diff options
Diffstat (limited to 'src/daemon/cgrulesengd.h')
| -rw-r--r-- | src/daemon/cgrulesengd.h | 127 |
1 files changed, 127 insertions, 0 deletions
diff --git a/src/daemon/cgrulesengd.h b/src/daemon/cgrulesengd.h new file mode 100644 index 0000000..1840143 --- /dev/null +++ b/src/daemon/cgrulesengd.h @@ -0,0 +1,127 @@ +/* + * Copyright Red Hat Inc. 2008 + * + * Author: Steve Olivieri <sjo@redhat.com> + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of version 2.1 of the GNU Lesser General Public License + * as published by the Free Software Foundation. + * + * This program is distributed in the hope that it would be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + */ + +#ifndef _CGRULESENGD_H +#define _CGRULESENGD_H + +#include <features.h> + +__BEGIN_DECLS + +#include "config.h" +#include "libcgroup.h" +#include <linux/connector.h> + +#ifndef _GNU_SOURCE +#define _GNU_SOURCE +#endif + +#ifndef __USE_GNU +#define __USE_GNU +#endif + +/* A simple macro for printing messages only when CGROUP_DEBUG is defined. */ +#ifdef CGROUP_DEBUG + #define cgroup_dbg(a...) printf(a) +#else + #define cgroup_dbg(a...) do {} while (0) +#endif /* CGROUP_DEBUG */ + +/* The following ten macros are all for the Netlink code. */ +#define SEND_MESSAGE_LEN (NLMSG_LENGTH(sizeof(struct cn_msg) + \ + sizeof(enum proc_cn_mcast_op))) +#define RECV_MESSAGE_LEN (NLMSG_LENGTH(sizeof(struct cn_msg) + \ + sizeof(struct proc_event))) + +#define SEND_MESSAGE_SIZE (NLMSG_SPACE(SEND_MESSAGE_LEN)) +#define RECV_MESSAGE_SIZE (NLMSG_SPACE(RECV_MESSAGE_LEN)) + +#define max(x,y) ((y)<(x)?(x):(y)) +#define min(x,y) ((y)>(x)?(x):(y)) + +#define BUFF_SIZE (max(max(SEND_MESSAGE_SIZE, RECV_MESSAGE_SIZE), 1024)) +#define MIN_RECV_SIZE (min(SEND_MESSAGE_SIZE, RECV_MESSAGE_SIZE)) + +#define PROC_CN_MCAST_LISTEN (1) +#define PROC_CN_MCAST_IGNORE (2) + +/** + * Prints the usage information for this program and, optionally, an error + * message. This function uses vfprintf. + * @param fd The file stream to print to + * @param msg The error message to print (printf style) + * @param ... Any args to msg (printf style) + */ +void cgre_usage(FILE *fd, const char *msg, ...); + +/** + * Prints a formatted message (like printf()) to all log destinations. + * Flushes the file stream's buffer so that the message is immediately + * readable. + * @param level The log level (LOG_EMERG ... LOG_DEBUG) + * @param format The format for the message (printf style) + * @param ... Any args to format (printf style) + */ +void flog(int level, const char *msg, ...); + +/** + * Process an event from the kernel, and determine the correct UID/GID/PID to + * pass to libcgroup. Then, libcgroup will decide the cgroup to move the PID + * to, if any. + * @param ev The event to process + * @param type The type of event to process (part of ev) + * @return 0 on success, > 0 on failure + */ +int cgre_process_event(const struct proc_event *ev, const int type); + +/** + * Handle a netlink message. In the event of PROC_EVENT_UID or PROC_EVENT_GID, + * we pass the event along to cgre_process_event for further processing. All + * other events are ignored. + * @param cn_hdr The netlink message + * @return 0 on success, > 0 on error + */ +int cgre_handle_message(struct cn_msg *cn_hdr); + +/** + * Turns this program into a daemon. In doing so, we fork() and kill the + * parent process. Note too that stdout, stdin, and stderr are closed in + * daemon mode, and a file descriptor for a log file is opened. + * @param logp Path of the log file, NULL if no log file was specified + * @param logf Syslog facility, NULL if no facility was specified + * @param daemon False to turn off daemon mode (no fork, leave FDs open) + * @param logv Log verbosity, 2 is the default, 0 = no logging, 5 = everything + * @return 0 on success, > 0 on error + */ +int cgre_start_daemon(const char *logp, const int logf, + const unsigned char daemon, const int logv); + +/** + * Catch the SIGUSR2 signal and reload the rules configuration. This function + * makes use of the logfile and flog() to print the new rules. + * @param signum The signal that we caught (always SIGUSR2) + */ +void cgre_flash_rules(int signum); + +/** + * Catch the SIGTERM and SIGINT signal so that we can exit gracefully. Before + * exiting, this function makes use of the logfile and flog(). + * @param signum The signal that we caught (SIGTERM, SIGINT) + */ +void cgre_catch_term(int signum); + +__END_DECLS + +#endif /* _CGRULESENGD_H */ + |