE);
	}

	signal(SIGILL,  lxc_monitord_sig_handler);
	signal(SIGSEGV, lxc_monitord_sig_handler);
	signal(SIGBUS,  lxc_monitord_sig_handler);
	signal(SIGTERM, lxc_monitord_sig_handler);

	if (sigsetjmp(mark, 1) != 0)
		goto on_signal;

	ret = EXIT_FAILURE;

	memset(&mon, 0, sizeof(mon));
	mon.lxcpath = lxcpath;
	if (lxc_mainloop_open(&mon.descr)) {
		ERROR("Failed to create mainloop");
		goto on_error;
	}
	mainloop_opened = true;

	if (lxc_monitord_create(&mon))
		goto on_error;
	monitord_created = true;

	/* sync with parent, we're ignoring the return from write
	 * because regardless if it works or not, the following
	 * close will sync us with the parent process. the
	 * if-empty-statement construct is to quiet the
	 * warn-unused-result warning.
	 */
	if (lxc_write_nointr(pipefd, "S", 1))
		;
	close(pipefd);

	if (lxc_monitord_mainloop_add(&mon)) {
		ERROR("Failed to add mainloop handlers");
		goto on_error;
	}

	NOTICE("lxc-monitord with pid %d is now monitoring lxcpath %s",
	       lxc_raw_getpid(), mon.lxcpath);

	for (;;) {
		ret = lxc_mainloop(&mon.descr, 1000 * 30);
		if (ret) {
			ERROR("mainloop returned an error");
			break;
		}

		if (mon.clientfds_cnt <= 0) {
			NOTICE("No remaining clients. lxc-monitord is exiting");
			break;
		}

		if (quit == LXC_MAINLOOP_CLOSE) {
			NOTICE("Got quit command. lxc-monitord is exitting");
			break;
		}
	}

on_signal:
	ret = EXIT_SUCCESS;

on_error:
	if (monitord_created)
		lxc_monitord_cleanup();

	if (mainloop_opened)
		lxc_mainloop_close(&mon.descr);

	exit(ret);
}
Commit	Line	Data
e51d4895 DE	1	/*
	2	* lxc: linux Container library
	3	*
	4	* Copyright © 2012 Oracle.
	5	*
	6	* Authors:
	7	* Dwight Engen <dwight.engen@oracle.com>
	8	*
	9	* This library is free software; you can redistribute it and/or
	10	* modify it under the terms of the GNU Lesser General Public
	11	* License as published by the Free Software Foundation; either
	12	* version 2.1 of the License, or (at your option) any later version.
	13	*
	14	* This library is distributed in the hope that it will be useful,
	15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	17	* Lesser General Public License for more details.
	18	*
	19	* You should have received a copy of the GNU Lesser General Public
	20	* License along with this library; if not, write to the Free Software
250b1eec	21	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
e51d4895 DE	22	*/
	23
	24	#define _GNU_SOURCE
e51d4895	25	#include <errno.h>
e51d4895	26	#include <fcntl.h>
b467714b	27	#include <pthread.h>
60e4f6fa CB	28	#include <signal.h>
	29	#include <stdio.h>
	30	#include <stdlib.h>
	31	#include <string.h>
	32	#include <unistd.h>
	33	#include <net/if.h>
	34	#include <netinet/in.h>
d0dacf05	35	#include <setjmp.h>
2afd1dc0	36	#include <sys/epoll.h>
e51d4895 DE	37	#include <sys/param.h>
e51d4895 DE	38	#include <sys/socket.h>
60e4f6fa CB	39	#include <sys/stat.h>
60e4f6fa CB	40	#include <sys/types.h>
e51d4895	41	#include <sys/un.h>
e51d4895	42
1194822f CB	43	#include <lxc/lxccontainer.h>
1194822f CB	44
f2363e38 ÇO	45	#include "af_unix.h"
	46	#include "log.h"
	47	#include "mainloop.h"
	48	#include "monitor.h"
	49	#include "utils.h"
e51d4895 DE	50
	51	#define CLIENTFDS_CHUNK 64
	52
	53	lxc_log_define(lxc_monitord, lxc);
	54
d0dacf05 CB	55	sigjmp_buf mark;
d0dacf05 CB	56
e51d4895 DE	57	static void lxc_monitord_cleanup(void);
	58
	59	/*
	60	* Defines the structure to store the monitor information
	61	* @lxcpath : the path being monitored
	62	* @fifofd : the file descriptor for publishers (containers) to write state
	63	* @listenfd : the file descriptor for subscribers (lxc-monitors) to connect
	64	* @clientfds : accepted client file descriptors
	65	* @clientfds_size : number of file descriptors clientfds can hold
	66	* @clientfds_cnt : the count of valid fds in clientfds
	67	* @descr : the lxc_mainloop state
	68	*/
	69	struct lxc_monitor {
	70	const char *lxcpath;
	71	int fifofd;
	72	int listenfd;
	73	int *clientfds;
	74	int clientfds_size;
	75	int clientfds_cnt;
	76	struct lxc_epoll_descr descr;
	77	};
	78
8f47bc3f	79	static struct lxc_monitor mon;
2afd1dc0	80	static int quit;
8f47bc3f	81
e51d4895 DE	82	static int lxc_monitord_fifo_create(struct lxc_monitor *mon)
e51d4895 DE	83	{
8bf1e61e	84	struct flock lk;
e51d4895 DE	85	char fifo_path[PATH_MAX];
	86	int ret;
	87
9e60f51d DE	88	ret = lxc_monitor_fifo_name(mon->lxcpath, fifo_path, sizeof(fifo_path), 1);
	89	if (ret < 0)
	90	return ret;
e51d4895 DE	91
e51d4895 DE	92	ret = mknod(fifo_path, S_IFIFO\|S_IRUSR\|S_IWUSR, 0);
8bf1e61e	93	if (ret < 0 && errno != EEXIST) {
7874d81a	94	SYSINFO("Failed to mknod monitor fifo %s", fifo_path);
e51d4895 DE	95	return -1;
	96	}
	97
	98	mon->fifofd = open(fifo_path, O_RDWR);
	99	if (mon->fifofd < 0) {
9044b79e	100	SYSERROR("Failed to open monitor fifo %s", fifo_path);
e51d4895	101	unlink(fifo_path);
e51d4895 DE	102	return -1;
e51d4895 DE	103	}
8bf1e61e DE	104
	105	lk.l_type = F_WRLCK;
	106	lk.l_whence = SEEK_SET;
	107	lk.l_start = 0;
	108	lk.l_len = 0;
9044b79e	109
8bf1e61e DE	110	if (fcntl(mon->fifofd, F_SETLK, &lk) != 0) {
8bf1e61e DE	111	/* another lxc-monitord is already running, don't start up */
9044b79e	112	SYSDEBUG("lxc-monitord already running on lxcpath %s", mon->lxcpath);
8bf1e61e DE	113	close(mon->fifofd);
	114	return -1;
	115	}
9044b79e	116
e51d4895 DE	117	return 0;
	118	}
	119
	120	static int lxc_monitord_fifo_delete(struct lxc_monitor *mon)
	121	{
	122	char fifo_path[PATH_MAX];
	123	int ret;
	124
9e60f51d DE	125	ret = lxc_monitor_fifo_name(mon->lxcpath, fifo_path, sizeof(fifo_path), 0);
	126	if (ret < 0)
	127	return ret;
	128
e51d4895 DE	129	unlink(fifo_path);
	130	return 0;
	131	}
	132
2db65c21 TH	133	static void lxc_monitord_sockfd_remove(struct lxc_monitor *mon, int fd)
2db65c21 TH	134	{
e51d4895 DE	135	int i;
	136
	137	if (lxc_mainloop_del_handler(&mon->descr, fd))
9044b79e	138	CRIT("File descriptor %d not found in mainloop", fd);
e51d4895 DE	139	close(fd);
e51d4895 DE	140
9044b79e	141	for (i = 0; i < mon->clientfds_cnt; i++)
e51d4895 DE	142	if (mon->clientfds[i] == fd)
e51d4895 DE	143	break;
9044b79e	144
e51d4895	145	if (i >= mon->clientfds_cnt) {
9044b79e	146	CRIT("File descriptor %d not found in clients array", fd);
e51d4895 DE	147	lxc_monitord_cleanup();
	148	exit(EXIT_FAILURE);
	149	}
	150
	151	memmove(&mon->clientfds[i], &mon->clientfds[i+1],
	152	(mon->clientfds_cnt - i - 1) * sizeof(mon->clientfds[0]));
	153	mon->clientfds_cnt--;
	154	}
	155
84c92abd	156	static int lxc_monitord_sock_handler(int fd, uint32_t events, void *data,
e51d4895 DE	157	struct lxc_epoll_descr *descr)
	158	{
	159	struct lxc_monitor *mon = data;
	160
2afd1dc0 DE	161	if (events & EPOLLIN) {
	162	int rc;
	163	char buf[4];
	164
243fdadf	165	rc = lxc_read_nointr(fd, buf, sizeof(buf));
2afd1dc0	166	if (rc > 0 && !strncmp(buf, "quit", 4))
b2a48508	167	quit = LXC_MAINLOOP_CLOSE;
2afd1dc0 DE	168	}
	169
	170	if (events & EPOLLHUP)
	171	lxc_monitord_sockfd_remove(mon, fd);
9044b79e	172
2afd1dc0	173	return quit;
e51d4895 DE	174	}
e51d4895 DE	175
84c92abd	176	static int lxc_monitord_sock_accept(int fd, uint32_t events, void *data,
e51d4895 DE	177	struct lxc_epoll_descr *descr)
e51d4895 DE	178	{
2db65c21	179	int ret, clientfd;
e51d4895 DE	180	struct lxc_monitor *mon = data;
	181	struct ucred cred;
	182	socklen_t credsz = sizeof(cred);
	183
b2a48508	184	ret = LXC_MAINLOOP_ERROR;
e51d4895 DE	185	clientfd = accept(fd, NULL, 0);
e51d4895 DE	186	if (clientfd < 0) {
9044b79e	187	SYSERROR("Failed to accept connection for client file descriptor %d", fd);
e51d4895 DE	188	goto out;
	189	}
	190
	191	if (fcntl(clientfd, F_SETFD, FD_CLOEXEC)) {
9044b79e	192	SYSERROR("Failed to set FD_CLOEXEC on client socket connection %d", clientfd);
e51d4895 DE	193	goto err1;
	194	}
	195
9044b79e	196	if (getsockopt(clientfd, SOL_SOCKET, SO_PEERCRED, &cred, &credsz)) {
9044b79e	197	SYSERROR("Failed to get credentials on client socket connection %d", clientfd);
e51d4895 DE	198	goto err1;
e51d4895 DE	199	}
9044b79e	200
e51d4895	201	if (cred.uid && cred.uid != geteuid()) {
9044b79e	202	WARN("Monitor denied for uid %d on client socket connection %d", cred.uid, clientfd);
e51d4895 DE	203	goto err1;
	204	}
	205
	206	if (mon->clientfds_cnt + 1 > mon->clientfds_size) {
	207	int *clientfds;
9044b79e	208
e51d4895	209	clientfds = realloc(mon->clientfds,
60e4f6fa	210	(mon->clientfds_size + CLIENTFDS_CHUNK) * sizeof(mon->clientfds[0]));
e51d4895	211	if (clientfds == NULL) {
9044b79e	212	ERROR("Failed to realloc memory for %d client file descriptors",
60e4f6fa	213	mon->clientfds_size + CLIENTFDS_CHUNK);
e51d4895 DE	214	goto err1;
e51d4895 DE	215	}
9044b79e	216
e51d4895 DE	217	mon->clientfds = clientfds;
	218	mon->clientfds_size += CLIENTFDS_CHUNK;
	219	}
	220
	221	ret = lxc_mainloop_add_handler(&mon->descr, clientfd,
	222	lxc_monitord_sock_handler, mon);
9044b79e	223	if (ret < 0) {
9044b79e	224	ERROR("Failed to add socket handler");
e51d4895 DE	225	goto err1;
	226	}
	227
	228	mon->clientfds[mon->clientfds_cnt++] = clientfd;
9044b79e	229	INFO("Accepted client file descriptor %d. Number of accepted file descriptors is now %d",
9044b79e	230	clientfd, mon->clientfds_cnt);
e51d4895 DE	231	goto out;
	232
	233	err1:
	234	close(clientfd);
9044b79e	235
e51d4895 DE	236	out:
	237	return ret;
	238	}
	239
	240	static int lxc_monitord_sock_create(struct lxc_monitor *mon)
	241	{
	242	struct sockaddr_un addr;
	243	int fd;
	244
	245	if (lxc_monitor_sock_name(mon->lxcpath, &addr) < 0)
	246	return -1;
	247
aae93dd3	248	fd = lxc_abstract_unix_open(addr.sun_path, SOCK_STREAM, O_TRUNC);
e51d4895	249	if (fd < 0) {
6d1400b5	250	SYSERROR("Failed to open unix socket");
e51d4895 DE	251	return -1;
	252	}
	253
	254	mon->listenfd = fd;
	255	return 0;
	256	}
	257
	258	static int lxc_monitord_sock_delete(struct lxc_monitor *mon)
	259	{
	260	struct sockaddr_un addr;
	261
	262	if (lxc_monitor_sock_name(mon->lxcpath, &addr) < 0)
	263	return -1;
9044b79e	264
e51d4895 DE	265	if (addr.sun_path[0])
e51d4895 DE	266	unlink(addr.sun_path);
9044b79e	267
e51d4895 DE	268	return 0;
	269	}
	270
	271	static int lxc_monitord_create(struct lxc_monitor *mon)
	272	{
	273	int ret;
	274
	275	ret = lxc_monitord_fifo_create(mon);
	276	if (ret < 0)
	277	return ret;
	278
9044b79e	279	return lxc_monitord_sock_create(mon);
e51d4895 DE	280	}
	281
	282	static void lxc_monitord_delete(struct lxc_monitor *mon)
	283	{
	284	int i;
	285
	286	lxc_mainloop_del_handler(&mon->descr, mon->listenfd);
9044b79e	287	lxc_abstract_unix_close(mon->listenfd);
e51d4895 DE	288	lxc_monitord_sock_delete(mon);
	289
	290	lxc_mainloop_del_handler(&mon->descr, mon->fifofd);
e51d4895	291	lxc_monitord_fifo_delete(mon);
8bf1e61e	292	close(mon->fifofd);
e51d4895 DE	293
	294	for (i = 0; i < mon->clientfds_cnt; i++) {
	295	lxc_mainloop_del_handler(&mon->descr, mon->clientfds[i]);
	296	close(mon->clientfds[i]);
	297	}
9044b79e	298
e51d4895 DE	299	mon->clientfds_cnt = 0;
	300	}
	301
84c92abd	302	static int lxc_monitord_fifo_handler(int fd, uint32_t events, void *data,
e51d4895 DE	303	struct lxc_epoll_descr *descr)
e51d4895 DE	304	{
2db65c21	305	int ret, i;
e51d4895 DE	306	struct lxc_msg msglxc;
	307	struct lxc_monitor *mon = data;
	308
243fdadf	309	ret = lxc_read_nointr(fd, &msglxc, sizeof(msglxc));
e51d4895	310	if (ret != sizeof(msglxc)) {
b5be6a7c	311	SYSERROR("Reading from fifo failed");
b2a48508	312	return LXC_MAINLOOP_CLOSE;
e51d4895 DE	313	}
	314
	315	for (i = 0; i < mon->clientfds_cnt; i++) {
ff50dd77	316	ret = lxc_write_nointr(mon->clientfds[i], &msglxc, sizeof(msglxc));
60e4f6fa	317	if (ret < 0)
6d1400b5	318	SYSERROR("Failed to send message to client file descriptor %d",
2db65c21	319	mon->clientfds[i]);
e51d4895 DE	320	}
e51d4895 DE	321
b2a48508	322	return LXC_MAINLOOP_CONTINUE;
e51d4895 DE	323	}
	324
	325	static int lxc_monitord_mainloop_add(struct lxc_monitor *mon)
	326	{
	327	int ret;
	328
	329	ret = lxc_mainloop_add_handler(&mon->descr, mon->fifofd,
	330	lxc_monitord_fifo_handler, mon);
	331	if (ret < 0) {
9044b79e	332	ERROR("Failed to add to mainloop monitor handler for fifo");
e51d4895 DE	333	return -1;
	334	}
	335
	336	ret = lxc_mainloop_add_handler(&mon->descr, mon->listenfd,
	337	lxc_monitord_sock_accept, mon);
	338	if (ret < 0) {
9044b79e	339	ERROR("Failed to add to mainloop monitor handler for listen socket");
e51d4895 DE	340	return -1;
	341	}
	342
	343	return 0;
	344	}
	345
	346	static void lxc_monitord_cleanup(void)
	347	{
	348	lxc_monitord_delete(&mon);
	349	}
	350
	351	static void lxc_monitord_sig_handler(int sig)
	352	{
d0dacf05	353	siglongjmp(mark, 1);
e51d4895 DE	354	}
	355
	356	int main(int argc, char *argv[])
	357	{
60e4f6fa	358	int ret, pipefd;
e51d4895 DE	359	char logpath[PATH_MAX];
e51d4895 DE	360	sigset_t mask;
60e4f6fa	361	char *lxcpath = argv[1];
5cc0f22d CB	362	bool mainloop_opened = false;
5cc0f22d CB	363	bool monitord_created = false;
73b910a3	364	struct lxc_log log;
e51d4895 DE	365
	366	if (argc != 3) {
	367	fprintf(stderr,
	368	"Usage: lxc-monitord lxcpath sync-pipe-fd\n\n"
	369	"NOTE: lxc-monitord is intended for use by lxc internally\n"
	370	" and does not need to be run by hand\n\n");
	371	exit(EXIT_FAILURE);
	372	}
	373
	374	ret = snprintf(logpath, sizeof(logpath), "%s/lxc-monitord.log",
2db65c21	375	(strcmp(LXCPATH, lxcpath) ? lxcpath : LOGPATH));
e51d4895	376	if (ret < 0 \|\| ret >= sizeof(logpath))
7e5af997	377	exit(EXIT_FAILURE);
e51d4895	378
73b910a3	379	log.name = NULL;
73b910a3	380	log.file = logpath;
4b73005c	381	log.level = "DEBUG";
73b910a3	382	log.prefix = "lxc-monitord";
	383	log.quiet = 0;
	384	log.lxcpath = lxcpath;
9044b79e	385
73b910a3	386	ret = lxc_log_init(&log);
e51d4895	387	if (ret)
9044b79e	388	INFO("Failed to open log file %s, log will be lost", lxcpath);
6edbfc86	389	lxc_log_options_no_override();
e51d4895	390
7e5af997 CB	391	if (lxc_safe_int(argv[2], &pipefd) < 0)
7e5af997 CB	392	exit(EXIT_FAILURE);
e51d4895 DE	393
	394	if (sigfillset(&mask) \|\|
	395	sigdelset(&mask, SIGILL) \|\|
	396	sigdelset(&mask, SIGSEGV) \|\|
	397	sigdelset(&mask, SIGBUS) \|\|
	398	sigdelset(&mask, SIGTERM) \|\|
b467714b	399	pthread_sigmask(SIG_BLOCK, &mask, NULL)) {
9044b79e	400	SYSERROR("Failed to set signal mask");
7e5af997	401	exit(EXIT_FAILURE);
e51d4895 DE	402	}
	403
	404	signal(SIGILL, lxc_monitord_sig_handler);
	405	signal(SIGSEGV, lxc_monitord_sig_handler);
	406	signal(SIGBUS, lxc_monitord_sig_handler);
	407	signal(SIGTERM, lxc_monitord_sig_handler);
	408
d0dacf05 CB	409	if (sigsetjmp(mark, 1) != 0)
	410	goto on_signal;
	411
e51d4895	412	ret = EXIT_FAILURE;
9044b79e	413
e51d4895 DE	414	memset(&mon, 0, sizeof(mon));
	415	mon.lxcpath = lxcpath;
	416	if (lxc_mainloop_open(&mon.descr)) {
9044b79e	417	ERROR("Failed to create mainloop");
60e4f6fa	418	goto on_error;
e51d4895	419	}
5cc0f22d	420	mainloop_opened = true;
e51d4895	421
5cc0f22d	422	if (lxc_monitord_create(&mon))
60e4f6fa	423	goto on_error;
5cc0f22d	424	monitord_created = true;
e51d4895 DE	425
	426	/* sync with parent, we're ignoring the return from write
	427	* because regardless if it works or not, the following
	428	* close will sync us with the parent process. the
	429	* if-empty-statement construct is to quiet the
	430	* warn-unused-result warning.
	431	*/
ff50dd77	432	if (lxc_write_nointr(pipefd, "S", 1))
8f47bc3f	433	;
e51d4895 DE	434	close(pipefd);
	435
	436	if (lxc_monitord_mainloop_add(&mon)) {
9044b79e	437	ERROR("Failed to add mainloop handlers");
60e4f6fa	438	goto on_error;
e51d4895 DE	439	}
e51d4895 DE	440
9044b79e	441	NOTICE("lxc-monitord with pid %d is now monitoring lxcpath %s",
0059379f	442	lxc_raw_getpid(), mon.lxcpath);
9044b79e	443
60e4f6fa	444	for (;;) {
e51d4895	445	ret = lxc_mainloop(&mon.descr, 1000 * 30);
267bc7ed	446	if (ret) {
	447	ERROR("mainloop returned an error");
	448	break;
	449	}
9044b79e	450
60e4f6fa	451	if (mon.clientfds_cnt <= 0) {
9044b79e	452	NOTICE("No remaining clients. lxc-monitord is exiting");
e51d4895 DE	453	break;
e51d4895 DE	454	}
9044b79e	455
	456	if (quit == LXC_MAINLOOP_CLOSE) {
	457	NOTICE("Got quit command. lxc-monitord is exitting");
267bc7ed	458	break;
267bc7ed	459	}
e51d4895 DE	460	}
e51d4895 DE	461
5cc0f22d	462	on_signal:
e51d4895	463	ret = EXIT_SUCCESS;
9044b79e	464
60e4f6fa	465	on_error:
5cc0f22d CB	466	if (monitord_created)
5cc0f22d CB	467	lxc_monitord_cleanup();
9044b79e	468
5cc0f22d CB	469	if (mainloop_opened)
5cc0f22d CB	470	lxc_mainloop_close(&mon.descr);
d0dacf05	471
5cc0f22d	472	exit(ret);
e51d4895	473	}