Software /
code /
prosody
Annotate
plugins/mod_posix.lua @ 1092:b547967d87fc
mod_posix: Don't let the server run as root without the magic run_as_root in config
author | Matthew Wild <mwild1@gmail.com> |
---|---|
date | Sat, 02 May 2009 20:32:43 +0100 |
parent | 1062:f9a1ac50782b |
child | 1100:05d209ef9661 |
child | 1118:239d4362a040 |
rev | line source |
---|---|
728
fa45dfb27ee5
mod_posix: Check version of pposix
Matthew Wild <mwild1@gmail.com>
parents:
723
diff
changeset
|
1 |
734
cfb4ec5cba5e
Fix for pposix version detection
Matthew Wild <mwild1@gmail.com>
parents:
728
diff
changeset
|
2 local want_pposix_version = "0.3.0"; |
587 | 3 |
4 local pposix = assert(require "util.pposix"); | |
735 | 5 if pposix._VERSION ~= want_pposix_version then module:log("warn", "Unknown version (%s) of binary pposix module, expected %s", tostring(pposix._VERSION), want_pposix_version); end |
587 | 6 |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
7 local signal = select(2, pcall(require, "util.signal")); |
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
8 if type(signal) == "string" then |
1062
f9a1ac50782b
mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents:
1061
diff
changeset
|
9 module:log("warn", "Couldn't load signal library, won't respond to SIGTERM"); |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
10 end |
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
11 |
587 | 12 local config_get = require "core.configmanager".get; |
13 local logger_set = require "util.logger".setwriter; | |
14 | |
15 module.host = "*"; -- we're a global module | |
16 | |
1092
b547967d87fc
mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents:
1062
diff
changeset
|
17 -- Don't even think about it! |
b547967d87fc
mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents:
1062
diff
changeset
|
18 module:add_event_hook("server-starting", function () |
b547967d87fc
mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents:
1062
diff
changeset
|
19 if pposix.getuid() == 0 and not config_get("*", "core", "run_as_root") then |
b547967d87fc
mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents:
1062
diff
changeset
|
20 module:log("error", "Danger, Will Robinson! Prosody doesn't need to be run as root, so don't do it!"); |
b547967d87fc
mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents:
1062
diff
changeset
|
21 module:log("error", "For more information on running Prosody as root, see http://prosody.im/doc/root"); |
b547967d87fc
mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents:
1062
diff
changeset
|
22 _G.prosody_shutdown("Refusing to run as root"); |
b547967d87fc
mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents:
1062
diff
changeset
|
23 end |
b547967d87fc
mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents:
1062
diff
changeset
|
24 end); |
b547967d87fc
mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents:
1062
diff
changeset
|
25 |
1032
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
26 local pidfile_written; |
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
27 |
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
28 local function remove_pidfile() |
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
29 if pidfile_written then |
1061
8c5876378c6f
mod_posix: Fix for removing the pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
1045
diff
changeset
|
30 os.remove(pidfile_written); |
1032
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
31 pidfile_written = nil; |
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
32 end |
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
33 end |
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
34 |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
35 local function write_pidfile() |
1032
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
36 if pidfile_written then |
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
37 remove_pidfile(); |
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
38 end |
1062
f9a1ac50782b
mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents:
1061
diff
changeset
|
39 local pidfile = config_get("*", "core", "pidfile"); |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
40 if pidfile then |
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
41 local pf, err = io.open(pidfile, "w+"); |
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
42 if not pf then |
1062
f9a1ac50782b
mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents:
1061
diff
changeset
|
43 module:log("error", "Couldn't write pidfile; %s", err); |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
44 else |
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
45 pf:write(tostring(pposix.getpid())); |
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
46 pf:close(); |
1032
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
47 pidfile_written = pidfile; |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
48 end |
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
49 end |
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
50 end |
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
51 |
1033
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
52 local syslog_opened |
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
53 function syslog_sink_maker(config) |
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
54 if not syslog_opened then |
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
55 pposix.syslog_open("prosody"); |
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
56 syslog_opened = true; |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
57 end |
1033
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
58 local syslog, format = pposix.syslog_log, string.format; |
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
59 return function (name, level, message, ...) |
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
60 if ... then |
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
61 syslog(level, format(message, ...)); |
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
62 else |
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
63 syslog(level, message); |
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
64 end |
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
65 end; |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
66 end |
1033
4a9f0d482028
mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents:
1032
diff
changeset
|
67 require "core.loggingmanager".register_sink_type("syslog", syslog_sink_maker); |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
68 |
587 | 69 if not config_get("*", "core", "no_daemonize") then |
70 local function daemonize_server() | |
71 local ok, ret = pposix.daemonize(); | |
72 if not ok then | |
1062
f9a1ac50782b
mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents:
1061
diff
changeset
|
73 module:log("error", "Failed to daemonize: %s", ret); |
587 | 74 elseif ret and ret > 0 then |
75 os.exit(0); | |
76 else | |
1062
f9a1ac50782b
mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents:
1061
diff
changeset
|
77 module:log("info", "Successfully daemonized to PID %d", pposix.getpid()); |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
78 write_pidfile(); |
587 | 79 end |
80 end | |
81 module:add_event_hook("server-starting", daemonize_server); | |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
82 else |
1032
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
83 -- Not going to daemonize, so write the pid of this process |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
84 write_pidfile(); |
587 | 85 end |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
86 |
1032
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
87 module:add_event_hook("server-stopped", remove_pidfile); |
409f22d0430f
mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents:
991
diff
changeset
|
88 |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
89 -- Set signal handler |
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
90 if signal.signal then |
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
91 signal.signal("SIGTERM", function () |
1062
f9a1ac50782b
mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents:
1061
diff
changeset
|
92 module:log("warn", "Received SIGTERM..."); |
f9a1ac50782b
mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents:
1061
diff
changeset
|
93 _G.unlock_globals(); |
f9a1ac50782b
mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents:
1061
diff
changeset
|
94 if _G.prosody_shutdown then |
f9a1ac50782b
mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents:
1061
diff
changeset
|
95 _G.prosody_shutdown("Received SIGTERM"); |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
96 else |
1062
f9a1ac50782b
mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents:
1061
diff
changeset
|
97 module:log("warn", "...no prosody_shutdown(), ignoring."); |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
98 end |
1062
f9a1ac50782b
mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents:
1061
diff
changeset
|
99 _G.lock_globals(); |
991
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
100 end); |
cd0d75de8345
mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents:
735
diff
changeset
|
101 end |