dirmngr: Implement --supervised command (for systemd, etc).

* dirmngr/dirmngr.c (main): Add new --supervised command, which is a mode designed for running under a process supervision system like systemd or runit. * doc/dirmngr.texi: document --supervised option. -- "dirmngr --supervised" is a way to invoke dirmngr such that a system supervisor like systemd can provide socket-activated startup, log management, and scheduled shutdown. When running in this mode, dirmngr: * Does not open its own listening socket; rather, it expects to be given a listening socket on file descriptor 3. * Does not detach from the invoking process, staying in the foreground instead. Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-10-26 16:37:08 -04:00 · 2016-10-26 16:37:08 -04:00 · 75f8aaf5bc
parent 6316b28e89
commit 75f8aaf5bc
2 changed files with 47 additions and 0 deletions
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@ -88,6 +88,7 @@ enum cmd_and_opt_values {

  aServer,
  aDaemon,
+  aSupervised,
  aListCRLs,
  aLoadCRL,
  aFetchCRL,
@ -149,6 +150,7 @@ static ARGPARSE_OPTS opts[] = {

  ARGPARSE_c (aServer,   "server",  N_("run in server mode (foreground)") ),
  ARGPARSE_c (aDaemon,   "daemon",  N_("run in daemon mode (background)") ),
+  ARGPARSE_c (aSupervised, "supervised", N_("run under supervision (e.g. systemd)")),
  ARGPARSE_c (aListCRLs, "list-crls", N_("list the contents of the CRL cache")),
  ARGPARSE_c (aLoadCRL,  "load-crl",  N_("|FILE|load CRL from FILE into cache")),
  ARGPARSE_c (aFetchCRL, "fetch-crl", N_("|URL|fetch a CRL from URL")),
@ -814,6 +816,7 @@ main (int argc, char **argv)
        {
        case aServer:
        case aDaemon:
+        case aSupervised:
        case aShutdown:
        case aFlush:
 	case aListCRLs:
@ -993,6 +996,43 @@ main (int argc, char **argv)
      start_command_handler (ASSUAN_INVALID_FD);
      shutdown_reaper ();
    }
+  else if (cmd == aSupervised)
+    {
+      /* In supervised mode, we expect file descriptor 3 to be an
+         already opened, listening socket.
+
+         We will also not detach from the controlling process or close
+         stderr; the supervisor should handle all of that.  */
+      struct stat statbuf;
+      if (fstat (3, &statbuf) == -1 && errno ==EBADF)
+        {
+          log_error ("file descriptor 3 must be already open in --supervised mode\n");
+          dirmngr_exit (1);
+        }
+      socket_name = gnupg_get_socket_name (3);
+
+      /* Now start with logging to a file if this is desired. */
+      if (logfile)
+        {
+          log_set_file (logfile);
+          log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
+                                 |GPGRT_LOG_WITH_TIME
+                                 |GPGRT_LOG_WITH_PID));
+          current_logfile = xstrdup (logfile);
+        }
+      else
+        log_set_prefix (NULL, 0);
+
+      thread_init ();
+      cert_cache_init ();
+      crl_cache_init ();
+#if USE_LDAP
+      ldap_wrapper_launch_thread ();
+#endif /*USE_LDAP*/
+      handle_connections (3);
+      assuan_sock_close (3);
+      shutdown_reaper ();
+    }
  else if (cmd == aDaemon)
    {
      assuan_fd_t fd;
--- a/doc/dirmngr.texi
+++ b/doc/dirmngr.texi
@ -85,6 +85,13 @@ Run in background daemon mode and listen for commands on a socket.
 Note that this also changes the default home directory and enables the
 internal certificate validation code.  This mode is deprecated.

+@item --supervised
+@opindex supervised
+Run in the foreground, sending logs to stderr, and listening on file
+descriptor 3, which must already be bound to a listening socket.  This
+is useful when running under systemd or other similar process
+supervision schemes.
+
@item --list-crls
@opindex list-crls
 List the contents of the CRL cache on @code{stdout}. This is probably