#include <assert.h>
#include <sys/time.h>
#include <time.h>
+#include <libgen.h>
+#include <grp.h>
#include <glib-2.0/glib.h>
/* }}} */
-#define RRDD_LOG(severity, ...) syslog ((severity), __VA_ARGS__)
+#define RRDD_LOG(severity, ...) \
+ do { \
+ if (stay_foreground) \
+ fprintf(stderr, __VA_ARGS__); \
+ syslog ((severity), __VA_ARGS__); \
+ } while (0)
#ifndef __GNUC__
# define __attribute__(x) /**/
ssize_t wbuf_len;
uint32_t permissions;
+
+ gid_t socket_group;
+ mode_t socket_permissions;
};
typedef struct listen_socket_s listen_socket_t;
static pthread_mutex_t stats_lock = PTHREAD_MUTEX_INITIALIZER;
/* Journaled updates */
+#define JOURNAL_REPLAY(s) ((s) == NULL)
#define JOURNAL_BASE "rrd.journal"
static journal_set *journal_cur = NULL;
static journal_set *journal_old = NULL;
static int open_pidfile(char *action, int oflag) /* {{{ */
{
int fd;
- char *file;
+ const char *file;
+ char *file_copy, *dir;
file = (config_pid_file != NULL)
? config_pid_file
: LOCALSTATEDIR "/run/rrdcached.pid";
+ /* dirname may modify its argument */
+ file_copy = strdup(file);
+ if (file_copy == NULL)
+ {
+ fprintf(stderr, "rrdcached: strdup(): %s\n",
+ rrd_strerror(errno));
+ return -1;
+ }
+
+ dir = dirname(file_copy);
+ if (rrd_mkdir_p(dir, 0777) != 0)
+ {
+ fprintf(stderr, "Failed to create pidfile directory '%s': %s\n",
+ dir, rrd_strerror(errno));
+ return -1;
+ }
+
+ free(file_copy);
+
fd = open(file, oflag, S_IWUSR|S_IRUSR|S_IRGRP|S_IROTH);
if (fd < 0)
fprintf(stderr, "rrdcached: can't %s pid file '%s' (%s)\n",
char buffer[CMD_MAX];
int len;
- if (sock == NULL) return 0; /* journal replay mode */
+ if (JOURNAL_REPLAY(sock)) return 0;
if (sock->batch_start) return 0; /* no extra info returned when in BATCH */
va_start(argp, fmt);
ssize_t wrote;
int rclen, len;
- if (sock == NULL) return rc; /* journal replay mode */
+ if (JOURNAL_REPLAY(sock)) return rc;
if (sock->batch_start)
{
for (k = 0; k < cfd.keys_num; k++)
{
+ gboolean status = g_tree_remove(cache_tree, cfd.keys[k]);
/* should never fail, since we have held the cache_lock
* the entire time */
- assert( g_tree_remove(cache_tree, cfd.keys[k]) == TRUE );
+ assert(status == TRUE);
}
if (cfd.keys != NULL)
assert(file != NULL);
if (!config_write_base_only
- || sock == NULL /* journal replay */
+ || JOURNAL_REPLAY(sock)
|| config_base_dir == NULL)
return 1;
if (found == TRUE)
{
- if (sock != NULL)
+ if (!JOURNAL_REPLAY(sock))
journal_write("forget", file);
return send_response(sock, RESP_OK, "Gone!\n");
cache_item_t *ci;
/* save it for the journal later */
- strncpy(orig_buf, buffer, sizeof(orig_buf)-1);
+ if (!JOURNAL_REPLAY(sock))
+ strncpy(orig_buf, buffer, buffer_size);
status = buffer_get_field (&buffer, &buffer_size, &file);
if (status != 0)
assert (ci != NULL);
/* don't re-write updates in replay mode */
- if (sock != NULL)
+ if (!JOURNAL_REPLAY(sock))
journal_write("update", orig_buf);
while (buffer_size > 0)
{
ssize_t i;
+ if (JOURNAL_REPLAY(sock))
+ return (1);
+
if (cmd == NULL)
return (-1);
/* check whether commands are received in the expected context */
static int command_check_context(listen_socket_t *sock, command_t *cmd)
{
- if (sock == NULL)
+ if (JOURNAL_REPLAY(sock))
return (cmd->context & CMD_CONTEXT_JOURNAL);
else if (sock->batch_start)
return (cmd->context & CMD_CONTEXT_BATCH);
return send_response(sock, RESP_OK, resp_txt);
} /* }}} int handle_request_help */
-/* if sock==NULL, we are in journal replay mode */
static int handle_request (DISPATCH_PROTO) /* {{{ */
{
char *buffer_ptr = buffer;
listen_socket_t *temp;
int status;
const char *path;
+ char *path_copy, *dir;
path = sock->addr;
if (strncmp(path, "unix:", strlen("unix:")) == 0)
path += strlen("unix:");
+ /* dirname may modify its argument */
+ path_copy = strdup(path);
+ if (path_copy == NULL)
+ {
+ fprintf(stderr, "rrdcached: strdup(): %s\n",
+ rrd_strerror(errno));
+ return (-1);
+ }
+
+ dir = dirname(path_copy);
+ if (rrd_mkdir_p(dir, 0777) != 0)
+ {
+ fprintf(stderr, "Failed to create socket directory '%s': %s\n",
+ dir, rrd_strerror(errno));
+ return (-1);
+ }
+
+ free(path_copy);
+
temp = (listen_socket_t *) rrd_realloc (listen_fds,
sizeof (listen_fds[0]) * (listen_fds_num + 1));
if (temp == NULL)
return (-1);
}
+ /* tweak the sockets group ownership */
+ if (sock->socket_group != (gid_t)-1)
+ {
+ if ( (chown(path, getuid(), sock->socket_group) != 0) ||
+ (chmod(path, (S_IRUSR|S_IWUSR|S_IXUSR | S_IRGRP|S_IWGRP)) != 0) )
+ {
+ fprintf(stderr, "rrdcached: failed to set socket group permissions (%s)\n", strerror(errno));
+ }
+ }
+
+ if (sock->socket_permissions != (mode_t)-1)
+ {
+ if (chmod(path, sock->socket_permissions) != 0)
+ fprintf(stderr, "rrdcached: failed to set socket file permissions (%o): %s\n",
+ (unsigned int)sock->socket_permissions, strerror(errno));
+ }
+
status = listen (fd, /* backlog = */ 10);
if (status != 0)
{
fprintf (stderr, "rrdcached: Garbage after address: %s\n", port);
return (-1);
}
- } /* if (*addr = ']') */
- else if (strchr (addr, '.') != NULL) /* Hostname or IPv4 */
+ } /* if (*addr == '[') */
+ else
{
port = rindex(addr, ':');
if (port != NULL)
char **permissions = NULL;
size_t permissions_len = 0;
- while ((option = getopt(argc, argv, "gl:P:f:w:z:t:Bb:p:Fj:h?")) != -1)
+ gid_t socket_group = (gid_t)-1;
+ mode_t socket_permissions = (mode_t)-1;
+
+ while ((option = getopt(argc, argv, "gl:s:m:P:f:w:z:t:Bb:p:Fj:h?")) != -1)
{
switch (option)
{
}
/* }}} Done adding permissions. */
+ new->socket_group = socket_group;
+ new->socket_permissions = socket_permissions;
+
if (!rrd_add_ptr((void ***)&config_listen_address_list,
&config_listen_address_list_len, new))
{
}
break;
+ /* set socket group permissions */
+ case 's':
+ {
+ gid_t group_gid;
+ struct group *grp;
+
+ group_gid = strtoul(optarg, NULL, 10);
+ if (errno != EINVAL && group_gid>0)
+ {
+ /* we were passed a number */
+ grp = getgrgid(group_gid);
+ }
+ else
+ {
+ grp = getgrnam(optarg);
+ }
+
+ if (grp)
+ {
+ socket_group = grp->gr_gid;
+ }
+ else
+ {
+ /* no idea what the user wanted... */
+ fprintf (stderr, "read_options: couldn't map \"%s\" to a group, Sorry\n", optarg);
+ return (5);
+ }
+ }
+ break;
+
+ /* set socket file permissions */
+ case 'm':
+ {
+ long tmp;
+ char *endptr = NULL;
+
+ tmp = strtol (optarg, &endptr, 8);
+ if ((endptr == optarg) || (! endptr) || (*endptr != '\0')
+ || (tmp > 07777) || (tmp < 0)) {
+ fprintf (stderr, "read_options: Invalid file mode \"%s\".\n",
+ optarg);
+ return (5);
+ }
+
+ socket_permissions = (mode_t)tmp;
+ }
+ break;
+
case 'P':
{
char *optcopy;
return (3);
}
+ if (rrd_mkdir_p (config_base_dir, 0777) != 0)
+ {
+ fprintf (stderr, "Failed to create base directory '%s': %s\n",
+ config_base_dir, rrd_strerror (errno));
+ return (3);
+ }
+
/* make sure that the base directory is not resolved via
* symbolic links. this makes some performance-enhancing
* assumptions possible (we don't have to resolve paths
*/
if (realpath(config_base_dir, base_realpath) == NULL)
{
- fprintf (stderr, "Invalid base directory '%s'.\n", config_base_dir);
- return 5;
- }
- else if (strncmp(config_base_dir,
- base_realpath, sizeof(base_realpath)) != 0)
- {
- fprintf(stderr,
- "Base directory (-b) resolved via file system links!\n"
- "Please consult rrdcached '-b' documentation!\n"
- "Consider specifying the real directory (%s)\n",
- base_realpath);
+ fprintf (stderr, "Failed to canonicalize the base directory '%s': "
+ "%s\n", config_base_dir, rrd_strerror(errno));
return 5;
}
}
_config_base_dir_len = len;
+
+ len = strlen (base_realpath);
+ while ((len > 0) && (base_realpath[len - 1] == '/'))
+ {
+ base_realpath[len - 1] = '\0';
+ len--;
+ }
+
+ if (strncmp(config_base_dir,
+ base_realpath, sizeof(base_realpath)) != 0)
+ {
+ fprintf(stderr,
+ "Base directory (-b) resolved via file system links!\n"
+ "Please consult rrdcached '-b' documentation!\n"
+ "Consider specifying the real directory (%s)\n",
+ base_realpath);
+ return 5;
+ }
}
break;
" -g Do not fork and run in the foreground.\n"
" -j <dir> Directory in which to create the journal files.\n"
" -F Always flush all updates at shutdown\n"
+ " -s <id|name> Group owner of all following UNIX sockets\n"
+ " (the socket will also have read/write permissions "
+ "for that group)\n"
+ " -m <mode> File permissions (octal) of all following UNIX "
+ "sockets\n"
"\n"
"For more information and a detailed description of all options "
"please refer\n"
"to the rrdcached(1) manual page.\n",
VERSION);
- status = -1;
+ if (option == 'h')
+ status = -1;
+ else
+ status = 1;
break;
} /* switch (option) */
} /* while (getopt) */
projects / rrdtool.git / blobdiff