Use runcap to run the external reload command

author: Sergey Poznyakoff <gray@nxc.no> 2017-08-14 16:50:19 +0300
committer: Sergey Poznyakoff <gray@nxc.no> 2017-08-14 17:17:39 +0300
commit: c5ec9d5c9139eae5f1db11caf3ad5065f6665996 (patch)
tree: 846dfbe79865fd0e06e79e15e3493b27efa8a201
parent: d5757191d8b6102b522709ad042188f8ba318ba5 (diff)
download: nssync-c5ec9d5c9139eae5f1db11caf3ad5065f6665996.tar.gz
nssync-c5ec9d5c9139eae5f1db11caf3ad5065f6665996.tar.bz2
1 files changed, 77 insertions, 10 deletions
diff --git a/src/nssync.c b/src/nssync.c
index a0084b8..5dea11c 100644
--- a/src/nssync.c
+++ b/src/nssync.c
@@ -17,6 +17,7 @@
 #include "nssync.h"
 #include <sys/stat.h>
 #include <fcntl.h>
+#include "runcap.h"
 int lint_mode;
 int dry_run_mode;
@@ -449,6 +450,79 @@ check_pidfile()
        atexit(remove_pidfile);
 }
+struct linemon_closure
+{
+        char const *prefix;
+};
+static void
+linemon(const char *ptr, size_t len, void *data)
+{
+        struct linemon_closure *clos = data;
+        if (ptr[len-1] != '\n')
+                error("[%s]: %*.*s\\",
+                      clos->prefix, (int)len, (int)len, ptr);
+        else
+                error("[%s]: %*.*s",
+                      clos->prefix, (int)(len - 1), (int)(len - 1), ptr);
+}
+int
+dns_reload(void)
+{
+        int c;
+        struct runcap rc;
+        char *argv[4];
+        struct linemon_closure closure[2];
+        
+        debug(1,("about to run %s", reload_command));
+        if (dry_run_mode)
+                return 0;
+        argv[0] = "/bin/sh";
+        argv[1] = "-c";
+        argv[2] = reload_command;
+        argv[3] = NULL;
+        
+        closure[0].prefix = "STDOUT";
+        rc.rc_cap[RUNCAP_STDOUT].sc_linemon = linemon;
+        rc.rc_cap[RUNCAP_STDOUT].sc_monarg = &closure[0];
+        closure[1].prefix = "STDERR";   
+        rc.rc_cap[RUNCAP_STDERR].sc_linemon = linemon;
+        rc.rc_cap[RUNCAP_STDERR].sc_monarg = &closure[1];
+        rc.rc_timeout = 10; /* FIXME */
+        rc.rc_argv = argv;
+        c = runcap(&rc,
+                   RCF_STDOUT_LINEMON | RCF_STDERR_LINEMON | RCF_TIMEOUT);
+        if (c) {
+                error("can't run \"%s\": %s", reload_command, strerror(errno));
+        } else if (WIFEXITED(rc.rc_status)) {
+                int status = WEXITSTATUS(rc.rc_status);
+                if (status) {
+                        error("command \"%s\" returned %d",
+                              reload_command, status);
+                        c = 1;
+                }
+        } else if (WIFSIGNALED(rc.rc_status)) {
+                error("command \"%s\" terminated on signal %d",
+                      reload_command, WTERMSIG(rc.rc_status));
+                c = 1;
+        } else if (WIFSTOPPED(rc.rc_status)) {
+                error("command \"%s\" got stopped", reload_command);
+                c = 1;
+        } else {
+                error("command \"%s\" terminated with unrecognized status %d",
+                      reload_command, rc.rc_status);
+                c = 1;
+        }
+        runcap_free(&rc);
+        return c;
+}
 int
 nssync()
 {
@@ -476,16 +550,9 @@ nssync()
        if (error_count)
                return -1;
        
-        if (changed_zones) {
+        if (changed_zones)
-                debug(1,("about to run %s", reload_command));
+                //FIXME: set error if it returns !0
-                if (!dry_run_mode) {
+                dns_reload();   
-                        int rc = system(reload_command);
-                        if (rc) {
-                                debug(1,("reload command returned %d", rc));
-                                exit(EX_UNAVAILABLE);
-                        }
-                }
-        }
 }
 int
author	Sergey Poznyakoff <gray@nxc.no>	2017-08-14 16:50:19 +0300
committer	Sergey Poznyakoff <gray@nxc.no>	2017-08-14 17:17:39 +0300
commit	c5ec9d5c9139eae5f1db11caf3ad5065f6665996 (patch)
tree	846dfbe79865fd0e06e79e15e3493b27efa8a201
parent	d5757191d8b6102b522709ad042188f8ba318ba5 (diff)
download	nssync-c5ec9d5c9139eae5f1db11caf3ad5065f6665996.tar.gz nssync-c5ec9d5c9139eae5f1db11caf3ad5065f6665996.tar.bz2

diff --git a/src/nssync.c b/src/nssync.c index a0084b8..5dea11c 100644 --- a/src/nssync.c +++ b/src/nssync.c
@@ -17,6 +17,7 @@
17	#include "nssync.h"	17	#include "nssync.h"
18	#include <sys/stat.h>	18	#include <sys/stat.h>
19	#include <fcntl.h>	19	#include <fcntl.h>
		20	#include "runcap.h"
20		21
21	int lint_mode;	22	int lint_mode;
22	int dry_run_mode;	23	int dry_run_mode;
@@ -449,6 +450,79 @@ check_pidfile()
449	atexit(remove_pidfile);	450	atexit(remove_pidfile);
450	}	451	}
451		452
		453	struct linemon_closure
		454	{
		455	char const *prefix;
		456	};
		457
		458	static void
		459	linemon(const char ptr, size_t len, void data)
		460	{
		461	struct linemon_closure *clos = data;
		462	if (ptr[len-1] != '\n')
		463	error("[%s]: %.s\\",
		464	clos->prefix, (int)len, (int)len, ptr);
		465	else
		466	error("[%s]: %.s",
		467	clos->prefix, (int)(len - 1), (int)(len - 1), ptr);
		468	}
		469
		470	int
		471	dns_reload(void)
		472	{
		473	int c;
		474	struct runcap rc;
		475	char *argv[4];
		476	struct linemon_closure closure[2];
		477
		478	debug(1,("about to run %s", reload_command));
		479	if (dry_run_mode)
		480	return 0;
		481
		482	argv[0] = "/bin/sh";
		483	argv[1] = "-c";
		484	argv[2] = reload_command;
		485	argv[3] = NULL;
		486
		487	closure[0].prefix = "STDOUT";
		488	rc.rc_cap[RUNCAP_STDOUT].sc_linemon = linemon;
		489	rc.rc_cap[RUNCAP_STDOUT].sc_monarg = &closure[0];
		490	closure[1].prefix = "STDERR";
		491	rc.rc_cap[RUNCAP_STDERR].sc_linemon = linemon;
		492	rc.rc_cap[RUNCAP_STDERR].sc_monarg = &closure[1];
		493
		494	rc.rc_timeout = 10; /* FIXME */
		495	rc.rc_argv = argv;
		496
		497	c = runcap(&rc,
		498	RCF_STDOUT_LINEMON \| RCF_STDERR_LINEMON \| RCF_TIMEOUT);
		499
		500	if (c) {
		501	error("can't run \"%s\": %s", reload_command, strerror(errno));
		502	} else if (WIFEXITED(rc.rc_status)) {
		503	int status = WEXITSTATUS(rc.rc_status);
		504	if (status) {
		505	error("command \"%s\" returned %d",
		506	reload_command, status);
		507	c = 1;
		508	}
		509	} else if (WIFSIGNALED(rc.rc_status)) {
		510	error("command \"%s\" terminated on signal %d",
		511	reload_command, WTERMSIG(rc.rc_status));
		512	c = 1;
		513	} else if (WIFSTOPPED(rc.rc_status)) {
		514	error("command \"%s\" got stopped", reload_command);
		515	c = 1;
		516	} else {
		517	error("command \"%s\" terminated with unrecognized status %d",
		518	reload_command, rc.rc_status);
		519	c = 1;
		520	}
		521	runcap_free(&rc);
		522	return c;
		523	}
		524
		525
452	int	526	int
453	nssync()	527	nssync()
454	{	528	{
@@ -476,16 +550,9 @@ nssync()
476	if (error_count)	550	if (error_count)
477	return -1;	551	return -1;
478		552
479	if (changed_zones) {	553	if (changed_zones)
480	debug(1,("about to run %s", reload_command));	554	//FIXME: set error if it returns !0
481	if (!dry_run_mode) {	555	dns_reload();
482	int rc = system(reload_command);
483	if (rc) {
484	debug(1,("reload command returned %d", rc));
485	exit(EX_UNAVAILABLE);
486	}
487	}
488	}
489	}	556	}
490		557
491	int	558	int