[Pkg-gnupg-commit] [gnupg2] 171/292: dirmngr: Implement --supervised command (for systemd, etc).
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Mon Nov 21 06:31:38 UTC 2016
This is an automated email from the git hooks/post-receive script.
dkg pushed a commit to branch master
in repository gnupg2.
commit 75f8aaf5bc2dc7fcffe2987a572d489155c91eb9
Author: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
Date: Wed Oct 26 16:37:08 2016 -0400
dirmngr: Implement --supervised command (for systemd, etc).
* dirmngr/dirmngr.c (main): Add new --supervised command, which is a
mode designed for running under a process supervision system like
systemd or runit.
* doc/dirmngr.texi: document --supervised option.
--
"dirmngr --supervised" is a way to invoke dirmngr such that a system
supervisor like systemd can provide socket-activated startup, log
management, and scheduled shutdown.
When running in this mode, dirmngr:
* Does not open its own listening socket; rather, it expects to be
given a listening socket on file descriptor 3.
* Does not detach from the invoking process, staying in the
foreground instead.
Signed-off-by: Daniel Kahn Gillmor <dkg at fifthhorseman.net>
---
dirmngr/dirmngr.c | 40 ++++++++++++++++++++++++++++++++++++++++
doc/dirmngr.texi | 7 +++++++
2 files changed, 47 insertions(+)
diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
index c9e4a05..2903681 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@@ -88,6 +88,7 @@ enum cmd_and_opt_values {
aServer,
aDaemon,
+ aSupervised,
aListCRLs,
aLoadCRL,
aFetchCRL,
@@ -149,6 +150,7 @@ static ARGPARSE_OPTS opts[] = {
ARGPARSE_c (aServer, "server", N_("run in server mode (foreground)") ),
ARGPARSE_c (aDaemon, "daemon", N_("run in daemon mode (background)") ),
+ ARGPARSE_c (aSupervised, "supervised", N_("run under supervision (e.g. systemd)")),
ARGPARSE_c (aListCRLs, "list-crls", N_("list the contents of the CRL cache")),
ARGPARSE_c (aLoadCRL, "load-crl", N_("|FILE|load CRL from FILE into cache")),
ARGPARSE_c (aFetchCRL, "fetch-crl", N_("|URL|fetch a CRL from URL")),
@@ -814,6 +816,7 @@ main (int argc, char **argv)
{
case aServer:
case aDaemon:
+ case aSupervised:
case aShutdown:
case aFlush:
case aListCRLs:
@@ -993,6 +996,43 @@ main (int argc, char **argv)
start_command_handler (ASSUAN_INVALID_FD);
shutdown_reaper ();
}
+ else if (cmd == aSupervised)
+ {
+ /* In supervised mode, we expect file descriptor 3 to be an
+ already opened, listening socket.
+
+ We will also not detach from the controlling process or close
+ stderr; the supervisor should handle all of that. */
+ struct stat statbuf;
+ if (fstat (3, &statbuf) == -1 && errno ==EBADF)
+ {
+ log_error ("file descriptor 3 must be already open in --supervised mode\n");
+ dirmngr_exit (1);
+ }
+ socket_name = gnupg_get_socket_name (3);
+
+ /* Now start with logging to a file if this is desired. */
+ if (logfile)
+ {
+ log_set_file (logfile);
+ log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
+ |GPGRT_LOG_WITH_TIME
+ |GPGRT_LOG_WITH_PID));
+ current_logfile = xstrdup (logfile);
+ }
+ else
+ log_set_prefix (NULL, 0);
+
+ thread_init ();
+ cert_cache_init ();
+ crl_cache_init ();
+#if USE_LDAP
+ ldap_wrapper_launch_thread ();
+#endif /*USE_LDAP*/
+ handle_connections (3);
+ assuan_sock_close (3);
+ shutdown_reaper ();
+ }
else if (cmd == aDaemon)
{
assuan_fd_t fd;
diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
index bb8281d..69d7e5e 100644
--- a/doc/dirmngr.texi
+++ b/doc/dirmngr.texi
@@ -85,6 +85,13 @@ Run in background daemon mode and listen for commands on a socket.
Note that this also changes the default home directory and enables the
internal certificate validation code. This mode is deprecated.
+ at item --supervised
+ at opindex supervised
+Run in the foreground, sending logs to stderr, and listening on file
+descriptor 3, which must already be bound to a listening socket. This
+is useful when running under systemd or other similar process
+supervision schemes.
+
@item --list-crls
@opindex list-crls
List the contents of the CRL cache on @code{stdout}. This is probably
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-gnupg/gnupg2.git
More information about the Pkg-gnupg-commit
mailing list