[mirror_lxc.git] / src / lxc / monitor.c

/* SPDX-License-Identifier: LGPL-2.1+ */

#ifndef _GNU_SOURCE
#define _GNU_SOURCE 1
#endif
#include <errno.h>
#include <fcntl.h>
#include <inttypes.h>
#include <net/if.h>
#include <netinet/in.h>
#include <poll.h>
#include <stddef.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <unistd.h>

#include "af_unix.h"
#include "config.h"
#include "error.h"
#include "log.h"
#include "lxclock.h"
#include "macro.h"
#include "memory_utils.h"
#include "monitor.h"
#include "state.h"
#include "utils.h"

#ifndef HAVE_STRLCPY
#include "include/strlcpy.h"
#endif

lxc_log_define(monitor, lxc);

/* routines used by monitor publishers (containers) */
int lxc_monitor_fifo_name(const char *lxcpath, char *fifo_path, size_t fifo_path_sz,
			  int do_mkdirp)
{
	int ret;
	char *rundir;

	rundir = get_rundir();
	if (!rundir)
		return -1;

	if (do_mkdirp) {
		ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s", rundir, lxcpath);
		if (ret < 0 || (size_t)ret >= fifo_path_sz) {
			ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath);
			free(rundir);
			return -1;
		}
		ret = mkdir_p(fifo_path, 0755);
		if (ret < 0) {
			ERROR("Unable to create monitor fifo directory %s", fifo_path);
			free(rundir);
			return ret;
		}
	}
	ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s/monitor-fifo", rundir, lxcpath);
	if (ret < 0 || (size_t)ret >= fifo_path_sz) {
		ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath);
		free(rundir);
		return -1;
	}
	free(rundir);
	return 0;
}

static void lxc_monitor_fifo_send(struct lxc_msg *msg, const char *lxcpath)
{
	int fd,ret;
	char fifo_path[PATH_MAX];

	BUILD_BUG_ON(sizeof(*msg) > PIPE_BUF); /* write not guaranteed atomic */

	ret = lxc_monitor_fifo_name(lxcpath, fifo_path, sizeof(fifo_path), 0);
	if (ret < 0)
		return;

	/* Open the fifo nonblock in case the monitor is dead, we don't want the
	 * open to wait for a reader since it may never come.
	 */
	fd = open(fifo_path, O_WRONLY | O_NONBLOCK);
	if (fd < 0) {
		/* It is normal for this open() to fail with ENXIO when there is
		 * no monitor running, so we don't log it.
		 */
		if (errno == ENXIO || errno == ENOENT)
			return;

		SYSWARN("Failed to open fifo to send message");
		return;
	}

	if (fcntl(fd, F_SETFL, O_WRONLY) < 0) {
		close(fd);
		return;
	}

	ret = lxc_write_nointr(fd, msg, sizeof(*msg));
	if (ret != sizeof(*msg)) {
		close(fd);
		SYSERROR("Failed to write to monitor fifo \"%s\"", fifo_path);
		return;
	}

	close(fd);
}

void lxc_monitor_send_state(const char *name, lxc_state_t state,
			    const char *lxcpath)
{
	struct lxc_msg msg = {.type = lxc_msg_state, .value = state};

	(void)strlcpy(msg.name, name, sizeof(msg.name));
	lxc_monitor_fifo_send(&msg, lxcpath);
}

void lxc_monitor_send_exit_code(const char *name, int exit_code,
				const char *lxcpath)
{
	struct lxc_msg msg = {.type = lxc_msg_exit_code, .value = exit_code};

	(void)strlcpy(msg.name, name, sizeof(msg.name));
	lxc_monitor_fifo_send(&msg, lxcpath);
}

/* routines used by monitor subscribers (lxc-monitor) */
int lxc_monitor_close(int fd)
{
	return close(fd);
}

/* Enforces \0-termination for the abstract unix socket. This is not required
 * but allows us to print it out.
 *
 * Older version of liblxc only allowed for 105 bytes to be used for the
 * abstract unix domain socket name because the code for our abstract unix
 * socket handling performed invalid checks. Since we \0-terminate we could now
 * have a maximum of 106 chars. But to not break backwards compatibility we keep
 * the limit at 105.
 */
int lxc_monitor_sock_name(const char *lxcpath, struct sockaddr_un *addr)
{
	__do_free char *path = NULL;
	size_t len;
	int ret;
	uint64_t hash;

	/* addr.sun_path is only 108 bytes, so we hash the full name and
	 * then append as much of the name as we can fit.
	 */
	memset(addr, 0, sizeof(*addr));
	addr->sun_family = AF_UNIX;

	/* strlen("lxc/") + strlen("/monitor-sock") + 1 = 18 */
	len = strlen(lxcpath) + 18;
	path = must_realloc(NULL, len);
	ret = snprintf(path, len, "lxc/%s/monitor-sock", lxcpath);
	if (ret < 0 || (size_t)ret >= len) {
		ERROR("Failed to create name for monitor socket");
		return -1;
	}

	/* Note: snprintf() will \0-terminate addr->sun_path on the 106th byte
	 * and so the abstract socket name has 105 "meaningful" characters. This
	 * is absolutely intentional. For further info read the comment for this
	 * function above!
	 */
	len = sizeof(addr->sun_path) - 1;
	hash = fnv_64a_buf(path, ret, FNV1A_64_INIT);
	ret = snprintf(addr->sun_path, len, "@lxc/%016" PRIx64 "/%s", hash, lxcpath);
	if (ret < 0) {
		ERROR("Failed to create hashed name for monitor socket");
		goto on_error;
	} else if ((size_t)ret >= len) {
		errno = ENAMETOOLONG;
		SYSERROR("The name of monitor socket too long (%d bytes)", ret);
		goto on_error;
	}

	/* replace @ with \0 */
	addr->sun_path[0] = '\0';
	INFO("Using monitor socket name \"%s\" (length of socket name %zu must be <= %zu)", &addr->sun_path[1], strlen(&addr->sun_path[1]), sizeof(addr->sun_path) - 3);

	return 0;

on_error:
	return -1;
}

int lxc_monitor_open(const char *lxcpath)
{
	struct sockaddr_un addr;
	int fd;
	size_t retry;
	int backoff_ms[] = {10, 50, 100};

	if (lxc_monitor_sock_name(lxcpath, &addr) < 0)
		return -1;

	DEBUG("Opening monitor socket %s with len %zu", &addr.sun_path[1], strlen(&addr.sun_path[1]));

	for (retry = 0; retry < sizeof(backoff_ms) / sizeof(backoff_ms[0]); retry++) {
		fd = lxc_abstract_unix_connect(addr.sun_path);
		if (fd != -1 || errno != ECONNREFUSED)
			break;

		SYSERROR("Failed to connect to monitor socket. Retrying in %d ms", backoff_ms[retry]);
		usleep(backoff_ms[retry] * 1000);
	}

	if (fd < 0) {
		SYSERROR("Failed to connect to monitor socket");
		return -1;
	}

	return fd;
}

int lxc_monitor_read_fdset(struct pollfd *fds, nfds_t nfds, struct lxc_msg *msg,
			   int timeout)
{
	long i;
	int ret;

	ret = poll(fds, nfds, timeout * 1000);
	if (ret == -1)
		return -1;
	else if (ret == 0)
		return -2;  /* timed out */

	/* Only read from the first ready fd, the others will remain ready for
	 * when this routine is called again.
	 */
	for (i = 0; i < nfds; i++) {
		if (fds[i].revents != 0) {
			fds[i].revents = 0;
			ret = recv(fds[i].fd, msg, sizeof(*msg), 0);
			if (ret <= 0) {
				SYSERROR("Failed to receive message. Did monitord die?");
				return -1;
			}
			return ret;
		}
	}

	SYSERROR("No ready fd found");

	return -1;
}

int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout)
{
	struct pollfd fds;

	fds.fd = fd;
	fds.events = POLLIN | POLLPRI;
	fds.revents = 0;

	return lxc_monitor_read_fdset(&fds, 1, msg, timeout);
}

int lxc_monitor_read(int fd, struct lxc_msg *msg)
{
	return lxc_monitor_read_timeout(fd, msg, -1);
}

#define LXC_MONITORD_PATH LIBEXECDIR "/lxc/lxc-monitord"

/* Used to spawn a monitord either on startup of a daemon container, or when
 * lxc-monitor starts.
 */
int lxc_monitord_spawn(const char *lxcpath)
{
	int ret;
	int pipefd[2];
	char pipefd_str[INTTYPE_TO_STRLEN(int)];
	pid_t pid1, pid2;

	char *const args[] = {
		LXC_MONITORD_PATH,
		(char *)lxcpath,
		pipefd_str,
		NULL,
	};

	/* double fork to avoid zombies when monitord exits */
	pid1 = fork();
	if (pid1 < 0) {
		SYSERROR("Failed to fork()");
		return -1;
	}

	if (pid1) {
		DEBUG("Going to wait for pid %d", pid1);

		if (waitpid(pid1, NULL, 0) != pid1)
			return -1;

		DEBUG("Finished waiting on pid %d", pid1);
		return 0;
	}

	if (pipe(pipefd) < 0) {
		SYSERROR("Failed to create pipe");
		_exit(EXIT_FAILURE);
	}

	pid2 = fork();
	if (pid2 < 0) {
		SYSERROR("Failed to fork()");
		_exit(EXIT_FAILURE);
	}

	if (pid2) {
		DEBUG("Trying to sync with child process");
		char c;
		/* Wait for daemon to create socket. */
		close(pipefd[1]);

		/* Sync with child, we're ignoring the return from read
		 * because regardless if it works or not, either way we've
		 * synced with the child process. the if-empty-statement
		 * construct is to quiet the warn-unused-result warning.
		 */
		if (lxc_read_nointr(pipefd[0], &c, 1))
			;

		close(pipefd[0]);

		DEBUG("Successfully synced with child process");
		_exit(EXIT_SUCCESS);
	}

	if (setsid() < 0) {
		SYSERROR("Failed to setsid()");
		_exit(EXIT_FAILURE);
	}

	lxc_check_inherited(NULL, true, &pipefd[1], 1);
	if (null_stdfds() < 0) {
		SYSERROR("Failed to dup2() standard file descriptors to /dev/null");
		_exit(EXIT_FAILURE);
	}

	close(pipefd[0]);

	ret = snprintf(pipefd_str, sizeof(pipefd_str), "%d", pipefd[1]);
	if (ret < 0 || ret >= sizeof(pipefd_str)) {
		ERROR("Failed to create pid argument to pass to monitord");
		_exit(EXIT_FAILURE);
	}

	DEBUG("Using pipe file descriptor %d for monitord", pipefd[1]);

	execvp(args[0], args);
	SYSERROR("Failed to exec lxc-monitord");

	_exit(EXIT_FAILURE);
}
Commit	Line	Data
cc73685d	1	/* SPDX-License-Identifier: LGPL-2.1+ */
e51d4895	2
d38dd64a CB	3	#ifndef _GNU_SOURCE
	4	#define _GNU_SOURCE 1
	5	#endif
0ad19a3f	6	#include <errno.h>
0ad19a3f	7	#include <fcntl.h>
b45c7011	8	#include <inttypes.h>
d38dd64a CB	9	#include <net/if.h>
d38dd64a CB	10	#include <netinet/in.h>
292b1d17 CB	11	#include <poll.h>
292b1d17 CB	12	#include <stddef.h>
b45c7011	13	#include <stdint.h>
292b1d17 CB	14	#include <stdio.h>
	15	#include <stdlib.h>
	16	#include <string.h>
0ad19a3f	17	#include <sys/param.h>
0ad19a3f	18	#include <sys/socket.h>
292b1d17 CB	19	#include <sys/stat.h>
292b1d17 CB	20	#include <sys/types.h>
e51d4895	21	#include <sys/wait.h>
d38dd64a	22	#include <unistd.h>
b113348e	23
31c53c2e	24	#include "af_unix.h"
d38dd64a	25	#include "config.h"
292b1d17	26	#include "error.h"
f2363e38 ÇO	27	#include "log.h"
f2363e38 ÇO	28	#include "lxclock.h"
397a8d30	29	#include "macro.h"
54b43e8f	30	#include "memory_utils.h"
f2363e38	31	#include "monitor.h"
292b1d17	32	#include "state.h"
f2363e38	33	#include "utils.h"
36eb9bde	34
9de31d5a CB	35	#ifndef HAVE_STRLCPY
	36	#include "include/strlcpy.h"
	37	#endif
	38
ac2cecc4	39	lxc_log_define(monitor, lxc);
0ad19a3f	40
e51d4895	41	/* routines used by monitor publishers (containers) */
9e60f51d DE	42	int lxc_monitor_fifo_name(const char lxcpath, char fifo_path, size_t fifo_path_sz,
	43	int do_mkdirp)
	44	{
	45	int ret;
44b9ae4b	46	char *rundir;
9e60f51d DE	47
9e60f51d DE	48	rundir = get_rundir();
97a696c6 SG	49	if (!rundir)
	50	return -1;
	51
9e60f51d DE	52	if (do_mkdirp) {
9e60f51d DE	53	ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s", rundir, lxcpath);
292b1d17	54	if (ret < 0 \|\| (size_t)ret >= fifo_path_sz) {
6dd32d35	55	ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath);
44b9ae4b	56	free(rundir);
9e60f51d DE	57	return -1;
9e60f51d DE	58	}
9e60f51d	59	ret = mkdir_p(fifo_path, 0755);
9e60f51d	60	if (ret < 0) {
47903908	61	ERROR("Unable to create monitor fifo directory %s", fifo_path);
44b9ae4b	62	free(rundir);
9e60f51d DE	63	return ret;
	64	}
	65	}
	66	ret = snprintf(fifo_path, fifo_path_sz, "%s/lxc/%s/monitor-fifo", rundir, lxcpath);
292b1d17	67	if (ret < 0 \|\| (size_t)ret >= fifo_path_sz) {
6dd32d35	68	ERROR("rundir/lxcpath (%s/%s) too long for monitor fifo", rundir, lxcpath);
44b9ae4b	69	free(rundir);
9e60f51d DE	70	return -1;
9e60f51d DE	71	}
44b9ae4b	72	free(rundir);
9e60f51d DE	73	return 0;
	74	}
	75
e51d4895	76	static void lxc_monitor_fifo_send(struct lxc_msg msg, const char lxcpath)
0ad19a3f	77	{
e51d4895 DE	78	int fd,ret;
	79	char fifo_path[PATH_MAX];
	80
	81	BUILD_BUG_ON(sizeof(msg) > PIPE_BUF); / write not guaranteed atomic */
9e60f51d DE	82
	83	ret = lxc_monitor_fifo_name(lxcpath, fifo_path, sizeof(fifo_path), 0);
	84	if (ret < 0)
9123e471	85	return;
80f41298	86
292b1d17 CB	87	/* Open the fifo nonblock in case the monitor is dead, we don't want the
292b1d17 CB	88	* open to wait for a reader since it may never come.
8bf1e61e	89	*/
292b1d17	90	fd = open(fifo_path, O_WRONLY \| O_NONBLOCK);
e51d4895	91	if (fd < 0) {
292b1d17 CB	92	/* It is normal for this open() to fail with ENXIO when there is
292b1d17 CB	93	* no monitor running, so we don't log it.
e51d4895	94	*/
2469f9b6	95	if (errno == ENXIO \|\| errno == ENOENT)
292b1d17 CB	96	return;
292b1d17 CB	97
a24c5678	98	SYSWARN("Failed to open fifo to send message");
31c53c2e	99	return;
e51d4895	100	}
0ad19a3f	101
92ffb6d8 DE	102	if (fcntl(fd, F_SETFL, O_WRONLY) < 0) {
92ffb6d8 DE	103	close(fd);
8bf1e61e	104	return;
92ffb6d8	105	}
8bf1e61e	106
802e609a	107	ret = lxc_write_nointr(fd, msg, sizeof(*msg));
e51d4895	108	if (ret != sizeof(*msg)) {
e8b9ac8f	109	close(fd);
6dd32d35	110	SYSERROR("Failed to write to monitor fifo \"%s\"", fifo_path);
e51d4895 DE	111	return;
e51d4895 DE	112	}
0ad19a3f	113
	114	close(fd);
	115	}
	116
292b1d17 CB	117	void lxc_monitor_send_state(const char *name, lxc_state_t state,
292b1d17 CB	118	const char *lxcpath)
eae6543d	119	{
292b1d17	120	struct lxc_msg msg = {.type = lxc_msg_state, .value = state};
eae6543d	121
9de31d5a	122	(void)strlcpy(msg.name, name, sizeof(msg.name));
e51d4895	123	lxc_monitor_fifo_send(&msg, lxcpath);
0ad19a3f	124	}
0ad19a3f	125
292b1d17 CB	126	void lxc_monitor_send_exit_code(const char *name, int exit_code,
292b1d17 CB	127	const char *lxcpath)
1787abca	128	{
292b1d17	129	struct lxc_msg msg = {.type = lxc_msg_exit_code, .value = exit_code};
1787abca	130
9de31d5a	131	(void)strlcpy(msg.name, name, sizeof(msg.name));
1787abca JTLB	132	lxc_monitor_fifo_send(&msg, lxcpath);
	133	}
	134
e51d4895 DE	135	/* routines used by monitor subscribers (lxc-monitor) */
e51d4895 DE	136	int lxc_monitor_close(int fd)
0ad19a3f	137	{
dd1d77f9	138	return close(fd);
e51d4895 DE	139	}
e51d4895 DE	140
fcaef9c7 CB	141	/* Enforces \0-termination for the abstract unix socket. This is not required
	142	* but allows us to print it out.
	143	*
	144	* Older version of liblxc only allowed for 105 bytes to be used for the
	145	* abstract unix domain socket name because the code for our abstract unix
	146	* socket handling performed invalid checks. Since we \0-terminate we could now
	147	* have a maximum of 106 chars. But to not break backwards compatibility we keep
	148	* the limit at 105.
	149	*/
95e523c8	150	int lxc_monitor_sock_name(const char lxcpath, struct sockaddr_un addr)
95e523c8	151	{
2db56bd6	152	__do_free char *path = NULL;
e51d4895 DE	153	size_t len;
e51d4895 DE	154	int ret;
b45c7011	155	uint64_t hash;
e51d4895	156
b45c7011 DE	157	/* addr.sun_path is only 108 bytes, so we hash the full name and
b45c7011 DE	158	* then append as much of the name as we can fit.
9123e471	159	*/
e51d4895 DE	160	memset(addr, 0, sizeof(*addr));
e51d4895 DE	161	addr->sun_family = AF_UNIX;
292b1d17	162
fcaef9c7	163	/* strlen("lxc/") + strlen("/monitor-sock") + 1 = 18 */
073135ba	164	len = strlen(lxcpath) + 18;
54b43e8f	165	path = must_realloc(NULL, len);
073135ba	166	ret = snprintf(path, len, "lxc/%s/monitor-sock", lxcpath);
292b1d17	167	if (ret < 0 \|\| (size_t)ret >= len) {
6dd32d35	168	ERROR("Failed to create name for monitor socket");
9e60f51d DE	169	return -1;
9e60f51d DE	170	}
9e60f51d	171
fcaef9c7 CB	172	/* Note: snprintf() will \0-terminate addr->sun_path on the 106th byte
	173	* and so the abstract socket name has 105 "meaningful" characters. This
	174	* is absolutely intentional. For further info read the comment for this
	175	* function above!
	176	*/
073135ba	177	len = sizeof(addr->sun_path) - 1;
b45c7011	178	hash = fnv_64a_buf(path, ret, FNV1A_64_INIT);
fcaef9c7 CB	179	ret = snprintf(addr->sun_path, len, "@lxc/%016" PRIx64 "/%s", hash, lxcpath);
fcaef9c7 CB	180	if (ret < 0) {
6dd32d35	181	ERROR("Failed to create hashed name for monitor socket");
2f126499	182	goto on_error;
	183	} else if ((size_t)ret >= len) {
	184	errno = ENAMETOOLONG;
	185	SYSERROR("The name of monitor socket too long (%d bytes)", ret);
	186	goto on_error;
fcaef9c7	187	}
292b1d17	188
fcaef9c7 CB	189	/* replace @ with \0 */
fcaef9c7 CB	190	addr->sun_path[0] = '\0';
6dd32d35	191	INFO("Using monitor socket name \"%s\" (length of socket name %zu must be <= %zu)", &addr->sun_path[1], strlen(&addr->sun_path[1]), sizeof(addr->sun_path) - 3);
292b1d17	192
e51d4895	193	return 0;
2f126499	194
	195	on_error:
	196	return -1;
e51d4895	197	}
0ad19a3f	198
e51d4895 DE	199	int lxc_monitor_open(const char *lxcpath)
	200	{
	201	struct sockaddr_un addr;
292b1d17 CB	202	int fd;
292b1d17 CB	203	size_t retry;
fcaef9c7	204	int backoff_ms[] = {10, 50, 100};
e51d4895 DE	205
	206	if (lxc_monitor_sock_name(lxcpath, &addr) < 0)
	207	return -1;
	208
2f126499	209	DEBUG("Opening monitor socket %s with len %zu", &addr.sun_path[1], strlen(&addr.sun_path[1]));
aae93dd3	210
292b1d17	211	for (retry = 0; retry < sizeof(backoff_ms) / sizeof(backoff_ms[0]); retry++) {
fcaef9c7	212	fd = lxc_abstract_unix_connect(addr.sun_path);
94bc08e9	213	if (fd != -1 \|\| errno != ECONNREFUSED)
e51d4895	214	break;
6d1400b5	215
6d1400b5	216	SYSERROR("Failed to connect to monitor socket. Retrying in %d ms", backoff_ms[retry]);
e51d4895	217	usleep(backoff_ms[retry] * 1000);
0ad19a3f	218	}
0ad19a3f	219
fcaef9c7	220	if (fd < 0) {
6d1400b5	221	SYSERROR("Failed to connect to monitor socket");
c8dcf778	222	return -1;
e51d4895	223	}
292b1d17	224
0ad19a3f	225	return fd;
	226	}
	227
2366b8a7	228	int lxc_monitor_read_fdset(struct pollfd fds, nfds_t nfds, struct lxc_msg msg,
8d06bd13	229	int timeout)
0ad19a3f	230	{
2366b8a7 SH	231	long i;
2366b8a7 SH	232	int ret;
0ad19a3f	233
2366b8a7	234	ret = poll(fds, nfds, timeout * 1000);
8d06bd13	235	if (ret == -1)
75b1e198	236	return -1;
8d06bd13	237	else if (ret == 0)
1a0e70ac	238	return -2; /* timed out */
8d06bd13	239
292b1d17 CB	240	/* Only read from the first ready fd, the others will remain ready for
292b1d17 CB	241	* when this routine is called again.
8d06bd13 DE	242	*/
8d06bd13 DE	243	for (i = 0; i < nfds; i++) {
2366b8a7 SH	244	if (fds[i].revents != 0) {
	245	fds[i].revents = 0;
	246	ret = recv(fds[i].fd, msg, sizeof(*msg), 0);
8d06bd13	247	if (ret <= 0) {
b5be6a7c	248	SYSERROR("Failed to receive message. Did monitord die?");
8d06bd13 DE	249	return -1;
	250	}
	251	return ret;
	252	}
0ad19a3f	253	}
292b1d17	254
6dd32d35	255	SYSERROR("No ready fd found");
292b1d17	256
8d06bd13 DE	257	return -1;
	258	}
	259
	260	int lxc_monitor_read_timeout(int fd, struct lxc_msg *msg, int timeout)
	261	{
2366b8a7	262	struct pollfd fds;
8d06bd13	263
2366b8a7 SH	264	fds.fd = fd;
	265	fds.events = POLLIN \| POLLPRI;
	266	fds.revents = 0;
8d06bd13	267
2366b8a7	268	return lxc_monitor_read_fdset(&fds, 1, msg, timeout);
0ad19a3f	269	}
0ad19a3f	270
72d0e1cb SG	271	int lxc_monitor_read(int fd, struct lxc_msg *msg)
	272	{
	273	return lxc_monitor_read_timeout(fd, msg, -1);
	274	}
	275
45e854dc	276	#define LXC_MONITORD_PATH LIBEXECDIR "/lxc/lxc-monitord"
e51d4895	277
292b1d17 CB	278	/* Used to spawn a monitord either on startup of a daemon container, or when
292b1d17 CB	279	* lxc-monitor starts.
e51d4895 DE	280	*/
e51d4895 DE	281	int lxc_monitord_spawn(const char *lxcpath)
0ad19a3f	282	{
487b14b6	283	int ret;
e51d4895	284	int pipefd[2];
397a8d30	285	char pipefd_str[INTTYPE_TO_STRLEN(int)];
487b14b6	286	pid_t pid1, pid2;
e51d4895	287
292b1d17	288	char *const args[] = {
457e3c5d	289	LXC_MONITORD_PATH,
	290	(char *)lxcpath,
	291	pipefd_str,
	292	NULL,
e51d4895 DE	293	};
	294
	295	/* double fork to avoid zombies when monitord exits */
	296	pid1 = fork();
	297	if (pid1 < 0) {
6dd32d35	298	SYSERROR("Failed to fork()");
e51d4895 DE	299	return -1;
	300	}
	301
	302	if (pid1) {
6dd32d35	303	DEBUG("Going to wait for pid %d", pid1);
457e3c5d	304
f2bbe86d DE	305	if (waitpid(pid1, NULL, 0) != pid1)
f2bbe86d DE	306	return -1;
457e3c5d	307
6dd32d35	308	DEBUG("Finished waiting on pid %d", pid1);
e51d4895 DE	309	return 0;
	310	}
	311
	312	if (pipe(pipefd) < 0) {
6dd32d35	313	SYSERROR("Failed to create pipe");
f15e4fd2	314	_exit(EXIT_FAILURE);
e51d4895 DE	315	}
	316
	317	pid2 = fork();
	318	if (pid2 < 0) {
6dd32d35	319	SYSERROR("Failed to fork()");
f15e4fd2	320	_exit(EXIT_FAILURE);
e51d4895	321	}
292b1d17	322
e51d4895	323	if (pid2) {
6dd32d35	324	DEBUG("Trying to sync with child process");
e51d4895	325	char c;
292b1d17	326	/* Wait for daemon to create socket. */
e51d4895	327	close(pipefd[1]);
292b1d17 CB	328
292b1d17 CB	329	/* Sync with child, we're ignoring the return from read
e51d4895 DE	330	* because regardless if it works or not, either way we've
	331	* synced with the child process. the if-empty-statement
	332	* construct is to quiet the warn-unused-result warning.
	333	*/
2a71131d	334	if (lxc_read_nointr(pipefd[0], &c, 1))
8f47bc3f	335	;
292b1d17	336
e51d4895	337	close(pipefd[0]);
292b1d17	338
6dd32d35	339	DEBUG("Successfully synced with child process");
f15e4fd2	340	_exit(EXIT_SUCCESS);
e51d4895 DE	341	}
e51d4895 DE	342
e51d4895	343	if (setsid() < 0) {
6dd32d35	344	SYSERROR("Failed to setsid()");
f15e4fd2	345	_exit(EXIT_FAILURE);
e51d4895	346	}
292b1d17	347
47a46cf1	348	lxc_check_inherited(NULL, true, &pipefd[1], 1);
aec1ea62	349	if (null_stdfds() < 0) {
6dd32d35	350	SYSERROR("Failed to dup2() standard file descriptors to /dev/null");
f15e4fd2	351	_exit(EXIT_FAILURE);
aec1ea62	352	}
292b1d17	353
e51d4895	354	close(pipefd[0]);
292b1d17	355
979a0d93 CB	356	ret = snprintf(pipefd_str, sizeof(pipefd_str), "%d", pipefd[1]);
979a0d93 CB	357	if (ret < 0 \|\| ret >= sizeof(pipefd_str)) {
6dd32d35	358	ERROR("Failed to create pid argument to pass to monitord");
f15e4fd2	359	_exit(EXIT_FAILURE);
aec1ea62	360	}
487b14b6	361
6dd32d35	362	DEBUG("Using pipe file descriptor %d for monitord", pipefd[1]);
292b1d17	363
e51d4895	364	execvp(args[0], args);
6dd32d35	365	SYSERROR("Failed to exec lxc-monitord");
292b1d17	366
f15e4fd2	367	_exit(EXIT_FAILURE);
0ad19a3f	368	}