Annotate

plugins/mod_posix.lua @ 1092:b547967d87fc

mod_posix: Don't let the server run as root without the magic run_as_root in config
author Matthew Wild <mwild1@gmail.com>
date Sat, 02 May 2009 20:32:43 +0100
parent 1062:f9a1ac50782b
child 1100:05d209ef9661
child 1118:239d4362a040
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
728
fa45dfb27ee5 mod_posix: Check version of pposix
Matthew Wild <mwild1@gmail.com>
parents: 723
diff changeset
1
734
cfb4ec5cba5e Fix for pposix version detection
Matthew Wild <mwild1@gmail.com>
parents: 728
diff changeset
2 local want_pposix_version = "0.3.0";
587
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
3
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
4 local pposix = assert(require "util.pposix");
735
d247d061409a mod_posix: logging fix
Matthew Wild <mwild1@gmail.com>
parents: 734
diff changeset
5 if pposix._VERSION ~= want_pposix_version then module:log("warn", "Unknown version (%s) of binary pposix module, expected %s", tostring(pposix._VERSION), want_pposix_version); end
587
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
6
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
7 local signal = select(2, pcall(require, "util.signal"));
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
8 if type(signal) == "string" then
1062
f9a1ac50782b mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents: 1061
diff changeset
9 module:log("warn", "Couldn't load signal library, won't respond to SIGTERM");
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
10 end
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
11
587
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
12 local config_get = require "core.configmanager".get;
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
13 local logger_set = require "util.logger".setwriter;
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
14
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
15 module.host = "*"; -- we're a global module
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
16
1092
b547967d87fc mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents: 1062
diff changeset
17 -- Don't even think about it!
b547967d87fc mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents: 1062
diff changeset
18 module:add_event_hook("server-starting", function ()
b547967d87fc mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents: 1062
diff changeset
19 if pposix.getuid() == 0 and not config_get("*", "core", "run_as_root") then
b547967d87fc mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents: 1062
diff changeset
20 module:log("error", "Danger, Will Robinson! Prosody doesn't need to be run as root, so don't do it!");
b547967d87fc mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents: 1062
diff changeset
21 module:log("error", "For more information on running Prosody as root, see http://prosody.im/doc/root");
b547967d87fc mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents: 1062
diff changeset
22 _G.prosody_shutdown("Refusing to run as root");
b547967d87fc mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents: 1062
diff changeset
23 end
b547967d87fc mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents: 1062
diff changeset
24 end);
b547967d87fc mod_posix: Don't let the server run as root without the magic run_as_root in config
Matthew Wild <mwild1@gmail.com>
parents: 1062
diff changeset
25
1032
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
26 local pidfile_written;
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
27
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
28 local function remove_pidfile()
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
29 if pidfile_written then
1061
8c5876378c6f mod_posix: Fix for removing the pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 1045
diff changeset
30 os.remove(pidfile_written);
1032
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
31 pidfile_written = nil;
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
32 end
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
33 end
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
34
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
35 local function write_pidfile()
1032
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
36 if pidfile_written then
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
37 remove_pidfile();
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
38 end
1062
f9a1ac50782b mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents: 1061
diff changeset
39 local pidfile = config_get("*", "core", "pidfile");
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
40 if pidfile then
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
41 local pf, err = io.open(pidfile, "w+");
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
42 if not pf then
1062
f9a1ac50782b mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents: 1061
diff changeset
43 module:log("error", "Couldn't write pidfile; %s", err);
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
44 else
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
45 pf:write(tostring(pposix.getpid()));
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
46 pf:close();
1032
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
47 pidfile_written = pidfile;
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
48 end
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
49 end
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
50 end
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
51
1033
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
52 local syslog_opened
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
53 function syslog_sink_maker(config)
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
54 if not syslog_opened then
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
55 pposix.syslog_open("prosody");
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
56 syslog_opened = true;
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
57 end
1033
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
58 local syslog, format = pposix.syslog_log, string.format;
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
59 return function (name, level, message, ...)
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
60 if ... then
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
61 syslog(level, format(message, ...));
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
62 else
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
63 syslog(level, message);
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
64 end
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
65 end;
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
66 end
1033
4a9f0d482028 mod_posix: Integrate with loggingmanager, register syslog sink, remove redundant logging code
Matthew Wild <mwild1@gmail.com>
parents: 1032
diff changeset
67 require "core.loggingmanager".register_sink_type("syslog", syslog_sink_maker);
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
68
587
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
69 if not config_get("*", "core", "no_daemonize") then
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
70 local function daemonize_server()
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
71 local ok, ret = pposix.daemonize();
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
72 if not ok then
1062
f9a1ac50782b mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents: 1061
diff changeset
73 module:log("error", "Failed to daemonize: %s", ret);
587
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
74 elseif ret and ret > 0 then
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
75 os.exit(0);
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
76 else
1062
f9a1ac50782b mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents: 1061
diff changeset
77 module:log("info", "Successfully daemonized to PID %d", pposix.getpid());
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
78 write_pidfile();
587
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
79 end
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
80 end
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
81 module:add_event_hook("server-starting", daemonize_server);
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
82 else
1032
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
83 -- Not going to daemonize, so write the pid of this process
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
84 write_pidfile();
587
43f509a1519a Add mod_posix, fixes #5
Matthew Wild <mwild1@gmail.com>
parents:
diff changeset
85 end
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
86
1032
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
87 module:add_event_hook("server-stopped", remove_pidfile);
409f22d0430f mod_posix: Remove pidfile on exit
Matthew Wild <mwild1@gmail.com>
parents: 991
diff changeset
88
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
89 -- Set signal handler
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
90 if signal.signal then
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
91 signal.signal("SIGTERM", function ()
1062
f9a1ac50782b mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents: 1061
diff changeset
92 module:log("warn", "Received SIGTERM...");
f9a1ac50782b mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents: 1061
diff changeset
93 _G.unlock_globals();
f9a1ac50782b mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents: 1061
diff changeset
94 if _G.prosody_shutdown then
f9a1ac50782b mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents: 1061
diff changeset
95 _G.prosody_shutdown("Received SIGTERM");
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
96 else
1062
f9a1ac50782b mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents: 1061
diff changeset
97 module:log("warn", "...no prosody_shutdown(), ignoring.");
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
98 end
1062
f9a1ac50782b mod_posix: Fix calls to log() (replace with module:log) and make some global accesses explicit
Matthew Wild <mwild1@gmail.com>
parents: 1061
diff changeset
99 _G.lock_globals();
991
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
100 end);
cd0d75de8345 mod_posix: Allow logging and pidfile options to take effect without needing to daemonize. Add the ability to catch SIGTERM.
Matthew Wild <mwild1@gmail.com>
parents: 735
diff changeset
101 end