picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Revert "socket-proxyd: Add --listener option for listener/destination pairs." 

This reverts commit adcf4c81c5.

We have a better solution for the problem of making two processes run in
the same namespace, and --listener is not needed hence and should be
dropped.

Conflicts:
	man/systemd-socket-proxyd.xml
This commit is contained in:
Lennart Poettering 2013-11-27 20:55:15 +01:00
parent 76cd584b8d
commit 8cf030b349
3 changed files with 23 additions and 121 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
TODO
View File

@ -105,6 +105,7 @@ Features:
* remove NSS usage from PID 1 (notably the specifiers) * remove NSS usage from PID 1 (notably the specifiers)
* socket-proxyd: * socket-proxyd:
- Support multiple inherited sockets mapped to different remote hosts
- Use a nonblocking alternative to getaddrinfo - Use a nonblocking alternative to getaddrinfo
- Until we can start daemons directly, find a less ugly, less racy alternative than shell scripts for the second man page example. - Until we can start daemons directly, find a less ugly, less racy alternative than shell scripts for the second man page example.
- Support starting daemons directly without requiring a shell script; update man pages - Support starting daemons directly without requiring a shell script; update man pages

80
man/systemd-socket-proxyd.xml
View File

@ -31,12 +31,6 @@
<surname>Strauss</surname> <surname>Strauss</surname>
<email>david@davidstrauss.net</email> <email>david@davidstrauss.net</email>
</author> </author>
<author>
<contrib>Developer</contrib>
<firstname>Lennart</firstname>
<surname>Poettering</surname>
<email>lennart@poettering.net</email>
</author>
</authorgroup> </authorgroup>
</refentryinfo> </refentryinfo>
<refmeta> <refmeta>
@ -89,17 +83,6 @@
<title>Options</title> <title>Options</title>
<para>The following options are understood:</para> <para>The following options are understood:</para>
<variablelist> <variablelist>
<varlistentry>
<term><option>-l</option></term>
<term><option>--listener=</option></term>
<listitem>
<para>Restricts listening to a
single inherited socket, specified
as a file descriptor. By default,
the proxy listens on all inherited
sockets.</para>
</listitem>
</varlistentry>
<varlistentry> <varlistentry>
<term><option>-h</option></term> <term><option>-h</option></term>
<term><option>--help</option></term> <term><option>--help</option></term>
@ -213,12 +196,8 @@ while [ ! -f /tmp/nginx.pid ]
do do
/usr/bin/inotifywait /tmp/nginx.pid /usr/bin/inotifywait /tmp/nginx.pid
done done
exec /usr/bin/systemd-socket-proxyd localhost:8080]]> exec /usr/bin/systemd-socket-proxyd localhost 8080]]>
</programlisting> </programlisting>
<para>Make it executable:</para>
<programlisting>
<![CDATA[chmod 755 /usr/bin/socket-proxyd-nginx.sh]]>
</programlisting>
</example> </example>
<example label="nginx configuration"> <example label="nginx configuration">
<title> <title>
@ -236,63 +215,6 @@ server {
<![CDATA[# systemctl enable proxy-with-nginx.socket <![CDATA[# systemctl enable proxy-with-nginx.socket
# systemctl start proxy-with-nginx.socket # systemctl start proxy-with-nginx.socket
$ curl http://localhost:80/]]> $ curl http://localhost:80/]]>
</programlisting>
</example>
</refsect2>
<refsect2>
<title>Multiple Listeners with Multiple Destinations</title>
<para>When using namespaces, it may be useful to
have multiple listeners with each going to a unique
destination. systemd always passes sockets into
services in the order specified in the socket
unit, beginning with file descriptor 3.</para>
<para>In this example, port <literal>80</literal>
will proxy to <literal>localhost:8080</literal>,
and port <literal>443</literal> will proxy to
<literal>localhost:8443</literal>.</para>
<example label="proxy socket unit">
<title>/etc/systemd/system/multi-destination.socket</title>
<programlisting>
<![CDATA[[Socket]
ListenStream=80
ListenStream=443
[Install]
WantedBy=sockets.target]]>
</programlisting>
</example>
<example label="proxy service unit">
<title>/etc/systemd/system/multi-destination.service</title>
<programlisting>
<![CDATA[[Service]
ExecStart=/usr/bin/socket-proxyd-multi-destination.sh
PrivateTmp=true
PrivateNetwork=true]]>
</programlisting>
</example>
<example label="shell script">
<title>
/usr/bin/socket-proxyd-multi-destination.sh</title>
<programlisting>
<![CDATA[#!/bin/sh
/usr/bin/systemd-socket-proxyd --listener=3 localhost:8080 &
/usr/bin/systemd-socket-proxyd --listener=4 localhost:8443 &
wait]]>
</programlisting>
<para>Make it executable:</para>
<programlisting>
<![CDATA[chmod 755 /usr/bin/socket-proxyd-multi-destination.sh]]>
</programlisting>
</example>
<example label="commands">
<programlisting>
<![CDATA[# systemctl enable multi-destination.socket
# systemctl start multi-destination.socket
$ curl http://localhost/
$ curl https://localhost/]]>
</programlisting> </programlisting>
</example> </example>
</refsect2> </refsect2>

63
src/socket-proxy/socket-proxyd.c
View File

@ -66,7 +66,6 @@ typedef struct Connection {
} Connection; } Connection;
static const char *arg_remote_host = NULL; static const char *arg_remote_host = NULL;
static int arg_listener = -1;
static void connection_free(Connection *c) { static void connection_free(Connection *c) {
assert(c); assert(c);
@ -555,9 +554,8 @@ static int help(void) {
printf("%s [HOST:PORT]\n" printf("%s [HOST:PORT]\n"
"%s [SOCKET]\n\n" "%s [SOCKET]\n\n"
"Bidirectionally proxy local sockets to another (possibly remote) socket.\n\n" "Bidirectionally proxy local sockets to another (possibly remote) socket.\n\n"
" -l --listener=FD Listen on a specific, single file descriptor.\n" " -h --help Show this help\n"
" -h --help Show this help\n" " --version Show package version\n",
" --version Show package version\n",
program_invocation_short_name, program_invocation_short_name,
program_invocation_short_name); program_invocation_short_name);
@ -567,22 +565,22 @@ static int help(void) {
static int parse_argv(int argc, char *argv[]) { static int parse_argv(int argc, char *argv[]) {
enum { enum {
ARG_VERSION = 0x100 ARG_VERSION = 0x100,
ARG_IGNORE_ENV
}; };
static const struct option options[] = { static const struct option options[] = {
{ "help", no_argument, NULL, 'h' }, { "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, ARG_VERSION }, { "version", no_argument, NULL, ARG_VERSION },
{ "listener", required_argument, NULL, 'l' },
{} {}
}; };
int c, fd; int c;
assert(argc >= 0); assert(argc >= 0);
assert(argv); assert(argv);
while ((c = getopt_long(argc, argv, "hl:", options, NULL)) >= 0) { while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0) {
switch (c) { switch (c) {
@ -594,18 +592,6 @@ static int parse_argv(int argc, char *argv[]) {
puts(SYSTEMD_FEATURES); puts(SYSTEMD_FEATURES);
return 0; return 0;
case 'l':
if (safe_atoi(optarg, &fd) < 0) {
log_error("Failed to parse listener file descriptor: %s", optarg);
return -EINVAL;
}
if (fd < SD_LISTEN_FDS_START) {
log_error("Listener file descriptor must be at least %d.", SD_LISTEN_FDS_START);
return -EINVAL;
}
arg_listener = fd;
break;
case '?': case '?':
return -EINVAL; return -EINVAL;
@ -646,26 +632,19 @@ int main(int argc, char *argv[]) {
goto finish; goto finish;
} }
if (arg_listener == -1) { n = sd_listen_fds(1);
n = sd_listen_fds(1); if (n < 0) {
if (n < 0) { log_error("Failed to receive sockets from parent.");
log_error("Failed to receive sockets from parent."); r = n;
r = n; goto finish;
goto finish; } else if (n == 0) {
} else if (n == 0) { log_error("Didn't get any sockets passed in.");
log_error("Didn't get any sockets passed in."); r = -EINVAL;
r = -EINVAL; goto finish;
goto finish; }
}
log_info("Listening on %d inherited socket(s), starting with fd=%d.", n, SD_LISTEN_FDS_START); for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) { r = add_listen_socket(&context, event, fd);
r = add_listen_socket(&context, event, fd);
if (r < 0)
goto finish;
}
} else {
log_info("Listening on single inherited socket fd=%d.", arg_listener);
r = add_listen_socket(&context, event, arg_listener);
if (r < 0) if (r < 0)
goto finish; goto finish;
} }