daemon.c revision 167356 
1/*-
2 * Copyright (c) 1999 Berkeley Software Design, Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 *    notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 *    notice, this list of conditions and the following disclaimer in the
11 *    documentation and/or other materials provided with the distribution.
12 * 3. Berkeley Software Design Inc's name may not be used to endorse or
13 *    promote products derived from this software without specific prior
14 *    written permission.
15 *
16 * THIS SOFTWARE IS PROVIDED BY BERKELEY SOFTWARE DESIGN INC ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED.  IN NO EVENT SHALL BERKELEY SOFTWARE DESIGN INC BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26 * SUCH DAMAGE.
27 *
28 *	From BSDI: daemon.c,v 1.2 1996/08/15 01:11:09 jch Exp
29 */
30
31#include <sys/cdefs.h>
32__FBSDID("$FreeBSD: head/usr.sbin/daemon/daemon.c 167356 2007-03-09 09:33:19Z trhodes $");
33
34#include <sys/param.h>
35
36#include <err.h>
37#include <errno.h>
38#include <pwd.h>
39#include <grp.h>
40#include <libutil.h>
41#include <stdio.h>
42#include <stdlib.h>
43#include <unistd.h>
44
45static void restrict_process(const char *, const char *);
46static void usage(void);
47
48int
49main(int argc, char *argv[])
50{
51	struct pidfh *pfh;
52	int ch, nochdir, noclose, errcode;
53	const char *pidfile, *user, *group;
54	pid_t otherpid;
55
56	nochdir = noclose = 1;
57	pidfile = user = group = NULL;
58	while ((ch = getopt(argc, argv, "-cfg:p:u:")) != -1) {
59		switch (ch) {
60		case 'c':
61			nochdir = 0;
62			break;
63		case 'f':
64			noclose = 0;
65			break;
66		case 'u':
67			user = optarg;
68			break;
69		case 'g':
70			group = optarg;
71			break;
72		case 'p':
73			pidfile = optarg;
74			break;
75		default:
76			usage();
77		}
78	}
79	argc -= optind;
80	argv += optind;
81
82	if (argc == 0)
83		usage();
84
85	if (user || group) {
86		if (getuid() != 0)
87			errx(1, "only root user is allowed to chroot "
88			    "and change UID/GID");
89		restrict_process(user, group);
90	}
91
92	/*
93	 * Try to open the pidfile before calling daemon(3),
94	 * to be able to report the error intelligently
95	 */
96	if (pidfile) {
97		pfh = pidfile_open(pidfile, 0600, &otherpid);
98		if (pfh == NULL) {
99			if (errno == EEXIST) {
100				errx(3, "process already running, pid: %d",
101				    otherpid);
102			}
103			err(2, "pidfile ``%s''", pidfile);
104		}
105	}
106
107	if (daemon(nochdir, noclose) == -1)
108		err(1, NULL);
109
110	/* Now that we are the child, write out the pid */
111	if (pidfile)
112		pidfile_write(pfh);
113
114	execvp(argv[0], argv);
115
116	/*
117	 * execvp() failed -- unlink pidfile if any, and
118	 * report the error
119	 */
120	errcode = errno; /* Preserve errcode -- unlink may reset it */
121	if (pidfile)
122		pidfile_remove(pfh);
123
124	/* The child is now running, so the exit status doesn't matter. */
125	errc(1, errcode, "%s", argv[0]);
126}
127
128static void
129restrict_process(const char *user, const char *group)
130{
131	struct group *gr = NULL;
132	struct passwd *pw = NULL;
133	errno = 0;
134
135	if (group != NULL) {
136		if (initgroups(user, gr->gr_gid) == -1)
137			errx(1, "User not in group list");
138		if ((gr = getgrnam(group)) == NULL)
139			errx(1, "Group %s does not exist", group);
140		if (setgid(gr->gr_gid) == -1)
141			err(1, "%s", group);
142	}
143
144	if (user != NULL) {
145		if ((pw = getpwnam(user)) == NULL)
146			errx(1, "User %s does not exist", user);
147		if (setuid(pw->pw_uid) == -1)
148			err(1, "%s", user);
149	}
150}
151
152static void
153usage(void)
154{
155	(void)fprintf(stderr,
156	    "usage: daemon [-cf] [-g group] [-p pidfile] [-u user] command "
157		"arguments ...\n");
158	exit(1);
159}
160