diff options
| -rw-r--r-- | .gitignore | 2 | ||||
| -rw-r--r-- | Makefile-man.am | 2 | ||||
| -rw-r--r-- | Makefile.am | 15 | ||||
| -rw-r--r-- | man/systemd-socket-proxyd.xml (renamed from man/systemd-saproxy.xml) | 26 | ||||
| l--------- | src/socket-proxy/Makefile (renamed from src/saproxy/Makefile) | 0 | ||||
| -rw-r--r-- | src/socket-proxy/socket-proxyd.c (renamed from src/saproxy/saproxy.c) | 87 |
6 files changed, 60 insertions, 72 deletions
diff --git a/.gitignore b/.gitignore index 22485b42d6..f5acfce0a7 100644 --- a/.gitignore +++ b/.gitignore @@ -71,7 +71,7 @@ /systemd-reply-password /systemd-rfkill /systemd-run -/systemd-saproxy +/systemd-socket-proxyd /systemd-shutdown /systemd-shutdownd /systemd-sleep diff --git a/Makefile-man.am b/Makefile-man.am index 6b286bc48e..54798450fa 100644 --- a/Makefile-man.am +++ b/Makefile-man.am @@ -66,7 +66,7 @@ MANPAGES += \ man/systemd-nspawn.1 \ man/systemd-remount-fs.service.8 \ man/systemd-run.1 \ - man/systemd-saproxy.1 \ + man/systemd-socket-proxyd.1 \ man/systemd-shutdownd.service.8 \ man/systemd-sleep.conf.5 \ man/systemd-suspend.service.8 \ diff --git a/Makefile.am b/Makefile.am index 4a399c5236..05f6f90291 100644 --- a/Makefile.am +++ b/Makefile.am @@ -299,8 +299,7 @@ bin_PROGRAMS = \ systemd-detect-virt \ systemd-delta \ systemd-analyze \ - systemd-run \ - systemd-saproxy + systemd-run dist_bin_SCRIPTS = \ src/kernel-install/kernel-install @@ -321,7 +320,8 @@ rootlibexec_PROGRAMS = \ systemd-fsck \ systemd-ac-power \ systemd-sysctl \ - systemd-sleep + systemd-sleep \ + systemd-socket-proxyd systemgenerator_PROGRAMS = \ systemd-getty-generator \ @@ -3167,10 +3167,10 @@ EXTRA_DIST += \ # ------------------------------------------------------------------------------ -systemd_saproxy_SOURCES = \ - src/saproxy/saproxy.c +systemd_socket_proxyd_SOURCES = \ + src/socket-proxy/socket-proxyd.c -systemd_saproxy_LDADD = \ +systemd_socket_proxyd_LDADD = \ libsystemd-shared.la \ libsystemd-logs.la \ libsystemd-journal-internal.la \ @@ -3178,9 +3178,6 @@ systemd_saproxy_LDADD = \ libsystemd-daemon.la \ libsystemd-bus.la -systemd_saproxy_CFLAGS = \ - $(AM_CFLAGS) - # ------------------------------------------------------------------------------ if ENABLE_COREDUMP systemd_coredump_SOURCES = \ diff --git a/man/systemd-saproxy.xml b/man/systemd-socket-proxyd.xml index ff8218c1e2..90b3b1c3a4 100644 --- a/man/systemd-saproxy.xml +++ b/man/systemd-socket-proxyd.xml @@ -20,9 +20,9 @@ You should have received a copy of the GNU Lesser General Public License along with systemd; If not, see <http://www.gnu.org/licenses/>. --> -<refentry id="systemd-saproxy"> +<refentry id="systemd-socket-proxyd"> <refentryinfo> - <title>systemd-saproxy</title> + <title>systemd-socket-proxyd</title> <productname>systemd</productname> <authorgroup> <author> @@ -34,23 +34,23 @@ </authorgroup> </refentryinfo> <refmeta> - <refentrytitle>systemd-saproxy</refentrytitle> + <refentrytitle>systemd-socket-proxyd</refentrytitle> <manvolnum>1</manvolnum> </refmeta> <refnamediv> - <refname>systemd-saproxy</refname> + <refname>systemd-socket-proxyd</refname> <refpurpose>Inherit a socket. Bidirectionally proxy.</refpurpose> </refnamediv> <refsynopsisdiv> <cmdsynopsis> - <command>systemd-saproxy</command> + <command>systemd-socket-proxyd</command> <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="plain"><replaceable>HOSTNAME-OR-IP</replaceable></arg> <arg choice="plain"><replaceable>PORT-OR-SERVICE</replaceable></arg> </cmdsynopsis> <cmdsynopsis> - <command>systemd-saproxy</command> + <command>systemd-socket-proxyd</command> <arg choice="opt" rep="repeat">OPTIONS</arg> <arg choice="plain"><replaceable>UNIX-DOMAIN-SOCKET-PATH</replaceable> </arg> @@ -59,7 +59,7 @@ <refsect1> <title>Description</title> <para> - <command>systemd-saproxy</command> provides a proxy + <command>systemd-socket-proxyd</command> provides a proxy to socket-activate services that do not yet support native socket activation. On behalf of the daemon, the proxy inherits the socket from systemd, accepts @@ -68,7 +68,7 @@ data between the two.</para> <para>This utility's behavior is similar to <citerefentry><refentrytitle>socat</refentrytitle><manvolnum>1</manvolnum> </citerefentry>. - The main differences for <command>systemd-saproxy</command> + The main differences for <command>systemd-socket-proxyd</command> are support for socket activation with <literal>Accept=false</literal> and an event-driven design that scales better with the number of @@ -102,7 +102,7 @@ invoked indirectly, for example with a shell script rather than with - <option>ExecStart=/usr/bin/systemd-saproxy</option> + <option>ExecStart=/usr/bin/systemd-socket-proxyd</option> </para> </listitem> </varlistentry> @@ -137,7 +137,7 @@ After=nginx.service Requires=nginx.service [Service] -ExecStart=/usr/bin/systemd-saproxy /tmp/nginx.sock +ExecStart=/usr/bin/systemd-socket-proxyd /tmp/nginx.sock PrivateTmp=true PrivateNetwork=true]]> </programlisting> @@ -190,14 +190,14 @@ After=syslog.target remote-fs.target nss-lookup.target [Service] ExecStartPre=/usr/sbin/nginx -t -ExecStart=/usr/bin/saproxy-nginx.sh +ExecStart=/usr/bin/socket-proxyd-nginx.sh PrivateTmp=true PrivateNetwork=true]]> </programlisting> </example> <example label="shell script"> <title> - /usr/bin/saproxy-nginx.sh</title> + /usr/bin/socket-proxyd-nginx.sh</title> <programlisting> <![CDATA[#!/bin/sh /usr/sbin/nginx @@ -205,7 +205,7 @@ while [ ! -f /tmp/nginx.pid ] do /usr/bin/inotifywait /tmp/nginx.pid done -/usr/bin/systemd-saproxy --ignore-env localhost 8080]]> +/usr/bin/systemd-socket-proxyd --ignore-env localhost 8080]]> </programlisting> </example> <example label="nginx configuration"> diff --git a/src/saproxy/Makefile b/src/socket-proxy/Makefile index d0b0e8e008..d0b0e8e008 120000 --- a/src/saproxy/Makefile +++ b/src/socket-proxy/Makefile diff --git a/src/saproxy/saproxy.c b/src/socket-proxy/socket-proxyd.c index 6504d09251..59216038db 100644 --- a/src/saproxy/saproxy.c +++ b/src/socket-proxy/socket-proxyd.c @@ -31,11 +31,12 @@ #include <sys/un.h> #include <unistd.h> -#include "log.h" #include "sd-daemon.h" #include "sd-event.h" +#include "log.h" #include "socket-util.h" #include "util.h" +#include "event-util.h" #define BUFFER_SIZE 16384 #define _cleanup_freeaddrinfo_ _cleanup_(freeaddrinfop) @@ -65,7 +66,7 @@ struct connection { static void free_connection(struct connection *c) { log_debug("Freeing fd=%d (conn %p).", c->fd, c); sd_event_source_unref(c->w); - close(c->fd); + close_nointr_nofail(c->fd); free(c); } @@ -354,13 +355,13 @@ static int accept_cb(sd_event_source *s, int fd, uint32_t revents, void *userdat assert(revents & EPOLLIN); - c_server_to_client = malloc0(sizeof(struct connection)); + c_server_to_client = new0(struct connection, 1); if (c_server_to_client == NULL) { log_oom(); goto fail; } - c_client_to_server = malloc0(sizeof(struct connection)); + c_client_to_server = new0(struct connection, 1); if (c_client_to_server == NULL) { log_oom(); goto fail; @@ -372,19 +373,12 @@ static int accept_cb(sd_event_source *s, int fd, uint32_t revents, void *userdat goto fail; } - c_client_to_server->fd = accept(fd, (struct sockaddr *) &sa, &salen); + c_client_to_server->fd = accept4(fd, (struct sockaddr *) &sa, &salen, SOCK_NONBLOCK|SOCK_CLOEXEC); if (c_client_to_server->fd < 0) { log_error("Error accepting client connection."); goto fail; } - /* Unlike on BSD, client sockets do not inherit nonblocking status - * from the listening socket. */ - r = fd_nonblock(c_client_to_server->fd, true); - if (r < 0) { - log_error("Error %d marking client connection as nonblocking: %s", r, strerror(-r)); - goto fail; - } if (sa.sa.sa_family == AF_INET || sa.sa.sa_family == AF_INET6) { char sa_str[INET6_ADDRSTRLEN]; @@ -424,35 +418,37 @@ fail: finish: /* Preserve the main loop even if a single proxy setup fails. */ - return 0; + return 1; } static int run_main_loop(struct proxy *proxy) { + _cleanup_event_source_unref_ sd_event_source *w_accept = NULL; + _cleanup_event_unref_ sd_event *e = NULL; int r = EXIT_SUCCESS; - struct sd_event *e = NULL; - sd_event_source *w_accept = NULL; r = sd_event_new(&e); - if (r < 0) - goto finish; + if (r < 0) { + log_error("Failed to allocate event loop: %s", strerror(-r)); + return r; + } r = fd_nonblock(proxy->listen_fd, true); - if (r < 0) - goto finish; + if (r < 0) { + log_error("Failed to make listen file descriptor non-blocking: %s", strerror(-r)); + return r; + } log_debug("Initializing main listener fd=%d", proxy->listen_fd); - sd_event_add_io(e, proxy->listen_fd, EPOLLIN, accept_cb, proxy, &w_accept); + r = sd_event_add_io(e, proxy->listen_fd, EPOLLIN, accept_cb, proxy, &w_accept); + if (r < 0) { + log_error("Failed to add event IO source: %s", strerror(-r)); + return r; + } log_debug("Initialized main listener. Entering loop."); - sd_event_loop(e); - -finish: - sd_event_source_unref(w_accept); - sd_event_unref(e); - - return r; + return sd_event_loop(e); } static int help(void) { @@ -470,7 +466,7 @@ static int help(void) { } static void version(void) { - puts(PACKAGE_STRING " saproxy"); + puts(PACKAGE_STRING " socket-proxyd"); } static int parse_argv(int argc, char *argv[], struct proxy *p) { @@ -559,21 +555,21 @@ int main(int argc, char *argv[]) { p.listen_fd = SD_LISTEN_FDS_START; if (!p.ignore_env) { - int n; - n = sd_listen_fds(1); - if (n == 0) { - log_error("Found zero inheritable sockets. Are you sure this is running as a socket-activated service?"); - r = EXIT_FAILURE; - goto finish; - } else if (n < 0) { - log_error("Error %d while finding inheritable sockets: %s", n, strerror(-n)); - r = EXIT_FAILURE; - goto finish; - } else if (n > 1) { - log_error("Can't listen on more than one socket."); - r = EXIT_FAILURE; - goto finish; - } + int n; + n = sd_listen_fds(1); + if (n == 0) { + log_error("Found zero inheritable sockets. Are you sure this is running as a socket-activated service?"); + r = EXIT_FAILURE; + goto finish; + } else if (n < 0) { + log_error("Error %d while finding inheritable sockets: %s", n, strerror(-n)); + r = EXIT_FAILURE; + goto finish; + } else if (n > 1) { + log_error("Can't listen on more than one socket."); + r = EXIT_FAILURE; + goto finish; + } } /* @TODO: Check if this proxy can work with datagram sockets. */ @@ -586,12 +582,7 @@ int main(int argc, char *argv[]) { log_info("Starting the socket activation proxy with listener fd=%d.", p.listen_fd); r = run_main_loop(&p); - if (r < 0) { - log_error("Error %d from main loop.", r); - goto finish; - } finish: - log_close(); return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; } |