diff options
author | Todd C. Miller <Todd.Miller@sudo.ws> | 2020-03-29 05:05:08 -0600 |
---|---|---|
committer | Todd C. Miller <Todd.Miller@sudo.ws> | 2020-03-29 05:05:08 -0600 |
commit | f05f342127fa0a709011f433cb26c6df9a0a46d9 (patch) | |
tree | c5a887f8a1db10e5b00b656942e8f46954cc1044 | |
parent | 1ad49594b9bff9c6727a0f7584df0843027d06fa (diff) | |
download | sudo-f05f342127fa0a709011f433cb26c6df9a0a46d9.tar.gz |
Create a pidfile for sudo_logsrvd when not run with the -n flag.
-rwxr-xr-x | configure | 4 | ||||
-rw-r--r-- | doc/sudo_logsrvd.conf.man.in | 16 | ||||
-rw-r--r-- | doc/sudo_logsrvd.conf.mdoc.in | 15 | ||||
-rw-r--r-- | doc/sudo_logsrvd.man.in | 5 | ||||
-rw-r--r-- | doc/sudo_logsrvd.mdoc.in | 7 | ||||
-rw-r--r-- | examples/sudo_logsrvd.conf | 3 | ||||
-rw-r--r-- | logsrvd/logsrvd.c | 22 | ||||
-rw-r--r-- | logsrvd/logsrvd.h | 1 | ||||
-rw-r--r-- | logsrvd/logsrvd_conf.c | 45 | ||||
-rw-r--r-- | m4/sudo.m4 | 1 | ||||
-rw-r--r-- | pathnames.h.in | 10 |
11 files changed, 120 insertions, 9 deletions
@@ -26498,6 +26498,10 @@ cat >>confdefs.h <<EOF #define _PATH_SUDO_TIMEDIR "$rundir/ts" EOF +cat >>confdefs.h <<EOF +#define _PATH_SUDO_LOGSRVD_PID "$rundir/sudo_logsrvd.pid" +EOF + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for sudo var dir location" >&5 $as_echo_n "checking for sudo var dir location... " >&6; } diff --git a/doc/sudo_logsrvd.conf.man.in b/doc/sudo_logsrvd.conf.man.in index 0439716c6..4b7825014 100644 --- a/doc/sudo_logsrvd.conf.man.in +++ b/doc/sudo_logsrvd.conf.man.in @@ -16,7 +16,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.TH "SUDO_LOGSRVD.CONF" "@mansectform@" "February 15, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual" +.TH "SUDO_LOGSRVD.CONF" "@mansectform@" "March 28, 2020" "Sudo @PACKAGE_VERSION@" "File Formats Manual" .nh .if n .ad l .SH "NAME" @@ -105,6 +105,17 @@ Multiple \fIlisten_address\fR lines may be specified to listen on more than one interface. .TP 10n +pid_file = path +The path to the file containing the process ID of the running +\fBsudo_logsrvd\fR. +This file is not created when +\fBsudo_logsrvd\fR +is run with the +\fB\-n\fR +option. +The default value is +\fI@rundir@/sudo_logsrvd.pid\fR. +.TP 10n tcp_keepalive = boolean If true, \fBsudo_logsrvd\fR @@ -555,6 +566,9 @@ Sudo log server configuration file # The default is to listen on all addresses. #listen_address = *:30344 +# The file containing the ID of the running sudo_logsrvd process. +#pid_file = @rundir@/sudo_logsrvd.pid + # If set, enable the SO_KEEPALIVE socket option on the connected socket. #tcp_keepalive = true diff --git a/doc/sudo_logsrvd.conf.mdoc.in b/doc/sudo_logsrvd.conf.mdoc.in index e840db142..39a40587c 100644 --- a/doc/sudo_logsrvd.conf.mdoc.in +++ b/doc/sudo_logsrvd.conf.mdoc.in @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd February 15, 2020 +.Dd March 28, 2020 .Dt SUDO_LOGSRVD.CONF @mansectform@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -96,6 +96,16 @@ which will listen on all configured network interfaces. Multiple .Em listen_address lines may be specified to listen on more than one interface. +.It pid_file = path +The path to the file containing the process ID of the running +.Nm sudo_logsrvd . +This file is not created when +.Nm sudo_logsrvd +is run with the +.Fl n +option. +The default value is +.Pa @rundir@/sudo_logsrvd.pid . .It tcp_keepalive = boolean If true, .Nm sudo_logsrvd @@ -504,6 +514,9 @@ Sudo log server configuration file # The default is to listen on all addresses. #listen_address = *:30344 +# The file containing the ID of the running sudo_logsrvd process. +#pid_file = @rundir@/sudo_logsrvd.pid + # If set, enable the SO_KEEPALIVE socket option on the connected socket. #tcp_keepalive = true diff --git a/doc/sudo_logsrvd.man.in b/doc/sudo_logsrvd.man.in index 24e193f77..f89c96f2f 100644 --- a/doc/sudo_logsrvd.man.in +++ b/doc/sudo_logsrvd.man.in @@ -121,6 +121,11 @@ Sudo log server configuration file .TP 26n \fI@iolog_dir@\fR Default I/O log file location +.TP 26n +\fI@rundir@/sudo_logsrvd.pid\fR +.br +Process ID file for +\fBsudo_logsrvd\fR .SH "EXAMPLES" .SS "Creating self-signed certificates" Unless you are using certificates signed by a well-known Certificate diff --git a/doc/sudo_logsrvd.mdoc.in b/doc/sudo_logsrvd.mdoc.in index be39f52c4..9d436c7ef 100644 --- a/doc/sudo_logsrvd.mdoc.in +++ b/doc/sudo_logsrvd.mdoc.in @@ -1,7 +1,7 @@ .\" .\" SPDX-License-Identifier: ISC .\" -.\" Copyright (c) 2019 Todd C. Miller <Todd.Miller@sudo.ws> +.\" Copyright (c) 2019-2020 Todd C. Miller <Todd.Miller@sudo.ws> .\" .\" Permission to use, copy, modify, and distribute this software for any .\" purpose with or without fee is hereby granted, provided that the above @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd October 16, 2019 +.Dd March 28, 2020 .Dt SUDO_LOGSRVD @mansectsu@ .Os Sudo @PACKAGE_VERSION@ .Sh NAME @@ -114,6 +114,9 @@ Sudo front end configuration Sudo log server configuration file .It Pa @iolog_dir@ Default I/O log file location +.It Pa @rundir@/sudo_logsrvd.pid +Process ID file for +.Nm .El .Sh EXAMPLES .Ss Creating self-signed certificates diff --git a/examples/sudo_logsrvd.conf b/examples/sudo_logsrvd.conf index f43e8ad85..15af7c406 100644 --- a/examples/sudo_logsrvd.conf +++ b/examples/sudo_logsrvd.conf @@ -17,6 +17,9 @@ # The default is to listen on all addresses. #listen_address = *:30344 +# The file containing the ID of the running sudo_logsrvd process. +#pid_file = /var/run/sudo/sudo_logsrvd.pid + # If set, enable the SO_KEEPALIVE socket option on the connected socket. #tcp_keepalive = true diff --git a/logsrvd/logsrvd.c b/logsrvd/logsrvd.c index df5ff6e01..983836c23 100644 --- a/logsrvd/logsrvd.c +++ b/logsrvd/logsrvd.c @@ -1651,7 +1651,7 @@ logsrvd_cleanup(void) } /* - * Fork and detatch from the terminal. + * Fork, detatch from the terminal and write pid file unless nofork set. */ static void daemonize(bool nofork) @@ -1660,18 +1660,29 @@ daemonize(bool nofork) debug_decl(daemonize, SUDO_DEBUG_UTIL); if (!nofork) { + FILE *fp; + switch (fork()) { case -1: sudo_fatal("fork"); case 0: - /* child, detach from terminal */ - if (setsid() == -1) - sudo_fatal("setsid"); + /* child */ break; default: /* parent, exit */ _exit(EXIT_SUCCESS); } + + /* detach from terminal and write pid file. */ + if (setsid() == -1) + sudo_fatal("setsid"); + fp = fopen(logsrvd_conf_pid_file(), "w"); + if (fp == NULL) { + sudo_warn("%s", logsrvd_conf_pid_file()); + } else { + fprintf(fp, "%d\n", getpid()); + fclose(fp); + } } if (chdir("/") == -1) @@ -1804,7 +1815,8 @@ main(int argc, char *argv[]) signal(SIGPIPE, SIG_IGN); sudo_ev_dispatch(evbase); + if (!nofork) + unlink(logsrvd_conf_pid_file()); - /* NOTREACHED */ debug_return_int(1); } diff --git a/logsrvd/logsrvd.h b/logsrvd/logsrvd.h index 0d2550990..bf49de04a 100644 --- a/logsrvd/logsrvd.h +++ b/logsrvd/logsrvd.h @@ -195,6 +195,7 @@ const char *logsrvd_conf_iolog_dir(void); const char *logsrvd_conf_iolog_file(void); struct listen_address_list *logsrvd_conf_listen_address(void); bool logsrvd_conf_tcp_keepalive(void); +const char *logsrvd_conf_pid_file(void); struct timespec *logsrvd_conf_get_sock_timeout(void); #if defined(HAVE_OPENSSL) bool logsrvd_conf_get_tls_opt(void); diff --git a/logsrvd/logsrvd_conf.c b/logsrvd/logsrvd_conf.c index 47bcf2cba..d9c7195bf 100644 --- a/logsrvd/logsrvd_conf.c +++ b/logsrvd/logsrvd_conf.c @@ -78,6 +78,7 @@ static struct logsrvd_config { struct listen_address_list addresses; struct timespec timeout; bool tcp_keepalive; + char *pid_file; #if defined(HAVE_OPENSSL) bool tls; struct logsrvd_tls_config tls_config; @@ -144,6 +145,13 @@ logsrvd_conf_tcp_keepalive(void) { return logsrvd_config->server.tcp_keepalive; } + +const char * +logsrvd_conf_pid_file(void) +{ + return logsrvd_config->server.pid_file; +} + struct timespec * logsrvd_conf_get_sock_timeout(void) { @@ -444,6 +452,28 @@ cb_keepalive(struct logsrvd_config *config, const char *str) debug_return_bool(true); } +static bool +cb_pid_file(struct logsrvd_config *config, const char *str) +{ + char *copy = NULL; + debug_decl(cb_pid_file, SUDO_DEBUG_UTIL); + + if (*str != '/') { + debug_return_bool(false); + sudo_warnx(U_("%s: not a fully qualified path"), str); + debug_return_bool(false); + } + if ((copy = strdup(str)) == NULL) { + sudo_warn(NULL); + debug_return_bool(false); + } + + free(config->server.pid_file); + config->server.pid_file = copy; + + debug_return_bool(true); +} + #if defined(HAVE_OPENSSL) static bool cb_tls_opt(struct logsrvd_config *config, const char *str) @@ -722,6 +752,7 @@ static struct logsrvd_config_entry server_conf_entries[] = { { "listen_address", cb_listen_address }, { "timeout", cb_timeout }, { "tcp_keepalive", cb_keepalive }, + { "pid_file", cb_pid_file }, #if defined(HAVE_OPENSSL) { "tls", cb_tls_opt }, { "tls_key", cb_tls_key }, @@ -904,6 +935,7 @@ logsrvd_conf_free(struct logsrvd_config *config) TAILQ_REMOVE(&config->server.addresses, addr, entries); free(addr); } + free(config->server.pid_file); /* struct logsrvd_config_iolog */ free(config->iolog.iolog_dir); @@ -948,10 +980,23 @@ logsrvd_conf_alloc(void) TAILQ_INIT(&config->server.addresses); config->server.timeout.tv_sec = DEFAULT_SOCKET_TIMEOUT_SEC; config->server.tcp_keepalive = true; + config->server.pid_file = strdup(_PATH_SUDO_LOGSRVD_PID); + if (config->server.pid_file == NULL) { + sudo_warn(NULL); + goto bad; + } #if defined(HAVE_OPENSSL) config->server.tls_config.cacert_path = strdup(DEFAULT_CA_CERT_PATH); + if (config->server.tls_config.cacert_path == NULL) { + sudo_warn(NULL); + goto bad; + } config->server.tls_config.cert_path = strdup(DEFAULT_SERVER_CERT_PATH); + if (config->server.tls_config.cert_path == NULL) { + sudo_warn(NULL); + goto bad; + } config->server.tls_config.verify = true; config->server.tls_config.check_peer = false; #endif diff --git a/m4/sudo.m4 b/m4/sudo.m4 index 428cc9a30..c679166ba 100644 --- a/m4/sudo.m4 +++ b/m4/sudo.m4 @@ -129,6 +129,7 @@ if test -z "$rundir"; then fi AC_MSG_RESULT([$rundir]) SUDO_DEFINE_UNQUOTED(_PATH_SUDO_TIMEDIR, "$rundir/ts") +SUDO_DEFINE_UNQUOTED(_PATH_SUDO_LOGSRVD_PID, "$rundir/sudo_logsrvd.pid") ])dnl dnl diff --git a/pathnames.h.in b/pathnames.h.in index 6d3703115..a39f9198d 100644 --- a/pathnames.h.in +++ b/pathnames.h.in @@ -90,6 +90,16 @@ */ /* + * Where sudo_logsrvd stores its pid file files. Defaults to + * /var/run/sudo/sudo_logsrvd.pid, /var/db/sudo/sudo_logsrvd.pid, + * /var/lib/sudo/sudo_logsrvd.pid, /var/adm/sudo/sudo_logsrvd.pid or + * /usr/adm/sudo/sudo_logsrvd.pid depending on what exists on the system. + */ +#ifndef _PATH_SUDO_LOGSRVD_PID +# undef _PATH_SUDO_LOGSRVD_PID +#endif /* _PATH_SUDO_LOGSRVD_PID */ + +/* * Where to store the time stamp files. Defaults to /var/run/sudo/ts, * /var/db/sudo/ts, /var/lib/sudo/ts, /var/adm/sudo/ts or /usr/adm/sudo/ts * depending on what exists on the system. |