1
0

konfd.c 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644
  1. /*
  2. * konfd.c
  3. *
  4. * The konfd daemon to store user configuration commands.
  5. *
  6. */
  7. #ifdef HAVE_CONFIG_H
  8. #include "config.h"
  9. #endif /* HAVE_CONFIG_H */
  10. #include <stdio.h>
  11. #include <stdlib.h>
  12. #include <unistd.h>
  13. #include <sys/types.h>
  14. #include <sys/stat.h>
  15. #include <fcntl.h>
  16. #include <sys/wait.h>
  17. #include <errno.h>
  18. #include <assert.h>
  19. #include <sys/socket.h>
  20. #include <sys/un.h>
  21. #include <string.h>
  22. #include <sys/select.h>
  23. #include <signal.h>
  24. #include <syslog.h>
  25. #ifdef HAVE_GETOPT_H
  26. #include <getopt.h>
  27. #endif
  28. #include <pwd.h>
  29. #include <grp.h>
  30. #include "clish/private.h"
  31. #include "konf/tree.h"
  32. #include "konf/query.h"
  33. #include "konf/buf.h"
  34. #include "lub/argv.h"
  35. #include "lub/string.h"
  36. #ifndef VERSION
  37. #define VERSION 1.2.2
  38. #endif
  39. #define QUOTE(t) #t
  40. #define version(v) printf("%s\n", v)
  41. #define KONFD_PIDFILE "/var/run/konfd.pid"
  42. /* UNIX socket path */
  43. #ifndef UNIX_PATH_MAX
  44. #define UNIX_PATH_MAX 108
  45. #endif
  46. /* OpenBSD has no MSG_NOSIGNAL flag */
  47. #ifndef MSG_NOSIGNAL
  48. #define MSG_NOSIGNAL 0
  49. #endif
  50. #define MAXMSG 1024
  51. /* Global signal vars */
  52. static volatile int sigterm = 0;
  53. static void sighandler(int signo);
  54. static void help(int status, const char *argv0);
  55. static char * process_query(int sock, konf_tree_t * conf, char *str);
  56. int answer_send(int sock, char *command);
  57. static int dump_running_config(int sock, konf_tree_t *conf, konf_query_t *query);
  58. int daemonize(int nochdir, int noclose);
  59. struct options *opts_init(void);
  60. void opts_free(struct options *opts);
  61. static int opts_parse(int argc, char *argv[], struct options *opts);
  62. /* Command line options */
  63. struct options {
  64. char *socket_path;
  65. char *pidfile;
  66. int debug; /* Don't daemonize in debug mode */
  67. uid_t uid;
  68. gid_t gid;
  69. };
  70. /*--------------------------------------------------------- */
  71. int main(int argc, char **argv)
  72. {
  73. int retval = -1;
  74. unsigned i;
  75. char *str;
  76. konf_tree_t *conf;
  77. lub_bintree_t bufs;
  78. konf_buf_t *tbuf;
  79. struct options *opts = NULL;
  80. int pidfd = -1;
  81. /* Network vars */
  82. int sock = -1;
  83. struct sockaddr_un laddr;
  84. struct sockaddr_un raddr;
  85. fd_set active_fd_set, read_fd_set;
  86. const int reuseaddr = 1;
  87. /* Signal vars */
  88. struct sigaction sig_act, sigpipe_act;
  89. sigset_t sig_set, sigpipe_set;
  90. /* Initialize syslog */
  91. openlog(argv[0], LOG_CONS | LOG_PERROR, LOG_DAEMON);
  92. /* Parse command line options */
  93. opts = opts_init();
  94. if (opts_parse(argc, argv, opts))
  95. goto err;
  96. /* Fork the daemon */
  97. if (!opts->debug) {
  98. /* Daemonize */
  99. if (daemonize(0, 0) < 0) {
  100. syslog(LOG_ERR, "Can't daemonize\n");
  101. goto err;
  102. }
  103. /* Write pidfile */
  104. if ((pidfd = open(opts->pidfile,
  105. O_WRONLY | O_CREAT | O_EXCL | O_TRUNC,
  106. S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)) < 0) {
  107. syslog(LOG_WARNING, "Can't open pidfile %s: %s",
  108. opts->pidfile, strerror(errno));
  109. } else {
  110. char str[20];
  111. snprintf(str, sizeof(str), "%u\n", getpid());
  112. if (write(pidfd, str, strlen(str)) < 0)
  113. syslog(LOG_WARNING, "Can't write to %s: %s",
  114. opts->pidfile, strerror(errno));
  115. close(pidfd);
  116. }
  117. }
  118. /* Change GID */
  119. if (opts->gid != getgid()) {
  120. if (setgid(opts->gid)) {
  121. syslog(LOG_ERR, "Can't set GID to %u: %s",
  122. opts->gid, strerror(errno));
  123. goto err;
  124. }
  125. }
  126. /* Change UID */
  127. if (opts->uid != getuid()) {
  128. if (setuid(opts->uid)) {
  129. syslog(LOG_ERR, "Can't set UID to %u: %s",
  130. opts->uid, strerror(errno));
  131. goto err;
  132. }
  133. }
  134. /* Create listen socket */
  135. if ((sock = socket(AF_UNIX, SOCK_STREAM, 0)) == -1) {
  136. syslog(LOG_ERR, "Can't create listen socket: %s\n",
  137. strerror(errno));
  138. goto err;
  139. }
  140. if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR,
  141. &reuseaddr, sizeof(reuseaddr))) {
  142. syslog(LOG_ERR, "Can't set socket options: %s\n", strerror(errno));
  143. goto err;
  144. }
  145. laddr.sun_family = AF_UNIX;
  146. strncpy(laddr.sun_path, opts->socket_path, UNIX_PATH_MAX);
  147. laddr.sun_path[UNIX_PATH_MAX - 1] = '\0';
  148. if (bind(sock, (struct sockaddr *)&laddr, sizeof(laddr))) {
  149. syslog(LOG_ERR, "Can't bind socket: %s\n",
  150. strerror(errno));
  151. goto err;
  152. }
  153. listen(sock, 5);
  154. /* Create configuration tree */
  155. conf = konf_tree_new("", 0);
  156. /* Initialize the tree of buffers */
  157. lub_bintree_init(&bufs,
  158. konf_buf_bt_offset(),
  159. konf_buf_bt_compare, konf_buf_bt_getkey);
  160. /* Set signal handler */
  161. sigemptyset(&sig_set);
  162. sigaddset(&sig_set, SIGTERM);
  163. sigaddset(&sig_set, SIGINT);
  164. sigaddset(&sig_set, SIGQUIT);
  165. sig_act.sa_flags = 0;
  166. sig_act.sa_mask = sig_set;
  167. sig_act.sa_handler = &sighandler;
  168. sigaction(SIGTERM, &sig_act, NULL);
  169. sigaction(SIGINT, &sig_act, NULL);
  170. sigaction(SIGQUIT, &sig_act, NULL);
  171. /* Ignore SIGPIPE */
  172. sigemptyset(&sigpipe_set);
  173. sigaddset(&sigpipe_set, SIGPIPE);
  174. sigpipe_act.sa_flags = 0;
  175. sigpipe_act.sa_mask = sigpipe_set;
  176. sigpipe_act.sa_handler = SIG_IGN;
  177. sigaction(SIGPIPE, &sigpipe_act, NULL);
  178. /* Initialize the set of active sockets. */
  179. FD_ZERO(&active_fd_set);
  180. FD_SET(sock, &active_fd_set);
  181. /* Main loop */
  182. while (!sigterm) {
  183. int num;
  184. /* Block until input arrives on one or more active sockets. */
  185. read_fd_set = active_fd_set;
  186. num = select(FD_SETSIZE, &read_fd_set, NULL, NULL, NULL);
  187. if (num < 0) {
  188. if (EINTR == errno)
  189. continue;
  190. break;
  191. }
  192. if (0 == num)
  193. continue;
  194. /* Service all the sockets with input pending. */
  195. for (i = 0; i < FD_SETSIZE; ++i) {
  196. if (FD_ISSET(i, &read_fd_set)) {
  197. if (i == sock) {
  198. /* Connection request on original socket. */
  199. int new;
  200. socklen_t size;
  201. size = sizeof(raddr);
  202. new = accept(sock, (struct sockaddr *)
  203. &raddr, &size);
  204. if (new < 0) {
  205. fprintf(stderr, "accept");
  206. continue;
  207. }
  208. #ifdef DEBUG
  209. fprintf(stderr, "Connection established %u\n", new);
  210. #endif
  211. konf_buftree_remove(&bufs, new);
  212. tbuf = konf_buf_new(new);
  213. /* insert it into the binary tree for this conf */
  214. lub_bintree_insert(&bufs, tbuf);
  215. FD_SET(new, &active_fd_set);
  216. } else {
  217. int nbytes;
  218. /* Data arriving on an already-connected socket. */
  219. if ((nbytes = konf_buftree_read(&bufs, i)) <= 0) {
  220. close(i);
  221. FD_CLR(i, &active_fd_set);
  222. konf_buftree_remove(&bufs, i);
  223. continue;
  224. }
  225. while ((str = konf_buftree_parse(&bufs, i))) {
  226. char *answer;
  227. if (!(answer = process_query(i, conf, str)))
  228. answer = lub_string_dup("-e");
  229. lub_string_free(str);
  230. answer_send(i, answer);
  231. lub_string_free(answer);
  232. }
  233. }
  234. }
  235. }
  236. }
  237. /* Free resources */
  238. konf_tree_delete(conf);
  239. /* delete each buf */
  240. while ((tbuf = lub_bintree_findfirst(&bufs))) {
  241. /* remove the buf from the tree */
  242. lub_bintree_remove(&bufs, tbuf);
  243. /* release the instance */
  244. konf_buf_delete(tbuf);
  245. }
  246. retval = 0;
  247. err:
  248. /* Close listen socket */
  249. if (sock >= 0) {
  250. close(sock);
  251. unlink(opts->socket_path);
  252. }
  253. /* Restore original EUID for cleanup */
  254. /* if (getuid() != geteuid())
  255. seteuid(getuid());
  256. */
  257. /* Remove pidfile */
  258. if (pidfd >= 0) {
  259. if (unlink(opts->pidfile) < 0) {
  260. syslog(LOG_ERR, "Can't remove pid-file %s: %s\n",
  261. opts->pidfile, strerror(errno));
  262. }
  263. }
  264. /* Free command line options */
  265. opts_free(opts);
  266. return retval;
  267. }
  268. /*--------------------------------------------------------- */
  269. static char * process_query(int sock, konf_tree_t * conf, char *str)
  270. {
  271. unsigned i;
  272. int res;
  273. konf_tree_t *iconf;
  274. konf_tree_t *tmpconf;
  275. konf_query_t *query;
  276. char *retval = NULL;
  277. konf_query_op_t ret;
  278. #ifdef DEBUG
  279. fprintf(stderr, "----------------------\n");
  280. fprintf(stderr, "REQUEST: %s\n", str);
  281. #endif
  282. /* Parse query */
  283. query = konf_query_new();
  284. res = konf_query_parse_str(query, str);
  285. if (res < 0) {
  286. konf_query_free(query);
  287. return NULL;
  288. }
  289. #ifdef DEBUG
  290. konf_query_dump(query);
  291. #endif
  292. /* Go through the pwd */
  293. iconf = conf;
  294. for (i = 0; i < konf_query__get_pwdc(query); i++) {
  295. if (!
  296. (iconf =
  297. konf_tree_find_conf(iconf, konf_query__get_pwd(query, i), 0, 0))) {
  298. iconf = NULL;
  299. break;
  300. }
  301. }
  302. if (!iconf) {
  303. fprintf(stderr, "Unknown path\n");
  304. konf_query_free(query);
  305. return NULL;
  306. }
  307. switch (konf_query__get_op(query)) {
  308. case KONF_QUERY_OP_SET:
  309. if (konf_query__get_unique(query)) {
  310. if (konf_tree_find_conf(iconf,
  311. konf_query__get_line(query), 0, 0)) {
  312. ret = KONF_QUERY_OP_OK;
  313. break;
  314. }
  315. konf_tree_del_pattern(iconf,
  316. konf_query__get_pattern(query),
  317. konf_query__get_priority(query),
  318. konf_query__get_seq(query),
  319. konf_query__get_seq_num(query));
  320. }
  321. tmpconf = konf_tree_new_conf(iconf,
  322. konf_query__get_line(query), konf_query__get_priority(query),
  323. konf_query__get_seq(query), konf_query__get_seq_num(query));
  324. if (!tmpconf) {
  325. ret = KONF_QUERY_OP_ERROR;
  326. break;
  327. }
  328. konf_tree__set_splitter(tmpconf, konf_query__get_splitter(query));
  329. konf_tree__set_depth(tmpconf, konf_query__get_pwdc(query));
  330. ret = KONF_QUERY_OP_OK;
  331. break;
  332. case KONF_QUERY_OP_UNSET:
  333. konf_tree_del_pattern(iconf,
  334. konf_query__get_pattern(query), konf_query__get_priority(query),
  335. konf_query__get_seq(query), konf_query__get_seq_num(query));
  336. ret = KONF_QUERY_OP_OK;
  337. break;
  338. case KONF_QUERY_OP_DUMP:
  339. if (dump_running_config(sock, iconf, query))
  340. ret = KONF_QUERY_OP_ERROR;
  341. else
  342. ret = KONF_QUERY_OP_OK;
  343. break;
  344. default:
  345. ret = KONF_QUERY_OP_ERROR;
  346. break;
  347. }
  348. #ifdef DEBUG
  349. /* Print whole tree */
  350. konf_tree_fprintf(conf, stderr, NULL, -1, BOOL_TRUE, 0);
  351. #endif
  352. /* Free resources */
  353. konf_query_free(query);
  354. switch (ret) {
  355. case KONF_QUERY_OP_OK:
  356. lub_string_cat(&retval, "-o");
  357. break;
  358. case KONF_QUERY_OP_ERROR:
  359. lub_string_cat(&retval, "-e");
  360. break;
  361. default:
  362. lub_string_cat(&retval, "-e");
  363. break;
  364. };
  365. return retval;
  366. }
  367. /*--------------------------------------------------------- */
  368. /*
  369. * Signal handler for temination signals (like SIGTERM, SIGINT, ...)
  370. */
  371. static void sighandler(int signo)
  372. {
  373. sigterm = 1;
  374. }
  375. /*--------------------------------------------------------- */
  376. int answer_send(int sock, char *command)
  377. {
  378. return send(sock, command, strlen(command) + 1, MSG_NOSIGNAL);
  379. }
  380. /*--------------------------------------------------------- */
  381. static int dump_running_config(int sock, konf_tree_t *conf, konf_query_t *query)
  382. {
  383. FILE *fd;
  384. char *filename;
  385. int dupsock = -1;
  386. if ((filename = konf_query__get_path(query))) {
  387. if (!(fd = fopen(filename, "w")))
  388. return -1;
  389. } else {
  390. if ((dupsock = dup(sock)) < 0)
  391. return -1;
  392. fd = fdopen(dupsock, "w");
  393. }
  394. if (!filename) {
  395. fprintf(fd, "-t\n");
  396. #ifdef DEBUG
  397. fprintf(stderr, "ANSWER: -t\n");
  398. #endif
  399. }
  400. konf_tree_fprintf(conf,
  401. fd,
  402. konf_query__get_pattern(query),
  403. konf_query__get_pwdc(query) - 1,
  404. konf_query__get_seq(query),
  405. 0);
  406. if (!filename) {
  407. fprintf(fd, "\n");
  408. #ifdef DEBUG
  409. fprintf(stderr, "SEND DATA: \n");
  410. #endif
  411. }
  412. fclose(fd);
  413. return 0;
  414. }
  415. /*--------------------------------------------------------- */
  416. /* Implement own simple daemon() to don't use Non-POSIX */
  417. int daemonize(int nochdir, int noclose)
  418. {
  419. int fd;
  420. int pid;
  421. pid = fork();
  422. if (-1 == pid)
  423. return -1;
  424. if (pid > 0)
  425. _exit(0); /* Exit parent */
  426. if (setsid() == -1)
  427. return -1;
  428. if (!nochdir)
  429. chdir("/");
  430. if (!noclose) {
  431. fd = open("/dev/null", O_RDWR, 0);
  432. if (fd < 0)
  433. return -1;
  434. dup2(fd, STDIN_FILENO);
  435. dup2(fd, STDOUT_FILENO);
  436. dup2(fd, STDERR_FILENO);
  437. if (fd > 2)
  438. close(fd);
  439. }
  440. return 0;
  441. }
  442. /*--------------------------------------------------------- */
  443. /* Initialize option structure by defaults */
  444. struct options *opts_init(void)
  445. {
  446. struct options *opts = NULL;
  447. opts = malloc(sizeof(*opts));
  448. assert(opts);
  449. opts->debug = 0; /* daemonize by default */
  450. opts->socket_path = lub_string_dup(KONFD_SOCKET_PATH);
  451. opts->pidfile = lub_string_dup(KONFD_PIDFILE);
  452. opts->uid = getuid();
  453. opts->gid = getgid();
  454. return opts;
  455. }
  456. /*--------------------------------------------------------- */
  457. /* Free option structure */
  458. void opts_free(struct options *opts)
  459. {
  460. if (opts->socket_path)
  461. lub_string_free(opts->socket_path);
  462. if (opts->pidfile)
  463. lub_string_free(opts->pidfile);
  464. free(opts);
  465. }
  466. /*--------------------------------------------------------- */
  467. /* Parse command line options */
  468. static int opts_parse(int argc, char *argv[], struct options *opts)
  469. {
  470. static const char *shortopts = "hvs:p:u:g:d";
  471. #ifdef HAVE_GETOPT_H
  472. static const struct option longopts[] = {
  473. {"help", 0, NULL, 'h'},
  474. {"version", 0, NULL, 'v'},
  475. {"socket", 1, NULL, 's'},
  476. {"pid", 1, NULL, 'p'},
  477. {"user", 1, NULL, 'u'},
  478. {"group", 1, NULL, 'g'},
  479. {"debug", 0, NULL, 'd'},
  480. {NULL, 0, NULL, 0}
  481. };
  482. #endif
  483. optind = 0;
  484. while(1) {
  485. int opt;
  486. #ifdef HAVE_GETOPT_H
  487. opt = getopt_long(argc, argv, shortopts, longopts, NULL);
  488. #else
  489. opt = getopt(argc, argv, shortopts);
  490. #endif
  491. if (-1 == opt)
  492. break;
  493. switch (opt) {
  494. case 's':
  495. if (opts->socket_path)
  496. lub_string_free(opts->socket_path);
  497. opts->socket_path = lub_string_dup(optarg);
  498. break;
  499. case 'p':
  500. if (opts->pidfile)
  501. lub_string_free(opts->pidfile);
  502. opts->pidfile = lub_string_dup(optarg);
  503. break;
  504. case 'd':
  505. opts->debug = 1;
  506. break;
  507. case 'u': {
  508. struct passwd *pwd = getpwnam(optarg);
  509. if (!pwd) {
  510. syslog(LOG_ERR, "Can't identify user \"%s\"\n",
  511. optarg);
  512. return -1;
  513. }
  514. opts->uid = pwd->pw_uid;
  515. break;
  516. }
  517. case 'g': {
  518. struct group *grp = getgrnam(optarg);
  519. if (!grp) {
  520. syslog(LOG_ERR, "Can't identify group \"%s\"\n",
  521. optarg);
  522. return -1;
  523. }
  524. opts->gid = grp->gr_gid;
  525. break;
  526. }
  527. case 'h':
  528. help(0, argv[0]);
  529. exit(0);
  530. break;
  531. case 'v':
  532. version(VERSION);
  533. exit(0);
  534. break;
  535. default:
  536. help(-1, argv[0]);
  537. exit(-1);
  538. break;
  539. }
  540. }
  541. return 0;
  542. }
  543. /*--------------------------------------------------------- */
  544. /* Print help message */
  545. static void help(int status, const char *argv0)
  546. {
  547. const char *name = NULL;
  548. if (!argv0)
  549. return;
  550. /* Find the basename */
  551. name = strrchr(argv0, '/');
  552. if (name)
  553. name++;
  554. else
  555. name = argv0;
  556. if (status != 0) {
  557. fprintf(stderr, "Try `%s -h' for more information.\n",
  558. name);
  559. } else {
  560. printf("Usage: %s [options]\n", name);
  561. printf("Daemon to store user configuration (i.e. commands). "
  562. "The part of the klish project.\n");
  563. printf("Options:\n");
  564. printf("\t-v, --version\tPrint version.\n");
  565. printf("\t-h, --help\tPrint this help.\n");
  566. printf("\t-d, --debug\tDebug mode. Don't daemonize.\n");
  567. printf("\t-s <path>, --socket=<path>\tSpecify the UNIX socket "
  568. "filesystem path to listen on.\n");
  569. printf("\t-p <path>, --pid=<path>\tFile to save daemon's PID to.\n");
  570. printf("\t-u <user>, --user=<user>\tExecute process as"
  571. " specified user.\n");
  572. printf("\t-g <group>, --group=<group>\tExecute process as"
  573. " specified group.\n");
  574. }
  575. }