/* SSSD Service monitor Copyright (C) Simo Sorce 2008 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program. If not, see . */ #define _GNU_SOURCE #include #include #include #include #include #include #include "popt.h" #include "tevent.h" #include "util/util.h" #include "confdb/confdb.h" #include "monitor.h" #include "dbus/dbus.h" #include "sbus/sssd_dbus.h" #include "sbus_interfaces.h" static int start_service(const char *name, const char *command, pid_t *retpid); /* ping time cannot be less then once every few seconds or the * monitor will get crazy hammering children with messages */ #define MONITOR_MIN_PING_TIME 10 struct mt_conn { struct sbus_conn_ctx *conn_ctx; struct mt_svc *svc_ptr; }; struct mt_svc { struct mt_svc *prev; struct mt_svc *next; struct mt_conn *mt_conn; struct mt_ctx *mt_ctx; char *command; char *name; pid_t pid; int restarts; time_t last_restart; time_t last_pong; }; struct mt_ctx { struct event_context *ev; struct confdb_ctx *cdb; char **services; struct mt_svc *svc_list; struct sbus_srv_ctx *sbus_srv; int service_id_timeout; int service_ping_time; }; static int dbus_service_init(struct sbus_conn_ctx *conn_ctx, void *data); static void identity_check(DBusPendingCall *pending, void *data); static int service_send_ping(struct mt_svc *svc); static void ping_check(DBusPendingCall *pending, void *data); static int service_check_alive(struct mt_svc *svc); static void set_tasks_checker(struct mt_svc *srv); /* dbus_get_monitor_version * Return the monitor version over D-BUS */ static int dbus_get_monitor_version(DBusMessage *message, void *data, DBusMessage **r) { const char *version = MONITOR_VERSION; DBusMessage *reply; dbus_bool_t ret; reply = dbus_message_new_method_return(message); ret = dbus_message_append_args(reply, DBUS_TYPE_STRING, &version, DBUS_TYPE_INVALID); if (!ret) { return EIO; } *r = reply; return EOK; } struct sbus_method monitor_methods[] = { { MONITOR_METHOD_VERSION, dbus_get_monitor_version}, {NULL, NULL} }; /* monitor_dbus_init * Set up the monitor service as a D-BUS Server */ static int monitor_dbus_init(struct mt_ctx *ctx) { struct sbus_method_ctx *sd_ctx; struct sbus_srv_ctx *sbus_srv; char *sbus_address; char *default_monitor_address; int ret; default_monitor_address = talloc_asprintf(ctx, "unix:path=%s/%s", PIPE_PATH, SSSD_SERVICE_PIPE); if (!default_monitor_address) { return ENOMEM; } ret = confdb_get_string(ctx->cdb, ctx, "config/services/monitor", "sbusAddress", default_monitor_address, &sbus_address); if (ret != EOK) { talloc_free(default_monitor_address); return ret; } talloc_free(default_monitor_address); sd_ctx = talloc_zero(ctx, struct sbus_method_ctx); if (!sd_ctx) { talloc_free(sbus_address); return ENOMEM; } /* Set up globally-available D-BUS methods */ sd_ctx->interface = talloc_strdup(sd_ctx, MONITOR_DBUS_INTERFACE); if (!sd_ctx->interface) { talloc_free(sbus_address); talloc_free(sd_ctx); return ENOMEM; } sd_ctx->path = talloc_strdup(sd_ctx, MONITOR_DBUS_PATH); if (!sd_ctx->path) { talloc_free(sbus_address); talloc_free(sd_ctx); return ENOMEM; } sd_ctx->methods = monitor_methods; sd_ctx->message_handler = sbus_message_handler; ret = sbus_new_server(ctx, ctx->ev, sd_ctx, &sbus_srv, sbus_address, dbus_service_init, ctx); ctx->sbus_srv = sbus_srv; return ret; } static void tasks_check_handler(struct event_context *ev, struct timed_event *te, struct timeval t, void *ptr) { struct mt_svc *svc = talloc_get_type(ptr, struct mt_svc); time_t now = time(NULL); bool process_alive = true; int ret; ret = service_check_alive(svc); switch (ret) { case EOK: /* all fine */ break; case ECHILD: DEBUG(1,("Process (%s) is stopped!\n", svc->name)); process_alive = false; break; default: /* TODO: should we tear down it ? */ DEBUG(1,("Checking for service %s(%d) failed!!\n", svc->name, svc->pid)); break; } if (process_alive) { ret = service_send_ping(svc); switch (ret) { case EOK: /* all fine */ break; case ENXIO: DEBUG(1,("Child (%s) not responding! (yet)\n", svc->name)); break; default: /* TODO: should we tear it down ? */ DEBUG(1,("Sending a message to service (%s) failed!!\n", svc->name)); break; } if (svc->last_pong != 0) { if ((now - svc->last_pong) > 30) { /* TODO: get val from config */ /* too long since we last heard of this process */ ret = kill(svc->pid, SIGUSR1); if (ret != EOK) { DEBUG(0,("Sending signal to child (%s:%d) failed! " "Ignore and pretend child is dead.\n", svc->name, svc->pid)); } process_alive = false; } } } if (!process_alive) { if (svc->last_restart != 0) { if ((now - svc->last_restart) > 30) { /* TODO: get val from config */ /* it was long ago reset restart threshold */ svc->restarts = 0; } } /* restart the process */ if (svc->restarts > 3) { /* TODO: get val from config */ DEBUG(0, ("Process [%s], definitely stopped!\n", svc->name)); talloc_free(svc); return; } ret = start_service(svc->name, svc->command, &svc->pid); if (ret != EOK) { DEBUG(0,("Failed to restart service '%s'\n", svc->name)); talloc_free(svc); return; } svc->restarts++; svc->last_restart = now; svc->last_pong = 0; } /* all fine, set up the task checker again */ set_tasks_checker(svc); } static void set_tasks_checker(struct mt_svc *svc) { struct timed_event *te = NULL; struct timeval tv; gettimeofday(&tv, NULL); tv.tv_sec += svc->mt_ctx->service_ping_time; tv.tv_usec = 0; te = event_add_timed(svc->mt_ctx->ev, svc, tv, tasks_check_handler, svc); if (te == NULL) { DEBUG(0, ("failed to add event, monitor offline for [%s]!\n", svc->name)); /* FIXME: shutdown ? */ } } int get_monitor_config(struct mt_ctx *ctx) { int ret; ret = confdb_get_int(ctx->cdb, ctx, "config/services/monitor", "sbusTimeout", -1, &ctx->service_id_timeout); if (ret != EOK) { return ret; } ret = confdb_get_int(ctx->cdb, ctx, "config/services/monitor", "servicePingTime", MONITOR_MIN_PING_TIME, &ctx->service_ping_time); if (ret != EOK) { return ret; } if (ctx->service_ping_time < MONITOR_MIN_PING_TIME) ctx->service_ping_time = MONITOR_MIN_PING_TIME; ret = confdb_get_param(ctx->cdb, ctx, "config/services", "activeServices", &ctx->services); if (ctx->services[0] == NULL) { DEBUG(0, ("No services configured!\n")); return EINVAL; } return EOK; } int monitor_process_init(TALLOC_CTX *mem_ctx, struct event_context *event_ctx, struct confdb_ctx *cdb) { struct mt_ctx *ctx; struct mt_svc *svc; char **doms; char *path; int ret, i; ctx = talloc_zero(mem_ctx, struct mt_ctx); if (!ctx) { DEBUG(0, ("fatal error initializing monitor!\n")); return ENOMEM; } ctx->ev = event_ctx; ctx->cdb = cdb; ret = get_monitor_config(ctx); if (ret != EOK) return ret; /* Initialize D-BUS Server * The monitor will act as a D-BUS server for all * SSSD processes */ ret = monitor_dbus_init(ctx); if (ret != EOK) { return ret; } /* start all services */ for (i = 0; ctx->services[i]; i++) { svc = talloc_zero(ctx, struct mt_svc); if (!svc) { talloc_free(ctx); return ENOMEM; } svc->name = ctx->services[i]; svc->mt_ctx = ctx; path = talloc_asprintf(svc, "config/services/%s", svc->name); if (!path) { talloc_free(ctx); return ENOMEM; } ret = confdb_get_string(cdb, svc, path, "command", NULL, &svc->command); if (ret != EOK) { DEBUG(0,("Failed to start service '%s'\n", svc->name)); talloc_free(svc); continue; } talloc_free(path); ret = start_service(svc->name, svc->command, &svc->pid); if (ret != EOK) { DEBUG(0,("Failed to start service '%s'\n", svc->name)); talloc_free(svc); continue; } DLIST_ADD(ctx->svc_list, svc); set_tasks_checker(svc); } /* now start the data providers */ ret = confdb_get_domains(cdb, ctx, &doms); if (ret != EOK) { DEBUG(2, ("No domains configured. LOCAL should always exist!\n")); return ret; } for (i = 0; doms[i]; i++) { svc = talloc_zero(ctx, struct mt_svc); if (!svc) { talloc_free(ctx); return ENOMEM; } svc->name = talloc_asprintf(svc, "%%BE_%s", doms[i]); svc->mt_ctx = ctx; path = talloc_asprintf(svc, "config/domains/%s", doms[i]); if (!path) { talloc_free(ctx); return ENOMEM; } ret = confdb_get_string(cdb, svc, path, "command", NULL, &svc->command); if (ret != EOK) { DEBUG(0, ("Failed to find provider [%s] configuration\n", doms[i])); talloc_free(svc); continue; } /* if no command is present do not run the domain */ if (svc->command == NULL) { /* the LOCAL domain does not need a backend at the moment */ if (strcasecmp(doms[i], "LOCAL") != 0) { DEBUG(0, ("Missing command to run provider [%s]\n")); } talloc_free(svc); continue; } ret = start_service(doms[i], svc->command, &svc->pid); if (ret != EOK) { DEBUG(0,("Failed to start provider for '%s'\n", doms[i])); talloc_free(svc); continue; } DLIST_ADD(ctx->svc_list, svc); set_tasks_checker(svc); } return EOK; } static int mt_conn_destructor(void *ptr) { struct mt_conn *mt_conn; struct mt_svc *svc; mt_conn = talloc_get_type(ptr, struct mt_conn); svc = mt_conn->svc_ptr; /* now clear up so that the rest of the code will know there * is no connection attached to the service anymore */ svc->mt_conn = NULL; return 0; } /* * dbus_service_init * This function should initiate a query to the newly connected * service to discover the service's identity (invoke the getIdentity * method on the new client). The reply callback for this request * should set the connection destructor appropriately. */ static int dbus_service_init(struct sbus_conn_ctx *conn_ctx, void *data) { struct mt_ctx *ctx; struct mt_svc *svc; struct mt_conn *mt_conn; DBusMessage *msg; DBusPendingCall *pending_reply; DBusConnection *conn; DBusError dbus_error; dbus_bool_t dbret; DEBUG(3, ("Initializing D-BUS Service\n")); ctx = talloc_get_type(data, struct mt_ctx); conn = sbus_get_connection(conn_ctx); dbus_error_init(&dbus_error); /* hang off this memory to the connection so that when the connection * is freed we can call a destructor to clear up the structure and * have a way to know we need to restart the service */ mt_conn = talloc(conn_ctx, struct mt_conn); if (!mt_conn) { DEBUG(0,("Out of memory?!\n")); talloc_free(conn_ctx); return ENOMEM; } mt_conn->conn_ctx = conn_ctx; /* at this stage we still do not know what service is this * we will know only after we get its identity, so we make * up a temporary fake service and complete the operation * when we receive the reply */ svc = talloc_zero(mt_conn, struct mt_svc); if (!svc) { talloc_free(conn_ctx); return ENOMEM; } svc->mt_ctx = ctx; svc->mt_conn = mt_conn; mt_conn->svc_ptr = svc; talloc_set_destructor((TALLOC_CTX *)mt_conn, mt_conn_destructor); /* * Set up identity request * This should be a well-known path and method * for all services */ msg = dbus_message_new_method_call(NULL, SERVICE_PATH, SERVICE_INTERFACE, SERVICE_METHOD_IDENTITY); if (msg == NULL) { DEBUG(0,("Out of memory?!\n")); talloc_free(conn_ctx); return ENOMEM; } dbret = dbus_connection_send_with_reply(conn, msg, &pending_reply, ctx->service_id_timeout); if (!dbret) { /* * Critical Failure * We can't communicate on this connection * We'll drop it using the default destructor. */ DEBUG(0, ("D-BUS send failed.\n")); dbus_message_unref(msg); talloc_free(conn_ctx); return EIO; } /* Set up the reply handler */ dbus_pending_call_set_notify(pending_reply, identity_check, svc, NULL); dbus_message_unref(msg); return EOK; } static void identity_check(DBusPendingCall *pending, void *data) { struct mt_svc *fake_svc; struct mt_svc *svc; struct sbus_conn_ctx *conn_ctx; DBusMessage *reply; DBusError dbus_error; dbus_uint16_t svc_ver; char *svc_name; dbus_bool_t ret; int type; fake_svc = talloc_get_type(data, struct mt_svc); conn_ctx = fake_svc->mt_conn->conn_ctx; dbus_error_init(&dbus_error); reply = dbus_pending_call_steal_reply(pending); if (!reply) { /* reply should never be null. This function shouldn't be called * until reply is valid or timeout has occurred. If reply is NULL * here, something is seriously wrong and we should bail out. */ DEBUG(0, ("Serious error. A reply callback was called but no reply was received and no timeout occurred\n")); /* Destroy this connection */ sbus_disconnect(conn_ctx); goto done; } type = dbus_message_get_type(reply); switch (type) { case DBUS_MESSAGE_TYPE_METHOD_RETURN: ret = dbus_message_get_args(reply, &dbus_error, DBUS_TYPE_STRING, &svc_name, DBUS_TYPE_UINT16, &svc_ver, DBUS_TYPE_INVALID); if (!ret) { DEBUG(1,("Failed, to parse message, killing connection\n")); sbus_disconnect(conn_ctx); goto done; } /* search this service in the list */ svc = fake_svc->mt_ctx->svc_list; while (svc) { ret = strcasecmp(svc->name, svc_name); if (ret == 0) { break; } svc = svc->next; } if (!svc) { DEBUG(0,("Unable to find peer in list of services, killing connection!\n")); sbus_disconnect(conn_ctx); goto done; } /* transfer all from the fake service and get rid of it */ fake_svc->mt_conn->svc_ptr = svc; svc->mt_conn = fake_svc->mt_conn; talloc_free(fake_svc); /* Set up the destructor for this service */ break; case DBUS_MESSAGE_TYPE_ERROR: DEBUG(0,("getIdentity returned an error [%s], closing connection.\n", dbus_message_get_error_name(reply))); /* Falling through to default intentionally*/ default: /* * Timeout or other error occurred or something * unexpected happened. * It doesn't matter which, because either way we * know that this connection isn't trustworthy. * We'll destroy it now. */ sbus_disconnect(conn_ctx); return; } done: dbus_pending_call_unref(pending); dbus_message_unref(reply); } /* service_send_ping * this function send a dbus ping to a service. * It returns EOK if all is fine or ENXIO if the connection is * not available (either not yet set up or teared down). * Returns e generic error in other cases. */ static int service_send_ping(struct mt_svc *svc) { DBusMessage *msg; DBusPendingCall *pending_reply; DBusConnection *conn; DBusError dbus_error; dbus_bool_t dbret; if (!svc->mt_conn) { return ENXIO; } DEBUG(4,("Pinging %s\n", svc->name)); conn = sbus_get_connection(svc->mt_conn->conn_ctx); dbus_error_init(&dbus_error); /* * Set up identity request * This should be a well-known path and method * for all services */ msg = dbus_message_new_method_call(NULL, SERVICE_PATH, SERVICE_INTERFACE, SERVICE_METHOD_PING); if (!msg) { DEBUG(0,("Out of memory?!\n")); talloc_free(svc->mt_conn->conn_ctx); return ENOMEM; } dbret = dbus_connection_send_with_reply(conn, msg, &pending_reply, svc->mt_ctx->service_id_timeout); if (!dbret) { /* * Critical Failure * We can't communicate on this connection * We'll drop it using the default destructor. */ DEBUG(0, ("D-BUS send failed.\n")); talloc_free(svc->mt_conn->conn_ctx); return EIO; } /* Set up the reply handler */ dbus_pending_call_set_notify(pending_reply, ping_check, svc, NULL); dbus_message_unref(msg); return EOK; } static void ping_check(DBusPendingCall *pending, void *data) { struct mt_svc *svc; struct sbus_conn_ctx *conn_ctx; DBusMessage *reply; DBusError dbus_error; const char *dbus_error_name; int type; svc = talloc_get_type(data, struct mt_svc); conn_ctx = svc->mt_conn->conn_ctx; dbus_error_init(&dbus_error); reply = dbus_pending_call_steal_reply(pending); if (!reply) { /* reply should never be null. This function shouldn't be called * until reply is valid or timeout has occurred. If reply is NULL * here, something is seriously wrong and we should bail out. */ DEBUG(0, ("A reply callback was called but no reply was received" " and no timeout occurred\n")); /* Destroy this connection */ sbus_disconnect(conn_ctx); goto done; } type = dbus_message_get_type(reply); switch (type) { case DBUS_MESSAGE_TYPE_METHOD_RETURN: /* ok peer replied, * set the reply timestamp into the service structure */ DEBUG(4,("Service %s replied to ping\n", svc->name)); svc->last_pong = time(NULL); break; case DBUS_MESSAGE_TYPE_ERROR: dbus_error_name = dbus_message_get_error_name(reply); /* timeouts are handled in the main service check function */ if (strcmp(dbus_error_name, DBUS_ERROR_TIMEOUT) == 0) break; DEBUG(0,("A service PING returned an error [%s], closing connection.\n", dbus_error_name)); /* Falling through to default intentionally*/ default: /* * Timeout or other error occurred or something * unexpected happened. * It doesn't matter which, because either way we * know that this connection isn't trustworthy. * We'll destroy it now. */ sbus_disconnect(conn_ctx); } done: dbus_pending_call_unref(pending); dbus_message_unref(reply); } /* service_check_alive * This function checks if the service child is still alive */ static int service_check_alive(struct mt_svc *svc) { int status; pid_t pid; DEBUG(4,("Checking service %s(%d) is still alive\n", svc->name, svc->pid)); pid = waitpid(svc->pid, &status, WNOHANG); if (pid == 0) { return EOK; } if (pid != svc->pid) { DEBUG(1, ("bad return (%d) from waitpid() waiting for %d\n", pid, svc->pid)); /* TODO: what do we do now ? */ return EINVAL; } if (WIFEXITED(status)) { /* children exited on it's own */ /* TODO: check configuration to see if it was removed * from the list of process to run */ DEBUG(0,("Process [%s] exited\n", svc->name)); } return ECHILD; } static void free_args(char **args) { int i; if (args) { for (i = 0; args[i]; i++) free(args[i]); free(args); } } /* parse a string into arguments. * arguments are separated by a space * '\' is an escape character and can be used only to escape * itself or the white space. */ static char **parse_args(const char *str) { const char *p; char **ret, **r; char *tmp; int num; int i, e; tmp = malloc(strlen(str) + 1); if (!tmp) return NULL; ret = NULL; num = 0; e = 0; i = 0; p = str; while (*p) { switch (*p) { case '\\': if (e) { tmp[i] = '\\'; i++; e = 0; } else { e = 1; } break; case ' ': if (e) { tmp[i] = ' '; i++; e = 0; } else { tmp[i] = '\0'; i++; } break; default: if (e) { tmp[i] = '\\'; i++; e = 0; } tmp[i] = *p; i++; break; } p++; /* check if this was the last char */ if (*p == '\0') { if (e) { tmp[i] = '\\'; i++; e = 0; } tmp[i] = '\0'; i++; } if (tmp[i-1] != '\0' || strlen(tmp) == 0) { /* check next char and skip multiple spaces */ continue; } r = realloc(ret, (num + 2) * sizeof(char *)); if (!r) goto fail; ret = r; ret[num+1] = NULL; ret[num] = strdup(tmp); if (!ret[num]) goto fail; num++; i = 0; } free(tmp); return ret; fail: free(tmp); free_args(ret); return NULL; } static int start_service(const char *name, const char *command, pid_t *retpid) { char **args; pid_t pid; DEBUG(4,("Starting service %s\n", name)); pid = fork(); if (pid != 0) { if (pid == -1) { return ECHILD; } *retpid = pid; return EOK; } /* child */ args = parse_args(command); execvp(args[0], args); exit(1); } int main(int argc, const char *argv[]) { int opt; poptContext pc; int opt_daemon = 0; int opt_interactive = 0; int flags = 0; struct main_context *main_ctx; int ret; struct poptOption long_options[] = { POPT_AUTOHELP SSSD_MAIN_OPTS {"daemon", 'D', POPT_ARG_NONE, &opt_daemon, 0, \ "Become a daemon (default)", NULL }, \ {"interactive", 'i', POPT_ARG_NONE, &opt_interactive, 0, \ "Run interactive (not a daemon)", NULL}, \ { NULL } }; pc = poptGetContext(argv[0], argc, argv, long_options, 0); while((opt = poptGetNextOpt(pc)) != -1) { switch(opt) { default: fprintf(stderr, "\nInvalid option %s: %s\n\n", poptBadOption(pc, 0), poptStrerror(opt)); poptPrintUsage(pc, stderr, 0); return 1; } } if (opt_daemon && opt_interactive) { fprintf(stderr, "Option -i|--interactive is not allowed together with -D|--daemon\n"); poptPrintUsage(pc, stderr, 0); return 1; } poptFreeContext(pc); if (opt_daemon) flags |= FLAGS_DAEMON; if (opt_interactive) flags |= FLAGS_INTERACTIVE; /* we want a pid file check */ flags |= FLAGS_PID_FILE; /* set up things like debug , signals, daemonization, etc... */ ret = server_setup("sssd", flags, &main_ctx); if (ret != EOK) return 2; ret = monitor_process_init(main_ctx, main_ctx->event_ctx, main_ctx->confdb_ctx); if (ret != EOK) return 3; /* loop on main */ server_loop(main_ctx); return 0; }