summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--Makefile-man.am1
-rw-r--r--Makefile.am14
-rw-r--r--TODO2
-rw-r--r--man/systemd-activate.xml171
-rw-r--r--src/activate/activate.c410
-rw-r--r--src/shared/socket-util.c39
-rw-r--r--src/shared/socket-util.h2
7 files changed, 637 insertions, 2 deletions
diff --git a/Makefile-man.am b/Makefile-man.am
index 9a2f2f5504..d02fff05e2 100644
--- a/Makefile-man.am
+++ b/Makefile-man.am
@@ -44,6 +44,7 @@ MANPAGES += \
man/shutdown.8 \
man/sysctl.d.5 \
man/systemctl.1 \
+ man/systemd-activate.8 \
man/systemd-analyze.1 \
man/systemd-ask-password-console.service.8 \
man/systemd-ask-password.1 \
diff --git a/Makefile.am b/Makefile.am
index cc0d4da22f..d00ca113e0 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -2314,6 +2314,18 @@ EXTRA_DIST += \
src/libsystemd-id128/libsystemd-id128.sym
# ------------------------------------------------------------------------------
+
+rootlibexec_PROGRAMS += \
+ systemd-activate
+
+systemd_activate_SOURCES = \
+ src/activate/activate.c
+
+systemd_activate_LDADD = \
+ libsystemd-shared.la \
+ libsystemd-daemon.la
+
+# ------------------------------------------------------------------------------
systemd_journald_SOURCES = \
src/journal/journald.c \
src/journal/journald-server.h
@@ -2559,6 +2571,8 @@ libsystemd-journal-uninstall-hook:
INSTALL_EXEC_HOOKS += libsystemd-journal-install-hook
UNINSTALL_EXEC_HOOKS += libsystemd-journal-uninstall-hook
+# ------------------------------------------------------------------------------
+
# Update catalog on installation. Do not bother if installing
# in DESTDIR, since this is likely for packaging purposes.
catalog-update-hook:
diff --git a/TODO b/TODO
index 5427d1b62f..f99f894115 100644
--- a/TODO
+++ b/TODO
@@ -350,8 +350,6 @@ Features:
* explore multiple service instances per listening socket idea
-* testing tool for socket activation: some binary that listens on a socket and passes it on using the usual socket activation protocol to some server.
-
* shutdown: don't read-only mount anything when running in container
* MountFlags=shared acts as MountFlags=slave right now.
diff --git a/man/systemd-activate.xml b/man/systemd-activate.xml
new file mode 100644
index 0000000000..b2987d95a8
--- /dev/null
+++ b/man/systemd-activate.xml
@@ -0,0 +1,171 @@
+<?xml version='1.0'?> <!--*-nxml-*-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+
+<!--
+This file is part of systemd.
+
+Copyright 2013 Zbigniew Jędrzejewski-Szmek
+
+systemd is free software; you can redistribute it and/or modify it
+under the terms of the GNU Lesser General Public License as published by
+the Free Software Foundation; either version 2.1 of the License, or
+(at your option) any later version.
+
+systemd is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+Lesser General Public License for more details.
+
+You should have received a copy of the GNU Lesser General Public License
+along with systemd; If not, see <http://www.gnu.org/licenses/>.
+-->
+
+<refentry id="systemd-journal-gatewayd.service">
+
+ <refentryinfo>
+ <title>systemd-activate</title>
+ <productname>systemd</productname>
+
+ <authorgroup>
+ <author>
+ <contrib>Developer</contrib>
+ <firstname>Zbigniew</firstname>
+ <surname>Jędrzejewski-Szmek</surname>
+ <email>zbyszek@in.waw.pl</email>
+ </author>
+ </authorgroup>
+ </refentryinfo>
+
+ <refmeta>
+ <refentrytitle>systemd-activate</refentrytitle>
+ <manvolnum>8</manvolnum>
+ </refmeta>
+
+ <refnamediv>
+ <refname>systemd-activate</refname>
+ <refpurpose>Test socket activation of daemons</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <cmdsynopsis>
+ <command>/usr/lib/systemd/systemd-activate</command>
+ <arg choice="opt" rep="repeat">OPTIONS</arg>
+ <arg choice="plain"><replaceable>daemon</replaceable></arg>
+ <arg choice="opt" rep="repeat">OPTIONS</arg>
+ </cmdsynopsis>
+ </refsynopsisdiv>
+
+ <refsect1>
+ <title>Description</title>
+
+ <para><command>systemd-activate</command> can be used to
+ launch a socket activated daemon from the command-line for
+ testing purposes. It can also be used to launch single instances
+ of the daemon per connection (inetd-style).
+ </para>
+
+ <para>The daemon to launch and its options should be specifed
+ after options intended for <command>systemd-activate</command>.
+ </para>
+
+ <para>If the <option>-a</option> option is given, file descriptor
+ of the connection will be used as the standard input and output of
+ the launched process. Otherwise, standard input and output will be
+ inherited, and sockets will be passed through file descriptors 3
+ and higher. Sockets passed through <varname>$LISTEN_FDS</varname>
+ to <command>systemd-activate</command> will be passed through to
+ the dameon, in the original positions. Other sockets specified
+ with <option>--listen</option> will use consecutive descriptors.
+ </para>
+ </refsect1>
+
+ <refsect1>
+ <title>Options</title>
+ <variablelist>
+ <varlistentry>
+ <term><option>--help</option></term>
+ <term><option>-h</option></term>
+
+ <listitem><para>Prints a short help
+ text and exits.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>--version</option></term>
+
+ <listitem><para>Prints a short version
+ string and exits.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>-l</option></term>
+ <term><option>--listen=<replaceable>address</replaceable></option></term>
+
+ <listitem><para>Listen on this <replaceable>address</replaceable>.
+ Takes a string like <literal>2000</literal> or
+ <literal>127.0.0.1:2001</literal>.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>-a</option></term>
+ <term><option>--accept</option></term>
+
+ <listitem><para>Launch a separate instance of daemon per
+ connection and pass the connection socket as standard input
+ and standard output.</para></listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
+ <title>Environment variables</title>
+ <variablelist class='environment-variables'>
+ <varlistentry>
+ <term><varname>$LISTEN_FDS</varname></term>
+ <term><varname>$LISTEN_PID</varname></term>
+
+ <para>See
+ <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>.</para>
+ </varlistentry>
+
+ <varlistentry>
+ <term><varname>$SYSTEMD_LOG_TARGET</varname></term>
+ <term><varname>$SYSTEMD_LOG_LEVEL</varname></term>
+ <term><varname>$SYSTEMD_LOG_COLOR</varname></term>
+ <term><varname>$SYSTEMD_LOG_LOCATION</varname></term>
+
+ <para>Same as in
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
+ </varlistentry>
+ </variablelist>
+ </refsect1>
+
+ <refsect1>
+ <title>Example 1</title>
+
+ <programlisting>$ /usr/lib/systemd/systemd-activate -l 2000 -a cat</programlisting>
+
+ <para>This runs an echo server on port 2000.</para>
+ </refsect1>
+
+ <refsect1>
+ <title>Example 2</title>
+
+ <programlisting>$ /usr/lib/systemd/systemd-activate -l 19531 /usr/lib/systemd/systemd-journal-gatewayd</programlisting>
+
+ <para>This runs a socket activated instance of
+ <citerefentry><refentrytitle>systemd-journal-gatewayd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
+ </refsect1>
+
+ <refsect1>
+ <title>See Also</title>
+ <para>
+ <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>cat</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+ </para>
+ </refsect1>
+</refentry>
diff --git a/src/activate/activate.c b/src/activate/activate.c
new file mode 100644
index 0000000000..7fcb0a97c4
--- /dev/null
+++ b/src/activate/activate.c
@@ -0,0 +1,410 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+ This file is part of systemd.
+
+ Copyright 2013 Zbigniew Jędrzejewski-Szmek
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/epoll.h>
+#include <sys/prctl.h>
+#include <sys/socket.h>
+#include <sys/wait.h>
+#include <getopt.h>
+
+#include <systemd/sd-daemon.h>
+
+#include "socket-util.h"
+#include "build.h"
+#include "log.h"
+#include "strv.h"
+#include "macro.h"
+
+static char** arg_listen = NULL;
+static bool arg_accept = false;
+static char** arg_args = NULL;
+
+static int add_epoll(int epoll_fd, int fd) {
+ int r;
+ struct epoll_event ev = {EPOLLIN};
+ ev.data.fd = fd;
+
+ assert(epoll_fd >= 0);
+ assert(fd >= 0);
+
+ r = epoll_ctl(epoll_fd, EPOLL_CTL_ADD, fd, &ev);
+ if (r < 0)
+ log_error("Failed to add event on epoll fd:%d for fd:%d: %s",
+ epoll_fd, fd, strerror(-r));
+ return r;
+}
+
+static int set_nocloexec(int fd) {
+ int flags;
+
+ flags = fcntl(fd, F_GETFD);
+ if (flags < 0) {
+ log_error("Querying flags for fd:%d: %m", fd);
+ return -errno;
+ }
+
+ if (!(flags & FD_CLOEXEC))
+ return 0;
+
+ if (fcntl(fd, F_SETFD, flags & ~FD_CLOEXEC) < 0) {
+ log_error("Settings flags for fd:%d: %m", fd);
+ return -errno;
+ }
+
+ return 0;
+}
+
+static int print_socket(const char* desc, int fd) {
+ int r;
+ SocketAddress addr = {
+ .size = sizeof(union sockaddr_union),
+ .type = SOCK_STREAM,
+ };
+ int family;
+
+ r = getsockname(fd, &addr.sockaddr.sa, &addr.size);
+ if (r < 0) {
+ log_warning("Failed to query socket on fd:%d: %m", fd);
+ return 0;
+ }
+
+ family = socket_address_family(&addr);
+ switch(family) {
+ case AF_INET:
+ case AF_INET6: {
+ char* _cleanup_free_ a = NULL;
+ r = socket_address_print(&addr, &a);
+ if (r < 0)
+ log_warning("socket_address_print(): %s", strerror(-r));
+ else
+ log_info("%s %s address %s",
+ desc,
+ family == AF_INET ? "IP" : "IPv6",
+ a);
+ break;
+ }
+ default:
+ log_warning("Connection with unknown family %d", family);
+ }
+
+ return 0;
+}
+
+static int open_sockets(int *epoll_fd, bool accept) {
+ int n, fd;
+ int count = 0;
+ char **address;
+
+ n = sd_listen_fds(true);
+ if (n < 0) {
+ log_error("Failed to read listening file descriptors from environment: %s",
+ strerror(-n));
+ return n;
+ }
+ log_info("Received %d descriptors", n);
+
+ for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
+ log_debug("Received descriptor fd:%d", fd);
+ print_socket("Listening on", fd);
+
+ if (!arg_accept) {
+ int r = set_nocloexec(fd);
+ if (r < 0)
+ return r;
+ }
+
+ count ++;
+ }
+
+ STRV_FOREACH(address, arg_listen) {
+ log_info("Opening address %s", *address);
+
+ fd = make_socket_fd(*address, SOCK_STREAM | (arg_accept*SOCK_CLOEXEC));
+ if (fd < 0) {
+ log_error("Failed to open '%s': %s", *address, strerror(-fd));
+ return fd;
+ }
+
+ count ++;
+ }
+
+ *epoll_fd = epoll_create1(EPOLL_CLOEXEC);
+ if (*epoll_fd < 0) {
+ log_error("Failed to create epoll object: %m");
+ return -errno;
+ }
+
+ for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + count; fd++) {
+ int r = add_epoll(*epoll_fd, fd);
+ if (r < 0)
+ return r;
+ }
+
+ return count;
+}
+
+static int launch(char* name, char **argv, char **environ, int fds) {
+ unsigned n_env = 0;
+ char* envp[7] = {NULL}; /* PATH, TERM, HOME, USER, LISTEN_FDS, LISTEN_PID */
+ static const char* tocopy[] = {"TERM=", "PATH=", "USER=", "HOME="};
+ char _cleanup_free_ *tmp = NULL;
+ unsigned i;
+
+ for (i = 0; i < ELEMENTSOF(tocopy); i++) {
+ envp[n_env] = strv_find_prefix(environ, tocopy[i]);
+ if (envp[n_env])
+ n_env ++;
+ }
+
+ if ((asprintf((char**)(envp + n_env++), "LISTEN_FDS=%d", fds) < 0) ||
+ (asprintf((char**)(envp + n_env++), "LISTEN_PID=%d", getpid()) < 0))
+ return log_oom();
+
+ tmp = strv_join(argv, " ");
+ if (!tmp)
+ return log_oom();
+
+ log_info("Execing %s (%s)", name, tmp);
+ execvpe(name, argv, envp);
+ log_error("Failed to execp %s (%s): %m", name, tmp);
+ return -errno;
+}
+
+static int launch1(const char* child, char** argv, char **environ, int fd) {
+ pid_t parent_pid, child_pid;
+ int r;
+
+ char _cleanup_free_ *tmp = NULL;
+ tmp = strv_join(argv, " ");
+ if (!tmp)
+ return log_oom();
+
+ parent_pid = getpid();
+
+ child_pid = fork();
+ if (child_pid < 0) {
+ log_error("Failed to fork: %m");
+ return -errno;
+ }
+
+ /* In the child */
+ if (child_pid == 0) {
+ r = dup2(fd, STDIN_FILENO);
+ if (r < 0) {
+ log_error("Failed to dup connection to stdin: %m");
+ _exit(EXIT_FAILURE);
+ }
+
+ r = dup2(fd, STDOUT_FILENO);
+ if (r < 0) {
+ log_error("Failed to dup connection to stdout: %m");
+ _exit(EXIT_FAILURE);
+ }
+
+ r = close(fd);
+ if (r < 0) {
+ log_error("Failed to close dupped connection: %m");
+ _exit(EXIT_FAILURE);
+ }
+
+ /* Make sure the child goes away when the parent dies */
+ if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
+ _exit(EXIT_FAILURE);
+
+ /* Check whether our parent died before we were able
+ * to set the death signal */
+ if (getppid() != parent_pid)
+ _exit(EXIT_SUCCESS);
+
+ execvp(child, argv);
+ log_error("Failed to exec child %s: %m", child);
+ _exit(EXIT_FAILURE);
+ }
+
+ log_info("Spawned %s (%s) as PID %d", child, tmp, child_pid);
+
+ return 0;
+}
+
+static int do_accept(const char* name, char **argv, char **envp, int fd) {
+ SocketAddress addr = {
+ .size = sizeof(union sockaddr_union),
+ .type = SOCK_STREAM,
+ };
+ int fd2, r;
+
+ fd2 = accept(fd, &addr.sockaddr.sa, &addr.size);
+ if (fd2 < 0) {
+ log_error("Failed to accept connection on fd:%d: %m", fd);
+ return fd2;
+ }
+
+ print_socket("Connection from", fd2);
+
+ r = launch1(name, argv, envp, fd2);
+ return r;
+}
+
+/* SIGCHLD handler. */
+static void sigchld_hdl(int sig, siginfo_t *t, void *data)
+{
+ log_info("Child %d died with code %d", t->si_pid, t->si_status);
+ /* Wait for a dead child. */
+ waitpid(t->si_pid, NULL, 0);
+}
+
+static int install_chld_handler(void) {
+ int r;
+ struct sigaction act;
+ zero(act);
+ act.sa_flags = SA_SIGINFO;
+ act.sa_sigaction = sigchld_hdl;
+
+ r = sigaction(SIGCHLD, &act, 0);
+ if (r < 0)
+ log_error("Failed to install SIGCHLD handler: %m");
+ return r;
+}
+
+static int help(void) {
+ printf("%s [OPTIONS...]\n\n"
+ "Listen on sockets and launch child on connection.\n\n"
+ "Options:\n"
+ " -l --listen=ADDR Listen for raw connections at ADDR\n"
+ " -a --accept Spawn separate child for each connection\n"
+ " -h --help Show this help and exit\n"
+ " --version Print version string and exit\n"
+ "\n"
+ "Note: file descriptors from sd_listen_fds() will be passed through.\n"
+ , program_invocation_short_name
+ );
+
+ return 0;
+}
+
+static int parse_argv(int argc, char *argv[]) {
+ enum {
+ ARG_VERSION = 0x100,
+ };
+
+ static const struct option options[] = {
+ { "help", no_argument, NULL, 'h' },
+ { "version", no_argument, NULL, ARG_VERSION },
+ { "listen", required_argument, NULL, 'l' },
+ { "accept", no_argument, NULL, 'a' },
+ { NULL, 0, NULL, 0 }
+ };
+
+ int c;
+
+ assert(argc >= 0);
+ assert(argv);
+
+ while ((c = getopt_long(argc, argv, "+hl:sa", options, NULL)) >= 0)
+ switch(c) {
+ case 'h':
+ help();
+ return 0 /* done */;
+
+ case ARG_VERSION:
+ puts(PACKAGE_STRING);
+ puts(SYSTEMD_FEATURES);
+ return 0 /* done */;
+
+ case 'l': {
+ int r = strv_extend(&arg_listen, optarg);
+ if (r < 0)
+ return r;
+
+ break;
+ }
+
+ case 'a':
+ arg_accept = true;
+ break;
+
+ case '?':
+ return -EINVAL;
+
+ default:
+ log_error("Unknown option code %c", c);
+ return -EINVAL;
+ }
+
+ if (optind == argc) {
+ log_error("Usage: %s [OPTION...] PROGRAM [OPTION...]",
+ program_invocation_short_name);
+ return -EINVAL;
+ }
+
+ arg_args = argv + optind;
+
+ return 1 /* work to do */;
+}
+
+int main(int argc, char **argv, char **envp) {
+ int r, n;
+ int epoll_fd = -1;
+
+ log_set_max_level(LOG_DEBUG);
+ log_show_color(true);
+ log_parse_environment();
+
+ r = parse_argv(argc, argv);
+ if (r <= 0)
+ return r == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
+
+ r = install_chld_handler();
+ if (r < 0)
+ return EXIT_FAILURE;
+
+ n = open_sockets(&epoll_fd, arg_accept);
+ if (n < 0)
+ return EXIT_FAILURE;
+
+ while (true) {
+ struct epoll_event event;
+
+ r = epoll_wait(epoll_fd, &event, 1, -1);
+ if (r < 0) {
+ if (errno == EINTR)
+ continue;
+
+ log_error("epoll_wait() failed: %m");
+ return EXIT_FAILURE;
+ }
+
+ log_info("Communication attempt on fd:%d", event.data.fd);
+ if (arg_accept) {
+ r = do_accept(argv[optind], argv + optind, envp,
+ event.data.fd);
+ if (r < 0)
+ return EXIT_FAILURE;
+ } else
+ break;
+ }
+
+ launch(argv[optind], argv + optind, envp, n);
+
+ return EXIT_SUCCESS;
+}
diff --git a/src/shared/socket-util.c b/src/shared/socket-util.c
index 6c94d69486..f6ddea3183 100644
--- a/src/shared/socket-util.c
+++ b/src/shared/socket-util.c
@@ -565,6 +565,45 @@ bool socket_address_matches_fd(const SocketAddress *a, int fd) {
return false;
}
+int make_socket_fd(const char* address, int flags) {
+ SocketAddress a;
+ int fd, r;
+ char _cleanup_free_ *p = NULL;
+
+ r = socket_address_parse(&a, address);
+ if (r < 0) {
+ log_error("failed to parse socket: %s", strerror(-r));
+ return r;
+ }
+
+ fd = socket(socket_address_family(&a), flags, 0);
+ if (fd < 0) {
+ log_error("socket(): %m");
+ return -errno;
+ }
+
+ r = socket_address_print(&a, &p);
+ if (r < 0) {
+ log_error("socket_address_print(): %s", strerror(-r));
+ return r;
+ }
+ log_info("Listening on %s", p);
+
+ r = bind(fd, &a.sockaddr.sa, a.size);
+ if (r < 0) {
+ log_error("bind to %s: %m", address);
+ return -errno;
+ }
+
+ r = listen(fd, SOMAXCONN);
+ if (r < 0) {
+ log_error("listen on %s: %m", address);
+ return -errno;
+ }
+
+ return fd;
+}
+
static const char* const netlink_family_table[] = {
[NETLINK_ROUTE] = "route",
[NETLINK_FIREWALL] = "firewall",
diff --git a/src/shared/socket-util.h b/src/shared/socket-util.h
index 771765d323..33838345ed 100644
--- a/src/shared/socket-util.h
+++ b/src/shared/socket-util.h
@@ -88,6 +88,8 @@ bool socket_address_is_netlink(const SocketAddress *a, const char *s);
bool socket_address_matches_fd(const SocketAddress *a, int fd);
+int make_socket_fd(const char* address, int flags);
+
bool socket_address_equal(const SocketAddress *a, const SocketAddress *b);
bool socket_address_needs_mount(const SocketAddress *a, const char *prefix);