[mirror_lxc.git] / src / lxc / monitor.c

/*
 * lxc: linux Container library
 *
 * (C) Copyright IBM Corp. 2007, 2008
 *
 * Authors:
 * Daniel Lezcano <daniel.lezcano at free.fr>
 * Dwight Engen <dwight.engen@oracle.com>
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */

#include <errno.h>
#include <fcntl.h>
#include <inttypes.h>
#include <poll.h>
#include <stddef.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <net/if.h>
#include <netinet/in.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/wait.h>

#include "config.h"
#include "af_unix.h"
#include "error.h"
#include "log.h"
#include "lxclock.h"
#include "monitor.h"
#include "state.h"
#include "utils.h"

lxc_log_define(lxc_monitor, lxc);

/* routines used by monitor publishers (containers) */
int lxc_monitor_fifo_name(const char *lxcpath, char *fifo_path, size_t fifo_path_sz,
			  int do_mkdirp)
{
	int ret;
	char *rundir;

	rundir = get_rundir();
	if (!rundir)
		return -1;

	if (do_mkdirp) {
		ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s", rundir, lxcpath);
		if (ret < 0 || (size_t)ret >= fifo_path_sz) {
			ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo.", rundir, lxcpath);
			free(rundir);
			return -1;
		}
		ret = mkdir_p(fifo_path, 0755);
		if (ret < 0) {
			ERROR("Unable to create monitor fifo directory %s.", fifo_path);
			free(rundir);
			return ret;
		}
	}
	ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s/monitor-fifo", rundir, lxcpath);
	if (ret < 0 || (size_t)ret >= fifo_path_sz) {
		ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo.", rundir, lxcpath);
		free(rundir);
		return -1;
	}
	free(rundir);
	return 0;
}

static void lxc_monitor_fifo_send(struct lxc_msg *msg, const char *lxcpath)
{
	int fd,ret;
	char fifo_path[PATH_MAX];

	BUILD_BUG_ON(sizeof(*msg) > PIPE_BUF); /* write not guaranteed atomic */

	ret = lxc_monitor_fifo_name(lxcpath, fifo_path, sizeof(fifo_path), 0);
	if (ret < 0)
		return;

	/* Open the fifo nonblock in case the monitor is dead, we don't want the
	 * open to wait for a reader since it may never come.
	 */
	fd = open(fifo_path, O_WRONLY | O_NONBLOCK);
	if (fd < 0) {
		/* It is normal for this open() to fail with ENXIO when there is
		 * no monitor running, so we don't log it.
		 */
		if (errno == ENXIO)
			return;

		WARN("Failed to open fifo to send message: %s.", strerror(errno));
		return;
	}

	if (fcntl(fd, F_SETFL, O_WRONLY) < 0) {
		close(fd);
		return;
	}

	ret = write(fd, msg, sizeof(*msg));
	if (ret != sizeof(*msg)) {
		close(fd);
		SYSERROR("Failed to write to monitor fifo \"%s\".", fifo_path);
		return;
	}

	close(fd);
}

void lxc_monitor_send_state(const char *name, lxc_state_t state,
			    const char *lxcpath)
{
	struct lxc_msg msg = {.type = lxc_msg_state, .value = state};
	strncpy(msg.name, name, sizeof(msg.name));
	msg.name[sizeof(msg.name) - 1] = 0;

	lxc_monitor_fifo_send(&msg, lxcpath);
}

void lxc_monitor_send_exit_code(const char *name, int exit_code,
				const char *lxcpath)
{
	struct lxc_msg msg = {.type = lxc_msg_exit_code, .value = exit_code};
	strncpy(msg.name, name, sizeof(msg.name));
	msg.name[sizeof(msg.name) - 1] = 0;

	lxc_monitor_fifo_send(&msg, lxcpath);
}

/* routines used by monitor subscribers (lxc-monitor) */
int lxc_monitor_close(int fd)
{
	return close(fd);
}

/* Enforces \0-termination for the abstract unix socket. This is not required
 * but allows us to print it out.
 *
 * Older version of liblxc only allowed for 105 bytes to be used for the
 * abstract unix domain socket name because the code for our abstract unix
 * socket handling performed invalid checks. Since we \0-terminate we could now
 * have a maximum of 106 chars. But to not break backwards compatibility we keep
 * the limit at 105.
 */
int lxc_monitor_sock_name(const char *lxcpath, struct sockaddr_un *addr) {
	size_t len;
	int ret;
	char *path;
	uint64_t hash;

	/* addr.sun_path is only 108 bytes, so we hash the full name and
	 * then append as much of the name as we can fit.
	 */
	memset(addr, 0, sizeof(*addr));
	addr->sun_family = AF_UNIX;

	/* strlen("lxc/") + strlen("/monitor-sock") + 1 = 18 */
	len = strlen(lxcpath) + 18;
	path = alloca(len);
	ret = snprintf(path, len, "lxc/%s/monitor-sock", lxcpath);
	if (ret < 0 || (size_t)ret >= len) {
		ERROR("failed to create name for monitor socket");
		return -1;
	}

	/* Note: snprintf() will \0-terminate addr->sun_path on the 106th byte
	 * and so the abstract socket name has 105 "meaningful" characters. This
	 * is absolutely intentional. For further info read the comment for this
	 * function above!
	 */
	len = sizeof(addr->sun_path) - 1;
	hash = fnv_64a_buf(path, ret, FNV1A_64_INIT);
	ret = snprintf(addr->sun_path, len, "@lxc/%016" PRIx64 "/%s", hash, lxcpath);
	if (ret < 0) {
		ERROR("failed to create hashed name for monitor socket");
		return -1;
	}

	/* replace @ with \0 */
	addr->sun_path[0] = '\0';
	INFO("using monitor socket name \"%s\" (length of socket name %zu must be <= %zu)", &addr->sun_path[1], strlen(&addr->sun_path[1]), sizeof(addr->sun_path) - 3);

	return 0;
}

int lxc_monitor_open(const char *lxcpath)
{
	struct sockaddr_un addr;
	int fd;
	size_t retry;
	size_t len;
	int ret = -1;
	int backoff_ms[] = {10, 50, 100};

	if (lxc_monitor_sock_name(lxcpath, &addr) < 0)
		return -1;

	fd = socket(PF_UNIX, SOCK_STREAM, 0);
	if (fd < 0) {
		ERROR("Failed to create socket: %s.", strerror(errno));
		return -errno;
	}

	len = strlen(&addr.sun_path[1]);
	DEBUG("opening monitor socket %s with len %zu", &addr.sun_path[1], len);
	if (len >= sizeof(addr.sun_path) - 1) {
		errno = ENAMETOOLONG;
		ret = -errno;
		ERROR("name of monitor socket too long (%zu bytes): %s", len, strerror(errno));
		goto on_error;
	}

	for (retry = 0; retry < sizeof(backoff_ms) / sizeof(backoff_ms[0]); retry++) {
		fd = lxc_abstract_unix_connect(addr.sun_path);
		if (fd < 0 || errno != ECONNREFUSED)
			break;
		ERROR("Failed to connect to monitor socket. Retrying in %d ms: %s", backoff_ms[retry], strerror(errno));
		usleep(backoff_ms[retry] * 1000);
	}

	if (fd < 0) {
		ret = -errno;
		ERROR("Failed to connect to monitor socket: %s.", strerror(errno));
		goto on_error;
	}

	return fd;

on_error:
	close(fd);
	return ret;
}

int lxc_monitor_read_fdset(struct pollfd *fds, nfds_t nfds, struct lxc_msg *msg,
			   int timeout)
{
	long i;
	int ret;

	ret = poll(fds, nfds, timeout * 1000);
	if (ret == -1)
		return -1;
	else if (ret == 0)
		return -2;  /* timed out */

	/* Only read from the first ready fd, the others will remain ready for
	 * when this routine is called again.
	 */
	for (i = 0; i < nfds; i++) {
		if (fds[i].revents != 0) {
			fds[i].revents = 0;
			ret = recv(fds[i].fd, msg, sizeof(*msg), 0);
			if (ret <= 0) {
				SYSERROR("Failed to receive message. Did monitord die?: %s.", strerror(errno));
				return -1;
			}
			return ret;
		}
	}

	SYSERROR("No ready fd found.");

	return -1;
}

int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout)
{
	struct pollfd fds;

	fds.fd = fd;
	fds.events = POLLIN | POLLPRI;
	fds.revents = 0;

	return lxc_monitor_read_fdset(&fds, 1, msg, timeout);
}

int lxc_monitor_read(int fd, struct lxc_msg *msg)
{
	return lxc_monitor_read_timeout(fd, msg, -1);
}

#define LXC_MONITORD_PATH LIBEXECDIR "/lxc/lxc-monitord"

/* Used to spawn a monitord either on startup of a daemon container, or when
 * lxc-monitor starts.
 */
int lxc_monitord_spawn(const char *lxcpath)
{
	int ret;
	int pipefd[2];
	char pipefd_str[LXC_NUMSTRLEN64];
	pid_t pid1, pid2;

	char *const args[] = {
	    LXC_MONITORD_PATH,
	    (char *)lxcpath,
	    pipefd_str,
	    NULL,
	};

	/* double fork to avoid zombies when monitord exits */
	pid1 = fork();
	if (pid1 < 0) {
		SYSERROR("Failed to fork().");
		return -1;
	}

	if (pid1) {
		DEBUG("Going to wait for pid %d.", pid1);
		if (waitpid(pid1, NULL, 0) != pid1)
			return -1;
		DEBUG("Finished waiting on pid %d.", pid1);
		return 0;
	}

	if (pipe(pipefd) < 0) {
		SYSERROR("Failed to create pipe.");
		exit(EXIT_FAILURE);
	}

	pid2 = fork();
	if (pid2 < 0) {
		SYSERROR("Failed to fork().");
		exit(EXIT_FAILURE);
	}

	if (pid2) {
		DEBUG("Trying to sync with child process.");
		char c;
		/* Wait for daemon to create socket. */
		close(pipefd[1]);

		/* Sync with child, we're ignoring the return from read
		 * because regardless if it works or not, either way we've
		 * synced with the child process. the if-empty-statement
		 * construct is to quiet the warn-unused-result warning.
		 */
		if (read(pipefd[0], &c, 1))
			;

		close(pipefd[0]);

		DEBUG("Successfully synced with child process.");
		exit(EXIT_SUCCESS);
	}

	if (setsid() < 0) {
		SYSERROR("Failed to setsid().");
		exit(EXIT_FAILURE);
	}

	lxc_check_inherited(NULL, true, &pipefd[1], 1);
	if (null_stdfds() < 0) {
		SYSERROR("Failed to dup2() standard file descriptors to /dev/null.");
		exit(EXIT_FAILURE);
	}

	close(pipefd[0]);

	ret = snprintf(pipefd_str, LXC_NUMSTRLEN64, "%d", pipefd[1]);
	if (ret < 0 || ret >= LXC_NUMSTRLEN64) {
		ERROR("Failed to create pid argument to pass to monitord.");
		exit(EXIT_FAILURE);
	}

	DEBUG("Using pipe file descriptor %d for monitord.", pipefd[1]);

	execvp(args[0], args);
	SYSERROR("failed to exec lxc-monitord");

	exit(EXIT_FAILURE);
}
Commit	Line	Data
0ad19a3f	1	/*
	2	* lxc: linux Container library
	3	*
	4	* (C) Copyright IBM Corp. 2007, 2008
	5	*
	6	* Authors:
9afe19d6	7	* Daniel Lezcano <daniel.lezcano at free.fr>
e51d4895	8	* Dwight Engen <dwight.engen@oracle.com>
0ad19a3f	9	*
	10	* This library is free software; you can redistribute it and/or
	11	* modify it under the terms of the GNU Lesser General Public
	12	* License as published by the Free Software Foundation; either
	13	* version 2.1 of the License, or (at your option) any later version.
	14	*
	15	* This library is distributed in the hope that it will be useful,
	16	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	17	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	18	* Lesser General Public License for more details.
	19	*
	20	* You should have received a copy of the GNU Lesser General Public
	21	* License along with this library; if not, write to the Free Software
250b1eec	22	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
0ad19a3f	23	*/
e51d4895	24
0ad19a3f	25	#include <errno.h>
0ad19a3f	26	#include <fcntl.h>
b45c7011	27	#include <inttypes.h>
292b1d17 CB	28	#include <poll.h>
292b1d17 CB	29	#include <stddef.h>
b45c7011	30	#include <stdint.h>
292b1d17 CB	31	#include <stdio.h>
	32	#include <stdlib.h>
	33	#include <string.h>
	34	#include <unistd.h>
	35	#include <net/if.h>
	36	#include <netinet/in.h>
0ad19a3f	37	#include <sys/param.h>
0ad19a3f	38	#include <sys/socket.h>
292b1d17 CB	39	#include <sys/stat.h>
292b1d17 CB	40	#include <sys/types.h>
e51d4895	41	#include <sys/wait.h>
b113348e	42
292b1d17	43	#include "config.h"
31c53c2e	44	#include "af_unix.h"
292b1d17	45	#include "error.h"
f2363e38 ÇO	46	#include "log.h"
f2363e38 ÇO	47	#include "lxclock.h"
f2363e38	48	#include "monitor.h"
292b1d17	49	#include "state.h"
f2363e38	50	#include "utils.h"
36eb9bde CLG	51
36eb9bde CLG	52	lxc_log_define(lxc_monitor, lxc);
0ad19a3f	53
e51d4895	54	/* routines used by monitor publishers (containers) */
9e60f51d DE	55	int lxc_monitor_fifo_name(const char lxcpath, char fifo_path, size_t fifo_path_sz,
	56	int do_mkdirp)
	57	{
	58	int ret;
44b9ae4b	59	char *rundir;
9e60f51d DE	60
9e60f51d DE	61	rundir = get_rundir();
97a696c6 SG	62	if (!rundir)
	63	return -1;
	64
9e60f51d DE	65	if (do_mkdirp) {
9e60f51d DE	66	ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s", rundir, lxcpath);
292b1d17 CB	67	if (ret < 0 \|\| (size_t)ret >= fifo_path_sz) {
292b1d17 CB	68	ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo.", rundir, lxcpath);
44b9ae4b	69	free(rundir);
9e60f51d DE	70	return -1;
9e60f51d DE	71	}
9e60f51d	72	ret = mkdir_p(fifo_path, 0755);
9e60f51d	73	if (ret < 0) {
292b1d17	74	ERROR("Unable to create monitor fifo directory %s.", fifo_path);
44b9ae4b	75	free(rundir);
9e60f51d DE	76	return ret;
	77	}
	78	}
	79	ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s/monitor-fifo", rundir, lxcpath);
292b1d17 CB	80	if (ret < 0 \|\| (size_t)ret >= fifo_path_sz) {
292b1d17 CB	81	ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo.", rundir, lxcpath);
44b9ae4b	82	free(rundir);
9e60f51d DE	83	return -1;
9e60f51d DE	84	}
44b9ae4b	85	free(rundir);
9e60f51d DE	86	return 0;
	87	}
	88
e51d4895	89	static void lxc_monitor_fifo_send(struct lxc_msg msg, const char lxcpath)
0ad19a3f	90	{
e51d4895 DE	91	int fd,ret;
	92	char fifo_path[PATH_MAX];
	93
	94	BUILD_BUG_ON(sizeof(msg) > PIPE_BUF); / write not guaranteed atomic */
9e60f51d DE	95
	96	ret = lxc_monitor_fifo_name(lxcpath, fifo_path, sizeof(fifo_path), 0);
	97	if (ret < 0)
9123e471	98	return;
80f41298	99
292b1d17 CB	100	/* Open the fifo nonblock in case the monitor is dead, we don't want the
292b1d17 CB	101	* open to wait for a reader since it may never come.
8bf1e61e	102	*/
292b1d17	103	fd = open(fifo_path, O_WRONLY \| O_NONBLOCK);
e51d4895	104	if (fd < 0) {
292b1d17 CB	105	/* It is normal for this open() to fail with ENXIO when there is
292b1d17 CB	106	* no monitor running, so we don't log it.
e51d4895	107	*/
292b1d17 CB	108	if (errno == ENXIO)
	109	return;
	110
	111	WARN("Failed to open fifo to send message: %s.", strerror(errno));
31c53c2e	112	return;
e51d4895	113	}
0ad19a3f	114
92ffb6d8 DE	115	if (fcntl(fd, F_SETFL, O_WRONLY) < 0) {
92ffb6d8 DE	116	close(fd);
8bf1e61e	117	return;
92ffb6d8	118	}
8bf1e61e	119
e51d4895 DE	120	ret = write(fd, msg, sizeof(*msg));
e51d4895 DE	121	if (ret != sizeof(*msg)) {
e8b9ac8f	122	close(fd);
292b1d17	123	SYSERROR("Failed to write to monitor fifo \"%s\".", fifo_path);
e51d4895 DE	124	return;
e51d4895 DE	125	}
0ad19a3f	126
	127	close(fd);
	128	}
	129
292b1d17 CB	130	void lxc_monitor_send_state(const char *name, lxc_state_t state,
292b1d17 CB	131	const char *lxcpath)
eae6543d	132	{
292b1d17	133	struct lxc_msg msg = {.type = lxc_msg_state, .value = state};
80f41298	134	strncpy(msg.name, name, sizeof(msg.name));
f3bc28bd	135	msg.name[sizeof(msg.name) - 1] = 0;
eae6543d	136
e51d4895	137	lxc_monitor_fifo_send(&msg, lxcpath);
0ad19a3f	138	}
0ad19a3f	139
292b1d17 CB	140	void lxc_monitor_send_exit_code(const char *name, int exit_code,
292b1d17 CB	141	const char *lxcpath)
1787abca	142	{
292b1d17	143	struct lxc_msg msg = {.type = lxc_msg_exit_code, .value = exit_code};
1787abca JTLB	144	strncpy(msg.name, name, sizeof(msg.name));
	145	msg.name[sizeof(msg.name) - 1] = 0;
	146
	147	lxc_monitor_fifo_send(&msg, lxcpath);
	148	}
	149
e51d4895 DE	150	/* routines used by monitor subscribers (lxc-monitor) */
e51d4895 DE	151	int lxc_monitor_close(int fd)
0ad19a3f	152	{
dd1d77f9	153	return close(fd);
e51d4895 DE	154	}
e51d4895 DE	155
fcaef9c7 CB	156	/* Enforces \0-termination for the abstract unix socket. This is not required
	157	* but allows us to print it out.
	158	*
	159	* Older version of liblxc only allowed for 105 bytes to be used for the
	160	* abstract unix domain socket name because the code for our abstract unix
	161	* socket handling performed invalid checks. Since we \0-terminate we could now
	162	* have a maximum of 106 chars. But to not break backwards compatibility we keep
	163	* the limit at 105.
	164	*/
e51d4895 DE	165	int lxc_monitor_sock_name(const char lxcpath, struct sockaddr_un addr) {
	166	size_t len;
	167	int ret;
073135ba	168	char *path;
b45c7011	169	uint64_t hash;
e51d4895	170
b45c7011 DE	171	/* addr.sun_path is only 108 bytes, so we hash the full name and
b45c7011 DE	172	* then append as much of the name as we can fit.
9123e471	173	*/
e51d4895 DE	174	memset(addr, 0, sizeof(*addr));
e51d4895 DE	175	addr->sun_family = AF_UNIX;
292b1d17	176
fcaef9c7	177	/* strlen("lxc/") + strlen("/monitor-sock") + 1 = 18 */
073135ba SH	178	len = strlen(lxcpath) + 18;
	179	path = alloca(len);
	180	ret = snprintf(path, len, "lxc/%s/monitor-sock", lxcpath);
292b1d17	181	if (ret < 0 \|\| (size_t)ret >= len) {
fcaef9c7	182	ERROR("failed to create name for monitor socket");
9e60f51d DE	183	return -1;
9e60f51d DE	184	}
9e60f51d	185
fcaef9c7 CB	186	/* Note: snprintf() will \0-terminate addr->sun_path on the 106th byte
	187	* and so the abstract socket name has 105 "meaningful" characters. This
	188	* is absolutely intentional. For further info read the comment for this
	189	* function above!
	190	*/
073135ba	191	len = sizeof(addr->sun_path) - 1;
b45c7011	192	hash = fnv_64a_buf(path, ret, FNV1A_64_INIT);
fcaef9c7 CB	193	ret = snprintf(addr->sun_path, len, "@lxc/%016" PRIx64 "/%s", hash, lxcpath);
	194	if (ret < 0) {
	195	ERROR("failed to create hashed name for monitor socket");
9123e471	196	return -1;
fcaef9c7	197	}
292b1d17	198
fcaef9c7 CB	199	/* replace @ with \0 */
	200	addr->sun_path[0] = '\0';
	201	INFO("using monitor socket name \"%s\" (length of socket name %zu must be <= %zu)", &addr->sun_path[1], strlen(&addr->sun_path[1]), sizeof(addr->sun_path) - 3);
292b1d17	202
e51d4895 DE	203	return 0;
e51d4895 DE	204	}
0ad19a3f	205
e51d4895 DE	206	int lxc_monitor_open(const char *lxcpath)
	207	{
	208	struct sockaddr_un addr;
292b1d17 CB	209	int fd;
292b1d17 CB	210	size_t retry;
aae93dd3	211	size_t len;
fcaef9c7 CB	212	int ret = -1;
fcaef9c7 CB	213	int backoff_ms[] = {10, 50, 100};
e51d4895 DE	214
	215	if (lxc_monitor_sock_name(lxcpath, &addr) < 0)
	216	return -1;
	217
	218	fd = socket(PF_UNIX, SOCK_STREAM, 0);
2c396e12	219	if (fd < 0) {
292b1d17	220	ERROR("Failed to create socket: %s.", strerror(errno));
fcaef9c7	221	return -errno;
2c396e12	222	}
0ad19a3f	223
fcaef9c7 CB	224	len = strlen(&addr.sun_path[1]);
fcaef9c7 CB	225	DEBUG("opening monitor socket %s with len %zu", &addr.sun_path[1], len);
aae93dd3	226	if (len >= sizeof(addr.sun_path) - 1) {
aae93dd3	227	errno = ENAMETOOLONG;
fcaef9c7 CB	228	ret = -errno;
fcaef9c7 CB	229	ERROR("name of monitor socket too long (%zu bytes): %s", len, strerror(errno));
292b1d17	230	goto on_error;
aae93dd3 ÇO	231	}
aae93dd3 ÇO	232
292b1d17	233	for (retry = 0; retry < sizeof(backoff_ms) / sizeof(backoff_ms[0]); retry++) {
fcaef9c7 CB	234	fd = lxc_abstract_unix_connect(addr.sun_path);
fcaef9c7 CB	235	if (fd < 0 \|\| errno != ECONNREFUSED)
e51d4895	236	break;
fcaef9c7	237	ERROR("Failed to connect to monitor socket. Retrying in %d ms: %s", backoff_ms[retry], strerror(errno));
e51d4895	238	usleep(backoff_ms[retry] * 1000);
0ad19a3f	239	}
0ad19a3f	240
fcaef9c7 CB	241	if (fd < 0) {
fcaef9c7 CB	242	ret = -errno;
292b1d17 CB	243	ERROR("Failed to connect to monitor socket: %s.", strerror(errno));
292b1d17 CB	244	goto on_error;
e51d4895	245	}
292b1d17	246
0ad19a3f	247	return fd;
292b1d17 CB	248
292b1d17 CB	249	on_error:
e51d4895 DE	250	close(fd);
e51d4895 DE	251	return ret;
0ad19a3f	252	}
0ad19a3f	253
2366b8a7	254	int lxc_monitor_read_fdset(struct pollfd fds, nfds_t nfds, struct lxc_msg msg,
8d06bd13	255	int timeout)
0ad19a3f	256	{
2366b8a7 SH	257	long i;
2366b8a7 SH	258	int ret;
0ad19a3f	259
2366b8a7	260	ret = poll(fds, nfds, timeout * 1000);
8d06bd13	261	if (ret == -1)
75b1e198	262	return -1;
8d06bd13	263	else if (ret == 0)
1a0e70ac	264	return -2; /* timed out */
8d06bd13	265
292b1d17 CB	266	/* Only read from the first ready fd, the others will remain ready for
292b1d17 CB	267	* when this routine is called again.
8d06bd13 DE	268	*/
8d06bd13 DE	269	for (i = 0; i < nfds; i++) {
2366b8a7 SH	270	if (fds[i].revents != 0) {
	271	fds[i].revents = 0;
	272	ret = recv(fds[i].fd, msg, sizeof(*msg), 0);
8d06bd13	273	if (ret <= 0) {
292b1d17	274	SYSERROR("Failed to receive message. Did monitord die?: %s.", strerror(errno));
8d06bd13 DE	275	return -1;
	276	}
	277	return ret;
	278	}
0ad19a3f	279	}
292b1d17 CB	280
	281	SYSERROR("No ready fd found.");
	282
8d06bd13 DE	283	return -1;
	284	}
	285
	286	int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout)
	287	{
2366b8a7	288	struct pollfd fds;
8d06bd13	289
2366b8a7 SH	290	fds.fd = fd;
	291	fds.events = POLLIN \| POLLPRI;
	292	fds.revents = 0;
8d06bd13	293
2366b8a7	294	return lxc_monitor_read_fdset(&fds, 1, msg, timeout);
0ad19a3f	295	}
0ad19a3f	296
72d0e1cb SG	297	int lxc_monitor_read(int fd, struct lxc_msg *msg)
	298	{
	299	return lxc_monitor_read_timeout(fd, msg, -1);
	300	}
	301
45e854dc	302	#define LXC_MONITORD_PATH LIBEXECDIR "/lxc/lxc-monitord"
e51d4895	303
292b1d17 CB	304	/* Used to spawn a monitord either on startup of a daemon container, or when
292b1d17 CB	305	* lxc-monitor starts.
e51d4895 DE	306	*/
e51d4895 DE	307	int lxc_monitord_spawn(const char *lxcpath)
0ad19a3f	308	{
487b14b6	309	int ret;
e51d4895	310	int pipefd[2];
eab15c1e	311	char pipefd_str[LXC_NUMSTRLEN64];
487b14b6	312	pid_t pid1, pid2;
e51d4895	313
292b1d17 CB	314	char *const args[] = {
	315	LXC_MONITORD_PATH,
	316	(char *)lxcpath,
	317	pipefd_str,
	318	NULL,
e51d4895 DE	319	};
	320
	321	/* double fork to avoid zombies when monitord exits */
	322	pid1 = fork();
	323	if (pid1 < 0) {
292b1d17	324	SYSERROR("Failed to fork().");
e51d4895 DE	325	return -1;
	326	}
	327
	328	if (pid1) {
292b1d17	329	DEBUG("Going to wait for pid %d.", pid1);
f2bbe86d DE	330	if (waitpid(pid1, NULL, 0) != pid1)
f2bbe86d DE	331	return -1;
487b14b6	332	DEBUG("Finished waiting on pid %d.", pid1);
e51d4895 DE	333	return 0;
	334	}
	335
	336	if (pipe(pipefd) < 0) {
292b1d17	337	SYSERROR("Failed to create pipe.");
e51d4895 DE	338	exit(EXIT_FAILURE);
	339	}
	340
	341	pid2 = fork();
	342	if (pid2 < 0) {
292b1d17	343	SYSERROR("Failed to fork().");
e51d4895 DE	344	exit(EXIT_FAILURE);
e51d4895 DE	345	}
292b1d17	346
e51d4895	347	if (pid2) {
5cc0f22d	348	DEBUG("Trying to sync with child process.");
e51d4895	349	char c;
292b1d17	350	/* Wait for daemon to create socket. */
e51d4895	351	close(pipefd[1]);
292b1d17 CB	352
292b1d17 CB	353	/* Sync with child, we're ignoring the return from read
e51d4895 DE	354	* because regardless if it works or not, either way we've
	355	* synced with the child process. the if-empty-statement
	356	* construct is to quiet the warn-unused-result warning.
	357	*/
8f47bc3f SG	358	if (read(pipefd[0], &c, 1))
8f47bc3f SG	359	;
292b1d17	360
e51d4895	361	close(pipefd[0]);
292b1d17	362
073000e2	363	DEBUG("Successfully synced with child process.");
e51d4895 DE	364	exit(EXIT_SUCCESS);
	365	}
	366
e51d4895	367	if (setsid() < 0) {
292b1d17	368	SYSERROR("Failed to setsid().");
e51d4895 DE	369	exit(EXIT_FAILURE);
e51d4895 DE	370	}
292b1d17	371
47a46cf1	372	lxc_check_inherited(NULL, true, &pipefd[1], 1);
aec1ea62 CB	373	if (null_stdfds() < 0) {
aec1ea62 CB	374	SYSERROR("Failed to dup2() standard file descriptors to /dev/null.");
69aeabac	375	exit(EXIT_FAILURE);
aec1ea62	376	}
292b1d17	377
e51d4895	378	close(pipefd[0]);
292b1d17	379
eab15c1e CB	380	ret = snprintf(pipefd_str, LXC_NUMSTRLEN64, "%d", pipefd[1]);
eab15c1e CB	381	if (ret < 0 \|\| ret >= LXC_NUMSTRLEN64) {
aec1ea62	382	ERROR("Failed to create pid argument to pass to monitord.");
487b14b6	383	exit(EXIT_FAILURE);
aec1ea62	384	}
487b14b6 CB	385
487b14b6 CB	386	DEBUG("Using pipe file descriptor %d for monitord.", pipefd[1]);
292b1d17	387
e51d4895	388	execvp(args[0], args);
00cccc8b	389	SYSERROR("failed to exec lxc-monitord");
292b1d17	390
e51d4895	391	exit(EXIT_FAILURE);
0ad19a3f	392	}