[mirror_lxc.git] / src / lxc / cmd / lxc_monitord.c

/*
 * lxc: linux Container library
 *
 * Copyright © 2012 Oracle.
 *
 * Authors:
 * Dwight Engen <dwight.engen@oracle.com>
 *
 * This library is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 2.1 of the License, or (at your option) any later version.
 *
 * This library is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this library; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
 */

#ifndef _GNU_SOURCE
#define _GNU_SOURCE 1
#endif
#include <errno.h>
#include <fcntl.h>
#include <net/if.h>
#include <netinet/in.h>
#include <pthread.h>
#include <setjmp.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/epoll.h>
#include <sys/param.h>
#include <sys/socket.h>
#include <sys/stat.h>
#include <sys/types.h>
#include <sys/un.h>
#include <unistd.h>

#include <lxc/lxccontainer.h>

#include "af_unix.h"
#include "config.h"
#include "log.h"
#include "mainloop.h"
#include "monitor.h"
#include "raw_syscalls.h"
#include "utils.h"

#define CLIENTFDS_CHUNK 64

lxc_log_define(lxc_monitord, lxc);

sigjmp_buf mark;

static void lxc_monitord_cleanup(void);

/*
 * Defines the structure to store the monitor information
 * @lxcpath        : the path being monitored
 * @fifofd         : the file descriptor for publishers (containers) to write state
 * @listenfd       : the file descriptor for subscribers (lxc-monitors) to connect
 * @clientfds      : accepted client file descriptors
 * @clientfds_size : number of file descriptors clientfds can hold
 * @clientfds_cnt  : the count of valid fds in clientfds
 * @descr          : the lxc_mainloop state
 */
struct lxc_monitor {
	const char *lxcpath;
	int fifofd;
	int listenfd;
	int *clientfds;
	int clientfds_size;
	int clientfds_cnt;
	struct lxc_epoll_descr descr;
};

static struct lxc_monitor monitor;
static int quit;

static int lxc_monitord_fifo_create(struct lxc_monitor *mon)
{
	struct flock lk;
	char fifo_path[PATH_MAX];
	int ret;

	ret = lxc_monitor_fifo_name(mon->lxcpath, fifo_path, sizeof(fifo_path), 1);
	if (ret < 0)
		return ret;

	ret = mknod(fifo_path, S_IFIFO | S_IRUSR | S_IWUSR, 0);
	if (ret < 0 && errno != EEXIST) {
		SYSINFO("Failed to mknod monitor fifo %s", fifo_path);
		return -1;
	}

	mon->fifofd = open(fifo_path, O_RDWR);
	if (mon->fifofd < 0) {
		SYSERROR("Failed to open monitor fifo %s", fifo_path);
		unlink(fifo_path);
		return -1;
	}

	lk.l_type = F_WRLCK;
	lk.l_whence = SEEK_SET;
	lk.l_start = 0;
	lk.l_len = 0;

	if (fcntl(mon->fifofd, F_SETLK, &lk) != 0) {
		/* another lxc-monitord is already running, don't start up */
		SYSDEBUG("lxc-monitord already running on lxcpath %s", mon->lxcpath);
		close(mon->fifofd);
		return -1;
	}

	return 0;
}

static int lxc_monitord_fifo_delete(struct lxc_monitor *mon)
{
	char fifo_path[PATH_MAX];
	int ret;

	ret = lxc_monitor_fifo_name(mon->lxcpath, fifo_path, sizeof(fifo_path), 0);
	if (ret < 0)
		return ret;

	unlink(fifo_path);
	return 0;
}

static void lxc_monitord_sockfd_remove(struct lxc_monitor *mon, int fd)
{
	int i;

	if (lxc_mainloop_del_handler(&mon->descr, fd))
		CRIT("File descriptor %d not found in mainloop", fd);
	close(fd);

	for (i = 0; i < mon->clientfds_cnt; i++)
		if (mon->clientfds[i] == fd)
			break;

	if (i >= mon->clientfds_cnt) {
		CRIT("File descriptor %d not found in clients array", fd);
		lxc_monitord_cleanup();
		exit(EXIT_FAILURE);
	}

	memmove(&mon->clientfds[i], &mon->clientfds[i+1],
		(mon->clientfds_cnt - i - 1) * sizeof(mon->clientfds[0]));
	mon->clientfds_cnt--;
}

static int lxc_monitord_sock_handler(int fd, uint32_t events, void *data,
				     struct lxc_epoll_descr *descr)
{
	struct lxc_monitor *mon = data;

	if (events & EPOLLIN) {
		int rc;
		char buf[4];

		rc = lxc_read_nointr(fd, buf, sizeof(buf));
		if (rc > 0 && !strncmp(buf, "quit", 4))
			quit = LXC_MAINLOOP_CLOSE;
	}

	if (events & EPOLLHUP)
		lxc_monitord_sockfd_remove(mon, fd);

	return quit;
}

static int lxc_monitord_sock_accept(int fd, uint32_t events, void *data,
				    struct lxc_epoll_descr *descr)
{
	int ret, clientfd;
	struct lxc_monitor *mon = data;
	struct ucred cred;
	socklen_t credsz = sizeof(cred);

	ret = LXC_MAINLOOP_ERROR;
	clientfd = accept(fd, NULL, 0);
	if (clientfd < 0) {
		SYSERROR("Failed to accept connection for client file descriptor %d", fd);
		goto out;
	}

	if (fcntl(clientfd, F_SETFD, FD_CLOEXEC)) {
		SYSERROR("Failed to set FD_CLOEXEC on client socket connection %d", clientfd);
		goto err1;
	}

	if (getsockopt(clientfd, SOL_SOCKET, SO_PEERCRED, &cred, &credsz)) {
		SYSERROR("Failed to get credentials on client socket connection %d", clientfd);
		goto err1;
	}

	if (cred.uid && cred.uid != geteuid()) {
		WARN("Monitor denied for uid %d on client socket connection %d", cred.uid, clientfd);
		goto err1;
	}

	if (mon->clientfds_cnt + 1 > mon->clientfds_size) {
		int *clientfds;

		clientfds = realloc(mon->clientfds,
				    (mon->clientfds_size + CLIENTFDS_CHUNK) * sizeof(mon->clientfds[0]));
		if (!clientfds) {
			ERROR("Failed to realloc memory for %d client file descriptors",
			      mon->clientfds_size + CLIENTFDS_CHUNK);
			goto err1;
		}

		mon->clientfds = clientfds;
		mon->clientfds_size += CLIENTFDS_CHUNK;
	}

	ret = lxc_mainloop_add_handler(&mon->descr, clientfd,
				       lxc_monitord_sock_handler, mon);
	if (ret < 0) {
		ERROR("Failed to add socket handler");
		goto err1;
	}

	mon->clientfds[mon->clientfds_cnt++] = clientfd;
	INFO("Accepted client file descriptor %d. Number of accepted file descriptors is now %d",
	     clientfd, mon->clientfds_cnt);
	goto out;

err1:
	close(clientfd);

out:
	return ret;
}

static int lxc_monitord_sock_create(struct lxc_monitor *mon)
{
	struct sockaddr_un addr;
	int fd;

	if (lxc_monitor_sock_name(mon->lxcpath, &addr) < 0)
		return -1;

	fd = lxc_abstract_unix_open(addr.sun_path, SOCK_STREAM, O_TRUNC);
	if (fd < 0) {
		SYSERROR("Failed to open unix socket");
		return -1;
	}

	mon->listenfd = fd;
	return 0;
}

static int lxc_monitord_sock_delete(struct lxc_monitor *mon)
{
	struct sockaddr_un addr;

	if (lxc_monitor_sock_name(mon->lxcpath, &addr) < 0)
		return -1;

	if (addr.sun_path[0])
		unlink(addr.sun_path);

	return 0;
}

static int lxc_monitord_create(struct lxc_monitor *mon)
{
	int ret;

	ret = lxc_monitord_fifo_create(mon);
	if (ret < 0)
		return ret;

	return lxc_monitord_sock_create(mon);
}

static void lxc_monitord_delete(struct lxc_monitor *mon)
{
	int i;

	lxc_mainloop_del_handler(&mon->descr, mon->listenfd);
	lxc_abstract_unix_close(mon->listenfd);
	lxc_monitord_sock_delete(mon);

	lxc_mainloop_del_handler(&mon->descr, mon->fifofd);
	lxc_monitord_fifo_delete(mon);
	close(mon->fifofd);

	for (i = 0; i < mon->clientfds_cnt; i++) {
		lxc_mainloop_del_handler(&mon->descr, mon->clientfds[i]);
		close(mon->clientfds[i]);
	}

	mon->clientfds_cnt = 0;
}

static int lxc_monitord_fifo_handler(int fd, uint32_t events, void *data,
				     struct lxc_epoll_descr *descr)
{
	int ret, i;
	struct lxc_msg msglxc;
	struct lxc_monitor *mon = data;

	ret = lxc_read_nointr(fd, &msglxc, sizeof(msglxc));
	if (ret != sizeof(msglxc)) {
		SYSERROR("Reading from fifo failed");
		return LXC_MAINLOOP_CLOSE;
	}

	for (i = 0; i < mon->clientfds_cnt; i++) {
		ret = lxc_write_nointr(mon->clientfds[i], &msglxc, sizeof(msglxc));
		if (ret < 0)
			SYSERROR("Failed to send message to client file descriptor %d",
				 mon->clientfds[i]);
	}

	return LXC_MAINLOOP_CONTINUE;
}

static int lxc_monitord_mainloop_add(struct lxc_monitor *mon)
{
	int ret;

	ret = lxc_mainloop_add_handler(&mon->descr, mon->fifofd,
				       lxc_monitord_fifo_handler, mon);
	if (ret < 0) {
		ERROR("Failed to add to mainloop monitor handler for fifo");
		return -1;
	}

	ret = lxc_mainloop_add_handler(&mon->descr, mon->listenfd,
				       lxc_monitord_sock_accept, mon);
	if (ret < 0) {
		ERROR("Failed to add to mainloop monitor handler for listen socket");
		return -1;
	}

	return 0;
}

static void lxc_monitord_cleanup(void)
{
	lxc_monitord_delete(&monitor);
}

static void lxc_monitord_sig_handler(int sig)
{
	siglongjmp(mark, 1);
}

int main(int argc, char *argv[])
{
	int ret, pipefd;
	char logpath[PATH_MAX];
	sigset_t mask;
	char *lxcpath = argv[1];
	bool mainloop_opened = false;
	bool monitord_created = false;
	struct lxc_log log;

	if (argc != 3) {
		fprintf(stderr,
			"Usage: lxc-monitord lxcpath sync-pipe-fd\n\n"
			"NOTE: lxc-monitord is intended for use by lxc internally\n"
			"      and does not need to be run by hand\n\n");
		exit(EXIT_FAILURE);
	}

	ret = snprintf(logpath, sizeof(logpath), "%s/lxc-monitord.log",
		       (strcmp(LXCPATH, lxcpath) ? lxcpath : LOGPATH));
	if (ret < 0 || ret >= sizeof(logpath))
		exit(EXIT_FAILURE);

	log.name = NULL;
	log.file = logpath;
	log.level = "DEBUG";
	log.prefix = "lxc-monitord";
	log.quiet = 0;
	log.lxcpath = lxcpath;

	ret = lxc_log_init(&log);
	if (ret)
		INFO("Failed to open log file %s, log will be lost", lxcpath);
	lxc_log_options_no_override();

	if (lxc_safe_int(argv[2], &pipefd) < 0)
		exit(EXIT_FAILURE);

	if (sigfillset(&mask) ||
	    sigdelset(&mask, SIGILL)  ||
	    sigdelset(&mask, SIGSEGV) ||
	    sigdelset(&mask, SIGBUS)  ||
	    sigdelset(&mask, SIGTERM) ||
	    pthread_sigmask(SIG_BLOCK, &mask, NULL)) {
		SYSERROR("Failed to set signal mask");
		exit(EXIT_FAILURE);
	}

	signal(SIGILL,  lxc_monitord_sig_handler);
	signal(SIGSEGV, lxc_monitord_sig_handler);
	signal(SIGBUS,  lxc_monitord_sig_handler);
	signal(SIGTERM, lxc_monitord_sig_handler);

	if (sigsetjmp(mark, 1) != 0)
		goto on_signal;

	ret = EXIT_FAILURE;

	memset(&monitor, 0, sizeof(monitor));
	monitor.lxcpath = lxcpath;
	if (lxc_mainloop_open(&monitor.descr)) {
		ERROR("Failed to create mainloop");
		goto on_error;
	}
	mainloop_opened = true;

	if (lxc_monitord_create(&monitor))
		goto on_error;
	monitord_created = true;

	/* sync with parent, we're ignoring the return from write
	 * because regardless if it works or not, the following
	 * close will sync us with the parent process. the
	 * if-empty-statement construct is to quiet the
	 * warn-unused-result warning.
	 */
	if (lxc_write_nointr(pipefd, "S", 1))
		;
	close(pipefd);

	if (lxc_monitord_mainloop_add(&monitor)) {
		ERROR("Failed to add mainloop handlers");
		goto on_error;
	}

	NOTICE("lxc-monitord with pid %d is now monitoring lxcpath %s",
	       lxc_raw_getpid(), monitor.lxcpath);

	for (;;) {
		ret = lxc_mainloop(&monitor.descr, 1000 * 30);
		if (ret) {
			ERROR("mainloop returned an error");
			break;
		}

		if (monitor.clientfds_cnt <= 0) {
			NOTICE("No remaining clients. lxc-monitord is exiting");
			break;
		}

		if (quit == LXC_MAINLOOP_CLOSE) {
			NOTICE("Got quit command. lxc-monitord is exiting");
			break;
		}
	}

on_signal:
	ret = EXIT_SUCCESS;

on_error:
	if (monitord_created)
		lxc_monitord_cleanup();

	if (mainloop_opened)
		lxc_mainloop_close(&monitor.descr);

	exit(ret);
}
Commit	Line	Data
e51d4895 DE	1	/*
	2	* lxc: linux Container library
	3	*
	4	* Copyright © 2012 Oracle.
	5	*
	6	* Authors:
	7	* Dwight Engen <dwight.engen@oracle.com>
	8	*
	9	* This library is free software; you can redistribute it and/or
	10	* modify it under the terms of the GNU Lesser General Public
	11	* License as published by the Free Software Foundation; either
	12	* version 2.1 of the License, or (at your option) any later version.
	13	*
	14	* This library is distributed in the hope that it will be useful,
	15	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	16	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	17	* Lesser General Public License for more details.
	18	*
	19	* You should have received a copy of the GNU Lesser General Public
	20	* License along with this library; if not, write to the Free Software
250b1eec	21	* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
e51d4895 DE	22	*/
e51d4895 DE	23
d38dd64a CB	24	#ifndef _GNU_SOURCE
	25	#define _GNU_SOURCE 1
	26	#endif
e51d4895	27	#include <errno.h>
e51d4895	28	#include <fcntl.h>
2ec1c484 TH	29	#include <net/if.h>
2ec1c484 TH	30	#include <netinet/in.h>
b467714b	31	#include <pthread.h>
2ec1c484	32	#include <setjmp.h>
60e4f6fa CB	33	#include <signal.h>
	34	#include <stdio.h>
	35	#include <stdlib.h>
	36	#include <string.h>
2afd1dc0	37	#include <sys/epoll.h>
e51d4895 DE	38	#include <sys/param.h>
e51d4895 DE	39	#include <sys/socket.h>
60e4f6fa CB	40	#include <sys/stat.h>
60e4f6fa CB	41	#include <sys/types.h>
e51d4895	42	#include <sys/un.h>
2ec1c484	43	#include <unistd.h>
e51d4895	44
1194822f CB	45	#include <lxc/lxccontainer.h>
1194822f CB	46
f2363e38	47	#include "af_unix.h"
d38dd64a	48	#include "config.h"
f2363e38 ÇO	49	#include "log.h"
	50	#include "mainloop.h"
	51	#include "monitor.h"
d7b58715	52	#include "raw_syscalls.h"
f2363e38	53	#include "utils.h"
e51d4895 DE	54
	55	#define CLIENTFDS_CHUNK 64
	56
	57	lxc_log_define(lxc_monitord, lxc);
	58
d0dacf05 CB	59	sigjmp_buf mark;
d0dacf05 CB	60
e51d4895 DE	61	static void lxc_monitord_cleanup(void);
	62
	63	/*
	64	* Defines the structure to store the monitor information
	65	* @lxcpath : the path being monitored
	66	* @fifofd : the file descriptor for publishers (containers) to write state
	67	* @listenfd : the file descriptor for subscribers (lxc-monitors) to connect
	68	* @clientfds : accepted client file descriptors
	69	* @clientfds_size : number of file descriptors clientfds can hold
	70	* @clientfds_cnt : the count of valid fds in clientfds
	71	* @descr : the lxc_mainloop state
	72	*/
	73	struct lxc_monitor {
	74	const char *lxcpath;
	75	int fifofd;
	76	int listenfd;
	77	int *clientfds;
	78	int clientfds_size;
	79	int clientfds_cnt;
	80	struct lxc_epoll_descr descr;
	81	};
	82
632ac690	83	static struct lxc_monitor monitor;
2afd1dc0	84	static int quit;
8f47bc3f	85
e51d4895 DE	86	static int lxc_monitord_fifo_create(struct lxc_monitor *mon)
e51d4895 DE	87	{
8bf1e61e	88	struct flock lk;
e51d4895 DE	89	char fifo_path[PATH_MAX];
	90	int ret;
	91
9e60f51d DE	92	ret = lxc_monitor_fifo_name(mon->lxcpath, fifo_path, sizeof(fifo_path), 1);
	93	if (ret < 0)
	94	return ret;
e51d4895	95
32cf169f	96	ret = mknod(fifo_path, S_IFIFO \| S_IRUSR \| S_IWUSR, 0);
8bf1e61e	97	if (ret < 0 && errno != EEXIST) {
7874d81a	98	SYSINFO("Failed to mknod monitor fifo %s", fifo_path);
e51d4895 DE	99	return -1;
	100	}
	101
	102	mon->fifofd = open(fifo_path, O_RDWR);
	103	if (mon->fifofd < 0) {
9044b79e	104	SYSERROR("Failed to open monitor fifo %s", fifo_path);
e51d4895	105	unlink(fifo_path);
e51d4895 DE	106	return -1;
e51d4895 DE	107	}
8bf1e61e DE	108
	109	lk.l_type = F_WRLCK;
	110	lk.l_whence = SEEK_SET;
	111	lk.l_start = 0;
	112	lk.l_len = 0;
9044b79e	113
8bf1e61e DE	114	if (fcntl(mon->fifofd, F_SETLK, &lk) != 0) {
8bf1e61e DE	115	/* another lxc-monitord is already running, don't start up */
9044b79e	116	SYSDEBUG("lxc-monitord already running on lxcpath %s", mon->lxcpath);
8bf1e61e DE	117	close(mon->fifofd);
	118	return -1;
	119	}
9044b79e	120
e51d4895 DE	121	return 0;
	122	}
	123
	124	static int lxc_monitord_fifo_delete(struct lxc_monitor *mon)
	125	{
	126	char fifo_path[PATH_MAX];
	127	int ret;
	128
9e60f51d DE	129	ret = lxc_monitor_fifo_name(mon->lxcpath, fifo_path, sizeof(fifo_path), 0);
	130	if (ret < 0)
	131	return ret;
	132
e51d4895 DE	133	unlink(fifo_path);
	134	return 0;
	135	}
	136
2db65c21 TH	137	static void lxc_monitord_sockfd_remove(struct lxc_monitor *mon, int fd)
2db65c21 TH	138	{
e51d4895 DE	139	int i;
	140
	141	if (lxc_mainloop_del_handler(&mon->descr, fd))
9044b79e	142	CRIT("File descriptor %d not found in mainloop", fd);
e51d4895 DE	143	close(fd);
e51d4895 DE	144
9044b79e	145	for (i = 0; i < mon->clientfds_cnt; i++)
e51d4895 DE	146	if (mon->clientfds[i] == fd)
e51d4895 DE	147	break;
9044b79e	148
e51d4895	149	if (i >= mon->clientfds_cnt) {
9044b79e	150	CRIT("File descriptor %d not found in clients array", fd);
e51d4895 DE	151	lxc_monitord_cleanup();
	152	exit(EXIT_FAILURE);
	153	}
	154
	155	memmove(&mon->clientfds[i], &mon->clientfds[i+1],
	156	(mon->clientfds_cnt - i - 1) * sizeof(mon->clientfds[0]));
	157	mon->clientfds_cnt--;
	158	}
	159
84c92abd	160	static int lxc_monitord_sock_handler(int fd, uint32_t events, void *data,
e51d4895 DE	161	struct lxc_epoll_descr *descr)
	162	{
	163	struct lxc_monitor *mon = data;
	164
2afd1dc0 DE	165	if (events & EPOLLIN) {
	166	int rc;
	167	char buf[4];
	168
243fdadf	169	rc = lxc_read_nointr(fd, buf, sizeof(buf));
2afd1dc0	170	if (rc > 0 && !strncmp(buf, "quit", 4))
b2a48508	171	quit = LXC_MAINLOOP_CLOSE;
2afd1dc0 DE	172	}
	173
	174	if (events & EPOLLHUP)
	175	lxc_monitord_sockfd_remove(mon, fd);
9044b79e	176
2afd1dc0	177	return quit;
e51d4895 DE	178	}
e51d4895 DE	179
84c92abd	180	static int lxc_monitord_sock_accept(int fd, uint32_t events, void *data,
e51d4895 DE	181	struct lxc_epoll_descr *descr)
e51d4895 DE	182	{
2db65c21	183	int ret, clientfd;
e51d4895 DE	184	struct lxc_monitor *mon = data;
	185	struct ucred cred;
	186	socklen_t credsz = sizeof(cred);
	187
b2a48508	188	ret = LXC_MAINLOOP_ERROR;
e51d4895 DE	189	clientfd = accept(fd, NULL, 0);
e51d4895 DE	190	if (clientfd < 0) {
9044b79e	191	SYSERROR("Failed to accept connection for client file descriptor %d", fd);
e51d4895 DE	192	goto out;
	193	}
	194
	195	if (fcntl(clientfd, F_SETFD, FD_CLOEXEC)) {
9044b79e	196	SYSERROR("Failed to set FD_CLOEXEC on client socket connection %d", clientfd);
e51d4895 DE	197	goto err1;
	198	}
	199
9044b79e	200	if (getsockopt(clientfd, SOL_SOCKET, SO_PEERCRED, &cred, &credsz)) {
9044b79e	201	SYSERROR("Failed to get credentials on client socket connection %d", clientfd);
e51d4895 DE	202	goto err1;
e51d4895 DE	203	}
9044b79e	204
e51d4895	205	if (cred.uid && cred.uid != geteuid()) {
9044b79e	206	WARN("Monitor denied for uid %d on client socket connection %d", cred.uid, clientfd);
e51d4895 DE	207	goto err1;
	208	}
	209
	210	if (mon->clientfds_cnt + 1 > mon->clientfds_size) {
	211	int *clientfds;
9044b79e	212
e51d4895	213	clientfds = realloc(mon->clientfds,
60e4f6fa	214	(mon->clientfds_size + CLIENTFDS_CHUNK) * sizeof(mon->clientfds[0]));
55186593	215	if (!clientfds) {
9044b79e	216	ERROR("Failed to realloc memory for %d client file descriptors",
60e4f6fa	217	mon->clientfds_size + CLIENTFDS_CHUNK);
e51d4895 DE	218	goto err1;
e51d4895 DE	219	}
9044b79e	220
e51d4895 DE	221	mon->clientfds = clientfds;
	222	mon->clientfds_size += CLIENTFDS_CHUNK;
	223	}
	224
	225	ret = lxc_mainloop_add_handler(&mon->descr, clientfd,
	226	lxc_monitord_sock_handler, mon);
9044b79e	227	if (ret < 0) {
9044b79e	228	ERROR("Failed to add socket handler");
e51d4895 DE	229	goto err1;
	230	}
	231
	232	mon->clientfds[mon->clientfds_cnt++] = clientfd;
9044b79e	233	INFO("Accepted client file descriptor %d. Number of accepted file descriptors is now %d",
9044b79e	234	clientfd, mon->clientfds_cnt);
e51d4895 DE	235	goto out;
	236
	237	err1:
	238	close(clientfd);
9044b79e	239
e51d4895 DE	240	out:
	241	return ret;
	242	}
	243
	244	static int lxc_monitord_sock_create(struct lxc_monitor *mon)
	245	{
	246	struct sockaddr_un addr;
	247	int fd;
	248
	249	if (lxc_monitor_sock_name(mon->lxcpath, &addr) < 0)
	250	return -1;
	251
aae93dd3	252	fd = lxc_abstract_unix_open(addr.sun_path, SOCK_STREAM, O_TRUNC);
e51d4895	253	if (fd < 0) {
6d1400b5	254	SYSERROR("Failed to open unix socket");
e51d4895 DE	255	return -1;
	256	}
	257
	258	mon->listenfd = fd;
	259	return 0;
	260	}
	261
	262	static int lxc_monitord_sock_delete(struct lxc_monitor *mon)
	263	{
	264	struct sockaddr_un addr;
	265
	266	if (lxc_monitor_sock_name(mon->lxcpath, &addr) < 0)
	267	return -1;
9044b79e	268
e51d4895 DE	269	if (addr.sun_path[0])
e51d4895 DE	270	unlink(addr.sun_path);
9044b79e	271
e51d4895 DE	272	return 0;
	273	}
	274
	275	static int lxc_monitord_create(struct lxc_monitor *mon)
	276	{
	277	int ret;
	278
	279	ret = lxc_monitord_fifo_create(mon);
	280	if (ret < 0)
	281	return ret;
	282
9044b79e	283	return lxc_monitord_sock_create(mon);
e51d4895 DE	284	}
	285
	286	static void lxc_monitord_delete(struct lxc_monitor *mon)
	287	{
	288	int i;
	289
	290	lxc_mainloop_del_handler(&mon->descr, mon->listenfd);
9044b79e	291	lxc_abstract_unix_close(mon->listenfd);
e51d4895 DE	292	lxc_monitord_sock_delete(mon);
	293
	294	lxc_mainloop_del_handler(&mon->descr, mon->fifofd);
e51d4895	295	lxc_monitord_fifo_delete(mon);
8bf1e61e	296	close(mon->fifofd);
e51d4895 DE	297
	298	for (i = 0; i < mon->clientfds_cnt; i++) {
	299	lxc_mainloop_del_handler(&mon->descr, mon->clientfds[i]);
	300	close(mon->clientfds[i]);
	301	}
9044b79e	302
e51d4895 DE	303	mon->clientfds_cnt = 0;
	304	}
	305
84c92abd	306	static int lxc_monitord_fifo_handler(int fd, uint32_t events, void *data,
e51d4895 DE	307	struct lxc_epoll_descr *descr)
e51d4895 DE	308	{
2db65c21	309	int ret, i;
e51d4895 DE	310	struct lxc_msg msglxc;
	311	struct lxc_monitor *mon = data;
	312
243fdadf	313	ret = lxc_read_nointr(fd, &msglxc, sizeof(msglxc));
e51d4895	314	if (ret != sizeof(msglxc)) {
b5be6a7c	315	SYSERROR("Reading from fifo failed");
b2a48508	316	return LXC_MAINLOOP_CLOSE;
e51d4895 DE	317	}
	318
	319	for (i = 0; i < mon->clientfds_cnt; i++) {
ff50dd77	320	ret = lxc_write_nointr(mon->clientfds[i], &msglxc, sizeof(msglxc));
60e4f6fa	321	if (ret < 0)
6d1400b5	322	SYSERROR("Failed to send message to client file descriptor %d",
2db65c21	323	mon->clientfds[i]);
e51d4895 DE	324	}
e51d4895 DE	325
b2a48508	326	return LXC_MAINLOOP_CONTINUE;
e51d4895 DE	327	}
	328
	329	static int lxc_monitord_mainloop_add(struct lxc_monitor *mon)
	330	{
	331	int ret;
	332
	333	ret = lxc_mainloop_add_handler(&mon->descr, mon->fifofd,
	334	lxc_monitord_fifo_handler, mon);
	335	if (ret < 0) {
9044b79e	336	ERROR("Failed to add to mainloop monitor handler for fifo");
e51d4895 DE	337	return -1;
	338	}
	339
	340	ret = lxc_mainloop_add_handler(&mon->descr, mon->listenfd,
	341	lxc_monitord_sock_accept, mon);
	342	if (ret < 0) {
9044b79e	343	ERROR("Failed to add to mainloop monitor handler for listen socket");
e51d4895 DE	344	return -1;
	345	}
	346
	347	return 0;
	348	}
	349
	350	static void lxc_monitord_cleanup(void)
	351	{
632ac690	352	lxc_monitord_delete(&monitor);
e51d4895 DE	353	}
	354
	355	static void lxc_monitord_sig_handler(int sig)
	356	{
d0dacf05	357	siglongjmp(mark, 1);
e51d4895 DE	358	}
	359
	360	int main(int argc, char *argv[])
	361	{
60e4f6fa	362	int ret, pipefd;
e51d4895 DE	363	char logpath[PATH_MAX];
e51d4895 DE	364	sigset_t mask;
60e4f6fa	365	char *lxcpath = argv[1];
5cc0f22d CB	366	bool mainloop_opened = false;
5cc0f22d CB	367	bool monitord_created = false;
73b910a3	368	struct lxc_log log;
e51d4895 DE	369
	370	if (argc != 3) {
	371	fprintf(stderr,
	372	"Usage: lxc-monitord lxcpath sync-pipe-fd\n\n"
	373	"NOTE: lxc-monitord is intended for use by lxc internally\n"
	374	" and does not need to be run by hand\n\n");
	375	exit(EXIT_FAILURE);
	376	}
	377
	378	ret = snprintf(logpath, sizeof(logpath), "%s/lxc-monitord.log",
2db65c21	379	(strcmp(LXCPATH, lxcpath) ? lxcpath : LOGPATH));
e51d4895	380	if (ret < 0 \|\| ret >= sizeof(logpath))
7e5af997	381	exit(EXIT_FAILURE);
e51d4895	382
73b910a3	383	log.name = NULL;
73b910a3	384	log.file = logpath;
4b73005c	385	log.level = "DEBUG";
73b910a3	386	log.prefix = "lxc-monitord";
	387	log.quiet = 0;
	388	log.lxcpath = lxcpath;
9044b79e	389
73b910a3	390	ret = lxc_log_init(&log);
e51d4895	391	if (ret)
9044b79e	392	INFO("Failed to open log file %s, log will be lost", lxcpath);
6edbfc86	393	lxc_log_options_no_override();
e51d4895	394
7e5af997 CB	395	if (lxc_safe_int(argv[2], &pipefd) < 0)
7e5af997 CB	396	exit(EXIT_FAILURE);
e51d4895 DE	397
	398	if (sigfillset(&mask) \|\|
	399	sigdelset(&mask, SIGILL) \|\|
	400	sigdelset(&mask, SIGSEGV) \|\|
	401	sigdelset(&mask, SIGBUS) \|\|
	402	sigdelset(&mask, SIGTERM) \|\|
b467714b	403	pthread_sigmask(SIG_BLOCK, &mask, NULL)) {
9044b79e	404	SYSERROR("Failed to set signal mask");
7e5af997	405	exit(EXIT_FAILURE);
e51d4895 DE	406	}
	407
	408	signal(SIGILL, lxc_monitord_sig_handler);
	409	signal(SIGSEGV, lxc_monitord_sig_handler);
	410	signal(SIGBUS, lxc_monitord_sig_handler);
	411	signal(SIGTERM, lxc_monitord_sig_handler);
	412
d0dacf05 CB	413	if (sigsetjmp(mark, 1) != 0)
	414	goto on_signal;
	415
e51d4895	416	ret = EXIT_FAILURE;
9044b79e	417
632ac690 CB	418	memset(&monitor, 0, sizeof(monitor));
	419	monitor.lxcpath = lxcpath;
	420	if (lxc_mainloop_open(&monitor.descr)) {
9044b79e	421	ERROR("Failed to create mainloop");
60e4f6fa	422	goto on_error;
e51d4895	423	}
5cc0f22d	424	mainloop_opened = true;
e51d4895	425
632ac690	426	if (lxc_monitord_create(&monitor))
60e4f6fa	427	goto on_error;
5cc0f22d	428	monitord_created = true;
e51d4895 DE	429
	430	/* sync with parent, we're ignoring the return from write
	431	* because regardless if it works or not, the following
	432	* close will sync us with the parent process. the
	433	* if-empty-statement construct is to quiet the
	434	* warn-unused-result warning.
	435	*/
ff50dd77	436	if (lxc_write_nointr(pipefd, "S", 1))
8f47bc3f	437	;
e51d4895 DE	438	close(pipefd);
e51d4895 DE	439
632ac690	440	if (lxc_monitord_mainloop_add(&monitor)) {
9044b79e	441	ERROR("Failed to add mainloop handlers");
60e4f6fa	442	goto on_error;
e51d4895 DE	443	}
e51d4895 DE	444
9044b79e	445	NOTICE("lxc-monitord with pid %d is now monitoring lxcpath %s",
632ac690	446	lxc_raw_getpid(), monitor.lxcpath);
9044b79e	447
60e4f6fa	448	for (;;) {
632ac690	449	ret = lxc_mainloop(&monitor.descr, 1000 * 30);
267bc7ed	450	if (ret) {
	451	ERROR("mainloop returned an error");
	452	break;
	453	}
9044b79e	454
632ac690	455	if (monitor.clientfds_cnt <= 0) {
9044b79e	456	NOTICE("No remaining clients. lxc-monitord is exiting");
e51d4895 DE	457	break;
e51d4895 DE	458	}
9044b79e	459
9044b79e	460	if (quit == LXC_MAINLOOP_CLOSE) {
52ab9e10	461	NOTICE("Got quit command. lxc-monitord is exiting");
267bc7ed	462	break;
267bc7ed	463	}
e51d4895 DE	464	}
e51d4895 DE	465
5cc0f22d	466	on_signal:
e51d4895	467	ret = EXIT_SUCCESS;
9044b79e	468
60e4f6fa	469	on_error:
5cc0f22d CB	470	if (monitord_created)
5cc0f22d CB	471	lxc_monitord_cleanup();
9044b79e	472
5cc0f22d	473	if (mainloop_opened)
632ac690	474	lxc_mainloop_close(&monitor.descr);
d0dacf05	475
5cc0f22d	476	exit(ret);
e51d4895	477	}