summaryrefslogtreecommitdiffstats
path: root/utils/start-stop-daemon.c
diff options
context:
space:
mode:
Diffstat (limited to 'utils/start-stop-daemon.c')
-rw-r--r--utils/start-stop-daemon.c2917
1 files changed, 2917 insertions, 0 deletions
diff --git a/utils/start-stop-daemon.c b/utils/start-stop-daemon.c
new file mode 100644
index 0000000..203bbb6
--- /dev/null
+++ b/utils/start-stop-daemon.c
@@ -0,0 +1,2917 @@
+/*
+ * A rewrite of the original Debian's start-stop-daemon Perl script
+ * in C (faster - it is executed many times during system startup).
+ *
+ * Written by Marek Michalkiewicz <marekm@i17linuxb.ists.pwr.wroc.pl>,
+ * public domain. Based conceptually on start-stop-daemon.pl, by Ian
+ * Jackson <ijackson@gnu.ai.mit.edu>. May be used and distributed
+ * freely for any purpose. Changes by Christian Schwarz
+ * <schwarz@monet.m.isar.de>, to make output conform to the Debian
+ * Console Message Standard, also placed in public domain. Minor
+ * changes by Klee Dienes <klee@debian.org>, also placed in the Public
+ * Domain.
+ *
+ * Changes by Ben Collins <bcollins@debian.org>, added --chuid, --background
+ * and --make-pidfile options, placed in public domain as well.
+ *
+ * Port to OpenBSD by Sontri Tomo Huynh <huynh.29@osu.edu>
+ * and Andreas Schuldei <andreas@schuldei.org>
+ *
+ * Changes by Ian Jackson: added --retry (and associated rearrangements).
+ */
+
+#include <config.h>
+/* On at least Solaris <= 11.3 procfs is not compatible with LFS. */
+#if !DPKG_STRUCTURED_PROCFS_SUPPORTS_LFS
+#undef _FILE_OFFSET_BITS
+#endif
+#include <compat.h>
+
+#include <dpkg/macros.h>
+
+#if defined(__linux__)
+# define OS_Linux
+#elif defined(__GNU__)
+# define OS_Hurd
+#elif defined(__FreeBSD__) || defined(__FreeBSD_kernel__)
+# define OS_FreeBSD
+#elif defined(__NetBSD__)
+# define OS_NetBSD
+#elif defined(__OpenBSD__)
+# define OS_OpenBSD
+#elif defined(__DragonFly__)
+# define OS_DragonFlyBSD
+#elif defined(__APPLE__) && defined(__MACH__)
+# define OS_Darwin
+#elif defined(__sun)
+# define OS_Solaris
+#elif defined(_AIX)
+# define OS_AIX
+#elif defined(__hpux)
+# define OS_HPUX
+#else
+# error Unknown architecture - cannot build start-stop-daemon
+#endif
+
+#if defined(OS_NetBSD)
+/* NetBSD needs this to expose struct proc. */
+#define _KMEMUSER 1
+#elif defined(OS_Solaris)
+/* Solaris needs this to expose the new structured procfs API. */
+#define _STRUCTURED_PROC 1
+#endif
+
+#ifdef HAVE_SYS_PARAM_H
+#include <sys/param.h>
+#endif
+#ifdef HAVE_SYS_SYSCALL_H
+#include <sys/syscall.h>
+#endif
+#ifdef HAVE_SYS_SYSCTL_H
+#include <sys/sysctl.h>
+#endif
+#ifdef HAVE_SYS_PROCFS_H
+#include <sys/procfs.h>
+#endif
+#ifdef HAVE_SYS_PROC_H
+#include <sys/proc.h>
+#endif
+#ifdef HAVE_SYS_USER_H
+#include <sys/user.h>
+#endif
+#ifdef HAVE_SYS_PSTAT_H
+#include <sys/pstat.h>
+#endif
+#include <sys/types.h>
+#include <sys/time.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+#include <sys/select.h>
+#include <sys/ioctl.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+
+#include <errno.h>
+#include <limits.h>
+#include <time.h>
+#include <fcntl.h>
+#include <dirent.h>
+#include <ctype.h>
+#include <string.h>
+#include <pwd.h>
+#include <grp.h>
+#include <signal.h>
+#include <termios.h>
+#include <unistd.h>
+#ifdef HAVE_STDDEF_H
+#include <stddef.h>
+#endif
+#include <stdbool.h>
+#include <stdarg.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <getopt.h>
+#ifdef HAVE_ERROR_H
+#include <error.h>
+#endif
+#ifdef HAVE_ERR_H
+#include <err.h>
+#endif
+
+#if defined(OS_Hurd)
+#include <hurd.h>
+#include <ps.h>
+#endif
+
+#if defined(OS_Darwin)
+#include <libproc.h>
+#endif
+
+#ifdef HAVE_KVM_H
+#include <kvm.h>
+#if defined(OS_FreeBSD)
+#define KVM_MEMFILE "/dev/null"
+#else
+#define KVM_MEMFILE NULL
+#endif
+#endif
+
+#if defined(_POSIX_PRIORITY_SCHEDULING) && _POSIX_PRIORITY_SCHEDULING > 0
+#include <sched.h>
+#else
+#define SCHED_OTHER -1
+#define SCHED_FIFO -1
+#define SCHED_RR -1
+#endif
+
+/* At least macOS and AIX do not define this. */
+#ifndef SOCK_NONBLOCK
+#define SOCK_NONBLOCK 0
+#endif
+
+#if defined(OS_Linux)
+/* This comes from TASK_COMM_LEN defined in Linux' include/linux/sched.h. */
+#define PROCESS_NAME_SIZE 15
+#elif defined(OS_Solaris)
+#define PROCESS_NAME_SIZE 15
+#elif defined(OS_Darwin)
+#define PROCESS_NAME_SIZE 16
+#elif defined(OS_AIX)
+/* This comes from PRFNSZ defined in AIX's <sys/procfs.h>. */
+#define PROCESS_NAME_SIZE 16
+#elif defined(OS_NetBSD)
+#define PROCESS_NAME_SIZE 16
+#elif defined(OS_OpenBSD)
+#define PROCESS_NAME_SIZE 16
+#elif defined(OS_FreeBSD)
+#define PROCESS_NAME_SIZE 19
+#elif defined(OS_DragonFlyBSD)
+/* On DragonFlyBSD MAXCOMLEN expands to 16. */
+#define PROCESS_NAME_SIZE MAXCOMLEN
+#endif
+
+#if defined(SYS_ioprio_set) && defined(linux)
+#define HAVE_IOPRIO_SET
+#endif
+
+#define IOPRIO_CLASS_SHIFT 13
+#define IOPRIO_PRIO_VALUE(class, prio) (((class) << IOPRIO_CLASS_SHIFT) | (prio))
+#define IO_SCHED_PRIO_MIN 0
+#define IO_SCHED_PRIO_MAX 7
+
+enum {
+ IOPRIO_WHO_PROCESS = 1,
+ IOPRIO_WHO_PGRP,
+ IOPRIO_WHO_USER,
+};
+
+enum {
+ IOPRIO_CLASS_NONE,
+ IOPRIO_CLASS_RT,
+ IOPRIO_CLASS_BE,
+ IOPRIO_CLASS_IDLE,
+};
+
+enum action_code {
+ ACTION_NONE,
+ ACTION_START,
+ ACTION_STOP,
+ ACTION_STATUS,
+};
+
+enum LIBCOMPAT_ATTR_ENUM_FLAGS match_code {
+ MATCH_NONE = 0,
+ MATCH_PID = 1 << 0,
+ MATCH_PPID = 1 << 1,
+ MATCH_PIDFILE = 1 << 2,
+ MATCH_EXEC = 1 << 3,
+ MATCH_NAME = 1 << 4,
+ MATCH_USER = 1 << 5,
+};
+
+/* Time conversion constants. */
+enum {
+ NANOSEC_IN_SEC = 1000000000L,
+ NANOSEC_IN_MILLISEC = 1000000L,
+ NANOSEC_IN_MICROSEC = 1000L,
+};
+
+/* The minimum polling interval, 20ms. */
+static const long MIN_POLL_INTERVAL = 20L * NANOSEC_IN_MILLISEC;
+
+static enum action_code action;
+static enum match_code match_mode;
+static bool testmode = false;
+static int quietmode = 0;
+static int exitnodo = 1;
+static bool background = false;
+static bool close_io = true;
+static const char *output_io;
+static bool notify_await = false;
+static int notify_timeout = 60;
+static char *notify_sockdir;
+static char *notify_socket;
+static bool mpidfile = false;
+static bool rpidfile = false;
+static int signal_nr = SIGTERM;
+static int user_id = -1;
+static int runas_uid = -1;
+static int runas_gid = -1;
+static const char *userspec = NULL;
+static char *changeuser = NULL;
+static const char *changegroup = NULL;
+static char *changeroot = NULL;
+static const char *changedir = "/";
+static const char *cmdname = NULL;
+static char *execname = NULL;
+static char *startas = NULL;
+static pid_t match_pid = -1;
+static pid_t match_ppid = -1;
+static const char *pidfile = NULL;
+static char *what_stop = NULL;
+static const char *progname = "";
+static int nicelevel = 0;
+static int umask_value = -1;
+
+static struct stat exec_stat;
+#if defined(OS_Hurd)
+static struct proc_stat_list *procset = NULL;
+#endif
+
+/* LSB Init Script process status exit codes. */
+enum status_code {
+ STATUS_OK = 0,
+ STATUS_DEAD_PIDFILE = 1,
+ STATUS_DEAD_LOCKFILE = 2,
+ STATUS_DEAD = 3,
+ STATUS_UNKNOWN = 4,
+};
+
+struct pid_list {
+ struct pid_list *next;
+ pid_t pid;
+};
+
+static struct pid_list *found = NULL;
+static struct pid_list *killed = NULL;
+
+/* Resource scheduling policy. */
+struct res_schedule {
+ const char *policy_name;
+ int policy;
+ int priority;
+};
+
+struct schedule_item {
+ enum {
+ sched_timeout,
+ sched_signal,
+ sched_goto,
+ /* Only seen within parse_schedule and callees. */
+ sched_forever,
+ } type;
+ /* Seconds, signal no., or index into array. */
+ int value;
+};
+
+static struct res_schedule *proc_sched = NULL;
+static struct res_schedule *io_sched = NULL;
+
+static int schedule_length;
+static struct schedule_item *schedule = NULL;
+
+
+static void LIBCOMPAT_ATTR_PRINTF(1)
+debug(const char *format, ...)
+{
+ va_list arglist;
+
+ if (quietmode >= 0)
+ return;
+
+ va_start(arglist, format);
+ vprintf(format, arglist);
+ va_end(arglist);
+}
+
+static void LIBCOMPAT_ATTR_PRINTF(1)
+info(const char *format, ...)
+{
+ va_list arglist;
+
+ if (quietmode > 0)
+ return;
+
+ va_start(arglist, format);
+ vprintf(format, arglist);
+ va_end(arglist);
+}
+
+static void LIBCOMPAT_ATTR_PRINTF(1)
+warning(const char *format, ...)
+{
+ va_list arglist;
+
+ fprintf(stderr, "%s: warning: ", progname);
+ va_start(arglist, format);
+ vfprintf(stderr, format, arglist);
+ va_end(arglist);
+}
+
+static void LIBCOMPAT_ATTR_NORET LIBCOMPAT_ATTR_VPRINTF(2)
+fatalv(int errno_fatal, const char *format, va_list args)
+{
+ va_list args_copy;
+
+ fprintf(stderr, "%s: ", progname);
+ va_copy(args_copy, args);
+ vfprintf(stderr, format, args_copy);
+ va_end(args_copy);
+ if (errno_fatal)
+ fprintf(stderr, " (%s)\n", strerror(errno_fatal));
+ else
+ fprintf(stderr, "\n");
+
+ if (action == ACTION_STATUS)
+ exit(STATUS_UNKNOWN);
+ else
+ exit(2);
+}
+
+static void LIBCOMPAT_ATTR_NORET LIBCOMPAT_ATTR_PRINTF(1)
+fatal(const char *format, ...)
+{
+ va_list args;
+
+ va_start(args, format);
+ fatalv(0, format, args);
+ /* cppcheck-suppress[va_end_missing]:
+ * False positive, fatalv() is non-returning. */
+}
+
+static void LIBCOMPAT_ATTR_NORET LIBCOMPAT_ATTR_PRINTF(1)
+fatale(const char *format, ...)
+{
+ va_list args;
+
+ va_start(args, format);
+ fatalv(errno, format, args);
+ /* cppcheck-suppress[va_end_missing]:
+ * False positive, fatalv() is non-returning. */
+}
+
+#define BUG(...) bug(__FILE__, __LINE__, __func__, __VA_ARGS__)
+
+static void LIBCOMPAT_ATTR_NORET LIBCOMPAT_ATTR_PRINTF(4)
+bug(const char *file, int line, const char *func, const char *format, ...)
+{
+ va_list arglist;
+
+ fprintf(stderr, "%s:%s:%d:%s: internal error: ",
+ progname, file, line, func);
+ va_start(arglist, format);
+ vfprintf(stderr, format, arglist);
+ va_end(arglist);
+
+ if (action == ACTION_STATUS)
+ exit(STATUS_UNKNOWN);
+ else
+ exit(3);
+}
+
+static void *
+xmalloc(int size)
+{
+ void *ptr;
+
+ ptr = malloc(size);
+ if (ptr)
+ return ptr;
+ fatale("malloc(%d) failed", size);
+}
+
+static char *
+xstrndup(const char *str, size_t n)
+{
+ char *new_str;
+
+ new_str = strndup(str, n);
+ if (new_str)
+ return new_str;
+ fatale("strndup(%s, %zu) failed", str, n);
+}
+
+static void
+timespec_gettime(struct timespec *ts)
+{
+#if defined(_POSIX_TIMERS) && _POSIX_TIMERS > 0 && \
+ defined(_POSIX_MONOTONIC_CLOCK) && _POSIX_MONOTONIC_CLOCK > 0
+ if (clock_gettime(CLOCK_MONOTONIC, ts) < 0)
+ fatale("clock_gettime failed");
+#else
+ struct timeval tv;
+
+ if (gettimeofday(&tv, NULL) != 0)
+ fatale("gettimeofday failed");
+
+ ts->tv_sec = tv.tv_sec;
+ ts->tv_nsec = tv.tv_usec * NANOSEC_IN_MICROSEC;
+#endif
+}
+
+#define timespec_cmp(a, b, OP) \
+ (((a)->tv_sec == (b)->tv_sec) ? \
+ ((a)->tv_nsec OP (b)->tv_nsec) : \
+ ((a)->tv_sec OP (b)->tv_sec))
+
+static void
+timespec_sub(struct timespec *a, struct timespec *b, struct timespec *res)
+{
+ res->tv_sec = a->tv_sec - b->tv_sec;
+ res->tv_nsec = a->tv_nsec - b->tv_nsec;
+ if (res->tv_nsec < 0) {
+ res->tv_sec--;
+ res->tv_nsec += NANOSEC_IN_SEC;
+ }
+}
+
+static void
+timespec_mul(struct timespec *a, int b)
+{
+ long nsec = a->tv_nsec * b;
+
+ a->tv_sec *= b;
+ a->tv_sec += nsec / NANOSEC_IN_SEC;
+ a->tv_nsec = nsec % NANOSEC_IN_SEC;
+}
+
+static char *
+newpath(const char *dirname, const char *filename)
+{
+ char *path;
+ size_t path_len;
+
+ path_len = strlen(dirname) + 1 + strlen(filename) + 1;
+ path = xmalloc(path_len);
+ snprintf(path, path_len, "%s/%s", dirname, filename);
+
+ return path;
+}
+
+static int
+parse_unsigned(const char *string, int base, int *value_r)
+{
+ long value;
+ char *endptr;
+
+ errno = 0;
+ if (!string[0])
+ return -1;
+
+ value = strtol(string, &endptr, base);
+ if (string == endptr || *endptr != '\0' || errno != 0)
+ return -1;
+ if (value < 0 || value > INT_MAX)
+ return -1;
+
+ *value_r = value;
+ return 0;
+}
+
+static long
+get_open_fd_max(void)
+{
+#ifdef HAVE_GETDTABLESIZE
+ return getdtablesize();
+#else
+ return sysconf(_SC_OPEN_MAX);
+#endif
+}
+
+#ifndef HAVE_SETSID
+static void
+detach_controlling_tty(void)
+{
+#ifdef HAVE_TIOCNOTTY
+ int tty_fd;
+
+ tty_fd = open("/dev/tty", O_RDWR);
+
+ /* The current process does not have a controlling tty. */
+ if (tty_fd < 0)
+ return;
+
+ if (ioctl(tty_fd, TIOCNOTTY, 0) != 0)
+ fatale("unable to detach controlling tty");
+
+ close(tty_fd);
+#endif
+}
+
+static pid_t
+setsid(void)
+{
+ if (setpgid(0, 0) < 0)
+ return -1:
+
+ detach_controlling_tty();
+
+ return 0;
+}
+#endif
+
+static void
+wait_for_child(pid_t pid)
+{
+ pid_t child;
+ int status;
+
+ do {
+ child = waitpid(pid, &status, 0);
+ } while (child == -1 && errno == EINTR);
+
+ if (child != pid)
+ fatal("error waiting for child");
+
+ if (WIFEXITED(status)) {
+ int ret = WEXITSTATUS(status);
+
+ if (ret != 0)
+ fatal("child returned error exit status %d", ret);
+ } else if (WIFSIGNALED(status)) {
+ int signo = WTERMSIG(status);
+
+ fatal("child was killed by signal %d", signo);
+ } else {
+ fatal("unexpected status %d waiting for child", status);
+ }
+}
+
+static void
+cleanup_socket_dir(void)
+{
+ (void)unlink(notify_socket);
+ (void)rmdir(notify_sockdir);
+}
+
+static char *
+setup_socket_name(const char *suffix)
+{
+ const char *basedir;
+
+ if (getuid() == 0 && access(RUNSTATEDIR, F_OK) == 0) {
+ basedir = RUNSTATEDIR;
+ } else {
+ basedir = getenv("TMPDIR");
+ if (basedir == NULL)
+ basedir = P_tmpdir;
+ }
+
+ if (asprintf(&notify_sockdir, "%s/%s.XXXXXX", basedir, suffix) < 0)
+ fatale("cannot allocate socket directory name");
+
+ if (mkdtemp(notify_sockdir) == NULL)
+ fatale("cannot create socket directory %s", notify_sockdir);
+
+ atexit(cleanup_socket_dir);
+
+ if (chown(notify_sockdir, runas_uid, runas_gid))
+ fatale("cannot change socket directory ownership");
+
+ if (asprintf(&notify_socket, "%s/notify", notify_sockdir) < 0)
+ fatale("cannot allocate socket name");
+
+ setenv("NOTIFY_SOCKET", notify_socket, 1);
+
+ return notify_socket;
+}
+
+static void
+set_socket_passcred(int fd)
+{
+#ifdef SO_PASSCRED
+ static const int enable = 1;
+
+ (void)setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &enable, sizeof(enable));
+#endif
+}
+
+static int
+create_notify_socket(void)
+{
+ const char *sockname;
+ struct sockaddr_un su;
+ int fd, rc, flags;
+
+ /* Create notification socket. */
+ fd = socket(AF_UNIX, SOCK_DGRAM | SOCK_NONBLOCK, 0);
+ if (fd < 0)
+ fatale("cannot create notification socket");
+
+ /* We could set SOCK_CLOEXEC instead, but then we would need to
+ * check whether the socket call failed, try and then do this anyway,
+ * when we have no threading problems to worry about. */
+ flags = fcntl(fd, F_GETFD);
+ if (flags < 0)
+ fatale("cannot read fd flags for notification socket");
+ if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) < 0)
+ fatale("cannot set close-on-exec flag for notification socket");
+
+ sockname = setup_socket_name(".s-s-d-notify");
+
+ /* Bind to a socket in a temporary directory, selected based on
+ * the platform. */
+ memset(&su, 0, sizeof(su));
+ su.sun_family = AF_UNIX;
+ strncpy(su.sun_path, sockname, sizeof(su.sun_path) - 1);
+
+ rc = bind(fd, (struct sockaddr *)&su, sizeof(su));
+ if (rc < 0)
+ fatale("cannot bind to notification socket");
+
+ rc = chmod(su.sun_path, 0660);
+ if (rc < 0)
+ fatale("cannot change notification socket permissions");
+
+ rc = chown(su.sun_path, runas_uid, runas_gid);
+ if (rc < 0)
+ fatale("cannot change notification socket ownership");
+
+ /* XXX: Verify we are talking to an expected child? Although it is not
+ * clear whether this is feasible given the knowledge we have got. */
+ set_socket_passcred(fd);
+
+ return fd;
+}
+
+static void
+wait_for_notify(int fd)
+{
+ struct timespec startat, now, elapsed, timeout, timeout_orig;
+ fd_set fdrs;
+
+ timeout.tv_sec = notify_timeout;
+ timeout.tv_nsec = 0;
+ timeout_orig = timeout;
+
+ timespec_gettime(&startat);
+
+ while (timeout.tv_sec >= 0 && timeout.tv_nsec >= 0) {
+ int rc;
+
+ FD_ZERO(&fdrs);
+ FD_SET(fd, &fdrs);
+
+ /* Wait for input. */
+ debug("Waiting for notifications... (timeout %lusec %lunsec)\n",
+ timeout.tv_sec, timeout.tv_nsec);
+ rc = pselect(fd + 1, &fdrs, NULL, NULL, &timeout, NULL);
+
+ /* Catch non-restartable errors, that is, not signals nor
+ * kernel out of resources. */
+ if (rc < 0 && (errno != EINTR && errno != EAGAIN))
+ fatale("cannot monitor notification socket for activity");
+
+ /* Timed-out. */
+ if (rc == 0)
+ fatal("timed out waiting for a notification");
+
+ /* Update the timeout, as should not rely on pselect() having
+ * done that for us, which is an unportable assumption. */
+ timespec_gettime(&now);
+ timespec_sub(&now, &startat, &elapsed);
+ timespec_sub(&timeout_orig, &elapsed, &timeout);
+
+ /* Restartable error, a signal or kernel out of resources. */
+ if (rc < 0)
+ continue;
+
+ /* Parse it and check for a supported notification message,
+ * once we get a READY=1, we exit. */
+ for (;;) {
+ ssize_t nrecv;
+ char buf[4096];
+ char *line, *line_next;
+
+ nrecv = recv(fd, buf, sizeof(buf), 0);
+ if (nrecv < 0 && (errno != EINTR && errno != EAGAIN))
+ fatale("cannot receive notification packet");
+ if (nrecv < 0)
+ break;
+
+ buf[nrecv] = '\0';
+
+ for (line = buf; *line; line = line_next) {
+ line_next = strchrnul(line, '\n');
+ if (*line_next == '\n')
+ *line_next++ = '\0';
+
+ debug("Child sent some notification...\n");
+ if (strncmp(line, "EXTEND_TIMEOUT_USEC=", 20) == 0) {
+ int extend_usec = 0;
+
+ if (parse_unsigned(line + 20, 10, &extend_usec) != 0)
+ fatale("cannot parse extended timeout notification %s", line);
+
+ /* Reset the current timeout. */
+ timeout.tv_sec = extend_usec / 1000L;
+ timeout.tv_nsec = (extend_usec % 1000L) *
+ NANOSEC_IN_MILLISEC;
+ timeout_orig = timeout;
+
+ timespec_gettime(&startat);
+ } else if (strncmp(line, "ERRNO=", 6) == 0) {
+ int suberrno = 0;
+
+ if (parse_unsigned(line + 6, 10, &suberrno) != 0)
+ fatale("cannot parse errno notification %s", line);
+ errno = suberrno;
+ fatale("program failed to initialize");
+ } else if (strcmp(line, "READY=1") == 0) {
+ debug("-> Notification => ready for service.\n");
+ return;
+ } else {
+ debug("-> Notification line '%s' received\n", line);
+ }
+ }
+ }
+ }
+}
+
+static void
+write_pidfile(const char *filename, pid_t pid)
+{
+ FILE *fp;
+ int fd;
+
+ fd = open(filename, O_CREAT | O_WRONLY | O_TRUNC | O_NOFOLLOW, 0666);
+ if (fd < 0)
+ fp = NULL;
+ else
+ fp = fdopen(fd, "w");
+
+ if (fp == NULL)
+ fatale("unable to open pidfile '%s' for writing", filename);
+
+ fprintf(fp, "%d\n", pid);
+
+ if (fclose(fp))
+ fatale("unable to close pidfile '%s'", filename);
+}
+
+static void
+remove_pidfile(const char *filename)
+{
+ if (unlink(filename) < 0 && errno != ENOENT)
+ fatale("cannot remove pidfile '%s'", filename);
+}
+
+static void
+daemonize(void)
+{
+ int notify_fd = -1;
+ pid_t pid;
+ sigset_t mask;
+ sigset_t oldmask;
+
+ debug("Detaching to start %s...\n", startas);
+
+ /* Block SIGCHLD to allow waiting for the child process while it is
+ * performing actions, such as creating a pidfile. */
+ sigemptyset(&mask);
+ sigaddset(&mask, SIGCHLD);
+ if (sigprocmask(SIG_BLOCK, &mask, &oldmask) == -1)
+ fatale("cannot block SIGCHLD");
+
+ if (notify_await)
+ notify_fd = create_notify_socket();
+
+ pid = fork();
+ if (pid < 0)
+ fatale("unable to do first fork");
+ else if (pid) { /* First Parent. */
+ /* Wait for the second parent to exit, so that if we need to
+ * perform any actions there, like creating a pidfile, we do
+ * not suffer from race conditions on return. */
+ wait_for_child(pid);
+
+ if (notify_await) {
+ /* Wait for a readiness notification from the second
+ * child, so that we can safely exit when the service
+ * is up. */
+ wait_for_notify(notify_fd);
+ close(notify_fd);
+ cleanup_socket_dir();
+ }
+
+ _exit(0);
+ }
+
+ /* Close the notification socket, even though it is close-on-exec. */
+ if (notify_await)
+ close(notify_fd);
+
+ /* Create a new session. */
+ if (setsid() < 0)
+ fatale("cannot set session ID");
+
+ pid = fork();
+ if (pid < 0)
+ fatale("unable to do second fork");
+ else if (pid) { /* Second parent. */
+ /* Set a default umask for dumb programs, which might get
+ * overridden by the --umask option later on, so that we get
+ * a defined umask when creating the pidfile. */
+ umask(022);
+
+ if (mpidfile && pidfile != NULL)
+ /* User wants _us_ to make the pidfile. */
+ write_pidfile(pidfile, pid);
+
+ _exit(0);
+ }
+
+ if (sigprocmask(SIG_SETMASK, &oldmask, NULL) == -1)
+ fatale("cannot restore signal mask");
+
+ debug("Detaching complete...\n");
+}
+
+static void
+pid_list_push(struct pid_list **list, pid_t pid)
+{
+ struct pid_list *p;
+
+ p = xmalloc(sizeof(*p));
+ p->next = *list;
+ p->pid = pid;
+ *list = p;
+}
+
+static void
+pid_list_free(struct pid_list **list)
+{
+ struct pid_list *here, *next;
+
+ for (here = *list; here != NULL; here = next) {
+ next = here->next;
+ free(here);
+ }
+
+ *list = NULL;
+}
+
+static void
+usage(void)
+{
+ printf(
+"Usage: start-stop-daemon [<option>...] <command>\n"
+"\n");
+
+ printf(
+"Commands:\n"
+" -S, --start -- <argument>... start a program and pass <arguments> to it\n"
+" -K, --stop stop a program\n"
+" -T, --status get the program status\n"
+" -H, --help print help information\n"
+" -V, --version print version\n"
+"\n");
+
+ printf(
+"Matching options (at least one is required):\n"
+" --pid <pid> pid to check\n"
+" --ppid <ppid> parent pid to check\n"
+" -p, --pidfile <pid-file> pid file to check\n"
+" -x, --exec <executable> program to start/check if it is running\n"
+" -n, --name <process-name> process name to check\n"
+" -u, --user <username|uid> process owner to check\n"
+"\n");
+
+ printf(
+"Options:\n"
+" -g, --group <group|gid> run process as this group\n"
+" -c, --chuid <name|uid[:group|gid]>\n"
+" change to this user/group before starting\n"
+" process\n"
+" -s, --signal <signal> signal to send (default TERM)\n"
+" -a, --startas <pathname> program to start (default is <executable>)\n"
+" -r, --chroot <directory> chroot to <directory> before starting\n"
+" -d, --chdir <directory> change to <directory> (default is /)\n"
+" -N, --nicelevel <incr> add incr to the process' nice level\n"
+" -P, --procsched <policy[:prio]>\n"
+" use <policy> with <prio> for the kernel\n"
+" process scheduler (default prio is 0)\n"
+" -I, --iosched <class[:prio]> use <class> with <prio> to set the IO\n"
+" scheduler (default prio is 4)\n"
+" -k, --umask <mask> change the umask to <mask> before starting\n"
+" -b, --background force the process to detach\n"
+" --notify-await wait for a readiness notification\n"
+" --notify-timeout <int> timeout after <int> seconds of notify wait\n"
+" -C, --no-close do not close any file descriptor\n"
+" -O, --output <filename> send stdout and stderr to <filename>\n"
+" -m, --make-pidfile create the pidfile before starting\n"
+" --remove-pidfile delete the pidfile after stopping\n"
+" -R, --retry <schedule> check whether processes die, and retry\n"
+" -t, --test test mode, don't do anything\n"
+" -o, --oknodo exit status 0 (not 1) if nothing done\n"
+" -q, --quiet be more quiet\n"
+" -v, --verbose be more verbose\n"
+"\n");
+
+ printf(
+"Retry <schedule> is <item>|/<item>/... where <item> is one of\n"
+" -<signal-num>|[-]<signal-name> send that signal\n"
+" <timeout> wait that many seconds\n"
+" forever repeat remainder forever\n"
+"or <schedule> may be just <timeout>, meaning <signal>/<timeout>/KILL/<timeout>\n"
+"\n");
+
+ printf(
+"The process scheduler <policy> can be one of:\n"
+" other, fifo or rr\n"
+"\n");
+
+ printf(
+"The IO scheduler <class> can be one of:\n"
+" real-time, best-effort or idle\n"
+"\n");
+
+ printf(
+"Exit status:\n"
+" 0 = done\n"
+" 1 = nothing done (=> 0 if --oknodo)\n"
+" 2 = with --retry, processes would not die\n"
+" 3 = trouble\n"
+"Exit status with --status:\n"
+" 0 = program is running\n"
+" 1 = program is not running and the pid file exists\n"
+" 3 = program is not running\n"
+" 4 = unable to determine status\n");
+}
+
+static void
+do_version(void)
+{
+ printf("start-stop-daemon %s for Debian\n\n", VERSION);
+
+ printf("Written by Marek Michalkiewicz, public domain.\n");
+}
+
+static void LIBCOMPAT_ATTR_NORET
+badusage(const char *msg)
+{
+ if (msg)
+ fprintf(stderr, "%s: %s\n", progname, msg);
+ fprintf(stderr, "Try '%s --help' for more information.\n", progname);
+
+ if (action == ACTION_STATUS)
+ exit(STATUS_UNKNOWN);
+ else
+ exit(3);
+}
+
+struct sigpair {
+ const char *name;
+ int signal;
+};
+
+static const struct sigpair siglist[] = {
+ { "ABRT", SIGABRT },
+ { "ALRM", SIGALRM },
+ { "FPE", SIGFPE },
+ { "HUP", SIGHUP },
+ { "ILL", SIGILL },
+ { "INT", SIGINT },
+ { "KILL", SIGKILL },
+ { "PIPE", SIGPIPE },
+ { "QUIT", SIGQUIT },
+ { "SEGV", SIGSEGV },
+ { "TERM", SIGTERM },
+ { "USR1", SIGUSR1 },
+ { "USR2", SIGUSR2 },
+ { "CHLD", SIGCHLD },
+ { "CONT", SIGCONT },
+ { "STOP", SIGSTOP },
+ { "TSTP", SIGTSTP },
+ { "TTIN", SIGTTIN },
+ { "TTOU", SIGTTOU }
+};
+
+static int
+parse_pid(const char *pid_str, int *pid_num)
+{
+ if (parse_unsigned(pid_str, 10, pid_num) != 0)
+ return -1;
+ if (*pid_num == 0)
+ return -1;
+
+ return 0;
+}
+
+static int
+parse_signal(const char *sig_str, int *sig_num)
+{
+ unsigned int i;
+
+ if (parse_unsigned(sig_str, 10, sig_num) == 0)
+ return 0;
+
+ for (i = 0; i < array_count(siglist); i++) {
+ if (strcmp(sig_str, siglist[i].name) == 0) {
+ *sig_num = siglist[i].signal;
+ return 0;
+ }
+ }
+ return -1;
+}
+
+static int
+parse_umask(const char *string, int *value_r)
+{
+ return parse_unsigned(string, 0, value_r);
+}
+
+static void
+validate_proc_schedule(void)
+{
+#if defined(_POSIX_PRIORITY_SCHEDULING) && _POSIX_PRIORITY_SCHEDULING > 0
+ int prio_min, prio_max;
+
+ prio_min = sched_get_priority_min(proc_sched->policy);
+ prio_max = sched_get_priority_max(proc_sched->policy);
+
+ if (proc_sched->priority < prio_min)
+ badusage("process scheduler priority less than min");
+ if (proc_sched->priority > prio_max)
+ badusage("process scheduler priority greater than max");
+#endif
+}
+
+static void
+parse_proc_schedule(const char *string)
+{
+ char *policy_str;
+ size_t policy_len;
+ int prio = 0;
+
+ policy_len = strcspn(string, ":");
+ policy_str = xstrndup(string, policy_len);
+
+ if (string[policy_len] == ':' &&
+ parse_unsigned(string + policy_len + 1, 10, &prio) != 0)
+ fatale("invalid process scheduler priority");
+
+ proc_sched = xmalloc(sizeof(*proc_sched));
+ proc_sched->policy_name = policy_str;
+
+ if (strcmp(policy_str, "other") == 0) {
+ proc_sched->policy = SCHED_OTHER;
+ proc_sched->priority = 0;
+ } else if (strcmp(policy_str, "fifo") == 0) {
+ proc_sched->policy = SCHED_FIFO;
+ proc_sched->priority = prio;
+ } else if (strcmp(policy_str, "rr") == 0) {
+ proc_sched->policy = SCHED_RR;
+ proc_sched->priority = prio;
+ } else
+ badusage("invalid process scheduler policy");
+
+ validate_proc_schedule();
+}
+
+static void
+parse_io_schedule(const char *string)
+{
+ char *class_str;
+ size_t class_len;
+ int prio = 4;
+
+ class_len = strcspn(string, ":");
+ class_str = xstrndup(string, class_len);
+
+ if (string[class_len] == ':' &&
+ parse_unsigned(string + class_len + 1, 10, &prio) != 0)
+ fatale("invalid IO scheduler priority");
+
+ io_sched = xmalloc(sizeof(*io_sched));
+ io_sched->policy_name = class_str;
+
+ if (strcmp(class_str, "real-time") == 0) {
+ io_sched->policy = IOPRIO_CLASS_RT;
+ io_sched->priority = prio;
+ } else if (strcmp(class_str, "best-effort") == 0) {
+ io_sched->policy = IOPRIO_CLASS_BE;
+ io_sched->priority = prio;
+ } else if (strcmp(class_str, "idle") == 0) {
+ io_sched->policy = IOPRIO_CLASS_IDLE;
+ io_sched->priority = 7;
+ } else
+ badusage("invalid IO scheduler policy");
+
+ if (io_sched->priority < IO_SCHED_PRIO_MIN)
+ badusage("IO scheduler priority less than min");
+ if (io_sched->priority > IO_SCHED_PRIO_MAX)
+ badusage("IO scheduler priority greater than max");
+}
+
+static void
+set_proc_schedule(struct res_schedule *sched)
+{
+#if defined(_POSIX_PRIORITY_SCHEDULING) && _POSIX_PRIORITY_SCHEDULING > 0
+ struct sched_param param;
+
+ param.sched_priority = sched->priority;
+
+ if (sched_setscheduler(getpid(), sched->policy, &param) == -1)
+ fatale("unable to set process scheduler");
+#endif
+}
+
+#ifdef HAVE_IOPRIO_SET
+static inline int
+ioprio_set(int which, int who, int ioprio)
+{
+ return syscall(SYS_ioprio_set, which, who, ioprio);
+}
+#endif
+
+static void
+set_io_schedule(struct res_schedule *sched)
+{
+#ifdef HAVE_IOPRIO_SET
+ int io_sched_mask;
+
+ io_sched_mask = IOPRIO_PRIO_VALUE(sched->policy, sched->priority);
+ if (ioprio_set(IOPRIO_WHO_PROCESS, getpid(), io_sched_mask) == -1)
+ warning("unable to alter IO priority to mask %i (%s)\n",
+ io_sched_mask, strerror(errno));
+#endif
+}
+
+static void
+parse_schedule_item(const char *string, struct schedule_item *item)
+{
+ const char *after_hyph;
+
+ if (strcmp(string, "forever") == 0) {
+ item->type = sched_forever;
+ } else if (isdigit(string[0])) {
+ item->type = sched_timeout;
+ if (parse_unsigned(string, 10, &item->value) != 0)
+ badusage("invalid timeout value in schedule");
+ } else if ((after_hyph = string + (string[0] == '-')) &&
+ parse_signal(after_hyph, &item->value) == 0) {
+ item->type = sched_signal;
+ } else {
+ badusage("invalid schedule item (must be [-]<signal-name>, "
+ "-<signal-number>, <timeout> or 'forever'");
+ }
+}
+
+static void
+parse_schedule(const char *schedule_str)
+{
+ const char *slash;
+ int count;
+
+ count = 0;
+ for (slash = schedule_str; *slash; slash++)
+ if (*slash == '/')
+ count++;
+
+ schedule_length = (count == 0) ? 4 : count + 1;
+ schedule = xmalloc(sizeof(*schedule) * schedule_length);
+
+ if (count == 0) {
+ schedule[0].type = sched_signal;
+ schedule[0].value = signal_nr;
+ parse_schedule_item(schedule_str, &schedule[1]);
+ if (schedule[1].type != sched_timeout) {
+ badusage("--retry takes timeout, or schedule list"
+ " of at least two items");
+ }
+ schedule[2].type = sched_signal;
+ schedule[2].value = SIGKILL;
+ schedule[3] = schedule[1];
+ } else {
+ int repeatat;
+
+ count = 0;
+ repeatat = -1;
+ while (*schedule_str) {
+ char item_buf[20];
+ size_t str_len;
+
+ slash = strchrnul(schedule_str, '/');
+ str_len = (size_t)(slash - schedule_str);
+ if (str_len >= sizeof(item_buf))
+ badusage("invalid schedule item: far too long"
+ " (you must delimit items with slashes)");
+ memcpy(item_buf, schedule_str, str_len);
+ item_buf[str_len] = '\0';
+ schedule_str = *slash ? slash + 1 : slash;
+
+ parse_schedule_item(item_buf, &schedule[count]);
+ if (schedule[count].type == sched_forever) {
+ if (repeatat >= 0)
+ badusage("invalid schedule: 'forever'"
+ " appears more than once");
+ repeatat = count;
+ continue;
+ }
+ count++;
+ }
+ if (repeatat == count)
+ badusage("invalid schedule: 'forever' appears last, "
+ "nothing to repeat");
+ if (repeatat >= 0) {
+ schedule[count].type = sched_goto;
+ schedule[count].value = repeatat;
+ count++;
+ }
+ if (count != schedule_length)
+ BUG("count=%d != schedule_length=%d",
+ count, schedule_length);
+ }
+}
+
+static void
+set_action(enum action_code new_action)
+{
+ if (action == new_action)
+ return;
+
+ if (action != ACTION_NONE)
+ badusage("only one command can be specified");
+
+ action = new_action;
+}
+
+#define OPT_PID 500
+#define OPT_PPID 501
+#define OPT_RM_PIDFILE 502
+#define OPT_NOTIFY_AWAIT 503
+#define OPT_NOTIFY_TIMEOUT 504
+
+static void
+parse_options(int argc, char * const *argv)
+{
+ static struct option longopts[] = {
+ { "help", 0, NULL, 'H'},
+ { "stop", 0, NULL, 'K'},
+ { "start", 0, NULL, 'S'},
+ { "status", 0, NULL, 'T'},
+ { "version", 0, NULL, 'V'},
+ { "startas", 1, NULL, 'a'},
+ { "name", 1, NULL, 'n'},
+ { "oknodo", 0, NULL, 'o'},
+ { "pid", 1, NULL, OPT_PID},
+ { "ppid", 1, NULL, OPT_PPID},
+ { "pidfile", 1, NULL, 'p'},
+ { "quiet", 0, NULL, 'q'},
+ { "signal", 1, NULL, 's'},
+ { "test", 0, NULL, 't'},
+ { "user", 1, NULL, 'u'},
+ { "group", 1, NULL, 'g'},
+ { "chroot", 1, NULL, 'r'},
+ { "verbose", 0, NULL, 'v'},
+ { "exec", 1, NULL, 'x'},
+ { "chuid", 1, NULL, 'c'},
+ { "nicelevel", 1, NULL, 'N'},
+ { "procsched", 1, NULL, 'P'},
+ { "iosched", 1, NULL, 'I'},
+ { "umask", 1, NULL, 'k'},
+ { "background", 0, NULL, 'b'},
+ { "notify-await", 0, NULL, OPT_NOTIFY_AWAIT},
+ { "notify-timeout", 1, NULL, OPT_NOTIFY_TIMEOUT},
+ { "no-close", 0, NULL, 'C'},
+ { "output", 1, NULL, 'O'},
+ { "make-pidfile", 0, NULL, 'm'},
+ { "remove-pidfile", 0, NULL, OPT_RM_PIDFILE},
+ { "retry", 1, NULL, 'R'},
+ { "chdir", 1, NULL, 'd'},
+ { NULL, 0, NULL, 0 }
+ };
+ const char *pid_str = NULL;
+ const char *ppid_str = NULL;
+ const char *umask_str = NULL;
+ const char *signal_str = NULL;
+ const char *schedule_str = NULL;
+ const char *proc_schedule_str = NULL;
+ const char *io_schedule_str = NULL;
+ const char *notify_timeout_str = NULL;
+ size_t changeuser_len;
+ int c;
+
+ for (;;) {
+ c = getopt_long(argc, argv,
+ "HKSVTa:n:op:qr:s:tu:vx:c:N:P:I:k:bCO:mR:g:d:",
+ longopts, NULL);
+ if (c == -1)
+ break;
+ switch (c) {
+ case 'H': /* --help */
+ usage();
+ exit(0);
+ case 'K': /* --stop */
+ set_action(ACTION_STOP);
+ break;
+ case 'S': /* --start */
+ set_action(ACTION_START);
+ break;
+ case 'T': /* --status */
+ set_action(ACTION_STATUS);
+ break;
+ case 'V': /* --version */
+ do_version();
+ exit(0);
+ case 'a': /* --startas <pathname> */
+ startas = optarg;
+ break;
+ case 'n': /* --name <process-name> */
+ match_mode |= MATCH_NAME;
+ cmdname = optarg;
+ break;
+ case 'o': /* --oknodo */
+ exitnodo = 0;
+ break;
+ case OPT_PID: /* --pid <pid> */
+ match_mode |= MATCH_PID;
+ pid_str = optarg;
+ break;
+ case OPT_PPID: /* --ppid <ppid> */
+ match_mode |= MATCH_PPID;
+ ppid_str = optarg;
+ break;
+ case 'p': /* --pidfile <pid-file> */
+ match_mode |= MATCH_PIDFILE;
+ pidfile = optarg;
+ break;
+ case 'q': /* --quiet */
+ quietmode = true;
+ break;
+ case 's': /* --signal <signal> */
+ signal_str = optarg;
+ break;
+ case 't': /* --test */
+ testmode = true;
+ break;
+ case 'u': /* --user <username>|<uid> */
+ match_mode |= MATCH_USER;
+ userspec = optarg;
+ break;
+ case 'v': /* --verbose */
+ quietmode = -1;
+ break;
+ case 'x': /* --exec <executable> */
+ match_mode |= MATCH_EXEC;
+ execname = optarg;
+ break;
+ case 'c': /* --chuid <username>|<uid> */
+ free(changeuser);
+ /* We copy the string just in case we need the
+ * argument later. */
+ changeuser_len = strcspn(optarg, ":");
+ changeuser = xstrndup(optarg, changeuser_len);
+ if (optarg[changeuser_len] == ':') {
+ if (optarg[changeuser_len + 1] == '\0')
+ fatal("missing group name");
+ changegroup = optarg + changeuser_len + 1;
+ }
+ break;
+ case 'g': /* --group <group>|<gid> */
+ changegroup = optarg;
+ break;
+ case 'r': /* --chroot /new/root */
+ changeroot = optarg;
+ break;
+ case 'N': /* --nice */
+ nicelevel = atoi(optarg);
+ break;
+ case 'P': /* --procsched */
+ proc_schedule_str = optarg;
+ break;
+ case 'I': /* --iosched */
+ io_schedule_str = optarg;
+ break;
+ case 'k': /* --umask <mask> */
+ umask_str = optarg;
+ break;
+ case 'b': /* --background */
+ background = true;
+ break;
+ case OPT_NOTIFY_AWAIT:
+ notify_await = true;
+ break;
+ case OPT_NOTIFY_TIMEOUT:
+ notify_timeout_str = optarg;
+ break;
+ case 'C': /* --no-close */
+ close_io = false;
+ break;
+ case 'O': /* --outout <filename> */
+ output_io = optarg;
+ break;
+ case 'm': /* --make-pidfile */
+ mpidfile = true;
+ break;
+ case OPT_RM_PIDFILE: /* --remove-pidfile */
+ rpidfile = true;
+ break;
+ case 'R': /* --retry <schedule>|<timeout> */
+ schedule_str = optarg;
+ break;
+ case 'd': /* --chdir /new/dir */
+ changedir = optarg;
+ break;
+ default:
+ /* Message printed by getopt. */
+ badusage(NULL);
+ }
+ }
+
+ if (pid_str != NULL) {
+ if (parse_pid(pid_str, &match_pid) != 0)
+ badusage("pid value must be a number greater than 0");
+ }
+
+ if (ppid_str != NULL) {
+ if (parse_pid(ppid_str, &match_ppid) != 0)
+ badusage("ppid value must be a number greater than 0");
+ }
+
+ if (signal_str != NULL) {
+ if (parse_signal(signal_str, &signal_nr) != 0)
+ badusage("signal value must be numeric or name"
+ " of signal (KILL, INT, ...)");
+ }
+
+ if (schedule_str != NULL) {
+ parse_schedule(schedule_str);
+ }
+
+ if (proc_schedule_str != NULL)
+ parse_proc_schedule(proc_schedule_str);
+
+ if (io_schedule_str != NULL)
+ parse_io_schedule(io_schedule_str);
+
+ if (umask_str != NULL) {
+ if (parse_umask(umask_str, &umask_value) != 0)
+ badusage("umask value must be a positive number");
+ }
+
+ if (output_io != NULL && output_io[0] != '/')
+ badusage("--output file needs to be an absolute filename");
+
+ if (notify_timeout_str != NULL)
+ if (parse_unsigned(notify_timeout_str, 10, &notify_timeout) != 0)
+ badusage("invalid notify timeout value");
+
+ if (action == ACTION_NONE)
+ badusage("need one of --start or --stop or --status");
+
+ if (match_mode == MATCH_NONE ||
+ (!execname && !cmdname && !userspec &&
+ !pid_str && !ppid_str && !pidfile))
+ badusage("need at least one of --exec, --pid, --ppid, --pidfile, --user or --name");
+
+#ifdef PROCESS_NAME_SIZE
+ if (cmdname && strlen(cmdname) > PROCESS_NAME_SIZE)
+ warning("this system is not able to track process names\n"
+ "longer than %d characters, please use --exec "
+ "instead of --name.\n", PROCESS_NAME_SIZE);
+#endif
+
+ if (!startas)
+ startas = execname;
+
+ if (action == ACTION_START && !startas)
+ badusage("--start needs --exec or --startas");
+
+ if (mpidfile && pidfile == NULL)
+ badusage("--make-pidfile requires --pidfile");
+ if (rpidfile && pidfile == NULL)
+ badusage("--remove-pidfile requires --pidfile");
+
+ if (pid_str && pidfile)
+ badusage("need either --pid or --pidfile, not both");
+
+ if (background && action != ACTION_START)
+ badusage("--background is only relevant with --start");
+
+ if (!close_io && !background)
+ badusage("--no-close is only relevant with --background");
+ if (output_io && !background)
+ badusage("--output is only relevant with --background");
+
+ if (close_io && output_io == NULL)
+ output_io = "/dev/null";
+}
+
+static void
+setup_options(void)
+{
+ if (execname) {
+ char *fullexecname;
+
+ /* If it's a relative path, normalize it. */
+ if (execname[0] != '/')
+ execname = newpath(changedir, execname);
+
+ if (changeroot)
+ fullexecname = newpath(changeroot, execname);
+ else
+ fullexecname = execname;
+
+ if (stat(fullexecname, &exec_stat))
+ fatale("unable to stat %s", fullexecname);
+
+ if (fullexecname != execname)
+ free(fullexecname);
+ }
+
+ if (userspec && parse_unsigned(userspec, 10, &user_id) < 0) {
+ struct passwd *pw;
+
+ pw = getpwnam(userspec);
+ if (!pw)
+ fatale("user '%s' not found", userspec);
+
+ user_id = pw->pw_uid;
+ }
+
+ if (changegroup && parse_unsigned(changegroup, 10, &runas_gid) < 0) {
+ struct group *gr;
+
+ gr = getgrnam(changegroup);
+ if (!gr)
+ fatale("group '%s' not found", changegroup);
+ changegroup = gr->gr_name;
+ runas_gid = gr->gr_gid;
+ }
+ if (changeuser) {
+ struct passwd *pw;
+ struct stat st;
+
+ if (parse_unsigned(changeuser, 10, &runas_uid) == 0)
+ pw = getpwuid(runas_uid);
+ else
+ pw = getpwnam(changeuser);
+ if (!pw)
+ fatale("user '%s' not found", changeuser);
+ changeuser = pw->pw_name;
+ runas_uid = pw->pw_uid;
+ if (changegroup == NULL) {
+ /* Pass the default group of this user. */
+ changegroup = ""; /* Just empty. */
+ runas_gid = pw->pw_gid;
+ }
+ if (stat(pw->pw_dir, &st) == 0)
+ setenv("HOME", pw->pw_dir, 1);
+ }
+}
+
+#if defined(OS_Linux)
+static const char *
+proc_status_field(pid_t pid, const char *field)
+{
+ static char *line = NULL;
+ static size_t line_size = 0;
+
+ FILE *fp;
+ char filename[32];
+ char *value = NULL;
+ ssize_t line_len;
+ size_t field_len = strlen(field);
+
+ sprintf(filename, "/proc/%d/status", pid);
+ fp = fopen(filename, "r");
+ if (!fp)
+ return NULL;
+ while ((line_len = getline(&line, &line_size, fp)) >= 0) {
+ if (strncasecmp(line, field, field_len) == 0) {
+ line[line_len - 1] = '\0';
+
+ value = line + field_len;
+ while (isspace(*value))
+ value++;
+
+ break;
+ }
+ }
+ fclose(fp);
+
+ return value;
+}
+#elif (defined(OS_Solaris) || defined(OS_AIX)) && HAVE_STRUCT_PSINFO
+static bool
+proc_get_psinfo(pid_t pid, struct psinfo *psinfo)
+{
+ char filename[64];
+ FILE *fp;
+
+ sprintf(filename, "/proc/%d/psinfo", pid);
+ fp = fopen(filename, "r");
+ if (!fp)
+ return false;
+ if (fread(psinfo, sizeof(*psinfo), 1, fp) == 0) {
+ fclose(fp);
+ return false;
+ }
+ if (ferror(fp)) {
+ fclose(fp);
+ return false;
+ }
+
+ fclose(fp);
+
+ return true;
+}
+#elif defined(OS_Hurd)
+static void
+init_procset(void)
+{
+ struct ps_context *context;
+ error_t err;
+
+ err = ps_context_create(getproc(), &context);
+ if (err)
+ error(1, err, "ps_context_create");
+
+ err = proc_stat_list_create(context, &procset);
+ if (err)
+ error(1, err, "proc_stat_list_create");
+
+ err = proc_stat_list_add_all(procset, 0, 0);
+ if (err)
+ error(1, err, "proc_stat_list_add_all");
+}
+
+static struct proc_stat *
+get_proc_stat(pid_t pid, ps_flags_t flags)
+{
+ struct proc_stat *ps;
+ ps_flags_t wanted_flags = PSTAT_PID | flags;
+
+ if (!procset)
+ init_procset();
+
+ ps = proc_stat_list_pid_proc_stat(procset, pid);
+ if (!ps)
+ return NULL;
+ if (proc_stat_set_flags(ps, wanted_flags))
+ return NULL;
+ if ((proc_stat_flags(ps) & wanted_flags) != wanted_flags)
+ return NULL;
+
+ return ps;
+}
+#elif defined(HAVE_KVM_H)
+static kvm_t *
+ssd_kvm_open(void)
+{
+ kvm_t *kd;
+ char errbuf[_POSIX2_LINE_MAX];
+
+ kd = kvm_openfiles(NULL, KVM_MEMFILE, NULL, O_RDONLY, errbuf);
+ if (kd == NULL)
+ errx(1, "%s", errbuf);
+
+ return kd;
+}
+
+static struct kinfo_proc *
+ssd_kvm_get_procs(kvm_t *kd, int op, int arg, int *count)
+{
+ struct kinfo_proc *kp;
+ int lcount;
+
+ if (count == NULL)
+ count = &lcount;
+ *count = 0;
+
+#if defined(OS_OpenBSD)
+ kp = kvm_getprocs(kd, op, arg, sizeof(*kp), count);
+#else
+ kp = kvm_getprocs(kd, op, arg, count);
+#endif
+ if (kp == NULL && errno != ESRCH)
+ errx(1, "%s", kvm_geterr(kd));
+
+ return kp;
+}
+#endif
+
+#if defined(OS_Linux)
+static bool
+pid_is_exec(pid_t pid, const struct stat *esb)
+{
+ char lname[32];
+ char lcontents[_POSIX_PATH_MAX + 1];
+ char *filename;
+ const char deleted[] = " (deleted)";
+ int nread;
+ struct stat sb;
+
+ sprintf(lname, "/proc/%d/exe", pid);
+ nread = readlink(lname, lcontents, sizeof(lcontents) - 1);
+ if (nread == -1)
+ return false;
+
+ filename = lcontents;
+ filename[nread] = '\0';
+
+ /* OpenVZ kernels contain a bogus patch that instead of appending,
+ * prepends the deleted marker. Workaround those. Otherwise handle
+ * the normal appended marker. */
+ if (strncmp(filename, deleted, strlen(deleted)) == 0)
+ filename += strlen(deleted);
+ else if (strcmp(filename + nread - strlen(deleted), deleted) == 0)
+ filename[nread - strlen(deleted)] = '\0';
+
+ if (stat(filename, &sb) != 0)
+ return false;
+
+ return (sb.st_dev == esb->st_dev && sb.st_ino == esb->st_ino);
+}
+#elif (defined(OS_Solaris) || defined(OS_AIX)) && HAVE_STRUCT_PSINFO
+static bool
+pid_is_exec(pid_t pid, const struct stat *esb)
+{
+ struct stat sb;
+ char filename[64];
+
+ sprintf(filename, "/proc/%d/object/a.out", pid);
+
+ if (stat(filename, &sb) != 0)
+ return false;
+
+ return sb.st_dev == esb->st_dev && sb.st_ino == esb->st_ino;
+}
+#elif defined(OS_Hurd)
+static bool
+pid_is_exec(pid_t pid, const struct stat *esb)
+{
+ struct proc_stat *ps;
+ struct stat sb;
+ const char *filename;
+
+ ps = get_proc_stat(pid, PSTAT_ARGS);
+ if (ps == NULL)
+ return false;
+
+ /* On old Hurd systems we have to use the argv[0] value, because
+ * there is nothing better. */
+ filename = proc_stat_args(ps);
+#ifdef PSTAT_EXE
+ /* On new Hurd systems we can use the correct value, as long
+ * as it's not NULL nor empty, as it was the case on the first
+ * implementation. */
+ if (proc_stat_set_flags(ps, PSTAT_EXE) == 0 &&
+ proc_stat_flags(ps) & PSTAT_EXE &&
+ proc_stat_exe(ps) != NULL &&
+ proc_stat_exe(ps)[0] != '\0')
+ filename = proc_stat_exe(ps);
+#endif
+
+ if (stat(filename, &sb) != 0)
+ return false;
+
+ return (sb.st_dev == esb->st_dev && sb.st_ino == esb->st_ino);
+}
+#elif defined(OS_Darwin)
+static bool
+pid_is_exec(pid_t pid, const struct stat *esb)
+{
+ struct stat sb;
+ char pathname[_POSIX_PATH_MAX];
+
+ if (proc_pidpath(pid, pathname, sizeof(pathname)) < 0)
+ return false;
+
+ if (stat(pathname, &sb) != 0)
+ return false;
+
+ return (sb.st_dev == esb->st_dev && sb.st_ino == esb->st_ino);
+}
+#elif defined(OS_HPUX)
+static bool
+pid_is_exec(pid_t pid, const struct stat *esb)
+{
+ struct pst_status pst;
+
+ if (pstat_getproc(&pst, sizeof(pst), (size_t)0, (int)pid) < 0)
+ return false;
+ return ((dev_t)pst.pst_text.psf_fsid.psfs_id == esb->st_dev &&
+ (ino_t)pst.pst_text.psf_fileid == esb->st_ino);
+}
+#elif defined(OS_FreeBSD)
+static bool
+pid_is_exec(pid_t pid, const struct stat *esb)
+{
+ struct stat sb;
+ int error, mib[4];
+ size_t len;
+ char pathname[PATH_MAX];
+
+ mib[0] = CTL_KERN;
+ mib[1] = KERN_PROC;
+ mib[2] = KERN_PROC_PATHNAME;
+ mib[3] = pid;
+ len = sizeof(pathname);
+
+ error = sysctl(mib, 4, pathname, &len, NULL, 0);
+ if (error != 0 && errno != ESRCH)
+ return false;
+ if (len == 0)
+ pathname[0] = '\0';
+
+ if (stat(pathname, &sb) != 0)
+ return false;
+
+ return (sb.st_dev == esb->st_dev && sb.st_ino == esb->st_ino);
+}
+#elif defined(HAVE_KVM_H)
+static bool
+pid_is_exec(pid_t pid, const struct stat *esb)
+{
+ kvm_t *kd;
+ int argv_len = 0;
+ struct kinfo_proc *kp;
+ struct stat sb;
+ char buf[_POSIX2_LINE_MAX];
+ char **pid_argv_p;
+ char *start_argv_0_p, *end_argv_0_p;
+ bool res = false;
+
+ kd = ssd_kvm_open();
+ kp = ssd_kvm_get_procs(kd, KERN_PROC_PID, pid, NULL);
+ if (kp == NULL)
+ goto cleanup;
+
+ pid_argv_p = kvm_getargv(kd, kp, argv_len);
+ if (pid_argv_p == NULL)
+ errx(1, "%s", kvm_geterr(kd));
+
+ /* Find and compare string. */
+ start_argv_0_p = *pid_argv_p;
+
+ /* Find end of argv[0] then copy and cut of str there. */
+ end_argv_0_p = strchr(*pid_argv_p, ' ');
+ if (end_argv_0_p == NULL)
+ /* There seems to be no space, so we have the command
+ * already in its desired form. */
+ start_argv_0_p = *pid_argv_p;
+ else {
+ /* Tests indicate that this never happens, since
+ * kvm_getargv itself cuts of tailing stuff. This is
+ * not what the manual page says, however. */
+ strncpy(buf, *pid_argv_p, (end_argv_0_p - start_argv_0_p));
+ buf[(end_argv_0_p - start_argv_0_p) + 1] = '\0';
+ start_argv_0_p = buf;
+ }
+
+ if (stat(start_argv_0_p, &sb) != 0)
+ goto cleanup;
+
+ res = (sb.st_dev == esb->st_dev && sb.st_ino == esb->st_ino);
+
+cleanup:
+ kvm_close(kd);
+
+ return res;
+}
+#endif
+
+#if defined(OS_Linux)
+static bool
+pid_is_child(pid_t pid, pid_t ppid)
+{
+ const char *ppid_str;
+ pid_t proc_ppid;
+ int rc;
+
+ ppid_str = proc_status_field(pid, "PPid:");
+ if (ppid_str == NULL)
+ return false;
+
+ rc = parse_pid(ppid_str, &proc_ppid);
+ if (rc < 0)
+ return false;
+
+ return proc_ppid == ppid;
+}
+#elif defined(OS_Hurd)
+static bool
+pid_is_child(pid_t pid, pid_t ppid)
+{
+ struct proc_stat *ps;
+ struct procinfo *pi;
+
+ ps = get_proc_stat(pid, PSTAT_PROC_INFO);
+ if (ps == NULL)
+ return false;
+
+ pi = proc_stat_proc_info(ps);
+
+ return pi->ppid == ppid;
+}
+#elif defined(OS_Darwin)
+static bool
+pid_is_child(pid_t pid, pid_t ppid)
+{
+ struct proc_bsdinfo pbi;
+
+ if (proc_pidinfo(pid, PROC_PIDTBSDINFO, 0, &pbi, sizeof(pbi)) < 0)
+ return false;
+
+ return (pid_t)pbi.pbi_ppid == ppid;
+}
+#elif (defined(OS_Solaris) || defined(OS_AIX)) && HAVE_STRUCT_PSINFO
+static bool
+pid_is_child(pid_t pid, pid_t ppid)
+{
+ struct psinfo psi;
+
+ if (!proc_get_psinfo(pid, &psi))
+ return false;
+
+ return (pid_t)psi.pr_ppid == ppid;
+}
+#elif defined(OS_HPUX)
+static bool
+pid_is_child(pid_t pid, pid_t ppid)
+{
+ struct pst_status pst;
+
+ if (pstat_getproc(&pst, sizeof(pst), (size_t)0, (int)pid) < 0)
+ return false;
+
+ return pst.pst_ppid == ppid;
+}
+#elif defined(OS_FreeBSD)
+static bool
+pid_is_child(pid_t pid, pid_t ppid)
+{
+ struct kinfo_proc kp;
+ int rc, mib[4];
+ size_t len;
+
+ mib[0] = CTL_KERN;
+ mib[1] = KERN_PROC;
+ mib[2] = KERN_PROC_PID;
+ mib[3] = pid;
+ len = sizeof(kp);
+
+ rc = sysctl(mib, 4, &kp, &len, NULL, 0);
+ if (rc != 0 && errno != ESRCH)
+ return false;
+ if (len == 0 || len != sizeof(kp))
+ return false;
+
+ return kp.ki_ppid == ppid;
+}
+#elif defined(HAVE_KVM_H)
+static bool
+pid_is_child(pid_t pid, pid_t ppid)
+{
+ kvm_t *kd;
+ struct kinfo_proc *kp;
+ pid_t proc_ppid;
+ bool res = false;
+
+ kd = ssd_kvm_open();
+ kp = ssd_kvm_get_procs(kd, KERN_PROC_PID, pid, NULL);
+ if (kp == NULL)
+ goto cleanup;
+
+#if defined(OS_FreeBSD)
+ proc_ppid = kp->ki_ppid;
+#elif defined(OS_OpenBSD)
+ proc_ppid = kp->p_ppid;
+#elif defined(OS_DragonFlyBSD)
+ proc_ppid = kp->kp_ppid;
+#else
+ proc_ppid = kp->kp_proc.p_ppid;
+#endif
+
+ res = (proc_ppid == ppid);
+
+cleanup:
+ kvm_close(kd);
+
+ return res;
+}
+#endif
+
+#if defined(OS_Linux)
+static bool
+pid_is_user(pid_t pid, uid_t uid)
+{
+ struct stat sb;
+ char buf[32];
+
+ sprintf(buf, "/proc/%d", pid);
+ if (stat(buf, &sb) != 0)
+ return false;
+ return (sb.st_uid == uid);
+}
+#elif defined(OS_Hurd)
+static bool
+pid_is_user(pid_t pid, uid_t uid)
+{
+ struct proc_stat *ps;
+
+ ps = get_proc_stat(pid, PSTAT_OWNER_UID);
+ return ps && (uid_t)proc_stat_owner_uid(ps) == uid;
+}
+#elif defined(OS_Darwin)
+static bool
+pid_is_user(pid_t pid, uid_t uid)
+{
+ struct proc_bsdinfo pbi;
+
+ if (proc_pidinfo(pid, PROC_PIDTBSDINFO, 0, &pbi, sizeof(pbi)) < 0)
+ return false;
+
+ return pbi.pbi_ruid == uid;
+}
+#elif (defined(OS_Solaris) || defined(OS_AIX)) && HAVE_STRUCT_PSINFO
+static bool
+pid_is_user(pid_t pid, uid_t uid)
+{
+ struct psinfo psi;
+
+ if (!proc_get_psinfo(pid, &psi))
+ return false;
+
+ return psi.pr_uid == uid;
+}
+#elif defined(OS_HPUX)
+static bool
+pid_is_user(pid_t pid, uid_t uid)
+{
+ struct pst_status pst;
+
+ if (pstat_getproc(&pst, sizeof(pst), (size_t)0, (int)pid) < 0)
+ return false;
+ return ((uid_t)pst.pst_uid == uid);
+}
+#elif defined(OS_FreeBSD)
+static bool
+pid_is_user(pid_t pid, uid_t uid)
+{
+ struct kinfo_proc kp;
+ int rc, mib[4];
+ size_t len;
+
+ mib[0] = CTL_KERN;
+ mib[1] = KERN_PROC;
+ mib[2] = KERN_PROC_PID;
+ mib[3] = pid;
+ len = sizeof(kp);
+
+ rc = sysctl(mib, 4, &kp, &len, NULL, 0);
+ if (rc != 0 && errno != ESRCH)
+ return false;
+ if (len == 0 || len != sizeof(kp))
+ return false;
+
+ return kp.ki_ruid == uid;
+}
+#elif defined(HAVE_KVM_H)
+static bool
+pid_is_user(pid_t pid, uid_t uid)
+{
+ kvm_t *kd;
+ uid_t proc_uid;
+ struct kinfo_proc *kp;
+ bool res = false;
+
+ kd = ssd_kvm_open();
+ kp = ssd_kvm_get_procs(kd, KERN_PROC_PID, pid, NULL);
+ if (kp == NULL)
+ goto cleanup;
+
+#if defined(OS_FreeBSD)
+ proc_uid = kp->ki_ruid;
+#elif defined(OS_OpenBSD)
+ proc_uid = kp->p_ruid;
+#elif defined(OS_DragonFlyBSD)
+ proc_uid = kp->kp_ruid;
+#elif defined(OS_NetBSD)
+ proc_uid = kp->kp_eproc.e_pcred.p_ruid;
+#else
+ if (kp->kp_proc.p_cred)
+ kvm_read(kd, (u_long)&(kp->kp_proc.p_cred->p_ruid),
+ &proc_uid, sizeof(uid_t));
+ else
+ goto cleanup;
+#endif
+
+ res = (proc_uid == (uid_t)uid);
+
+cleanup:
+ kvm_close(kd);
+
+ return res;
+}
+#endif
+
+#if defined(OS_Linux)
+static bool
+pid_is_cmd(pid_t pid, const char *name)
+{
+ const char *comm;
+
+ comm = proc_status_field(pid, "Name:");
+ if (comm == NULL)
+ return false;
+
+ return strcmp(comm, name) == 0;
+}
+#elif defined(OS_Hurd)
+static bool
+pid_is_cmd(pid_t pid, const char *name)
+{
+ struct proc_stat *ps;
+ size_t argv0_len;
+ const char *argv0;
+ const char *binary_name;
+
+ ps = get_proc_stat(pid, PSTAT_ARGS);
+ if (ps == NULL)
+ return false;
+
+ argv0 = proc_stat_args(ps);
+ argv0_len = strlen(argv0) + 1;
+
+ binary_name = basename(argv0);
+ if (strcmp(binary_name, name) == 0)
+ return true;
+
+ /* XXX: This is all kinds of ugly, but on the Hurd there's no way to
+ * know the command name of a process, so we have to try to match
+ * also on argv[1] for the case of an interpreted script. */
+ if (proc_stat_args_len(ps) > argv0_len) {
+ const char *script_name = basename(argv0 + argv0_len);
+
+ return strcmp(script_name, name) == 0;
+ }
+
+ return false;
+}
+#elif (defined(OS_Solaris) || defined(OS_AIX)) && HAVE_STRUCT_PSINFO
+static bool
+pid_is_cmd(pid_t pid, const char *name)
+{
+ struct psinfo psi;
+
+ if (!proc_get_psinfo(pid, &psi))
+ return false;
+
+ return strcmp(psi.pr_fname, name) == 0;
+}
+#elif defined(OS_HPUX)
+static bool
+pid_is_cmd(pid_t pid, const char *name)
+{
+ struct pst_status pst;
+
+ if (pstat_getproc(&pst, sizeof(pst), (size_t)0, (int)pid) < 0)
+ return false;
+ return (strcmp(pst.pst_ucomm, name) == 0);
+}
+#elif defined(OS_Darwin)
+static bool
+pid_is_cmd(pid_t pid, const char *name)
+{
+ char pathname[_POSIX_PATH_MAX];
+
+ if (proc_pidpath(pid, pathname, sizeof(pathname)) < 0)
+ return false;
+
+ return strcmp(pathname, name) == 0;
+}
+#elif defined(OS_FreeBSD)
+static bool
+pid_is_cmd(pid_t pid, const char *name)
+{
+ struct kinfo_proc kp;
+ int rc, mib[4];
+ size_t len;
+
+ mib[0] = CTL_KERN;
+ mib[1] = KERN_PROC;
+ mib[2] = KERN_PROC_PID;
+ mib[3] = pid;
+ len = sizeof(kp);
+
+ rc = sysctl(mib, 4, &kp, &len, NULL, 0);
+ if (rc != 0 && errno != ESRCH)
+ return false;
+ if (len == 0 || len != sizeof(kp))
+ return false;
+
+ return strcmp(kp.ki_comm, name) == 0;
+}
+#elif defined(HAVE_KVM_H)
+static bool
+pid_is_cmd(pid_t pid, const char *name)
+{
+ kvm_t *kd;
+ struct kinfo_proc *kp;
+ char *process_name;
+ bool res = false;
+
+ kd = ssd_kvm_open();
+ kp = ssd_kvm_get_procs(kd, KERN_PROC_PID, pid, NULL);
+ if (kp == NULL)
+ goto cleanup;
+
+#if defined(OS_FreeBSD)
+ process_name = kp->ki_comm;
+#elif defined(OS_OpenBSD)
+ process_name = kp->p_comm;
+#elif defined(OS_DragonFlyBSD)
+ process_name = kp->kp_comm;
+#else
+ process_name = kp->kp_proc.p_comm;
+#endif
+
+ res = (strcmp(name, process_name) == 0);
+
+cleanup:
+ kvm_close(kd);
+
+ return res;
+}
+#endif
+
+#if defined(OS_Hurd)
+static bool
+pid_is_running(pid_t pid)
+{
+ return get_proc_stat(pid, 0) != NULL;
+}
+#else /* !OS_Hurd */
+static bool
+pid_is_running(pid_t pid)
+{
+ if (kill(pid, 0) == 0 || errno == EPERM)
+ return true;
+ else if (errno == ESRCH)
+ return false;
+ else
+ fatale("error checking pid %u status", pid);
+}
+#endif
+
+static enum status_code
+pid_check(pid_t pid)
+{
+ if (execname && !pid_is_exec(pid, &exec_stat))
+ return STATUS_DEAD;
+ if (match_ppid > 0 && !pid_is_child(pid, match_ppid))
+ return STATUS_DEAD;
+ if (userspec && !pid_is_user(pid, user_id))
+ return STATUS_DEAD;
+ if (cmdname && !pid_is_cmd(pid, cmdname))
+ return STATUS_DEAD;
+ if (action != ACTION_STOP && !pid_is_running(pid))
+ return STATUS_DEAD;
+
+ pid_list_push(&found, pid);
+
+ return STATUS_OK;
+}
+
+static enum status_code
+do_pidfile(const char *name)
+{
+ FILE *f;
+ static pid_t pid = 0;
+
+ if (pid)
+ return pid_check(pid);
+
+ f = fopen(name, "r");
+ if (f) {
+ enum status_code pid_status;
+
+ /* If we are only matching on the pidfile, and it is owned by
+ * a non-root user, then this is a security risk, and the
+ * contents cannot be trusted, because the daemon might have
+ * been compromised.
+ *
+ * If the pidfile is world-writable we refuse to parse it.
+ *
+ * If we got /dev/null specified as the pidfile, we ignore the
+ * checks, as this is being used to run processes no matter
+ * what. */
+ if (strcmp(name, "/dev/null") != 0) {
+ struct stat st;
+ int fd = fileno(f);
+
+ if (fstat(fd, &st) < 0)
+ fatale("cannot stat pidfile %s", name);
+
+ if (match_mode == MATCH_PIDFILE &&
+ ((st.st_uid != getuid() && st.st_uid != 0) ||
+ (st.st_gid != getgid() && st.st_gid != 0)))
+ fatal("matching only on non-root pidfile %s is insecure", name);
+ if (st.st_mode & 0002)
+ fatal("matching on world-writable pidfile %s is insecure", name);
+ }
+
+ if (fscanf(f, "%d", &pid) == 1)
+ pid_status = pid_check(pid);
+ else
+ pid_status = STATUS_UNKNOWN;
+ fclose(f);
+
+ if (pid_status == STATUS_DEAD)
+ return STATUS_DEAD_PIDFILE;
+ else
+ return pid_status;
+ } else if (errno == ENOENT)
+ return STATUS_DEAD;
+ else
+ fatale("unable to open pidfile %s", name);
+}
+
+#if defined(OS_Linux) || defined(OS_Solaris) || defined(OS_AIX)
+static enum status_code
+do_procinit(void)
+{
+ DIR *procdir;
+ struct dirent *entry;
+ int foundany;
+ pid_t pid;
+ enum status_code prog_status = STATUS_DEAD;
+
+ procdir = opendir("/proc");
+ if (!procdir)
+ fatale("unable to opendir /proc");
+
+ foundany = 0;
+ while ((entry = readdir(procdir)) != NULL) {
+ enum status_code pid_status;
+
+ if (sscanf(entry->d_name, "%d", &pid) != 1)
+ continue;
+ foundany++;
+
+ pid_status = pid_check(pid);
+ if (pid_status < prog_status)
+ prog_status = pid_status;
+ }
+ closedir(procdir);
+ if (foundany == 0)
+ fatal("nothing in /proc - not mounted?");
+
+ return prog_status;
+}
+#elif defined(OS_Hurd)
+static int
+check_proc_stat(struct proc_stat *ps)
+{
+ pid_check(proc_stat_pid(ps));
+ return 0;
+}
+
+static enum status_code
+do_procinit(void)
+{
+ if (!procset)
+ init_procset();
+
+ proc_stat_list_for_each(procset, check_proc_stat);
+
+ if (found)
+ return STATUS_OK;
+ else
+ return STATUS_DEAD;
+}
+#elif defined(OS_Darwin)
+static enum status_code
+do_procinit(void)
+{
+ pid_t *pid_buf;
+ int i, npids, pid_bufsize;
+ enum status_code prog_status = STATUS_DEAD;
+
+ npids = proc_listallpids(NULL, 0);
+ if (npids == 0)
+ return STATUS_UNKNOWN;
+
+ /* Try to avoid sudden changes in number of PIDs. */
+ npids += 4096;
+ pid_bufsize = sizeof(pid_t) * npids;
+ pid_buf = xmalloc(pid_bufsize);
+
+ npids = proc_listallpids(pid_buf, pid_bufsize);
+ if (npids == 0)
+ return STATUS_UNKNOWN;
+
+ for (i = 0; i < npids; i++) {
+ enum status_code pid_status;
+
+ pid_status = pid_check(pid_buf[i]);
+ if (pid_status < prog_status)
+ prog_status = pid_status;
+ }
+
+ free(pid_buf);
+
+ return prog_status;
+}
+#elif defined(OS_HPUX)
+static enum status_code
+do_procinit(void)
+{
+ struct pst_status pst[10];
+ int i, count;
+ int idx = 0;
+ enum status_code prog_status = STATUS_DEAD;
+
+ while ((count = pstat_getproc(pst, sizeof(pst[0]), 10, idx)) > 0) {
+ for (i = 0; i < count; i++) {
+ enum status_code pid_status;
+
+ pid_status = pid_check(pst[i].pst_pid);
+ if (pid_status < prog_status)
+ prog_status = pid_status;
+ }
+ idx = pst[count - 1].pst_idx + 1;
+ }
+
+ return prog_status;
+}
+#elif defined(OS_FreeBSD)
+static enum status_code
+do_procinit(void)
+{
+ struct kinfo_proc *kp;
+ int rc, mib[3];
+ size_t len = 0;
+ int nentries, i;
+ enum status_code prog_status = STATUS_DEAD;
+
+ mib[0] = CTL_KERN;
+ mib[1] = KERN_PROC;
+ mib[2] = KERN_PROC_PROC;
+
+ rc = sysctl(mib, 3, NULL, &len, NULL, 0);
+ if (rc != 0 && errno != ESRCH)
+ return STATUS_UNKNOWN;
+ if (len == 0)
+ return STATUS_UNKNOWN;
+
+ kp = xmalloc(len);
+ rc = sysctl(mib, 3, kp, &len, NULL, 0);
+ if (rc != 0 && errno != ESRCH)
+ return STATUS_UNKNOWN;
+ if (len == 0)
+ return STATUS_UNKNOWN;
+ nentries = len / sizeof(*kp);
+
+ for (i = 0; i < nentries; i++) {
+ enum status_code pid_status;
+
+ pid_status = pid_check(kp[i].ki_pid);
+ if (pid_status < prog_status)
+ prog_status = pid_status;
+ }
+
+ free(kp);
+
+ return prog_status;
+}
+#elif defined(HAVE_KVM_H)
+static enum status_code
+do_procinit(void)
+{
+ kvm_t *kd;
+ int nentries, i;
+ struct kinfo_proc *kp;
+ enum status_code prog_status = STATUS_DEAD;
+
+ kd = ssd_kvm_open();
+ kp = ssd_kvm_get_procs(kd, KERN_PROC_ALL, 0, &nentries);
+
+ for (i = 0; i < nentries; i++) {
+ enum status_code pid_status;
+ pid_t pid;
+
+#if defined(OS_FreeBSD)
+ pid = kp[i].ki_pid;
+#elif defined(OS_OpenBSD)
+ pid = kp[i].p_pid;
+#elif defined(OS_DragonFlyBSD)
+ pid = kp[i].kp_pid;
+#else
+ pid = kp[i].kp_proc.p_pid;
+#endif
+
+ pid_status = pid_check(pid);
+ if (pid_status < prog_status)
+ prog_status = pid_status;
+ }
+
+ kvm_close(kd);
+
+ return prog_status;
+}
+#endif
+
+static enum status_code
+do_findprocs(void)
+{
+ pid_list_free(&found);
+
+ if (match_pid > 0)
+ return pid_check(match_pid);
+ else if (pidfile)
+ return do_pidfile(pidfile);
+ else
+ return do_procinit();
+}
+
+static int
+do_start(int argc, char **argv)
+{
+ int devnull_fd = -1;
+ int output_fd = -1;
+ gid_t rgid;
+ uid_t ruid;
+
+ do_findprocs();
+
+ if (found) {
+ info("%s already running.\n", execname ? execname : "process");
+ return exitnodo;
+ }
+ if (testmode && quietmode <= 0) {
+ printf("Would start %s ", startas);
+ while (argc-- > 0)
+ printf("%s ", *argv++);
+ if (changeuser != NULL) {
+ printf(" (as user %s[%d]", changeuser, runas_uid);
+ if (changegroup != NULL)
+ printf(", and group %s[%d])", changegroup, runas_gid);
+ else
+ printf(")");
+ }
+ if (changeroot != NULL)
+ printf(" in directory %s", changeroot);
+ if (nicelevel)
+ printf(", and add %i to the priority", nicelevel);
+ if (proc_sched)
+ printf(", with scheduling policy %s with priority %i",
+ proc_sched->policy_name, proc_sched->priority);
+ if (io_sched)
+ printf(", with IO scheduling class %s with priority %i",
+ io_sched->policy_name, io_sched->priority);
+ printf(".\n");
+ }
+ if (testmode)
+ return 0;
+ debug("Starting %s...\n", startas);
+ *--argv = startas;
+ if (umask_value >= 0)
+ umask(umask_value);
+ if (background)
+ /* Ok, we need to detach this process. */
+ daemonize();
+ else if (mpidfile && pidfile != NULL)
+ /* User wants _us_ to make the pidfile, but detach themself! */
+ write_pidfile(pidfile, getpid());
+ if (background && close_io) {
+ devnull_fd = open("/dev/null", O_RDONLY);
+ if (devnull_fd < 0)
+ fatale("unable to open '%s'", "/dev/null");
+ }
+ if (background && output_io) {
+ output_fd = open(output_io, O_CREAT | O_WRONLY | O_APPEND, 0664);
+ if (output_fd < 0)
+ fatale("unable to open '%s'", output_io);
+ }
+ if (nicelevel) {
+ errno = 0;
+ if ((nice(nicelevel) == -1) && (errno != 0))
+ fatale("unable to alter nice level by %i", nicelevel);
+ }
+ if (proc_sched)
+ set_proc_schedule(proc_sched);
+ if (io_sched)
+ set_io_schedule(io_sched);
+ if (changeroot != NULL) {
+ if (chdir(changeroot) < 0)
+ fatale("unable to chdir() to %s", changeroot);
+ if (chroot(changeroot) < 0)
+ fatale("unable to chroot() to %s", changeroot);
+ }
+ if (chdir(changedir) < 0)
+ fatale("unable to chdir() to %s", changedir);
+
+ rgid = getgid();
+ ruid = getuid();
+ if (changegroup != NULL) {
+ if (rgid != (gid_t)runas_gid)
+ if (setgid(runas_gid))
+ fatale("unable to set gid to %d", runas_gid);
+ }
+ if (changeuser != NULL) {
+ /* We assume that if our real user and group are the same as
+ * the ones we should switch to, the supplementary groups
+ * will be already in place. */
+ if (rgid != (gid_t)runas_gid || ruid != (uid_t)runas_uid)
+ if (initgroups(changeuser, runas_gid))
+ fatale("unable to set initgroups() with gid %d",
+ runas_gid);
+
+ if (ruid != (uid_t)runas_uid)
+ if (setuid(runas_uid))
+ fatale("unable to set uid to %s", changeuser);
+ }
+
+ if (background && output_fd >= 0) {
+ dup2(output_fd, 1); /* stdout */
+ dup2(output_fd, 2); /* stderr */
+ }
+ if (background && close_io) {
+ int i;
+
+ dup2(devnull_fd, 0); /* stdin */
+
+ /* Now close all extra fds. */
+ for (i = get_open_fd_max() - 1; i >= 3; --i)
+ close(i);
+ }
+ execv(startas, argv);
+ fatale("unable to start %s", startas);
+}
+
+static void
+do_stop(int sig_num, int *n_killed, int *n_notkilled)
+{
+ struct pid_list *p;
+
+ do_findprocs();
+
+ *n_killed = 0;
+ *n_notkilled = 0;
+
+ if (!found)
+ return;
+
+ pid_list_free(&killed);
+
+ for (p = found; p; p = p->next) {
+ if (testmode) {
+ info("Would send signal %d to %d.\n", sig_num, p->pid);
+ (*n_killed)++;
+ } else if (kill(p->pid, sig_num) == 0) {
+ pid_list_push(&killed, p->pid);
+ (*n_killed)++;
+ } else {
+ if (sig_num)
+ warning("failed to kill %d: %s\n",
+ p->pid, strerror(errno));
+ (*n_notkilled)++;
+ }
+ }
+}
+
+static void
+do_stop_summary(int retry_nr)
+{
+ struct pid_list *p;
+
+ if (quietmode >= 0 || !killed)
+ return;
+
+ printf("Stopped %s (pid", what_stop);
+ for (p = killed; p; p = p->next)
+ printf(" %d", p->pid);
+ putchar(')');
+ if (retry_nr > 0)
+ printf(", retry #%d", retry_nr);
+ printf(".\n");
+}
+
+static void LIBCOMPAT_ATTR_PRINTF(1)
+set_what_stop(const char *format, ...)
+{
+ va_list arglist;
+ int rc;
+
+ va_start(arglist, format);
+ rc = vasprintf(&what_stop, format, arglist);
+ va_end(arglist);
+
+ if (rc < 0)
+ fatale("cannot allocate formatted string");
+}
+
+/*
+ * We want to keep polling for the processes, to see if they've exited, or
+ * until the timeout expires.
+ *
+ * This is a somewhat complicated algorithm to try to ensure that we notice
+ * reasonably quickly when all the processes have exited, but don't spend
+ * too much CPU time polling. In particular, on a fast machine with
+ * quick-exiting daemons we don't want to delay system shutdown too much,
+ * whereas on a slow one, or where processes are taking some time to exit,
+ * we want to increase the polling interval.
+ *
+ * The algorithm is as follows: we measure the elapsed time it takes to do
+ * one poll(), and wait a multiple of this time for the next poll. However,
+ * if that would put us past the end of the timeout period we wait only as
+ * long as the timeout period, but in any case we always wait at least
+ * MIN_POLL_INTERVAL (20ms). The multiple (‘ratio’) starts out as 2, and
+ * increases by 1 for each poll to a maximum of 10; so we use up to between
+ * 30% and 10% of the machine's resources (assuming a few reasonable things
+ * about system performance).
+ */
+static bool
+do_stop_timeout(int timeout, int *n_killed, int *n_notkilled)
+{
+ struct timespec stopat, before, after, interval, maxinterval;
+ int ratio;
+
+ timespec_gettime(&stopat);
+ stopat.tv_sec += timeout;
+ ratio = 1;
+ for (;;) {
+ int rc;
+
+ timespec_gettime(&before);
+ if (timespec_cmp(&before, &stopat, >))
+ return false;
+
+ do_stop(0, n_killed, n_notkilled);
+ if (!*n_killed)
+ return true;
+
+ timespec_gettime(&after);
+
+ if (!timespec_cmp(&after, &stopat, <))
+ return false;
+
+ if (ratio < 10)
+ ratio++;
+
+ timespec_sub(&stopat, &after, &maxinterval);
+ timespec_sub(&after, &before, &interval);
+ timespec_mul(&interval, ratio);
+
+ if (interval.tv_sec < 0 || interval.tv_nsec < 0)
+ interval.tv_sec = interval.tv_nsec = 0;
+
+ if (timespec_cmp(&interval, &maxinterval, >))
+ interval = maxinterval;
+
+ if (interval.tv_sec == 0 &&
+ interval.tv_nsec <= MIN_POLL_INTERVAL)
+ interval.tv_nsec = MIN_POLL_INTERVAL;
+
+ rc = pselect(0, NULL, NULL, NULL, &interval, NULL);
+ if (rc < 0 && errno != EINTR)
+ fatale("select() failed for pause");
+ }
+}
+
+static int
+finish_stop_schedule(bool anykilled)
+{
+ if (rpidfile && pidfile && !testmode)
+ remove_pidfile(pidfile);
+
+ if (anykilled)
+ return 0;
+
+ info("No %s found running; none killed.\n", what_stop);
+
+ return exitnodo;
+}
+
+static int
+run_stop_schedule(void)
+{
+ int position, n_killed, n_notkilled, value, retry_nr;
+ bool anykilled;
+
+ if (testmode) {
+ if (schedule != NULL) {
+ info("Ignoring --retry in test mode\n");
+ schedule = NULL;
+ }
+ }
+
+ if (cmdname)
+ set_what_stop("%s", cmdname);
+ else if (execname)
+ set_what_stop("%s", execname);
+ else if (pidfile)
+ set_what_stop("process in pidfile '%s'", pidfile);
+ else if (match_pid > 0)
+ set_what_stop("process with pid %d", match_pid);
+ else if (match_ppid > 0)
+ set_what_stop("process(es) with parent pid %d", match_ppid);
+ else if (userspec)
+ set_what_stop("process(es) owned by '%s'", userspec);
+ else
+ BUG("no match option, please report");
+
+ anykilled = false;
+ retry_nr = 0;
+ n_killed = 0;
+ n_notkilled = 0;
+
+ if (schedule == NULL) {
+ do_stop(signal_nr, &n_killed, &n_notkilled);
+ do_stop_summary(0);
+ if (n_notkilled > 0)
+ info("%d pids were not killed\n", n_notkilled);
+ if (n_killed)
+ anykilled = true;
+ return finish_stop_schedule(anykilled);
+ }
+
+ for (position = 0; position < schedule_length; position++) {
+ reposition:
+ value = schedule[position].value;
+ n_notkilled = 0;
+
+ switch (schedule[position].type) {
+ case sched_goto:
+ position = value;
+ goto reposition;
+ case sched_signal:
+ do_stop(value, &n_killed, &n_notkilled);
+ do_stop_summary(retry_nr++);
+ if (!n_killed)
+ return finish_stop_schedule(anykilled);
+ else
+ anykilled = true;
+ continue;
+ case sched_timeout:
+ if (do_stop_timeout(value, &n_killed, &n_notkilled))
+ return finish_stop_schedule(anykilled);
+ else
+ continue;
+ default:
+ BUG("schedule[%d].type value %d is not valid",
+ position, schedule[position].type);
+ }
+ }
+
+ info("Program %s, %d process(es), refused to die.\n",
+ what_stop, n_killed);
+
+ return 2;
+}
+
+int
+main(int argc, char **argv)
+{
+ progname = argv[0];
+
+ parse_options(argc, argv);
+ setup_options();
+
+ argc -= optind;
+ argv += optind;
+
+ if (action == ACTION_START)
+ return do_start(argc, argv);
+ else if (action == ACTION_STOP)
+ return run_stop_schedule();
+ else if (action == ACTION_STATUS)
+ return do_findprocs();
+
+ return 0;
+}