Add a new -P option to krb5kdc and kadmind which, if given, specifies

the path to which to write the PID file of the daemon after it finishes
initializing.

Ticket: 6618

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@23560 dc483132-0cff-0310-8789-dd5450dbe970

4 files changed, 99 insertions, 2 deletions

diff --git a/src/kadmin/server/kadmind.M b/src/kadmin/server/kadmind.M
index 2a227fb4e..3e9d87638 100644
--- a/src/kadmin/server/kadmind.M
+++ b/src/kadmin/server/kadmind.M
@@ -5,6 +5,7 @@ kadmind \- KADM5 administration server
 .B kadmind
 [\fB\-x\fP \fIdb_args\fP] [\fB-r\fP \fIrealm\fP] [\fB\-m\fP] [\fB\-nofork\fP] [\fB\-port\fP
 \fIport-number\fP]
+    [\fB\-P\fP \fIpid_file\fP]
 .SH DESCRIPTION
 This command starts the KADM5 administration server.  If the database is db2, 
 the administration server runs on the master Kerberos server, which stores the KDC
@@ -122,6 +123,14 @@ specifies the port on which the administration server listens for
 connections.  The default is is controlled by the 
 .I kadmind_port
 configuration variable (see below).
+.TP
+\fB\-P\fP \fIpid_file\fP
+specifies the file to which the PID of
+.B kadmind
+process should be written to after it starts up.  This can be used to
+identify whether
+.B kadmind
+is still running and to allow init scripts to stop the correct process.
 .SH CONFIGURATION VALUES
 .PP
 In addition to the relations defined in kdc.conf(5), kadmind
diff --git a/src/kadmin/server/ovsec_kadmd.c b/src/kadmin/server/ovsec_kadmd.c
index 1615877fb..e32a08937 100644
--- a/src/kadmin/server/ovsec_kadmd.c
+++ b/src/kadmin/server/ovsec_kadmd.c
@@ -30,6 +30,7 @@
  * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
  */
 
+#include    <errno.h>
 #include    <stdio.h>
 #include    <signal.h>
 #include    <syslog.h>
@@ -134,6 +135,7 @@ static void usage()
             "[-passwordserver] "
 #endif
             "[-port port-number]\n"
+            "\t\t[-P pid_file]\n"
             "\nwhere,\n\t[-x db_args]* - any number of database specific arguments.\n"
             "\t\t\tLook at each database documentation for supported arguments\n"
     );
@@ -191,6 +193,36 @@ static void display_status_1(m, code, type)
     }
 }
 
+/*
+ * Function: write_pid_file
+ *
+ * Purpose: writes the current process PID to a file
+ *
+ * Arguments:
+ *
+ *      pid_file        path to output file
+ *      <return value>  0 on success, error code on failure
+ *
+ * Effects:
+ *
+ * The current process PID, obtained from getpid(), is written to the path
+ * given in pid_file, overwriting the existing contents if the file already
+ * exists.  The PID will be followed by a newline.
+ */
+static int
+write_pid_file(const char *pid_file)
+{
+    FILE *file;
+    unsigned long pid;
+
+    file = fopen(pid_file, "w");
+    if (file == NULL)
+        return errno;
+    pid = (unsigned long) getpid();
+    if (fprintf(file, "%ld\n", pid) < 0 || fclose(file) == EOF)
+        return errno;
+    return 0;
+}
 
 /* XXX yuck.  the signal handlers need this */
 static krb5_context context;
@@ -216,6 +248,7 @@ int main(int argc, char *argv[])
     char *errmsg;
     int i;
     int strong_random = 1;
+    const char *pid_file = NULL;
 
     kdb_log_context *log_ctx;
 
@@ -286,6 +319,11 @@ int main(int argc, char *argv[])
                 usage();
             params.kadmind_port = atoi(*argv);
             params.mask |= KADM5_CONFIG_KADMIND_PORT;
+        } else if (strcmp(*argv, "-P") == 0) {
+            argc--; argv++;
+            if (!argc)
+                usage();
+            pid_file = *argv;
         } else if (strcmp(*argv, "-W") == 0) {
             strong_random = 0;
         } else
@@ -468,6 +506,18 @@ kterr:
         krb5_klog_close(context);
         exit(1);
     }
+    if (pid_file != NULL) {
+        ret = write_pid_file(pid_file);
+        if (ret) {
+            errmsg = krb5_get_error_message(context, ret);
+            krb5_klog_syslog(LOG_ERR, "Cannot create PID file %s: %s",
+                             pid_file, errmsg);
+            svcauth_gssapi_unset_names();
+            kadm5_destroy(global_server_handle);
+            krb5_klog_close(context);
+            exit(1);
+        }
+    }
 
     krb5_klog_syslog(LOG_INFO, "Seeding random number generator");
     ret = krb5_c_random_os_entropy(context, strong_random, NULL);
diff --git a/src/kdc/krb5kdc.M b/src/kdc/krb5kdc.M
index bbcfca3f3..455b02e72 100644
--- a/src/kdc/krb5kdc.M
+++ b/src/kdc/krb5kdc.M
@@ -48,6 +48,9 @@ krb5kdc \- Kerberos V5 KDC
 .I realm
 ] [
 .B \-n
+] [
+.B \-P
+.I pid_file
 ]
 .br
 .SH DESCRIPTION
@@ -134,6 +137,14 @@ and does not disassociate itself from the terminal.  In normal
 operation, you should always allow the KDC to place itself in
 the background.
 .PP
+The
+.B \-P
+.I pid_file
+option tells the KDC to write its PID (followed by a newline) into
+.I pid_file
+after it starts up.  This can be used to identify whether the KDC is still
+running and to allow init scripts to stop the correct process.
+.PP
 The KDC may service requests for multiple realms (maximum 32 realms).  The
 realms are listed on the command line.  Per-realm options that can be
 specified on the command line pertain for each realm that follows it and are
diff --git a/src/kdc/main.c b/src/kdc/main.c
index 925019c4b..9fd63756d 100644
--- a/src/kdc/main.c
+++ b/src/kdc/main.c
@@ -59,6 +59,7 @@
 #include <signal.h>
 #include <errno.h>
 #include <netdb.h>
+#include <unistd.h>
 
 #include "k5-int.h"
 #include "com_err.h"
@@ -90,6 +91,7 @@ void initialize_realms (krb5_context, int, char **);
 void finish_realms (void);
 
 static int nofork = 0;
+static const char *pid_file = NULL;
 static int rkey_init_done = 0;
 
 #ifdef POSIX_SIGNALS
@@ -558,7 +560,7 @@ setup_sam(void)
 void
 usage(char *name)
 {
-    fprintf(stderr, "usage: %s [-x db_args]* [-d dbpathname] [-r dbrealmname]\n\t\t[-R replaycachename] [-m] [-k masterenctype] [-M masterkeyname]\n\t\t[-p port] [/]\n"
+    fprintf(stderr, "usage: %s [-x db_args]* [-d dbpathname] [-r dbrealmname]\n\t\t[-R replaycachename] [-m] [-k masterenctype] [-M masterkeyname]\n\t\t[-p port] [-P pid_file] [/]\n"
             "\nwhere,\n\t[-x db_args]* - Any number of database specific arguments.  Look at\n"
             "\t\t\teach database module documentation for supported\n\t\t\targuments\n",
             name);
@@ -634,7 +636,7 @@ initialize_realms(krb5_context kcontext, int argc, char **argv)
      * Loop through the option list.  Each time we encounter a realm name,
      * use the previously scanned options to fill in for defaults.
      */
-    while ((c = getopt(argc, argv, "x:r:d:mM:k:R:e:p:s:n4:X3")) != -1) {
+    while ((c = getopt(argc, argv, "x:r:d:mM:k:R:e:P:p:s:n4:X3")) != -1) {
         switch(c) {
         case 'x':
             db_args_size++;
@@ -723,6 +725,8 @@ initialize_realms(krb5_context kcontext, int argc, char **argv)
         case 'R':
             rcname = optarg;
             break;
+        case 'P':
+            pid_file = optarg;
         case 'p':
             if (default_udp_ports)
                 free(default_udp_ports);
@@ -803,6 +807,21 @@ initialize_realms(krb5_context kcontext, int argc, char **argv)
     return;
 }
 
+static krb5_error_code
+write_pid_file(const char *path)
+{
+    FILE *file;
+    unsigned long pid;
+
+    file = fopen(path, "w");
+    if (file == NULL)
+        return errno;
+    pid = (unsigned long) getpid();
+    if (fprintf(file, "%ld\n", pid) < 0 || fclose(file) == EOF)
+        return errno;
+    return 0;
+}
+
 void
 finish_realms()
 {
@@ -905,6 +924,14 @@ int main(int argc, char **argv)
         finish_realms();
         return 1;
     }
+    if (pid_file != NULL) {
+        retval = write_pid_file(pid_file);
+        if (retval) {
+            kdc_err(kcontext, retval, "while creating PID file");
+            finish_realms();
+            return 1;
+        }
+    }
     krb5_klog_syslog(LOG_INFO, "commencing operation");
     if (nofork)
         fprintf(stderr, "%s: starting...\n", kdc_progname);