3 # Abstract class to implement Daemons
6 # * lock and write PID file /var/run/$name.pid to make sure onyl
7 # one instance is running.
8 # * keep lock open during restart
9 # * correctly daemonize (redirect STDIN/STDOUT)
10 # * restart by stop/start, exec, or signal HUP
11 # * daemon restart on error (option 'restart_on_error')
12 # * handle worker processes (option 'max_workers')
13 # * allow to restart while workers are still runningl
14 # (option 'leave_children_open_on_reload')
15 # * run as different user using setuid/setgid
24 use POSIX
":sys_wait_h";
26 use Socket
qw(IPPROTO_TCP TCP_NODELAY SOMAXCONN);
30 use Time
::HiRes qw
(gettimeofday
);
32 use base
qw(PVE::CLIHandler);
34 $ENV{'PATH'} = '/sbin:/bin:/usr/sbin:/usr/bin';
36 my $daemon_initialized = 0; # we only allow one instance
38 my $close_daemon_lock = sub {
41 return if !$self->{daemon_lock_fh
};
43 close $self->{daemon_lock_fh
};
44 delete $self->{daemon_lock_fh
};
50 print STDERR
"$msg\n";
51 syslog
('err', "%s", $msg);
54 # call this if you fork() from child
55 # Note: we already call this for workers, so it is only required
56 # if you fork inside a simple daemon (max_workers == 0).
57 sub after_fork_cleanup
{
60 &$close_daemon_lock($self);
62 PVE
::INotify
::inotify_close
();
64 for my $sig (qw(CHLD HUP INT TERM QUIT)) {
65 $SIG{$sig} = 'DEFAULT'; # restore default handler
66 # AnyEvent signals only works if $SIG{XX} is
67 # undefined (perl event loop)
68 delete $SIG{$sig}; # so that we can handle events with AnyEvent
72 my $lockpidfile = sub {
75 my $lkfn = $self->{pidfile
} . ".lock";
79 if (my $fd = $self->{env_pve_lock_fd
}) {
81 $self->{daemon_lock_fh
} = IO
::Handle-
>new_from_fd($fd, "a");
86 $self->{daemon_lock_fh
} = IO
::File-
>new(">>$lkfn");
89 if (!$self->{daemon_lock_fh
}) {
90 die "can't open lock '$lkfn' - $!\n";
93 for (my $i = 0; $i < $waittime; $i ++) {
94 return if flock ($self->{daemon_lock_fh
}, LOCK_EX
|LOCK_NB
);
98 if (!flock ($self->{daemon_lock_fh
}, LOCK_EX
|LOCK_NB
)) {
99 &$close_daemon_lock($self);
102 my ($running, $pid) = $self->running();
104 die "can't aquire lock '$lkfn' - daemon already started (pid = $pid)\n";
106 die "can't aquire lock '$lkfn' - $err\n";
111 my $writepidfile = sub {
114 my $pidfile = $self->{pidfile
};
116 die "can't open pid file '$pidfile' - $!\n" if !open (PIDFH
, ">$pidfile");
122 my $server_cleanup = sub {
125 unlink $self->{pidfile
} . ".lock";
126 unlink $self->{pidfile
};
129 my $finish_workers = sub {
132 foreach my $id (qw(workers old_workers)) {
133 foreach my $cpid (keys %{$self->{$id}}) {
134 my $waitpid = waitpid($cpid, WNOHANG
);
135 if (defined($waitpid) && ($waitpid == $cpid)) {
136 delete ($self->{$id}->{$cpid});
137 syslog
('info', "worker $cpid finished");
143 my $start_workers = sub {
146 return if $self->{terminate
};
149 foreach my $cpid (keys %{$self->{workers
}}) {
153 my $need = $self->{max_workers
} - $count;
155 return if $need <= 0;
157 syslog
('info', "starting $need worker(s)");
162 if (!defined ($pid)) {
163 syslog
('err', "can't fork worker");
165 } elsif ($pid) { # parent
166 $self->{workers
}->{$pid} = 1;
167 syslog
('info', "worker $pid started");
170 $0 = "$self->{name} worker";
172 $self->after_fork_cleanup();
174 eval { $self->run(); };
177 sleep(5); # avoid fast restarts
180 syslog
('info', "worker exit");
186 my $terminate_server = sub {
187 my ($self, $allow_open_children) = @_;
189 $self->{terminate
} = 1; # set flag to avoid worker restart
191 if (!$self->{max_workers
}) {
192 eval { $self->shutdown(); };
197 eval { $self->shutdown(); };
200 # we have workers - send TERM signal
202 foreach my $cpid (keys %{$self->{workers
}}) {
203 kill(15, $cpid); # TERM childs
206 # if configured, leave children running on HUP
207 return if $allow_open_children &&
208 $self->{leave_children_open_on_reload
};
210 # else, send TERM to old workers
211 foreach my $cpid (keys %{$self->{old_workers
}}) {
212 kill(15, $cpid); # TERM childs
215 # nicely shutdown childs (give them max 10 seconds to shut down)
216 my $previous_alarm = alarm(10);
218 local $SIG{ALRM
} = sub { die "timeout\n" };
220 while ((my $pid = waitpid (-1, 0)) > 0) {
221 foreach my $id (qw(workers old_workers)) {
222 if (defined($self->{$id}->{$pid})) {
223 delete($self->{$id}->{$pid});
224 syslog
('info', "worker $pid finished");
228 alarm(0); # avoid race condition
232 alarm ($previous_alarm);
235 syslog
('err', "error stopping workers (will kill them now) - $err");
236 foreach my $id (qw(workers old_workers)) {
237 foreach my $cpid (keys %{$self->{$id}}) {
238 # KILL childs still alive!
239 if (kill (0, $cpid)) {
240 delete($self->{$id}->{$cpid});
241 syslog
("err", "kill worker $cpid");
250 my $server_run = sub {
251 my ($self, $debug) = @_;
253 # fixme: handle restart lockfd
254 &$lockpidfile($self);
256 # remove FD_CLOEXEC bit to reuse on exec
257 $self->{daemon_lock_fh
}->fcntl(Fcntl
::F_SETFD
(), 0);
259 $ENV{PVE_DAEMON_LOCK_FD
} = $self->{daemon_lock_fh
}->fileno;
264 $self->{debug
} = 1 if $debug;
269 open STDIN
, '</dev/null' || die "can't read /dev/null";
270 open STDOUT
, '>/dev/null' || die "can't write /dev/null";
273 if (!$self->{env_restart_pve_daemon
} && !$debug) {
274 PVE
::INotify
::inotify_close
();
276 if (!defined ($spid)) {
277 die "can't put server into background - fork failed";
278 } elsif ($spid) { # parent
281 PVE
::INotify
::inotify_init
();
284 if ($self->{env_restart_pve_daemon
}) {
285 syslog
('info' , "restarting server");
287 &$writepidfile($self);
288 syslog
('info' , "starting server");
293 open STDERR
, '>&STDOUT' || die "can't close STDERR\n";
295 my $old_sig_term = $SIG{TERM
};
296 local $SIG{TERM
} = sub {
297 local ($@, $!, $?); # do not overwrite error vars
298 syslog
('info', "received signal TERM");
299 &$terminate_server($self, 0);
300 &$server_cleanup($self);
301 &$old_sig_term(@_) if $old_sig_term;
304 my $old_sig_quit = $SIG{QUIT
};
305 local $SIG{QUIT
} = sub {
306 local ($@, $!, $?); # do not overwrite error vars
307 syslog
('info', "received signal QUIT");
308 &$terminate_server($self, 0);
309 &$server_cleanup($self);
310 &$old_sig_quit(@_) if $old_sig_quit;
313 my $old_sig_int = $SIG{INT
};
314 local $SIG{INT
} = sub {
315 local ($@, $!, $?); # do not overwrite error vars
316 syslog
('info', "received signal INT");
317 $SIG{INT
} = 'DEFAULT'; # allow to terminate now
318 &$terminate_server($self, 0);
319 &$server_cleanup($self);
320 &$old_sig_int(@_) if $old_sig_int;
324 local ($@, $!, $?); # do not overwrite error vars
325 syslog
('info', "received signal HUP");
326 $self->{got_hup_signal
} = 1;
327 if ($self->{max_workers
}) {
328 &$terminate_server($self, 1);
329 } elsif ($self->can('hup')) {
330 eval { $self->hup() };
336 if ($self->{max_workers
}) {
337 my $old_sig_chld = $SIG{CHLD
};
338 local $SIG{CHLD
} = sub {
339 local ($@, $!, $?); # do not overwrite error vars
340 &$finish_workers($self);
341 &$old_sig_chld(@_) if $old_sig_chld;
344 # catch worker finished during restart phase
345 &$finish_workers($self);
347 # now loop forever (until we receive terminate signal)
349 &$start_workers($self);
351 &$finish_workers($self);
352 last if $self->{terminate
};
362 syslog
('err', "ERROR: $err");
364 &$terminate_server($self, 1);
366 if (my $wait_time = $self->{restart_on_error
}) {
367 $self->restart_daemon($wait_time);
369 $self->exit_daemon(-1);
373 if ($self->{got_hup_signal
}) {
374 $self->restart_daemon();
376 $self->exit_daemon(0);
381 my ($this, $name, $cmdline, %params) = @_;
383 $name = 'daemon' if !$name; # should not happen
391 my $restart = $ENV{RESTART_PVE_DAEMON
};
392 delete $ENV{RESTART_PVE_DAEMON
};
394 my $lockfd = $ENV{PVE_DAEMON_LOCK_FD
};
395 delete $ENV{PVE_DAEMON_LOCK_FD
};
397 if (defined($lockfd)) {
398 die "unable to parse lock fd '$lockfd'\n"
399 if $lockfd !~ m/^(\d+)$/;
400 $lockfd = $1; # untaint
403 die "please run as root\n" if !$restart && ($> != 0);
405 die "can't create more that one PVE::Daemon" if $daemon_initialized;
406 $daemon_initialized = 1;
408 PVE
::INotify
::inotify_init
();
410 my $class = ref($this) || $this;
414 run_dir
=> '/var/run',
415 env_restart_pve_daemon
=> $restart,
416 env_pve_lock_fd
=> $lockfd,
421 foreach my $opt (keys %params) {
422 my $value = $params{$opt};
423 if ($opt eq 'restart_on_error') {
424 $self->{$opt} = $value;
425 } elsif ($opt eq 'stop_wait_time') {
426 $self->{$opt} = $value;
427 } elsif ($opt eq 'run_dir') {
428 $self->{$opt} = $value;
429 } elsif ($opt eq 'max_workers') {
430 $self->{$opt} = $value;
431 } elsif ($opt eq 'leave_children_open_on_reload') {
432 $self->{$opt} = $value;
433 } elsif ($opt eq 'setgid') {
434 $self->{$opt} = $value;
435 } elsif ($opt eq 'setuid') {
436 $self->{$opt} = $value;
438 die "unknown daemon option '$opt'\n";
442 if (my $gidstr = $self->{setgid
}) {
443 my $gid = getgrnam($gidstr) || die "getgrnam failed - $!\n";
444 POSIX
::setgid
($gid) || die "setgid $gid failed - $!\n";
445 $EGID = "$gid $gid"; # this calls setgroups
447 die "detected strange gid\n" if !($GID eq "$gid $gid" && $EGID eq "$gid $gid");
450 if (my $uidstr = $self->{setuid
}) {
451 my $uid = getpwnam($uidstr) || die "getpwnam failed - $!\n";
452 POSIX
::setuid
($uid) || die "setuid $uid failed - $!\n";
454 die "detected strange uid\n" if !($UID == $uid && $EUID == $uid);
457 if ($restart && $self->{max_workers
}) {
458 if (my $wpids = $ENV{PVE_DAEMON_WORKER_PIDS
}) {
459 foreach my $pid (split(':', $wpids)) {
460 if ($pid =~ m/^(\d+)$/) {
461 $self->{old_workers
}->{$1} = 1;
467 $self->{pidfile
} = "$self->{run_dir}/${name}.pid";
469 $self->{nodename
} = PVE
::INotify
::nodename
();
471 $self->{cmdline
} = [];
473 foreach my $el (@$cmdline) {
474 $el =~ m/^(.*)$/; # untaint
475 push @{$self->{cmdline
}}, $1;
489 my ($self, $status) = @_;
491 syslog
("info", "server stopped");
493 &$server_cleanup($self);
499 my ($self, $waittime) = @_;
501 syslog
('info', "server shutdown (restart)");
503 $ENV{RESTART_PVE_DAEMON
} = 1;
505 if ($self->{max_workers
}) {
506 my @workers = keys %{$self->{workers
}};
507 push @workers, keys %{$self->{old_workers
}};
508 $ENV{PVE_DAEMON_WORKER_PIDS
} = join(':', @workers);
511 sleep($waittime) if $waittime; # avoid high server load due to restarts
513 PVE
::INotify
::inotify_close
();
515 exec (@{$self->{cmdline
}});
517 exit (-1); # never reached?
520 # please overwrite in subclass
521 # this is called at startup - before forking
527 # please overwrite in subclass
531 syslog
('info' , "server closing");
533 if (!$self->{max_workers
}) {
535 1 while (waitpid(-1, POSIX
::WNOHANG
()) > 0);
539 # please define in subclass
543 # syslog('info' , "received signal HUP (restart)");
546 # please overwrite in subclass
551 syslog
('info' , "server is running");
557 my ($self, $debug) = @_;
559 eval { &$server_run($self, $debug); };
561 &$log_err("start failed - $err");
569 my $pid_str = PVE
::Tools
::file_read_firstline
($self->{pidfile
});
571 return 0 if !$pid_str;
573 return 0 if $pid_str !~ m/^(\d+)$/; # untaint
583 my $pid = &$read_pid($self);
586 my $res = PVE
::ProcFSTools
::check_process_running
($pid) ?
1 : 0;
587 return wantarray ?
($res, $pid) : $res;
590 return wantarray ?
(0, 0) : 0;
596 my $pid = &$read_pid($self);
600 if (PVE
::ProcFSTools
::check_process_running
($pid)) {
601 kill(15, $pid); # send TERM signal
603 my $wait_time = $self->{stop_wait_time
} || 5;
605 for (my $i = 0; $i < $wait_time; $i++) {
606 $running = PVE
::ProcFSTools
::check_process_running
($pid);
611 syslog
('err', "server still running - send KILL") if $running;
618 if (-f
$self->{pidfile
}) {
620 # try to get the lock
621 &$lockpidfile($self);
622 &$server_cleanup($self);
625 &$log_err("cleanup failed - $err");
630 sub register_start_command
{
631 my ($self, $description) = @_;
633 my $class = ref($self);
635 $class->register_method({
639 description
=> $description || "Start the daemon.",
641 additionalProperties
=> 0,
644 description
=> "Debug mode - stay in foreground",
651 returns
=> { type
=> 'null' },
656 $self->start($param->{debug
});
662 my $reload_daemon = sub {
663 my ($self, $use_hup) = @_;
665 if ($self->{env_restart_pve_daemon
}) {
668 my ($running, $pid) = $self->running();
673 syslog
('info', "send HUP to $pid");
683 sub register_restart_command
{
684 my ($self, $use_hup, $description) = @_;
686 my $class = ref($self);
688 $class->register_method({
692 description
=> $description || "Restart the daemon (or start if not running).",
694 additionalProperties
=> 0,
697 returns
=> { type
=> 'null' },
702 &$reload_daemon($self, $use_hup);
708 sub register_reload_command
{
709 my ($self, $description) = @_;
711 my $class = ref($self);
713 $class->register_method({
717 description
=> $description || "Reload daemon configuration (or start if not running).",
719 additionalProperties
=> 0,
722 returns
=> { type
=> 'null' },
727 &$reload_daemon($self, 1);
733 sub register_stop_command
{
734 my ($self, $description) = @_;
736 my $class = ref($self);
738 $class->register_method({
742 description
=> $description || "Stop the daemon.",
744 additionalProperties
=> 0,
747 returns
=> { type
=> 'null' },
758 sub register_status_command
{
759 my ($self, $description) = @_;
761 my $class = ref($self);
763 $class->register_method({
767 description
=> "Get daemon status.",
769 additionalProperties
=> 0,
774 enum
=> ['stopped', 'running'],
779 return $self->running() ?
'running' : 'stopped';
785 sub create_reusable_socket
{
786 my ($self, $port, $host) = @_;
788 die "no port specifed" if !$port;
790 my ($socket, $sockfd);
792 if (defined($sockfd = $ENV{"PVE_DAEMON_SOCKET_$port"}) &&
793 $self->{env_restart_pve_daemon
}) {
795 die "unable to parse socket fd '$sockfd'\n"
796 if $sockfd !~ m/^(\d+)$/;
797 $sockfd = $1; # untaint
799 $socket = IO
::Socket
::INET-
>new;
800 $socket->fdopen($sockfd, 'w') ||
801 die "cannot fdopen file descriptor '$sockfd' - $!\n";
805 $socket = IO
::Socket
::INET-
>new(
811 die "unable to create socket - $@\n";
813 # we often observe delays when using Nagle algorithm,
814 # so we disable that to maximize performance
815 setsockopt($socket, IPPROTO_TCP
, TCP_NODELAY
, 1);
817 $ENV{"PVE_DAEMON_SOCKET_$port"} = $socket->fileno;
820 # remove FD_CLOEXEC bit to reuse on exec
821 $socket->fcntl(Fcntl
::F_SETFD
(), 0);