]>
Commit | Line | Data |
---|---|---|
0ad19a3f | 1 | /* |
2 | * lxc: linux Container library | |
3 | * | |
4 | * (C) Copyright IBM Corp. 2007, 2008 | |
5 | * | |
6 | * Authors: | |
9afe19d6 | 7 | * Daniel Lezcano <daniel.lezcano at free.fr> |
e51d4895 | 8 | * Dwight Engen <dwight.engen@oracle.com> |
0ad19a3f | 9 | * |
10 | * This library is free software; you can redistribute it and/or | |
11 | * modify it under the terms of the GNU Lesser General Public | |
12 | * License as published by the Free Software Foundation; either | |
13 | * version 2.1 of the License, or (at your option) any later version. | |
14 | * | |
15 | * This library is distributed in the hope that it will be useful, | |
16 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
17 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
18 | * Lesser General Public License for more details. | |
19 | * | |
20 | * You should have received a copy of the GNU Lesser General Public | |
21 | * License along with this library; if not, write to the Free Software | |
250b1eec | 22 | * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA |
0ad19a3f | 23 | */ |
e51d4895 | 24 | |
9d465140 | 25 | #define _GNU_SOURCE |
0ad19a3f | 26 | #include <errno.h> |
0ad19a3f | 27 | #include <fcntl.h> |
b45c7011 | 28 | #include <inttypes.h> |
292b1d17 CB |
29 | #include <poll.h> |
30 | #include <stddef.h> | |
b45c7011 | 31 | #include <stdint.h> |
292b1d17 CB |
32 | #include <stdio.h> |
33 | #include <stdlib.h> | |
34 | #include <string.h> | |
35 | #include <unistd.h> | |
36 | #include <net/if.h> | |
37 | #include <netinet/in.h> | |
0ad19a3f | 38 | #include <sys/param.h> |
0ad19a3f | 39 | #include <sys/socket.h> |
292b1d17 CB |
40 | #include <sys/stat.h> |
41 | #include <sys/types.h> | |
e51d4895 | 42 | #include <sys/wait.h> |
b113348e | 43 | |
292b1d17 | 44 | #include "config.h" |
31c53c2e | 45 | #include "af_unix.h" |
292b1d17 | 46 | #include "error.h" |
f2363e38 ÇO |
47 | #include "log.h" |
48 | #include "lxclock.h" | |
397a8d30 | 49 | #include "macro.h" |
f2363e38 | 50 | #include "monitor.h" |
292b1d17 | 51 | #include "state.h" |
f2363e38 | 52 | #include "utils.h" |
36eb9bde | 53 | |
9de31d5a CB |
54 | #ifndef HAVE_STRLCPY |
55 | #include "include/strlcpy.h" | |
56 | #endif | |
57 | ||
ac2cecc4 | 58 | lxc_log_define(monitor, lxc); |
0ad19a3f | 59 | |
e51d4895 | 60 | /* routines used by monitor publishers (containers) */ |
9e60f51d DE |
61 | int lxc_monitor_fifo_name(const char *lxcpath, char *fifo_path, size_t fifo_path_sz, |
62 | int do_mkdirp) | |
63 | { | |
64 | int ret; | |
44b9ae4b | 65 | char *rundir; |
9e60f51d DE |
66 | |
67 | rundir = get_rundir(); | |
97a696c6 SG |
68 | if (!rundir) |
69 | return -1; | |
70 | ||
9e60f51d DE |
71 | if (do_mkdirp) { |
72 | ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s", rundir, lxcpath); | |
292b1d17 CB |
73 | if (ret < 0 || (size_t)ret >= fifo_path_sz) { |
74 | ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo.", rundir, lxcpath); | |
44b9ae4b | 75 | free(rundir); |
9e60f51d DE |
76 | return -1; |
77 | } | |
9e60f51d | 78 | ret = mkdir_p(fifo_path, 0755); |
9e60f51d | 79 | if (ret < 0) { |
292b1d17 | 80 | ERROR("Unable to create monitor fifo directory %s.", fifo_path); |
44b9ae4b | 81 | free(rundir); |
9e60f51d DE |
82 | return ret; |
83 | } | |
84 | } | |
85 | ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s/monitor-fifo", rundir, lxcpath); | |
292b1d17 CB |
86 | if (ret < 0 || (size_t)ret >= fifo_path_sz) { |
87 | ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo.", rundir, lxcpath); | |
44b9ae4b | 88 | free(rundir); |
9e60f51d DE |
89 | return -1; |
90 | } | |
44b9ae4b | 91 | free(rundir); |
9e60f51d DE |
92 | return 0; |
93 | } | |
94 | ||
e51d4895 | 95 | static void lxc_monitor_fifo_send(struct lxc_msg *msg, const char *lxcpath) |
0ad19a3f | 96 | { |
e51d4895 DE |
97 | int fd,ret; |
98 | char fifo_path[PATH_MAX]; | |
99 | ||
100 | BUILD_BUG_ON(sizeof(*msg) > PIPE_BUF); /* write not guaranteed atomic */ | |
9e60f51d DE |
101 | |
102 | ret = lxc_monitor_fifo_name(lxcpath, fifo_path, sizeof(fifo_path), 0); | |
103 | if (ret < 0) | |
9123e471 | 104 | return; |
80f41298 | 105 | |
292b1d17 CB |
106 | /* Open the fifo nonblock in case the monitor is dead, we don't want the |
107 | * open to wait for a reader since it may never come. | |
8bf1e61e | 108 | */ |
292b1d17 | 109 | fd = open(fifo_path, O_WRONLY | O_NONBLOCK); |
e51d4895 | 110 | if (fd < 0) { |
292b1d17 CB |
111 | /* It is normal for this open() to fail with ENXIO when there is |
112 | * no monitor running, so we don't log it. | |
e51d4895 | 113 | */ |
2469f9b6 | 114 | if (errno == ENXIO || errno == ENOENT) |
292b1d17 CB |
115 | return; |
116 | ||
a24c5678 | 117 | SYSWARN("Failed to open fifo to send message"); |
31c53c2e | 118 | return; |
e51d4895 | 119 | } |
0ad19a3f | 120 | |
92ffb6d8 DE |
121 | if (fcntl(fd, F_SETFL, O_WRONLY) < 0) { |
122 | close(fd); | |
8bf1e61e | 123 | return; |
92ffb6d8 | 124 | } |
8bf1e61e | 125 | |
802e609a | 126 | ret = lxc_write_nointr(fd, msg, sizeof(*msg)); |
e51d4895 | 127 | if (ret != sizeof(*msg)) { |
e8b9ac8f | 128 | close(fd); |
292b1d17 | 129 | SYSERROR("Failed to write to monitor fifo \"%s\".", fifo_path); |
e51d4895 DE |
130 | return; |
131 | } | |
0ad19a3f | 132 | |
133 | close(fd); | |
134 | } | |
135 | ||
292b1d17 CB |
136 | void lxc_monitor_send_state(const char *name, lxc_state_t state, |
137 | const char *lxcpath) | |
eae6543d | 138 | { |
292b1d17 | 139 | struct lxc_msg msg = {.type = lxc_msg_state, .value = state}; |
eae6543d | 140 | |
9de31d5a | 141 | (void)strlcpy(msg.name, name, sizeof(msg.name)); |
e51d4895 | 142 | lxc_monitor_fifo_send(&msg, lxcpath); |
0ad19a3f | 143 | } |
144 | ||
292b1d17 CB |
145 | void lxc_monitor_send_exit_code(const char *name, int exit_code, |
146 | const char *lxcpath) | |
1787abca | 147 | { |
292b1d17 | 148 | struct lxc_msg msg = {.type = lxc_msg_exit_code, .value = exit_code}; |
1787abca | 149 | |
9de31d5a | 150 | (void)strlcpy(msg.name, name, sizeof(msg.name)); |
1787abca JTLB |
151 | lxc_monitor_fifo_send(&msg, lxcpath); |
152 | } | |
153 | ||
e51d4895 DE |
154 | /* routines used by monitor subscribers (lxc-monitor) */ |
155 | int lxc_monitor_close(int fd) | |
0ad19a3f | 156 | { |
dd1d77f9 | 157 | return close(fd); |
e51d4895 DE |
158 | } |
159 | ||
fcaef9c7 CB |
160 | /* Enforces \0-termination for the abstract unix socket. This is not required |
161 | * but allows us to print it out. | |
162 | * | |
163 | * Older version of liblxc only allowed for 105 bytes to be used for the | |
164 | * abstract unix domain socket name because the code for our abstract unix | |
165 | * socket handling performed invalid checks. Since we \0-terminate we could now | |
166 | * have a maximum of 106 chars. But to not break backwards compatibility we keep | |
167 | * the limit at 105. | |
168 | */ | |
e51d4895 DE |
169 | int lxc_monitor_sock_name(const char *lxcpath, struct sockaddr_un *addr) { |
170 | size_t len; | |
171 | int ret; | |
073135ba | 172 | char *path; |
b45c7011 | 173 | uint64_t hash; |
e51d4895 | 174 | |
b45c7011 DE |
175 | /* addr.sun_path is only 108 bytes, so we hash the full name and |
176 | * then append as much of the name as we can fit. | |
9123e471 | 177 | */ |
e51d4895 DE |
178 | memset(addr, 0, sizeof(*addr)); |
179 | addr->sun_family = AF_UNIX; | |
292b1d17 | 180 | |
fcaef9c7 | 181 | /* strlen("lxc/") + strlen("/monitor-sock") + 1 = 18 */ |
073135ba SH |
182 | len = strlen(lxcpath) + 18; |
183 | path = alloca(len); | |
184 | ret = snprintf(path, len, "lxc/%s/monitor-sock", lxcpath); | |
292b1d17 | 185 | if (ret < 0 || (size_t)ret >= len) { |
fcaef9c7 | 186 | ERROR("failed to create name for monitor socket"); |
9e60f51d DE |
187 | return -1; |
188 | } | |
9e60f51d | 189 | |
fcaef9c7 CB |
190 | /* Note: snprintf() will \0-terminate addr->sun_path on the 106th byte |
191 | * and so the abstract socket name has 105 "meaningful" characters. This | |
192 | * is absolutely intentional. For further info read the comment for this | |
193 | * function above! | |
194 | */ | |
073135ba | 195 | len = sizeof(addr->sun_path) - 1; |
b45c7011 | 196 | hash = fnv_64a_buf(path, ret, FNV1A_64_INIT); |
fcaef9c7 CB |
197 | ret = snprintf(addr->sun_path, len, "@lxc/%016" PRIx64 "/%s", hash, lxcpath); |
198 | if (ret < 0) { | |
199 | ERROR("failed to create hashed name for monitor socket"); | |
9123e471 | 200 | return -1; |
fcaef9c7 | 201 | } |
292b1d17 | 202 | |
fcaef9c7 CB |
203 | /* replace @ with \0 */ |
204 | addr->sun_path[0] = '\0'; | |
205 | INFO("using monitor socket name \"%s\" (length of socket name %zu must be <= %zu)", &addr->sun_path[1], strlen(&addr->sun_path[1]), sizeof(addr->sun_path) - 3); | |
292b1d17 | 206 | |
e51d4895 DE |
207 | return 0; |
208 | } | |
0ad19a3f | 209 | |
e51d4895 DE |
210 | int lxc_monitor_open(const char *lxcpath) |
211 | { | |
212 | struct sockaddr_un addr; | |
292b1d17 CB |
213 | int fd; |
214 | size_t retry; | |
aae93dd3 | 215 | size_t len; |
fcaef9c7 | 216 | int backoff_ms[] = {10, 50, 100}; |
e51d4895 DE |
217 | |
218 | if (lxc_monitor_sock_name(lxcpath, &addr) < 0) | |
219 | return -1; | |
220 | ||
fcaef9c7 CB |
221 | len = strlen(&addr.sun_path[1]); |
222 | DEBUG("opening monitor socket %s with len %zu", &addr.sun_path[1], len); | |
aae93dd3 | 223 | if (len >= sizeof(addr.sun_path) - 1) { |
aae93dd3 | 224 | errno = ENAMETOOLONG; |
6d1400b5 | 225 | SYSERROR("The name of monitor socket too long (%zu bytes)", len); |
c8dcf778 | 226 | return -1; |
aae93dd3 ÇO |
227 | } |
228 | ||
292b1d17 | 229 | for (retry = 0; retry < sizeof(backoff_ms) / sizeof(backoff_ms[0]); retry++) { |
fcaef9c7 | 230 | fd = lxc_abstract_unix_connect(addr.sun_path); |
94bc08e9 | 231 | if (fd != -1 || errno != ECONNREFUSED) |
e51d4895 | 232 | break; |
6d1400b5 | 233 | |
234 | SYSERROR("Failed to connect to monitor socket. Retrying in %d ms", backoff_ms[retry]); | |
e51d4895 | 235 | usleep(backoff_ms[retry] * 1000); |
0ad19a3f | 236 | } |
237 | ||
fcaef9c7 | 238 | if (fd < 0) { |
6d1400b5 | 239 | SYSERROR("Failed to connect to monitor socket"); |
c8dcf778 | 240 | return -1; |
e51d4895 | 241 | } |
292b1d17 | 242 | |
0ad19a3f | 243 | return fd; |
244 | } | |
245 | ||
2366b8a7 | 246 | int lxc_monitor_read_fdset(struct pollfd *fds, nfds_t nfds, struct lxc_msg *msg, |
8d06bd13 | 247 | int timeout) |
0ad19a3f | 248 | { |
2366b8a7 SH |
249 | long i; |
250 | int ret; | |
0ad19a3f | 251 | |
2366b8a7 | 252 | ret = poll(fds, nfds, timeout * 1000); |
8d06bd13 | 253 | if (ret == -1) |
75b1e198 | 254 | return -1; |
8d06bd13 | 255 | else if (ret == 0) |
1a0e70ac | 256 | return -2; /* timed out */ |
8d06bd13 | 257 | |
292b1d17 CB |
258 | /* Only read from the first ready fd, the others will remain ready for |
259 | * when this routine is called again. | |
8d06bd13 DE |
260 | */ |
261 | for (i = 0; i < nfds; i++) { | |
2366b8a7 SH |
262 | if (fds[i].revents != 0) { |
263 | fds[i].revents = 0; | |
264 | ret = recv(fds[i].fd, msg, sizeof(*msg), 0); | |
8d06bd13 | 265 | if (ret <= 0) { |
b5be6a7c | 266 | SYSERROR("Failed to receive message. Did monitord die?"); |
8d06bd13 DE |
267 | return -1; |
268 | } | |
269 | return ret; | |
270 | } | |
0ad19a3f | 271 | } |
292b1d17 CB |
272 | |
273 | SYSERROR("No ready fd found."); | |
274 | ||
8d06bd13 DE |
275 | return -1; |
276 | } | |
277 | ||
278 | int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout) | |
279 | { | |
2366b8a7 | 280 | struct pollfd fds; |
8d06bd13 | 281 | |
2366b8a7 SH |
282 | fds.fd = fd; |
283 | fds.events = POLLIN | POLLPRI; | |
284 | fds.revents = 0; | |
8d06bd13 | 285 | |
2366b8a7 | 286 | return lxc_monitor_read_fdset(&fds, 1, msg, timeout); |
0ad19a3f | 287 | } |
288 | ||
72d0e1cb SG |
289 | int lxc_monitor_read(int fd, struct lxc_msg *msg) |
290 | { | |
291 | return lxc_monitor_read_timeout(fd, msg, -1); | |
292 | } | |
293 | ||
45e854dc | 294 | #define LXC_MONITORD_PATH LIBEXECDIR "/lxc/lxc-monitord" |
e51d4895 | 295 | |
292b1d17 CB |
296 | /* Used to spawn a monitord either on startup of a daemon container, or when |
297 | * lxc-monitor starts. | |
e51d4895 DE |
298 | */ |
299 | int lxc_monitord_spawn(const char *lxcpath) | |
0ad19a3f | 300 | { |
487b14b6 | 301 | int ret; |
e51d4895 | 302 | int pipefd[2]; |
397a8d30 | 303 | char pipefd_str[INTTYPE_TO_STRLEN(int)]; |
487b14b6 | 304 | pid_t pid1, pid2; |
e51d4895 | 305 | |
292b1d17 | 306 | char *const args[] = { |
457e3c5d | 307 | LXC_MONITORD_PATH, |
308 | (char *)lxcpath, | |
309 | pipefd_str, | |
310 | NULL, | |
e51d4895 DE |
311 | }; |
312 | ||
313 | /* double fork to avoid zombies when monitord exits */ | |
314 | pid1 = fork(); | |
315 | if (pid1 < 0) { | |
292b1d17 | 316 | SYSERROR("Failed to fork()."); |
e51d4895 DE |
317 | return -1; |
318 | } | |
319 | ||
320 | if (pid1) { | |
292b1d17 | 321 | DEBUG("Going to wait for pid %d.", pid1); |
457e3c5d | 322 | |
f2bbe86d DE |
323 | if (waitpid(pid1, NULL, 0) != pid1) |
324 | return -1; | |
457e3c5d | 325 | |
487b14b6 | 326 | DEBUG("Finished waiting on pid %d.", pid1); |
e51d4895 DE |
327 | return 0; |
328 | } | |
329 | ||
330 | if (pipe(pipefd) < 0) { | |
292b1d17 | 331 | SYSERROR("Failed to create pipe."); |
f15e4fd2 | 332 | _exit(EXIT_FAILURE); |
e51d4895 DE |
333 | } |
334 | ||
335 | pid2 = fork(); | |
336 | if (pid2 < 0) { | |
292b1d17 | 337 | SYSERROR("Failed to fork()."); |
f15e4fd2 | 338 | _exit(EXIT_FAILURE); |
e51d4895 | 339 | } |
292b1d17 | 340 | |
e51d4895 | 341 | if (pid2) { |
5cc0f22d | 342 | DEBUG("Trying to sync with child process."); |
e51d4895 | 343 | char c; |
292b1d17 | 344 | /* Wait for daemon to create socket. */ |
e51d4895 | 345 | close(pipefd[1]); |
292b1d17 CB |
346 | |
347 | /* Sync with child, we're ignoring the return from read | |
e51d4895 DE |
348 | * because regardless if it works or not, either way we've |
349 | * synced with the child process. the if-empty-statement | |
350 | * construct is to quiet the warn-unused-result warning. | |
351 | */ | |
2a71131d | 352 | if (lxc_read_nointr(pipefd[0], &c, 1)) |
8f47bc3f | 353 | ; |
292b1d17 | 354 | |
e51d4895 | 355 | close(pipefd[0]); |
292b1d17 | 356 | |
073000e2 | 357 | DEBUG("Successfully synced with child process."); |
f15e4fd2 | 358 | _exit(EXIT_SUCCESS); |
e51d4895 DE |
359 | } |
360 | ||
e51d4895 | 361 | if (setsid() < 0) { |
292b1d17 | 362 | SYSERROR("Failed to setsid()."); |
f15e4fd2 | 363 | _exit(EXIT_FAILURE); |
e51d4895 | 364 | } |
292b1d17 | 365 | |
47a46cf1 | 366 | lxc_check_inherited(NULL, true, &pipefd[1], 1); |
aec1ea62 CB |
367 | if (null_stdfds() < 0) { |
368 | SYSERROR("Failed to dup2() standard file descriptors to /dev/null."); | |
f15e4fd2 | 369 | _exit(EXIT_FAILURE); |
aec1ea62 | 370 | } |
292b1d17 | 371 | |
e51d4895 | 372 | close(pipefd[0]); |
292b1d17 | 373 | |
2fb7cf0b SG |
374 | ret = snprintf(pipefd_str, INTTYPE_TO_STRLEN(int), "%d", pipefd[1]); |
375 | if (ret < 0 || ret >= INTTYPE_TO_STRLEN(int)) { | |
aec1ea62 | 376 | ERROR("Failed to create pid argument to pass to monitord."); |
f15e4fd2 | 377 | _exit(EXIT_FAILURE); |
aec1ea62 | 378 | } |
487b14b6 CB |
379 | |
380 | DEBUG("Using pipe file descriptor %d for monitord.", pipefd[1]); | |
292b1d17 | 381 | |
e51d4895 | 382 | execvp(args[0], args); |
00cccc8b | 383 | SYSERROR("failed to exec lxc-monitord"); |
292b1d17 | 384 | |
f15e4fd2 | 385 | _exit(EXIT_FAILURE); |
0ad19a3f | 386 | } |