2 * Copyright (C) 2013 Felix Fietkau <nbd@openwrt.org>
3 * Copyright (C) 2013 John Crispin <blogic@openwrt.org>
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU Lesser General Public License version 2.1
7 * as published by the Free Software Foundation
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
16 #include <sys/resource.h>
17 #include <sys/types.h>
18 #include <sys/socket.h>
29 #include <libubox/md5.h>
38 INSTANCE_ATTR_COMMAND,
43 INSTANCE_ATTR_TRIGGER,
44 INSTANCE_ATTR_RESPAWN,
52 INSTANCE_ATTR_NO_NEW_PRIVS,
55 INSTANCE_ATTR_SECCOMP,
56 INSTANCE_ATTR_PIDFILE,
57 INSTANCE_ATTR_RELOADSIG,
58 INSTANCE_ATTR_TERMTIMEOUT,
62 static const struct blobmsg_policy instance_attr[__INSTANCE_ATTR_MAX] = {
63 [INSTANCE_ATTR_COMMAND] = { "command", BLOBMSG_TYPE_ARRAY },
64 [INSTANCE_ATTR_ENV] = { "env", BLOBMSG_TYPE_TABLE },
65 [INSTANCE_ATTR_DATA] = { "data", BLOBMSG_TYPE_TABLE },
66 [INSTANCE_ATTR_NETDEV] = { "netdev", BLOBMSG_TYPE_ARRAY },
67 [INSTANCE_ATTR_FILE] = { "file", BLOBMSG_TYPE_ARRAY },
68 [INSTANCE_ATTR_TRIGGER] = { "triggers", BLOBMSG_TYPE_ARRAY },
69 [INSTANCE_ATTR_RESPAWN] = { "respawn", BLOBMSG_TYPE_ARRAY },
70 [INSTANCE_ATTR_NICE] = { "nice", BLOBMSG_TYPE_INT32 },
71 [INSTANCE_ATTR_LIMITS] = { "limits", BLOBMSG_TYPE_TABLE },
72 [INSTANCE_ATTR_WATCH] = { "watch", BLOBMSG_TYPE_ARRAY },
73 [INSTANCE_ATTR_ERROR] = { "error", BLOBMSG_TYPE_ARRAY },
74 [INSTANCE_ATTR_USER] = { "user", BLOBMSG_TYPE_STRING },
75 [INSTANCE_ATTR_STDOUT] = { "stdout", BLOBMSG_TYPE_BOOL },
76 [INSTANCE_ATTR_STDERR] = { "stderr", BLOBMSG_TYPE_BOOL },
77 [INSTANCE_ATTR_NO_NEW_PRIVS] = { "no_new_privs", BLOBMSG_TYPE_BOOL },
78 [INSTANCE_ATTR_JAIL] = { "jail", BLOBMSG_TYPE_TABLE },
79 [INSTANCE_ATTR_TRACE] = { "trace", BLOBMSG_TYPE_BOOL },
80 [INSTANCE_ATTR_SECCOMP] = { "seccomp", BLOBMSG_TYPE_STRING },
81 [INSTANCE_ATTR_PIDFILE] = { "pidfile", BLOBMSG_TYPE_STRING },
82 [INSTANCE_ATTR_RELOADSIG] = { "reload_signal", BLOBMSG_TYPE_INT32 },
83 [INSTANCE_ATTR_TERMTIMEOUT] = { "term_timeout", BLOBMSG_TYPE_INT32 },
98 static const struct blobmsg_policy jail_attr[__JAIL_ATTR_MAX] = {
99 [JAIL_ATTR_NAME] = { "name", BLOBMSG_TYPE_STRING },
100 [JAIL_ATTR_HOSTNAME] = { "hostname", BLOBMSG_TYPE_STRING },
101 [JAIL_ATTR_PROCFS] = { "procfs", BLOBMSG_TYPE_BOOL },
102 [JAIL_ATTR_SYSFS] = { "sysfs", BLOBMSG_TYPE_BOOL },
103 [JAIL_ATTR_UBUS] = { "ubus", BLOBMSG_TYPE_BOOL },
104 [JAIL_ATTR_LOG] = { "log", BLOBMSG_TYPE_BOOL },
105 [JAIL_ATTR_RONLY] = { "ronly", BLOBMSG_TYPE_BOOL },
106 [JAIL_ATTR_MOUNT] = { "mount", BLOBMSG_TYPE_TABLE },
109 struct instance_netdev {
110 struct blobmsg_list_node node;
114 struct instance_file {
115 struct blobmsg_list_node node;
124 static const struct rlimit_name rlimit_names[] = {
126 { "core", RLIMIT_CORE },
127 { "cpu", RLIMIT_CPU },
128 { "data", RLIMIT_DATA },
129 { "fsize", RLIMIT_FSIZE },
130 { "memlock", RLIMIT_MEMLOCK },
131 { "nofile", RLIMIT_NOFILE },
132 { "nproc", RLIMIT_NPROC },
133 { "rss", RLIMIT_RSS },
134 { "stack", RLIMIT_STACK },
136 { "nice", RLIMIT_NICE },
137 { "rtprio", RLIMIT_RTPRIO },
138 { "msgqueue", RLIMIT_MSGQUEUE },
139 { "sigpending", RLIMIT_SIGPENDING },
144 static char trace[] = "/sbin/utrace";
146 static void closefd(int fd)
148 if (fd > STDERR_FILENO)
153 instance_limits(const char *limit, const char *value)
157 unsigned long cur, max;
159 for (i = 0; rlimit_names[i].name != NULL; i++) {
160 if (strcmp(rlimit_names[i].name, limit))
162 if (!strcmp(value, "unlimited")) {
163 rlim.rlim_cur = RLIM_INFINITY;
164 rlim.rlim_max = RLIM_INFINITY;
166 if (getrlimit(rlimit_names[i].resource, &rlim))
172 if (sscanf(value, "%lu %lu", &cur, &max) < 1)
179 setrlimit(rlimit_names[i].resource, &rlim);
185 jail_run(struct service_instance *in, char **argv)
187 struct blobmsg_list_node *var;
188 struct jail *jail = &in->jail;
191 argv[argc++] = "/sbin/ujail";
195 argv[argc++] = jail->name;
198 if (jail->hostname) {
200 argv[argc++] = jail->hostname;
205 argv[argc++] = in->seccomp;
208 if (in->no_new_privs)
226 blobmsg_list_for_each(&jail->mount, var) {
227 const char *type = blobmsg_data(var->data);
233 argv[argc++] = (char *) blobmsg_name(var->data);
242 instance_removepid(struct service_instance *in) {
245 if (unlink(in->pidfile)) {
246 ERROR("Failed to removed pidfile: %s: %d - %s\n",
247 in->pidfile, errno, strerror(errno));
254 instance_writepid(struct service_instance *in)
261 _pidfile = fopen(in->pidfile, "w");
262 if (_pidfile == NULL) {
263 ERROR("failed to open pidfile for writing: %s: %d (%s)",
264 in->pidfile, errno, strerror(errno));
267 if (fprintf(_pidfile, "%d\n", in->proc.pid) < 0) {
268 ERROR("failed to write pidfile: %s: %d (%s)",
269 in->pidfile, errno, strerror(errno));
273 if (fclose(_pidfile)) {
274 ERROR("failed to close pidfile: %s: %d (%s)",
275 in->pidfile, errno, strerror(errno));
283 instance_run(struct service_instance *in, int _stdout, int _stderr)
285 struct blobmsg_list_node *var;
286 struct blob_attr *cur;
289 int argc = 1; /* NULL terminated */
291 bool seccomp = !in->trace && !in->has_jail && in->seccomp;
292 bool setlbf = _stdout >= 0;
295 setpriority(PRIO_PROCESS, 0, in->nice);
297 blobmsg_for_each_attr(cur, in->command, rem)
300 blobmsg_list_for_each(&in->env, var)
301 setenv(blobmsg_name(var->data), blobmsg_data(var->data), 1);
304 setenv("SECCOMP_FILE", in->seccomp, 1);
306 if ((seccomp || setlbf) && asprintf(&ld_preload, "LD_PRELOAD=%s%s%s",
307 seccomp ? "/lib/libpreload-seccomp.so" : "",
308 seccomp && setlbf ? ":" : "",
309 setlbf ? "/lib/libsetlbf.so" : "") > 0)
312 blobmsg_list_for_each(&in->limits, var)
313 instance_limits(blobmsg_name(var->data), blobmsg_data(var->data));
318 argv = alloca(sizeof(char *) * (argc + in->jail.argc));
322 argv[argc++] = trace;
325 argc = jail_run(in, argv);
327 blobmsg_for_each_attr(cur, in->command, rem)
328 argv[argc++] = blobmsg_data(cur);
332 _stdin = open("/dev/null", O_RDONLY);
335 _stdout = open("/dev/null", O_WRONLY);
338 _stderr = open("/dev/null", O_WRONLY);
341 dup2(_stdin, STDIN_FILENO);
345 dup2(_stdout, STDOUT_FILENO);
349 dup2(_stderr, STDERR_FILENO);
353 if (in->gid && setgid(in->gid)) {
354 ERROR("failed to set group id %d: %d (%s)\n", in->gid, errno, strerror(errno));
357 if (in->uid && setuid(in->uid)) {
358 ERROR("failed to set user id %d: %d (%s)\n", in->uid, errno, strerror(errno));
362 execvp(argv[0], argv);
367 instance_free_stdio(struct service_instance *in)
369 if (in->_stdout.fd.fd > -1) {
370 ustream_free(&in->_stdout.stream);
371 close(in->_stdout.fd.fd);
372 in->_stdout.fd.fd = -1;
375 if (in->_stderr.fd.fd > -1) {
376 ustream_free(&in->_stderr.stream);
377 close(in->_stderr.fd.fd);
378 in->_stderr.fd.fd = -1;
383 instance_start(struct service_instance *in)
386 int opipe[2] = { -1, -1 };
387 int epipe[2] = { -1, -1 };
389 if (!avl_is_empty(&in->errors.avl)) {
390 LOG("Not starting instance %s::%s, an error was indicated\n", in->srv->name, in->name);
395 LOG("Not starting instance %s::%s, command not set\n", in->srv->name, in->name);
399 if (in->proc.pending) {
405 instance_free_stdio(in);
406 if (in->_stdout.fd.fd > -2) {
408 ULOG_WARN("pipe() failed: %d (%s)\n", errno, strerror(errno));
409 opipe[0] = opipe[1] = -1;
413 if (in->_stderr.fd.fd > -2) {
415 ULOG_WARN("pipe() failed: %d (%s)\n", errno, strerror(errno));
416 epipe[0] = epipe[1] = -1;
434 instance_run(in, opipe[1], epipe[1]);
438 DEBUG(2, "Started instance %s::%s[%d]\n", in->srv->name, in->name, pid);
440 instance_writepid(in);
441 clock_gettime(CLOCK_MONOTONIC, &in->start);
442 uloop_process_add(&in->proc);
445 ustream_fd_init(&in->_stdout, opipe[0]);
450 ustream_fd_init(&in->_stderr, epipe[0]);
454 service_event("instance.start", in->srv->name, in->name);
458 instance_stdio(struct ustream *s, int prio, struct service_instance *in)
460 char *newline, *str, *arg0, ident[32];
463 arg0 = basename(blobmsg_data(blobmsg_data(in->command)));
464 snprintf(ident, sizeof(ident), "%s[%d]", arg0, in->proc.pid);
465 ulog_open(ULOG_SYSLOG, LOG_DAEMON, ident);
468 str = ustream_get_read_buf(s, NULL);
472 newline = strchr(str, '\n');
477 ulog(prio, "%s\n", str);
479 len = newline + 1 - str;
480 ustream_consume(s, len);
483 ulog_open(ULOG_SYSLOG, LOG_DAEMON, "procd");
487 instance_stdout(struct ustream *s, int bytes)
489 instance_stdio(s, LOG_INFO,
490 container_of(s, struct service_instance, _stdout.stream));
494 instance_stderr(struct ustream *s, int bytes)
496 instance_stdio(s, LOG_ERR,
497 container_of(s, struct service_instance, _stderr.stream));
501 instance_timeout(struct uloop_timeout *t)
503 struct service_instance *in;
505 in = container_of(t, struct service_instance, timeout);
508 LOG("Instance %s::%s pid %d not stopped on SIGTERM, sending SIGKILL instead\n",
509 in->srv->name, in->name, in->proc.pid);
510 kill(in->proc.pid, SIGKILL);
511 } else if (in->restart || in->respawn)
516 instance_exit(struct uloop_process *p, int ret)
518 struct service_instance *in;
522 in = container_of(p, struct service_instance, proc);
524 clock_gettime(CLOCK_MONOTONIC, &tp);
525 runtime = tp.tv_sec - in->start.tv_sec;
527 DEBUG(2, "Instance %s::%s exit with error code %d after %ld seconds\n", in->srv->name, in->name, ret, runtime);
529 uloop_timeout_cancel(&in->timeout);
530 service_event("instance.stop", in->srv->name, in->name);
533 instance_removepid(in);
537 struct service *s = in->srv;
539 avl_delete(&s->instances.avl, &in->node.avl);
543 } else if (in->restart) {
545 } else if (in->respawn) {
546 if (runtime < in->respawn_threshold)
549 in->respawn_count = 0;
550 if (in->respawn_count > in->respawn_retry && in->respawn_retry > 0 ) {
551 LOG("Instance %s::%s s in a crash loop %d crashes, %ld seconds since last crash\n",
552 in->srv->name, in->name, in->respawn_count, runtime);
553 in->restart = in->respawn = 0;
555 service_event("instance.fail", in->srv->name, in->name);
557 service_event("instance.respawn", in->srv->name, in->name);
558 uloop_timeout_set(&in->timeout, in->respawn_timeout * 1000);
564 instance_stop(struct service_instance *in, bool halt)
566 if (!in->proc.pending)
569 in->restart = in->respawn = false;
570 kill(in->proc.pid, SIGTERM);
571 uloop_timeout_set(&in->timeout, in->term_timeout * 1000);
575 instance_restart(struct service_instance *in)
577 if (!in->proc.pending)
580 if (in->reload_signal) {
581 kill(in->proc.pid, in->reload_signal);
587 kill(in->proc.pid, SIGTERM);
588 uloop_timeout_set(&in->timeout, in->term_timeout * 1000);
592 instance_config_changed(struct service_instance *in, struct service_instance *in_new)
597 if (!blob_attr_equal(in->command, in_new->command))
600 if (!blobmsg_list_equal(&in->env, &in_new->env))
603 if (!blobmsg_list_equal(&in->netdev, &in_new->netdev))
606 if (!blobmsg_list_equal(&in->file, &in_new->file))
609 if (in->nice != in_new->nice)
612 if (in->uid != in_new->uid)
615 if (in->gid != in_new->gid)
618 if (in->pidfile && in_new->pidfile)
619 if (strcmp(in->pidfile, in_new->pidfile))
622 if (in->pidfile && !in_new->pidfile)
625 if (!in->pidfile && in_new->pidfile)
628 if (!blobmsg_list_equal(&in->limits, &in_new->limits))
631 if (!blobmsg_list_equal(&in->jail.mount, &in_new->jail.mount))
634 if (!blobmsg_list_equal(&in->errors, &in_new->errors))
641 instance_netdev_cmp(struct blobmsg_list_node *l1, struct blobmsg_list_node *l2)
643 struct instance_netdev *n1 = container_of(l1, struct instance_netdev, node);
644 struct instance_netdev *n2 = container_of(l2, struct instance_netdev, node);
646 return n1->ifindex == n2->ifindex;
650 instance_netdev_update(struct blobmsg_list_node *l)
652 struct instance_netdev *n = container_of(l, struct instance_netdev, node);
654 n->ifindex = if_nametoindex(n->node.avl.key);
658 instance_file_cmp(struct blobmsg_list_node *l1, struct blobmsg_list_node *l2)
660 struct instance_file *f1 = container_of(l1, struct instance_file, node);
661 struct instance_file *f2 = container_of(l2, struct instance_file, node);
663 return !memcmp(f1->md5, f2->md5, sizeof(f1->md5));
667 instance_file_update(struct blobmsg_list_node *l)
669 struct instance_file *f = container_of(l, struct instance_file, node);
674 memset(f->md5, 0, sizeof(f->md5));
676 fd = open(l->avl.key, O_RDONLY);
682 len = read(fd, buf, sizeof(buf));
692 md5_hash(buf, len, &md5);
695 md5_end(f->md5, &md5);
700 instance_fill_any(struct blobmsg_list *l, struct blob_attr *cur)
705 blobmsg_list_fill(l, blobmsg_data(cur), blobmsg_data_len(cur), false);
709 instance_fill_array(struct blobmsg_list *l, struct blob_attr *cur, blobmsg_update_cb cb, bool array)
711 struct blobmsg_list_node *node;
716 if (!blobmsg_check_attr_list(cur, BLOBMSG_TYPE_STRING))
719 blobmsg_list_fill(l, blobmsg_data(cur), blobmsg_data_len(cur), array);
721 blobmsg_list_for_each(l, node)
728 instance_jail_parse(struct service_instance *in, struct blob_attr *attr)
730 struct blob_attr *tb[__JAIL_ATTR_MAX];
731 struct jail *jail = &in->jail;
734 if (stat("/sbin/ujail", &s))
737 blobmsg_parse(jail_attr, __JAIL_ATTR_MAX, tb,
738 blobmsg_data(attr), blobmsg_data_len(attr));
742 if (tb[JAIL_ATTR_NAME]) {
743 jail->name = blobmsg_get_string(tb[JAIL_ATTR_NAME]);
746 if (tb[JAIL_ATTR_HOSTNAME]) {
747 jail->hostname = blobmsg_get_string(tb[JAIL_ATTR_HOSTNAME]);
750 if (tb[JAIL_ATTR_PROCFS]) {
751 jail->procfs = blobmsg_get_bool(tb[JAIL_ATTR_PROCFS]);
754 if (tb[JAIL_ATTR_SYSFS]) {
755 jail->sysfs = blobmsg_get_bool(tb[JAIL_ATTR_SYSFS]);
758 if (tb[JAIL_ATTR_UBUS]) {
759 jail->ubus = blobmsg_get_bool(tb[JAIL_ATTR_UBUS]);
762 if (tb[JAIL_ATTR_LOG]) {
763 jail->log = blobmsg_get_bool(tb[JAIL_ATTR_LOG]);
766 if (tb[JAIL_ATTR_RONLY]) {
767 jail->ronly = blobmsg_get_bool(tb[JAIL_ATTR_RONLY]);
770 if (tb[JAIL_ATTR_MOUNT]) {
771 struct blob_attr *cur;
774 blobmsg_for_each_attr(cur, tb[JAIL_ATTR_MOUNT], rem)
776 instance_fill_array(&jail->mount, tb[JAIL_ATTR_MOUNT], NULL, false);
785 instance_config_parse_command(struct service_instance *in, struct blob_attr **tb)
787 struct blob_attr *cur, *cur2;
791 cur = tb[INSTANCE_ATTR_COMMAND];
797 if (!blobmsg_check_attr_list(cur, BLOBMSG_TYPE_STRING))
800 blobmsg_for_each_attr(cur2, cur, rem) {
810 instance_config_parse(struct service_instance *in)
812 struct blob_attr *tb[__INSTANCE_ATTR_MAX];
813 struct blob_attr *cur, *cur2;
816 blobmsg_parse(instance_attr, __INSTANCE_ATTR_MAX, tb,
817 blobmsg_data(in->config), blobmsg_data_len(in->config));
819 if (!instance_config_parse_command(in, tb))
822 if (tb[INSTANCE_ATTR_TERMTIMEOUT])
823 in->term_timeout = blobmsg_get_u32(tb[INSTANCE_ATTR_TERMTIMEOUT]);
824 if (tb[INSTANCE_ATTR_RESPAWN]) {
826 uint32_t vals[3] = { 3600, 5, 5};
828 blobmsg_for_each_attr(cur2, tb[INSTANCE_ATTR_RESPAWN], rem) {
829 if ((i >= 3) && (blobmsg_type(cur2) == BLOBMSG_TYPE_STRING))
831 vals[i] = atoi(blobmsg_get_string(cur2));
835 in->respawn_count = 0;
836 in->respawn_threshold = vals[0];
837 in->respawn_timeout = vals[1];
838 in->respawn_retry = vals[2];
840 if (tb[INSTANCE_ATTR_TRIGGER]) {
841 in->trigger = tb[INSTANCE_ATTR_TRIGGER];
842 trigger_add(in->trigger, in);
845 if (tb[INSTANCE_ATTR_WATCH]) {
846 blobmsg_for_each_attr(cur2, tb[INSTANCE_ATTR_WATCH], rem) {
847 if (blobmsg_type(cur2) != BLOBMSG_TYPE_STRING)
849 DEBUG(3, "watch for %s\n", blobmsg_get_string(cur2));
850 watch_add(blobmsg_get_string(cur2), in);
854 if ((cur = tb[INSTANCE_ATTR_NICE])) {
855 in->nice = (int8_t) blobmsg_get_u32(cur);
856 if (in->nice < -20 || in->nice > 20)
860 if (tb[INSTANCE_ATTR_USER]) {
861 struct passwd *p = getpwnam(blobmsg_get_string(tb[INSTANCE_ATTR_USER]));
868 if (tb[INSTANCE_ATTR_TRACE])
869 in->trace = blobmsg_get_bool(tb[INSTANCE_ATTR_TRACE]);
871 if (tb[INSTANCE_ATTR_NO_NEW_PRIVS])
872 in->no_new_privs = blobmsg_get_bool(tb[INSTANCE_ATTR_NO_NEW_PRIVS]);
874 if (!in->trace && tb[INSTANCE_ATTR_SECCOMP]) {
875 char *seccomp = blobmsg_get_string(tb[INSTANCE_ATTR_SECCOMP]);
878 if (stat(seccomp, &s))
879 ERROR("%s: not starting seccomp as %s is missing\n", in->name, seccomp);
881 in->seccomp = seccomp;
884 if (tb[INSTANCE_ATTR_PIDFILE]) {
885 char *pidfile = blobmsg_get_string(tb[INSTANCE_ATTR_PIDFILE]);
887 in->pidfile = pidfile;
890 if (tb[INSTANCE_ATTR_RELOADSIG])
891 in->reload_signal = blobmsg_get_u32(tb[INSTANCE_ATTR_RELOADSIG]);
893 if (!in->trace && tb[INSTANCE_ATTR_JAIL])
894 in->has_jail = instance_jail_parse(in, tb[INSTANCE_ATTR_JAIL]);
896 if (tb[INSTANCE_ATTR_STDOUT] && blobmsg_get_bool(tb[INSTANCE_ATTR_STDOUT]))
897 in->_stdout.fd.fd = -1;
899 if (tb[INSTANCE_ATTR_STDERR] && blobmsg_get_bool(tb[INSTANCE_ATTR_STDERR]))
900 in->_stderr.fd.fd = -1;
902 instance_fill_any(&in->data, tb[INSTANCE_ATTR_DATA]);
904 if (!instance_fill_array(&in->env, tb[INSTANCE_ATTR_ENV], NULL, false))
907 if (!instance_fill_array(&in->netdev, tb[INSTANCE_ATTR_NETDEV], instance_netdev_update, true))
910 if (!instance_fill_array(&in->file, tb[INSTANCE_ATTR_FILE], instance_file_update, true))
913 if (!instance_fill_array(&in->limits, tb[INSTANCE_ATTR_LIMITS], NULL, false))
916 if (!instance_fill_array(&in->errors, tb[INSTANCE_ATTR_ERROR], NULL, true))
923 instance_config_cleanup(struct service_instance *in)
925 blobmsg_list_free(&in->env);
926 blobmsg_list_free(&in->data);
927 blobmsg_list_free(&in->netdev);
928 blobmsg_list_free(&in->file);
929 blobmsg_list_free(&in->limits);
930 blobmsg_list_free(&in->errors);
931 blobmsg_list_free(&in->jail.mount);
935 instance_config_move(struct service_instance *in, struct service_instance *in_src)
937 instance_config_cleanup(in);
938 blobmsg_list_move(&in->env, &in_src->env);
939 blobmsg_list_move(&in->data, &in_src->data);
940 blobmsg_list_move(&in->netdev, &in_src->netdev);
941 blobmsg_list_move(&in->file, &in_src->file);
942 blobmsg_list_move(&in->limits, &in_src->limits);
943 blobmsg_list_move(&in->errors, &in_src->errors);
944 blobmsg_list_move(&in->jail.mount, &in_src->jail.mount);
945 in->trigger = in_src->trigger;
946 in->command = in_src->command;
947 in->pidfile = in_src->pidfile;
948 in->name = in_src->name;
949 in->node.avl.key = in_src->node.avl.key;
952 in->config = in_src->config;
953 in_src->config = NULL;
957 instance_update(struct service_instance *in, struct service_instance *in_new)
959 bool changed = instance_config_changed(in, in_new);
960 bool running = in->proc.pending;
961 bool stopping = in->halt;
963 if (!running || stopping) {
964 instance_config_move(in, in_new);
968 instance_restart(in);
969 instance_config_move(in, in_new);
970 /* restart happens in the child callback handler */
975 instance_free(struct service_instance *in)
977 instance_free_stdio(in);
978 uloop_process_delete(&in->proc);
979 uloop_timeout_cancel(&in->timeout);
982 instance_config_cleanup(in);
988 instance_init(struct service_instance *in, struct service *s, struct blob_attr *config)
990 config = blob_memdup(config);
992 in->name = blobmsg_name(config);
994 in->timeout.cb = instance_timeout;
995 in->proc.cb = instance_exit;
996 in->term_timeout = 5;
998 in->_stdout.fd.fd = -2;
999 in->_stdout.stream.string_data = true;
1000 in->_stdout.stream.notify_read = instance_stdout;
1002 in->_stderr.fd.fd = -2;
1003 in->_stderr.stream.string_data = true;
1004 in->_stderr.stream.notify_read = instance_stderr;
1006 blobmsg_list_init(&in->netdev, struct instance_netdev, node, instance_netdev_cmp);
1007 blobmsg_list_init(&in->file, struct instance_file, node, instance_file_cmp);
1008 blobmsg_list_simple_init(&in->env);
1009 blobmsg_list_simple_init(&in->data);
1010 blobmsg_list_simple_init(&in->limits);
1011 blobmsg_list_simple_init(&in->errors);
1012 blobmsg_list_simple_init(&in->jail.mount);
1013 in->valid = instance_config_parse(in);
1016 void instance_dump(struct blob_buf *b, struct service_instance *in, int verbose)
1023 i = blobmsg_open_table(b, in->name);
1024 blobmsg_add_u8(b, "running", in->proc.pending);
1025 if (in->proc.pending)
1026 blobmsg_add_u32(b, "pid", in->proc.pid);
1028 blobmsg_add_blob(b, in->command);
1029 blobmsg_add_u32(b, "term_timeout", in->term_timeout);
1031 if (!avl_is_empty(&in->errors.avl)) {
1032 struct blobmsg_list_node *var;
1033 void *e = blobmsg_open_array(b, "errors");
1034 blobmsg_list_for_each(&in->errors, var)
1035 blobmsg_add_string(b, NULL, blobmsg_data(var->data));
1036 blobmsg_close_table(b, e);
1039 if (!avl_is_empty(&in->env.avl)) {
1040 struct blobmsg_list_node *var;
1041 void *e = blobmsg_open_table(b, "env");
1042 blobmsg_list_for_each(&in->env, var)
1043 blobmsg_add_string(b, blobmsg_name(var->data), blobmsg_data(var->data));
1044 blobmsg_close_table(b, e);
1047 if (!avl_is_empty(&in->data.avl)) {
1048 struct blobmsg_list_node *var;
1049 void *e = blobmsg_open_table(b, "data");
1050 blobmsg_list_for_each(&in->data, var)
1051 blobmsg_add_blob(b, var->data);
1052 blobmsg_close_table(b, e);
1055 if (!avl_is_empty(&in->limits.avl)) {
1056 struct blobmsg_list_node *var;
1057 void *e = blobmsg_open_table(b, "limits");
1058 blobmsg_list_for_each(&in->limits, var)
1059 blobmsg_add_string(b, blobmsg_name(var->data), blobmsg_data(var->data));
1060 blobmsg_close_table(b, e);
1063 if (in->reload_signal)
1064 blobmsg_add_u32(b, "reload_signal", in->reload_signal);
1067 void *r = blobmsg_open_table(b, "respawn");
1068 blobmsg_add_u32(b, "threshold", in->respawn_threshold);
1069 blobmsg_add_u32(b, "timeout", in->respawn_timeout);
1070 blobmsg_add_u32(b, "retry", in->respawn_retry);
1071 blobmsg_close_table(b, r);
1075 blobmsg_add_u8(b, "trace", true);
1077 if (in->no_new_privs)
1078 blobmsg_add_u8(b, "no_new_privs", true);
1081 blobmsg_add_string(b, "seccomp", in->seccomp);
1084 blobmsg_add_string(b, "pidfile", in->pidfile);
1087 void *r = blobmsg_open_table(b, "jail");
1089 blobmsg_add_string(b, "name", in->jail.name);
1090 if (in->jail.hostname)
1091 blobmsg_add_string(b, "hostname", in->jail.hostname);
1092 blobmsg_add_u8(b, "procfs", in->jail.procfs);
1093 blobmsg_add_u8(b, "sysfs", in->jail.sysfs);
1094 blobmsg_add_u8(b, "ubus", in->jail.ubus);
1095 blobmsg_add_u8(b, "log", in->jail.log);
1096 blobmsg_add_u8(b, "ronly", in->jail.ronly);
1097 blobmsg_close_table(b, r);
1098 if (!avl_is_empty(&in->jail.mount.avl)) {
1099 struct blobmsg_list_node *var;
1100 void *e = blobmsg_open_table(b, "mount");
1101 blobmsg_list_for_each(&in->jail.mount, var)
1102 blobmsg_add_string(b, blobmsg_name(var->data), blobmsg_data(var->data));
1103 blobmsg_close_table(b, e);
1107 if (verbose && in->trigger)
1108 blobmsg_add_blob(b, in->trigger);
1110 blobmsg_close_table(b, i);
projects / project / procd.git / blob