1 /* $NetBSD: trigger_server.c,v 1.1.1.2 2010/06/17 18:06:54 tron Exp $ */ 2 3 /*++ 4 /* NAME 5 /* trigger_server 3 6 /* SUMMARY 7 /* skeleton triggered mail subsystem 8 /* SYNOPSIS 9 /* #include <mail_server.h> 10 /* 11 /* NORETURN trigger_server_main(argc, argv, service, key, value, ...) 12 /* int argc; 13 /* char **argv; 14 /* void (*service)(char *buf, int len, char *service_name, char **argv); 15 /* int key; 16 /* DESCRIPTION 17 /* This module implements a skeleton for triggered 18 /* mail subsystems: mail subsystem programs that wake up on 19 /* client request and perform some activity without further 20 /* client interaction. This module supports local IPC via FIFOs 21 /* and via UNIX-domain sockets. The resulting program expects to be 22 /* run from the \fBmaster\fR process. 23 /* 24 /* trigger_server_main() is the skeleton entry point. It should be 25 /* called from the application main program. The skeleton does the 26 /* generic command-line options processing, initialization of 27 /* configurable parameters, and connection management. 28 /* The skeleton never returns. 29 /* 30 /* Arguments: 31 /* .IP "void (*service)(char *buf, int len, char *service_name, char **argv)" 32 /* A pointer to a function that is called by the skeleton each time 33 /* a client connects to the program's service port. The function is 34 /* run after the program has irrevocably dropped its privileges. 35 /* The buffer argument specifies the data read from the trigger port; 36 /* this data corresponds to one or more trigger requests. 37 /* The len argument specifies how much client data is available. 38 /* The maximal size of the buffer is specified via the 39 /* TRIGGER_BUF_SIZE manifest constant. 40 /* The service name argument corresponds to the service name in the 41 /* master.cf file. 42 /* The argv argument specifies command-line arguments left over 43 /* after options processing. 44 /* The \fBserver\fR argument provides the following information: 45 /* .PP 46 /* Optional arguments are specified as a null-terminated (key, value) 47 /* list. Keys and expected values are: 48 /* .IP "MAIL_SERVER_INT_TABLE (CONFIG_INT_TABLE *)" 49 /* A table with configurable parameters, to be loaded from the 50 /* global Postfix configuration file. Tables are loaded in the 51 /* order as specified, and multiple instances of the same type 52 /* are allowed. 53 /* .IP "MAIL_SERVER_STR_TABLE (CONFIG_STR_TABLE *)" 54 /* A table with configurable parameters, to be loaded from the 55 /* global Postfix configuration file. Tables are loaded in the 56 /* order as specified, and multiple instances of the same type 57 /* are allowed. 58 /* .IP "MAIL_SERVER_BOOL_TABLE (CONFIG_BOOL_TABLE *)" 59 /* A table with configurable parameters, to be loaded from the 60 /* global Postfix configuration file. Tables are loaded in the 61 /* order as specified, and multiple instances of the same type 62 /* are allowed. 63 /* .IP "MAIL_SERVER_TIME_TABLE (CONFIG_TIME_TABLE *)" 64 /* A table with configurable parameters, to be loaded from the 65 /* global Postfix configuration file. Tables are loaded in the 66 /* order as specified, and multiple instances of the same type 67 /* are allowed. 68 /* .IP "MAIL_SERVER_RAW_TABLE (CONFIG_RAW_TABLE *)" 69 /* A table with configurable parameters, to be loaded from the 70 /* global Postfix configuration file. Tables are loaded in the 71 /* order as specified, and multiple instances of the same type 72 /* are allowed. Raw parameters are not subjected to $name 73 /* evaluation. 74 /* .IP "MAIL_SERVER_NINT_TABLE (CONFIG_NINT_TABLE *)" 75 /* A table with configurable parameters, to be loaded from the 76 /* global Postfix configuration file. Tables are loaded in the 77 /* order as specified, and multiple instances of the same type 78 /* are allowed. 79 /* .IP "MAIL_SERVER_PRE_INIT (void *(char *service_name, char **argv))" 80 /* A pointer to a function that is called once 81 /* by the skeleton after it has read the global configuration file 82 /* and after it has processed command-line arguments, but before 83 /* the skeleton has optionally relinquished the process privileges. 84 /* .sp 85 /* Only the last instance of this parameter type is remembered. 86 /* .IP "MAIL_SERVER_POST_INIT (void *(char *service_name, char **argv))" 87 /* A pointer to a function that is called once 88 /* by the skeleton after it has optionally relinquished the process 89 /* privileges, but before servicing client connection requests. 90 /* .sp 91 /* Only the last instance of this parameter type is remembered. 92 /* .IP "MAIL_SERVER_LOOP (int *(char *service_name, char **argv))" 93 /* A pointer to function that is executed from 94 /* within the event loop, whenever an I/O or timer event has happened, 95 /* or whenever nothing has happened for a specified amount of time. 96 /* The result value of the function specifies how long to wait until 97 /* the next event. Specify -1 to wait for "as long as it takes". 98 /* .sp 99 /* Only the last instance of this parameter type is remembered. 100 /* .IP "MAIL_SERVER_EXIT (void *(char *service_name, char **argv))" 101 /* A pointer to function that is executed immediately before normal 102 /* process termination. 103 /* .sp 104 /* Only the last instance of this parameter type is remembered. 105 /* .IP "MAIL_SERVER_PRE_ACCEPT (void *(char *service_name, char **argv))" 106 /* Function to be executed prior to accepting a new request. 107 /* .sp 108 /* Only the last instance of this parameter type is remembered. 109 /* .IP "MAIL_SERVER_IN_FLOW_DELAY (none)" 110 /* Pause $in_flow_delay seconds when no "mail flow control token" 111 /* is available. A token is consumed for each connection request. 112 /* .IP MAIL_SERVER_SOLITARY 113 /* This service must be configured with process limit of 1. 114 /* .IP MAIL_SERVER_UNLIMITED 115 /* This service must be configured with process limit of 0. 116 /* .IP MAIL_SERVER_PRIVILEGED 117 /* This service must be configured as privileged. 118 /* .IP "MAIL_SERVER_WATCHDOG (int *)" 119 /* Override the default 1000s watchdog timeout. The value is 120 /* used after command-line and main.cf file processing. 121 /* .PP 122 /* The var_use_limit variable limits the number of clients that 123 /* a server can service before it commits suicide. 124 /* This value is taken from the global \fBmain.cf\fR configuration 125 /* file. Setting \fBvar_use_limit\fR to zero disables the client limit. 126 /* 127 /* The var_idle_limit variable limits the time that a service 128 /* receives no client connection requests before it commits suicide. 129 /* This value is taken from the global \fBmain.cf\fR configuration 130 /* file. Setting \fBvar_use_limit\fR to zero disables the idle limit. 131 /* DIAGNOSTICS 132 /* Problems and transactions are logged to \fBsyslogd\fR(8). 133 /* BUGS 134 /* Works with FIFO-based services only. 135 /* SEE ALSO 136 /* master(8), master process 137 /* syslogd(8) system logging 138 /* LICENSE 139 /* .ad 140 /* .fi 141 /* The Secure Mailer license must be distributed with this software. 142 /* AUTHOR(S) 143 /* Wietse Venema 144 /* IBM T.J. Watson Research 145 /* P.O. Box 704 146 /* Yorktown Heights, NY 10598, USA 147 /*--*/ 148 149 /* System library. */ 150 151 #include <sys_defs.h> 152 #include <sys/socket.h> 153 #include <unistd.h> 154 #include <signal.h> 155 #include <syslog.h> 156 #include <stdlib.h> 157 #include <limits.h> 158 #include <string.h> 159 #include <errno.h> 160 #include <fcntl.h> 161 #include <stdarg.h> 162 #ifdef STRCASECMP_IN_STRINGS_H 163 #include <strings.h> 164 #endif 165 #include <time.h> 166 167 /* Utility library. */ 168 169 #include <msg.h> 170 #include <msg_syslog.h> 171 #include <msg_vstream.h> 172 #include <chroot_uid.h> 173 #include <vstring.h> 174 #include <vstream.h> 175 #include <msg_vstream.h> 176 #include <mymalloc.h> 177 #include <events.h> 178 #include <iostuff.h> 179 #include <stringops.h> 180 #include <sane_accept.h> 181 #include <myflock.h> 182 #include <safe_open.h> 183 #include <listen.h> 184 #include <watchdog.h> 185 #include <split_at.h> 186 187 /* Global library. */ 188 189 #include <mail_params.h> 190 #include <mail_task.h> 191 #include <debug_process.h> 192 #include <mail_conf.h> 193 #include <mail_dict.h> 194 #include <resolve_local.h> 195 #include <mail_flow.h> 196 197 /* Process manager. */ 198 199 #include "master_proto.h" 200 201 /* Application-specific */ 202 203 #include "mail_server.h" 204 205 /* 206 * Global state. 207 */ 208 static int use_count; 209 210 static TRIGGER_SERVER_FN trigger_server_service; 211 static char *trigger_server_name; 212 static char **trigger_server_argv; 213 static void (*trigger_server_accept) (int, char *); 214 static void (*trigger_server_onexit) (char *, char **); 215 static void (*trigger_server_pre_accept) (char *, char **); 216 static VSTREAM *trigger_server_lock; 217 static int trigger_server_in_flow_delay; 218 static unsigned trigger_server_generation; 219 static int trigger_server_watchdog = 1000; 220 221 /* trigger_server_exit - normal termination */ 222 223 static NORETURN trigger_server_exit(void) 224 { 225 if (trigger_server_onexit) 226 trigger_server_onexit(trigger_server_name, trigger_server_argv); 227 exit(0); 228 } 229 230 /* trigger_server_abort - terminate after abnormal master exit */ 231 232 static void trigger_server_abort(int unused_event, char *unused_context) 233 { 234 if (msg_verbose) 235 msg_info("master disconnect -- exiting"); 236 trigger_server_exit(); 237 } 238 239 /* trigger_server_timeout - idle time exceeded */ 240 241 static void trigger_server_timeout(int unused_event, char *unused_context) 242 { 243 if (msg_verbose) 244 msg_info("idle timeout -- exiting"); 245 trigger_server_exit(); 246 } 247 248 /* trigger_server_wakeup - wake up application */ 249 250 static void trigger_server_wakeup(int fd) 251 { 252 char buf[TRIGGER_BUF_SIZE]; 253 int len; 254 255 /* 256 * Commit suicide when the master process disconnected from us. Don't 257 * drop the already accepted client request after "postfix reload"; that 258 * would be rude. 259 */ 260 if (master_notify(var_pid, trigger_server_generation, MASTER_STAT_TAKEN) < 0) 261 /* void */ ; 262 if (trigger_server_in_flow_delay && mail_flow_get(1) < 0) 263 doze(var_in_flow_delay * 1000000); 264 if ((len = read(fd, buf, sizeof(buf))) >= 0) 265 trigger_server_service(buf, len, trigger_server_name, 266 trigger_server_argv); 267 if (master_notify(var_pid, trigger_server_generation, MASTER_STAT_AVAIL) < 0) 268 trigger_server_abort(EVENT_NULL_TYPE, EVENT_NULL_CONTEXT); 269 if (var_idle_limit > 0) 270 event_request_timer(trigger_server_timeout, (char *) 0, var_idle_limit); 271 /* Avoid integer wrap-around in a persistent process. */ 272 if (use_count < INT_MAX) 273 use_count++; 274 } 275 276 /* trigger_server_accept_fifo - accept fifo client request */ 277 278 static void trigger_server_accept_fifo(int unused_event, char *context) 279 { 280 const char *myname = "trigger_server_accept_fifo"; 281 int listen_fd = CAST_CHAR_PTR_TO_INT(context); 282 283 if (trigger_server_lock != 0 284 && myflock(vstream_fileno(trigger_server_lock), INTERNAL_LOCK, 285 MYFLOCK_OP_NONE) < 0) 286 msg_fatal("select unlock: %m"); 287 288 if (msg_verbose) 289 msg_info("%s: trigger arrived", myname); 290 291 /* 292 * Read whatever the other side wrote into the FIFO. The FIFO read end is 293 * non-blocking so we won't get stuck when multiple processes wake up. 294 */ 295 if (trigger_server_pre_accept) 296 trigger_server_pre_accept(trigger_server_name, trigger_server_argv); 297 trigger_server_wakeup(listen_fd); 298 } 299 300 /* trigger_server_accept_local - accept socket client request */ 301 302 static void trigger_server_accept_local(int unused_event, char *context) 303 { 304 const char *myname = "trigger_server_accept_local"; 305 int listen_fd = CAST_CHAR_PTR_TO_INT(context); 306 int time_left = 0; 307 int fd; 308 309 if (msg_verbose) 310 msg_info("%s: trigger arrived", myname); 311 312 /* 313 * Read a message from a socket. Be prepared for accept() to fail because 314 * some other process already got the connection. The socket is 315 * non-blocking so we won't get stuck when multiple processes wake up. 316 * Don't get stuck when the client connects but sends no data. Restart 317 * the idle timer if this was a false alarm. 318 */ 319 if (var_idle_limit > 0) 320 time_left = event_cancel_timer(trigger_server_timeout, (char *) 0); 321 322 if (trigger_server_pre_accept) 323 trigger_server_pre_accept(trigger_server_name, trigger_server_argv); 324 fd = LOCAL_ACCEPT(listen_fd); 325 if (trigger_server_lock != 0 326 && myflock(vstream_fileno(trigger_server_lock), INTERNAL_LOCK, 327 MYFLOCK_OP_NONE) < 0) 328 msg_fatal("select unlock: %m"); 329 if (fd < 0) { 330 if (errno != EAGAIN) 331 msg_error("accept connection: %m"); 332 if (time_left >= 0) 333 event_request_timer(trigger_server_timeout, (char *) 0, time_left); 334 return; 335 } 336 close_on_exec(fd, CLOSE_ON_EXEC); 337 if (read_wait(fd, 10) == 0) 338 trigger_server_wakeup(fd); 339 else if (time_left >= 0) 340 event_request_timer(trigger_server_timeout, (char *) 0, time_left); 341 close(fd); 342 } 343 344 #ifdef MASTER_XPORT_NAME_PASS 345 346 /* trigger_server_accept_pass - accept descriptor */ 347 348 static void trigger_server_accept_pass(int unused_event, char *context) 349 { 350 const char *myname = "trigger_server_accept_pass"; 351 int listen_fd = CAST_CHAR_PTR_TO_INT(context); 352 int time_left = 0; 353 int fd; 354 355 if (msg_verbose) 356 msg_info("%s: trigger arrived", myname); 357 358 /* 359 * Read a message from a socket. Be prepared for accept() to fail because 360 * some other process already got the connection. The socket is 361 * non-blocking so we won't get stuck when multiple processes wake up. 362 * Don't get stuck when the client connects but sends no data. Restart 363 * the idle timer if this was a false alarm. 364 */ 365 if (var_idle_limit > 0) 366 time_left = event_cancel_timer(trigger_server_timeout, (char *) 0); 367 368 if (trigger_server_pre_accept) 369 trigger_server_pre_accept(trigger_server_name, trigger_server_argv); 370 fd = PASS_ACCEPT(listen_fd); 371 if (trigger_server_lock != 0 372 && myflock(vstream_fileno(trigger_server_lock), INTERNAL_LOCK, 373 MYFLOCK_OP_NONE) < 0) 374 msg_fatal("select unlock: %m"); 375 if (fd < 0) { 376 if (errno != EAGAIN) 377 msg_error("accept connection: %m"); 378 if (time_left >= 0) 379 event_request_timer(trigger_server_timeout, (char *) 0, time_left); 380 return; 381 } 382 close_on_exec(fd, CLOSE_ON_EXEC); 383 if (read_wait(fd, 10) == 0) 384 trigger_server_wakeup(fd); 385 else if (time_left >= 0) 386 event_request_timer(trigger_server_timeout, (char *) 0, time_left); 387 close(fd); 388 } 389 390 #endif 391 392 /* trigger_server_main - the real main program */ 393 394 NORETURN trigger_server_main(int argc, char **argv, TRIGGER_SERVER_FN service,...) 395 { 396 const char *myname = "trigger_server_main"; 397 char *root_dir = 0; 398 char *user_name = 0; 399 int debug_me = 0; 400 int daemon_mode = 1; 401 char *service_name = basename(argv[0]); 402 VSTREAM *stream = 0; 403 int delay; 404 int c; 405 int socket_count = 1; 406 int fd; 407 va_list ap; 408 MAIL_SERVER_INIT_FN pre_init = 0; 409 MAIL_SERVER_INIT_FN post_init = 0; 410 MAIL_SERVER_LOOP_FN loop = 0; 411 int key; 412 char buf[TRIGGER_BUF_SIZE]; 413 int len; 414 char *transport = 0; 415 char *lock_path; 416 VSTRING *why; 417 int alone = 0; 418 int zerolimit = 0; 419 WATCHDOG *watchdog; 420 char *oname_val; 421 char *oname; 422 char *oval; 423 const char *err; 424 char *generation; 425 int msg_vstream_needed = 0; 426 int redo_syslog_init = 0; 427 428 /* 429 * Process environment options as early as we can. 430 */ 431 if (getenv(CONF_ENV_VERB)) 432 msg_verbose = 1; 433 if (getenv(CONF_ENV_DEBUG)) 434 debug_me = 1; 435 436 /* 437 * Don't die when a process goes away unexpectedly. 438 */ 439 signal(SIGPIPE, SIG_IGN); 440 441 /* 442 * Don't die for frivolous reasons. 443 */ 444 #ifdef SIGXFSZ 445 signal(SIGXFSZ, SIG_IGN); 446 #endif 447 448 /* 449 * May need this every now and then. 450 */ 451 var_procname = mystrdup(basename(argv[0])); 452 set_mail_conf_str(VAR_PROCNAME, var_procname); 453 454 /* 455 * Initialize logging and exit handler. Do the syslog first, so that its 456 * initialization completes before we enter the optional chroot jail. 457 */ 458 msg_syslog_init(mail_task(var_procname), LOG_PID, LOG_FACILITY); 459 if (msg_verbose) 460 msg_info("daemon started"); 461 462 /* 463 * Initialize from the configuration file. Allow command-line options to 464 * override compiled-in defaults or configured parameter values. 465 */ 466 mail_conf_suck(); 467 468 /* 469 * Register dictionaries that use higher-level interfaces and protocols. 470 */ 471 mail_dict_init(); 472 473 /* 474 * Pick up policy settings from master process. Shut up error messages to 475 * stderr, because no-one is going to see them. 476 */ 477 opterr = 0; 478 while ((c = GETOPT(argc, argv, "cdDi:lm:n:o:s:St:uvVz")) > 0) { 479 switch (c) { 480 case 'c': 481 root_dir = "setme"; 482 break; 483 case 'd': 484 daemon_mode = 0; 485 break; 486 case 'D': 487 debug_me = 1; 488 break; 489 case 'i': 490 mail_conf_update(VAR_MAX_IDLE, optarg); 491 break; 492 case 'l': 493 alone = 1; 494 break; 495 case 'm': 496 mail_conf_update(VAR_MAX_USE, optarg); 497 break; 498 case 'n': 499 service_name = optarg; 500 break; 501 case 'o': 502 oname_val = mystrdup(optarg); 503 if ((err = split_nameval(oname_val, &oname, &oval)) != 0) 504 msg_fatal("invalid \"-o %s\" option value: %s", optarg, err); 505 mail_conf_update(oname, oval); 506 if (strcmp(oname, VAR_SYSLOG_NAME) == 0) 507 redo_syslog_init = 1; 508 myfree(oname_val); 509 break; 510 case 's': 511 if ((socket_count = atoi(optarg)) <= 0) 512 msg_fatal("invalid socket_count: %s", optarg); 513 break; 514 case 'S': 515 stream = VSTREAM_IN; 516 break; 517 case 't': 518 transport = optarg; 519 break; 520 case 'u': 521 user_name = "setme"; 522 break; 523 case 'v': 524 msg_verbose++; 525 break; 526 case 'V': 527 if (++msg_vstream_needed == 1) 528 msg_vstream_init(mail_task(var_procname), VSTREAM_ERR); 529 break; 530 case 'z': 531 zerolimit = 1; 532 break; 533 default: 534 msg_fatal("invalid option: %c", c); 535 break; 536 } 537 } 538 539 /* 540 * Initialize generic parameters. 541 */ 542 mail_params_init(); 543 if (redo_syslog_init) 544 msg_syslog_init(mail_task(var_procname), LOG_PID, LOG_FACILITY); 545 546 /* 547 * If not connected to stdin, stdin must not be a terminal. 548 */ 549 if (daemon_mode && stream == 0 && isatty(STDIN_FILENO)) { 550 msg_vstream_init(var_procname, VSTREAM_ERR); 551 msg_fatal("do not run this command by hand"); 552 } 553 554 /* 555 * Application-specific initialization. 556 */ 557 va_start(ap, service); 558 while ((key = va_arg(ap, int)) != 0) { 559 switch (key) { 560 case MAIL_SERVER_INT_TABLE: 561 get_mail_conf_int_table(va_arg(ap, CONFIG_INT_TABLE *)); 562 break; 563 case MAIL_SERVER_STR_TABLE: 564 get_mail_conf_str_table(va_arg(ap, CONFIG_STR_TABLE *)); 565 break; 566 case MAIL_SERVER_BOOL_TABLE: 567 get_mail_conf_bool_table(va_arg(ap, CONFIG_BOOL_TABLE *)); 568 break; 569 case MAIL_SERVER_TIME_TABLE: 570 get_mail_conf_time_table(va_arg(ap, CONFIG_TIME_TABLE *)); 571 break; 572 case MAIL_SERVER_RAW_TABLE: 573 get_mail_conf_raw_table(va_arg(ap, CONFIG_RAW_TABLE *)); 574 break; 575 case MAIL_SERVER_NINT_TABLE: 576 get_mail_conf_nint_table(va_arg(ap, CONFIG_NINT_TABLE *)); 577 break; 578 case MAIL_SERVER_PRE_INIT: 579 pre_init = va_arg(ap, MAIL_SERVER_INIT_FN); 580 break; 581 case MAIL_SERVER_POST_INIT: 582 post_init = va_arg(ap, MAIL_SERVER_INIT_FN); 583 break; 584 case MAIL_SERVER_LOOP: 585 loop = va_arg(ap, MAIL_SERVER_LOOP_FN); 586 break; 587 case MAIL_SERVER_EXIT: 588 trigger_server_onexit = va_arg(ap, MAIL_SERVER_EXIT_FN); 589 break; 590 case MAIL_SERVER_PRE_ACCEPT: 591 trigger_server_pre_accept = va_arg(ap, MAIL_SERVER_ACCEPT_FN); 592 break; 593 case MAIL_SERVER_IN_FLOW_DELAY: 594 trigger_server_in_flow_delay = 1; 595 break; 596 case MAIL_SERVER_SOLITARY: 597 if (stream == 0 && !alone) 598 msg_fatal("service %s requires a process limit of 1", 599 service_name); 600 break; 601 case MAIL_SERVER_UNLIMITED: 602 if (stream == 0 && !zerolimit) 603 msg_fatal("service %s requires a process limit of 0", 604 service_name); 605 break; 606 case MAIL_SERVER_PRIVILEGED: 607 if (user_name) 608 msg_fatal("service %s requires privileged operation", 609 service_name); 610 break; 611 case MAIL_SERVER_WATCHDOG: 612 trigger_server_watchdog = *va_arg(ap, int *); 613 break; 614 default: 615 msg_panic("%s: unknown argument type: %d", myname, key); 616 } 617 } 618 va_end(ap); 619 620 if (root_dir) 621 root_dir = var_queue_dir; 622 if (user_name) 623 user_name = var_mail_owner; 624 625 /* 626 * Can options be required? 627 * 628 * XXX Initially this code was implemented with UNIX-domain sockets, but 629 * Solaris <= 2.5 UNIX-domain sockets misbehave hopelessly when the 630 * client disconnects before the server has accepted the connection. 631 * Symptom: the server accept() fails with EPIPE or EPROTO, but the 632 * socket stays readable, so that the program goes into a wasteful loop. 633 * 634 * The initial fix was to use FIFOs, but those turn out to have their own 635 * problems, witness the workarounds in the fifo_listen() routine. 636 * Therefore we support both FIFOs and UNIX-domain sockets, so that the 637 * user can choose whatever works best. 638 * 639 * Well, I give up. Solaris UNIX-domain sockets still don't work properly, 640 * so it will have to limp along with a streams-specific alternative. 641 */ 642 if (stream == 0) { 643 if (transport == 0) 644 msg_fatal("no transport type specified"); 645 if (strcasecmp(transport, MASTER_XPORT_NAME_UNIX) == 0) 646 trigger_server_accept = trigger_server_accept_local; 647 else if (strcasecmp(transport, MASTER_XPORT_NAME_FIFO) == 0) 648 trigger_server_accept = trigger_server_accept_fifo; 649 #ifdef MASTER_XPORT_NAME_PASS 650 else if (strcasecmp(transport, MASTER_XPORT_NAME_PASS) == 0) 651 trigger_server_accept = trigger_server_accept_pass; 652 #endif 653 else 654 msg_fatal("unsupported transport type: %s", transport); 655 } 656 657 /* 658 * Retrieve process generation from environment. 659 */ 660 if ((generation = getenv(MASTER_GEN_NAME)) != 0) { 661 if (!alldig(generation)) 662 msg_fatal("bad generation: %s", generation); 663 OCTAL_TO_UNSIGNED(trigger_server_generation, generation); 664 if (msg_verbose) 665 msg_info("process generation: %s (%o)", 666 generation, trigger_server_generation); 667 } 668 669 /* 670 * Optionally start the debugger on ourself. 671 */ 672 if (debug_me) 673 debug_process(); 674 675 /* 676 * Traditionally, BSD select() can't handle multiple processes selecting 677 * on the same socket, and wakes up every process in select(). See TCP/IP 678 * Illustrated volume 2 page 532. We avoid select() collisions with an 679 * external lock file. 680 */ 681 if (stream == 0 && !alone) { 682 lock_path = concatenate(DEF_PID_DIR, "/", transport, 683 ".", service_name, (char *) 0); 684 why = vstring_alloc(1); 685 if ((trigger_server_lock = safe_open(lock_path, O_CREAT | O_RDWR, 0600, 686 (struct stat *) 0, -1, -1, why)) == 0) 687 msg_fatal("open lock file %s: %s", lock_path, vstring_str(why)); 688 close_on_exec(vstream_fileno(trigger_server_lock), CLOSE_ON_EXEC); 689 myfree(lock_path); 690 vstring_free(why); 691 } 692 693 /* 694 * Set up call-back info. 695 */ 696 trigger_server_service = service; 697 trigger_server_name = service_name; 698 trigger_server_argv = argv + optind; 699 700 /* 701 * Run pre-jail initialization. 702 */ 703 if (chdir(var_queue_dir) < 0) 704 msg_fatal("chdir(\"%s\"): %m", var_queue_dir); 705 if (pre_init) 706 pre_init(trigger_server_name, trigger_server_argv); 707 708 /* 709 * Optionally, restrict the damage that this process can do. 710 */ 711 resolve_local_init(); 712 tzset(); 713 chroot_uid(root_dir, user_name); 714 715 /* 716 * Run post-jail initialization. 717 */ 718 if (post_init) 719 post_init(trigger_server_name, trigger_server_argv); 720 721 /* 722 * Are we running as a one-shot server with the client connection on 723 * standard input? 724 */ 725 if (stream != 0) { 726 if ((len = read(vstream_fileno(stream), buf, sizeof(buf))) <= 0) 727 msg_fatal("read: %m"); 728 service(buf, len, trigger_server_name, trigger_server_argv); 729 vstream_fflush(stream); 730 trigger_server_exit(); 731 } 732 733 /* 734 * Running as a semi-resident server. Service connection requests. 735 * Terminate when we have serviced a sufficient number of clients, when 736 * no-one has been talking to us for a configurable amount of time, or 737 * when the master process terminated abnormally. 738 */ 739 if (var_idle_limit > 0) 740 event_request_timer(trigger_server_timeout, (char *) 0, var_idle_limit); 741 for (fd = MASTER_LISTEN_FD; fd < MASTER_LISTEN_FD + socket_count; fd++) { 742 event_enable_read(fd, trigger_server_accept, CAST_INT_TO_CHAR_PTR(fd)); 743 close_on_exec(fd, CLOSE_ON_EXEC); 744 } 745 event_enable_read(MASTER_STATUS_FD, trigger_server_abort, (char *) 0); 746 close_on_exec(MASTER_STATUS_FD, CLOSE_ON_EXEC); 747 close_on_exec(MASTER_FLOW_READ, CLOSE_ON_EXEC); 748 close_on_exec(MASTER_FLOW_WRITE, CLOSE_ON_EXEC); 749 watchdog = watchdog_create(trigger_server_watchdog, 750 (WATCHDOG_FN) 0, (char *) 0); 751 752 /* 753 * The event loop, at last. 754 */ 755 while (var_use_limit == 0 || use_count < var_use_limit) { 756 if (trigger_server_lock != 0) { 757 watchdog_stop(watchdog); 758 if (myflock(vstream_fileno(trigger_server_lock), INTERNAL_LOCK, 759 MYFLOCK_OP_EXCLUSIVE) < 0) 760 msg_fatal("select lock: %m"); 761 } 762 watchdog_start(watchdog); 763 delay = loop ? loop(trigger_server_name, trigger_server_argv) : -1; 764 event_loop(delay); 765 } 766 trigger_server_exit(); 767 } 768