Browse Source

* use extern appconfig variable in daemon.c

master
Alex 'AdUser' Z 8 years ago
parent
commit
3fd2a97084
  1. 3
      src/CMakeLists.txt
  2. 121
      src/daemon.c

3
src/CMakeLists.txt

@ -1,6 +1,7 @@
set(CMAKE_INCLUDE_CURRENT_DIR ON) set(CMAKE_INCLUDE_CURRENT_DIR ON)
set(SOURCES "daemon.c" "strlcpy.c" "config.c" "log.c" "matches.c" "ipaddr.c" "source.c" "filter.c" "backend.c" "jail.c") set(SOURCES "daemon.c" "strlcpy.c" "config.c" "log.c" "matches.c" "ipaddr.c"
"appconfig.c" "source.c" "filter.c" "backend.c" "jail.c")
if (WITH_CSOCKET) if (WITH_CSOCKET)
list(APPEND SOURCES "commands.c" "csocket.c" "cmsg.c") list(APPEND SOURCES "commands.c" "csocket.c" "cmsg.c")

121
src/daemon.c

@ -9,36 +9,13 @@
#include "config.h" #include "config.h"
#include "jail.h" #include "jail.h"
#include "backend.h" #include "backend.h"
#include "appconfig.h"
#include "commands.h" #include "commands.h"
#include "cmsg.h" #include "cmsg.h"
#include "csocket.h" #include "csocket.h"
#include <getopt.h> #include <getopt.h>
#include <signal.h> #include <signal.h>
#include <pwd.h>
#include <grp.h>
/** global variables */
struct {
bool daemon;
uid_t uid;
gid_t gid;
int csock;
char logdest[CONFIG_KEY_MAX];
char config_path[PATH_MAX];
char logfile_path[PATH_MAX];
char csocket_path[PATH_MAX];
char pidfile_path[PATH_MAX];
} opts = {
false,
0, 0,
-1,
"file",
"/etc/f2b/f2b.conf",
"/var/log/f2b.log",
DEFAULT_CSOCKET_PATH,
DEFAULT_PIDFILE_PATH,
};
enum { stop = 0, run, reconfig, logrotate, test } state = run; enum { stop = 0, run, reconfig, logrotate, test } state = run;
@ -124,7 +101,7 @@ f2b_cmsg_process(const f2b_cmsg_t *msg, char *res, size_t ressize) {
state = stop; state = stop;
} else if (msg->type == CMD_STATUS) { } else if (msg->type == CMD_STATUS) {
snprintf(line, sizeof(line), "pid: %u\npidfile: %s\ncsocket: %s\njails:\n", snprintf(line, sizeof(line), "pid: %u\npidfile: %s\ncsocket: %s\njails:\n",
getpid(), opts.pidfile_path, opts.csocket_path); getpid(), appconfig.pidfile_path, appconfig.csocket_path);
strlcpy(res, line, ressize); strlcpy(res, line, ressize);
for (jail = jails; jail != NULL; jail = jail->next) { for (jail = jails; jail != NULL; jail = jail->next) {
snprintf(line, sizeof(line), "- %s\n", jail->name); snprintf(line, sizeof(line), "- %s\n", jail->name);
@ -152,62 +129,6 @@ f2b_cmsg_process(const f2b_cmsg_t *msg, char *res, size_t ressize) {
} }
#endif /* WITH_CSOCKET */ #endif /* WITH_CSOCKET */
void
update_opts_from_config(f2b_config_section_t *section) {
f2b_config_param_t *pa, *pb;
if (!section)
return;
/* set uid & gid. note: set only once if root */
if (opts.uid == 0 && (pa = f2b_config_param_find(section->param, "user")) != NULL) {
struct passwd *pw;
if ((pw = getpwnam(pa->value)) != NULL)
opts.uid = pw->pw_uid, opts.gid = pw->pw_gid;
}
if (opts.gid == 0 && (pa = f2b_config_param_find(section->param, "group")) != NULL) {
struct group *grp;
if ((grp = getgrnam(pa->value)) != NULL)
opts.gid = grp->gr_gid;
}
if (opts.daemon == false && (pa = f2b_config_param_find(section->param, "daemon")) != NULL) {
if (strcmp(pa->value, "yes") == 0)
opts.daemon = true;
}
if ((pa = f2b_config_param_find(section->param, "pidfile")) != NULL)
strlcpy(opts.pidfile_path, pa->value, sizeof(opts.pidfile_path));
if ((pa = f2b_config_param_find(section->param, "csocket")) != NULL)
strlcpy(opts.csocket_path, pa->value, sizeof(opts.csocket_path));
/* setup logging */
if ((pa = f2b_config_param_find(section->param, "loglevel")) != NULL)
f2b_log_set_level(pa->value);
pa = f2b_config_param_find(section->param, "logdest");
pb = f2b_config_param_find(section->param, "logfile");
if (pa) {
strlcpy(opts.logdest, pa->value, sizeof(opts.logdest));
if (!opts.daemon && strcmp(pa->value, "stderr") == 0) {
f2b_log_to_stderr();
} else if (strcmp(pa->value, "file") == 0) {
if (pb && *pb->value != '\0') {
strlcpy(opts.logfile_path, pb->value, sizeof(opts.logfile_path));
f2b_log_to_file(opts.logfile_path);
} else {
f2b_log_msg(log_warn, "you must set 'logfile' option with 'logdest = file'");
f2b_log_to_syslog();
}
} else {
f2b_log_to_syslog();
}
}
/* TODO: */
}
void void
jails_start(f2b_config_t *config) { jails_start(f2b_config_t *config) {
f2b_jail_t *jail = NULL; f2b_jail_t *jail = NULL;
@ -255,10 +176,10 @@ int main(int argc, char *argv[]) {
while ((opt = getopt(argc, argv, "c:dht")) != -1) { while ((opt = getopt(argc, argv, "c:dht")) != -1) {
switch (opt) { switch (opt) {
case 'c': case 'c':
strlcpy(opts.config_path, optarg, sizeof(opts.config_path)); strlcpy(appconfig.config_path, optarg, sizeof(appconfig.config_path));
break; break;
case 'd': case 'd':
opts.daemon = true; appconfig.daemon = true;
break; break;
case 'h': case 'h':
usage(EXIT_SUCCESS); usage(EXIT_SUCCESS);
@ -277,20 +198,20 @@ int main(int argc, char *argv[]) {
SA_REGISTER(SIGHUP, &signal_handler); SA_REGISTER(SIGHUP, &signal_handler);
SA_REGISTER(SIGUSR1, &signal_handler); SA_REGISTER(SIGUSR1, &signal_handler);
if (opts.config_path[0] == '\0') if (appconfig.config_path[0] == '\0')
usage(EXIT_FAILURE); usage(EXIT_FAILURE);
memset(&config, 0x0, sizeof(config)); memset(&config, 0x0, sizeof(config));
if (f2b_config_load(&config, opts.config_path, true) != true) { if (f2b_config_load(&config, appconfig.config_path, true) != true) {
f2b_log_msg(log_error, "can't load config from '%s'", opts.config_path); f2b_log_msg(log_error, "can't load config from '%s'", appconfig.config_path);
return EXIT_FAILURE; return EXIT_FAILURE;
} }
if (state == test) { if (state == test) {
fprintf(stderr, "config test ok\n"); fprintf(stderr, "config test ok\n");
exit(EXIT_SUCCESS); exit(EXIT_SUCCESS);
} }
update_opts_from_config(config.main); f2b_appconfig_update(config.main);
if (opts.daemon) { if (appconfig.daemon) {
pid_t pid = fork(); pid_t pid = fork();
if (pid > 0) if (pid > 0)
exit(EXIT_SUCCESS); exit(EXIT_SUCCESS);
@ -303,8 +224,8 @@ int main(int argc, char *argv[]) {
/* child */ /* child */
setsid(); setsid();
if (getuid() == 0 && if (getuid() == 0 &&
(setuid(opts.uid) != 0 || (setuid(appconfig.uid) != 0 ||
setgid(opts.gid) != 0)) { setgid(appconfig.gid) != 0)) {
perror("child: setuid()/setgid() failed"); perror("child: setuid()/setgid() failed");
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
@ -317,9 +238,9 @@ int main(int argc, char *argv[]) {
} }
} }
if (opts.pidfile_path[0] != '\0') { if (appconfig.pidfile_path[0] != '\0') {
FILE *pidfile = NULL; FILE *pidfile = NULL;
if ((pidfile = fopen(opts.pidfile_path, "w")) != NULL) { if ((pidfile = fopen(appconfig.pidfile_path, "w")) != NULL) {
if (flock(fileno(pidfile), LOCK_EX | LOCK_NB) != 0) { if (flock(fileno(pidfile), LOCK_EX | LOCK_NB) != 0) {
const char *err = (errno == EWOULDBLOCK) const char *err = (errno == EWOULDBLOCK)
? "another instance already running" ? "another instance already running"
@ -334,8 +255,8 @@ int main(int argc, char *argv[]) {
} }
} }
if (opts.csocket_path[0] != '\0') if (appconfig.csocket_path[0] != '\0')
opts.csock = f2b_csocket_create(opts.csocket_path); appconfig.csock = f2b_csocket_create(appconfig.csocket_path);
if (config.defaults) if (config.defaults)
f2b_jail_set_defaults(config.defaults); f2b_jail_set_defaults(config.defaults);
@ -352,29 +273,29 @@ int main(int argc, char *argv[]) {
for (f2b_jail_t *jail = jails; jail != NULL; jail = jail->next) { for (f2b_jail_t *jail = jails; jail != NULL; jail = jail->next) {
f2b_jail_process(jail); f2b_jail_process(jail);
} }
f2b_csocket_poll(opts.csock, f2b_cmsg_process); f2b_csocket_poll(appconfig.csock, f2b_cmsg_process);
sleep(1); sleep(1);
if (state == logrotate && strcmp(opts.logdest, "file") == 0) { if (state == logrotate && strcmp(appconfig.logdest, "file") == 0) {
state = run; state = run;
f2b_log_to_file(opts.logfile_path); f2b_log_to_file(appconfig.logfile_path);
} }
if (state == reconfig) { if (state == reconfig) {
state = run; state = run;
memset(&config, 0x0, sizeof(config)); memset(&config, 0x0, sizeof(config));
if (f2b_config_load(&config, opts.config_path, true)) { if (f2b_config_load(&config, appconfig.config_path, true)) {
jails_stop(jails); jails_stop(jails);
jails = NULL; jails = NULL;
if (config.defaults) if (config.defaults)
f2b_jail_set_defaults(config.defaults); f2b_jail_set_defaults(config.defaults);
jails_start(&config); jails_start(&config);
} else { } else {
f2b_log_msg(log_error, "can't load config from '%s'", opts.config_path); f2b_log_msg(log_error, "can't load config from '%s'", appconfig.config_path);
} }
f2b_config_free(&config); f2b_config_free(&config);
} }
} }
f2b_csocket_destroy(opts.csock, opts.csocket_path); f2b_csocket_destroy(appconfig.csock, appconfig.csocket_path);
jails_stop(jails); jails_stop(jails);
jails = NULL; jails = NULL;

Loading…
Cancel
Save