picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

manager: turn notify socket into abstract namespace socket again

Browse source 
sd_notify() should work for daemons that chroot() as part of their
initilization, hence it's a good idea to use an abstract namespace
socket which is not affected by chroot.
This commit is contained in:
Lennart Poettering 2012-07-01 18:59:55 +02:00
parent 59cea26a34
commit 29252e9e5b
2 changed files with 12 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
TODO
View file

@ -51,9 +51,6 @@ Features:
* change Requires=basic.target to RequisiteOverride=basic.target
* turn $NOTIFY_SOCKET back into an abstract namespace socket for
compatibility with services which chroot()
* exclude processes marked with argv[0][0]=@ from the normal service killing too
* support rd.luks.allow-discards= kernel cmdline params in cryptsetup generator

33
src/core/manager.c
View file

@ -74,8 +74,7 @@
#define GC_QUEUE_USEC_MAX (10*USEC_PER_SEC)
/* Where clients shall send notification messages to */
#define NOTIFY_SOCKET_SYSTEM "/run/systemd/notify"
#define NOTIFY_SOCKET_USER "@/org/freedesktop/systemd1/notify"
#define NOTIFY_SOCKET "@/org/freedesktop/systemd1/notify"
static int manager_setup_notify(Manager *m) {
union {
@ -83,13 +82,13 @@ static int manager_setup_notify(Manager *m) {
struct sockaddr_un un;
} sa;
struct epoll_event ev;
int one = 1, r;
mode_t u;
int one = 1;
assert(m);
m->notify_watch.type = WATCH_NOTIFY;
if ((m->notify_watch.fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0)) < 0) {
m->notify_watch.fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
if (m->notify_watch.fd < 0) {
log_error("Failed to allocate notification socket: %m");
return -errno;
}
@ -98,20 +97,13 @@ static int manager_setup_notify(Manager *m) {
sa.sa.sa_family = AF_UNIX;
if (getpid() != 1)
snprintf(sa.un.sun_path, sizeof(sa.un.sun_path), NOTIFY_SOCKET_USER "/%llu", random_ull());
else {
unlink(NOTIFY_SOCKET_SYSTEM);
strncpy(sa.un.sun_path, NOTIFY_SOCKET_SYSTEM, sizeof(sa.un.sun_path));
}
snprintf(sa.un.sun_path, sizeof(sa.un.sun_path), NOTIFY_SOCKET "/%llu", random_ull());
else
strncpy(sa.un.sun_path, NOTIFY_SOCKET, sizeof(sa.un.sun_path));
if (sa.un.sun_path[0] == '@')
sa.un.sun_path[0] = 0;
sa.un.sun_path[0] = 0;
u = umask(0111);
r = bind(m->notify_watch.fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + 1 + strlen(sa.un.sun_path+1));
umask(u);
if (r < 0) {
if (bind(m->notify_watch.fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + 1 + strlen(sa.un.sun_path+1)) < 0) {
log_error("bind() failed: %m");
return -errno;
}
@ -128,10 +120,9 @@ static int manager_setup_notify(Manager *m) {
if (epoll_ctl(m->epoll_fd, EPOLL_CTL_ADD, m->notify_watch.fd, &ev) < 0)
return -errno;
if (sa.un.sun_path[0] == 0)
sa.un.sun_path[0] = '@';
if (!(m->notify_socket = strdup(sa.un.sun_path)))
sa.un.sun_path[0] = '@';
m->notify_socket = strdup(sa.un.sun_path);
if (!m->notify_socket)
return -ENOMEM;
log_debug("Using notification socket %s", m->notify_socket);