diff options
| author | Lennart Poettering <lennart@poettering.net> | 2008-05-15 23:34:41 +0000 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2008-05-15 23:34:41 +0000 |
| commit | 045c1d602dcba57868845ba3270510593c39480f (patch) | |
| tree | b3d61f180e6fa40f97a80aa3e46d7c910ed7c2a6 /src/daemon | |
| parent | 91f092eadcc5e9075e04ae42df11de28ef5047a8 (diff) | |
merge glitch-free branch back into trunk
git-svn-id: file:///home/lennart/svn/public/pulseaudio/trunk@2445 fefdeb5f-60dc-0310-8127-8f9354f1896f
Diffstat (limited to 'src/daemon')
| -rw-r--r-- | src/daemon/caps.c | 28 | ||||
| -rw-r--r-- | src/daemon/caps.h | 2 | ||||
| -rw-r--r-- | src/daemon/cmdline.c | 3 | ||||
| -rw-r--r-- | src/daemon/cpulimit.c | 6 | ||||
| -rw-r--r-- | src/daemon/daemon-conf.c | 178 | ||||
| -rw-r--r-- | src/daemon/daemon-conf.h | 21 | ||||
| -rw-r--r-- | src/daemon/daemon.conf.in | 14 | ||||
| -rw-r--r-- | src/daemon/main.c | 297 |
8 files changed, 341 insertions, 208 deletions
diff --git a/src/daemon/caps.c b/src/daemon/caps.c index d78e9689..e936d6bb 100644 --- a/src/daemon/caps.c +++ b/src/daemon/caps.c @@ -85,31 +85,21 @@ void pa_drop_root(void) { #if defined(HAVE_SYS_CAPABILITY_H) && defined(HAVE_SYS_PRCTL_H) /* Limit permitted capabilities set to CAPSYS_NICE */ -int pa_limit_caps(void) { - int r = -1; +void pa_limit_caps(void) { cap_t caps; cap_value_t nice_cap = CAP_SYS_NICE; pa_assert_se(caps = cap_init()); + pa_assert_se(cap_clear(caps) == 0); + pa_assert_se(cap_set_flag(caps, CAP_EFFECTIVE, 1, &nice_cap, CAP_SET) == 0); + pa_assert_se(cap_set_flag(caps, CAP_PERMITTED, 1, &nice_cap, CAP_SET) == 0); + pa_assert_se(cap_set_proc(caps) == 0); - cap_clear(caps); - cap_set_flag(caps, CAP_EFFECTIVE, 1, &nice_cap, CAP_SET); - cap_set_flag(caps, CAP_PERMITTED, 1, &nice_cap, CAP_SET); - - if (cap_set_proc(caps) < 0) - goto fail; - - if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0) - goto fail; + pa_assert_se(prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == 0); pa_log_info("Dropped capabilities successfully."); - r = 1; - -fail: - cap_free(caps); - - return r; + pa_assert_se(cap_free(caps) == 0); } /* Drop all capabilities, effectively becoming a normal user */ @@ -119,9 +109,9 @@ void pa_drop_caps(void) { pa_assert_se(prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0) == 0); pa_assert_se(caps = cap_init()); - cap_clear(caps); + pa_assert_se(cap_clear(caps) == 0); pa_assert_se(cap_set_proc(caps) == 0); - cap_free(caps); + pa_assert_se(cap_free(caps) == 0); } #else diff --git a/src/daemon/caps.h b/src/daemon/caps.h index 91c88418..5b21f12e 100644 --- a/src/daemon/caps.h +++ b/src/daemon/caps.h @@ -26,6 +26,6 @@ void pa_drop_root(void); void pa_drop_caps(void); -int pa_limit_caps(void); +void pa_limit_caps(void); #endif diff --git a/src/daemon/cmdline.c b/src/daemon/cmdline.c index f1e1282c..97c75f37 100644 --- a/src/daemon/cmdline.c +++ b/src/daemon/cmdline.c @@ -293,8 +293,7 @@ int pa_cmdline_parse(pa_daemon_conf *conf, int argc, char *const argv [], int *d break; case 'n': - pa_xfree(conf->default_script_file); - conf->default_script_file = NULL; + conf->load_default_script_file = FALSE; break; case ARG_LOG_TARGET: diff --git a/src/daemon/cpulimit.c b/src/daemon/cpulimit.c index 620a93a6..579b91e3 100644 --- a/src/daemon/cpulimit.c +++ b/src/daemon/cpulimit.c @@ -82,7 +82,7 @@ static pa_io_event *io_event = NULL; static struct sigaction sigaction_prev; /* Nonzero after pa_cpu_limit_init() */ -static int installed = 0; +static pa_bool_t installed = FALSE; /* The current state of operation */ static enum { @@ -210,7 +210,7 @@ int pa_cpu_limit_init(pa_mainloop_api *m) { return -1; } - installed = 1; + installed = TRUE; reset_cpu_time(CPUTIME_INTERVAL_SOFT); @@ -231,7 +231,7 @@ void pa_cpu_limit_done(void) { if (installed) { pa_assert_se(sigaction(SIGXCPU, &sigaction_prev, NULL) >= 0); - installed = 0; + installed = FALSE; } } diff --git a/src/daemon/daemon-conf.c b/src/daemon/daemon-conf.c index c98c0218..f9ad7ec0 100644 --- a/src/daemon/daemon-conf.c +++ b/src/daemon/daemon-conf.c @@ -33,6 +33,7 @@ #include <sched.h> #include <pulse/xmalloc.h> +#include <pulse/timeval.h> #include <pulsecore/core-error.h> #include <pulsecore/core-util.h> @@ -45,6 +46,8 @@ #define DEFAULT_SCRIPT_FILE PA_DEFAULT_CONFIG_DIR PA_PATH_SEP "default.pa" #define DEFAULT_SCRIPT_FILE_USER PA_PATH_SEP "default.pa" +#define DEFAULT_SYSTEM_SCRIPT_FILE PA_DEFAULT_CONFIG_DIR PA_PATH_SEP "system.pa" + #define DEFAULT_CONFIG_FILE PA_DEFAULT_CONFIG_DIR PA_PATH_SEP "daemon.conf" #define DEFAULT_CONFIG_FILE_USER PA_PATH_SEP "daemon.conf" @@ -67,6 +70,7 @@ static const pa_daemon_conf default_conf = { .auto_log_target = 1, .script_commands = NULL, .dl_search_path = NULL, + .load_default_script_file = TRUE, .default_script_file = NULL, .log_target = PA_LOG_SYSLOG, .log_level = PA_LOG_NOTICE, @@ -81,34 +85,43 @@ static const pa_daemon_conf default_conf = { .default_fragment_size_msec = 25, .default_sample_spec = { .format = PA_SAMPLE_S16NE, .rate = 44100, .channels = 2 } #ifdef HAVE_SYS_RESOURCE_H - , .rlimit_as = { .value = 0, .is_set = FALSE }, - .rlimit_core = { .value = 0, .is_set = FALSE }, + ,.rlimit_fsize = { .value = 0, .is_set = FALSE }, .rlimit_data = { .value = 0, .is_set = FALSE }, - .rlimit_fsize = { .value = 0, .is_set = FALSE }, - .rlimit_nofile = { .value = 256, .is_set = TRUE }, - .rlimit_stack = { .value = 0, .is_set = FALSE } + .rlimit_stack = { .value = 0, .is_set = FALSE }, + .rlimit_core = { .value = 0, .is_set = FALSE }, + .rlimit_rss = { .value = 0, .is_set = FALSE } #ifdef RLIMIT_NPROC - , .rlimit_nproc = { .value = 0, .is_set = FALSE } + ,.rlimit_nproc = { .value = 0, .is_set = FALSE } #endif + ,.rlimit_nofile = { .value = 256, .is_set = TRUE } #ifdef RLIMIT_MEMLOCK - , .rlimit_memlock = { .value = 0, .is_set = FALSE } + ,.rlimit_memlock = { .value = 0, .is_set = FALSE } +#endif + ,.rlimit_as = { .value = 0, .is_set = FALSE } +#ifdef RLIMIT_LOCKS + ,.rlimit_locks = { .value = 0, .is_set = FALSE } +#endif +#ifdef RLIMIT_SIGPENDING + ,.rlimit_sigpending = { .value = 0, .is_set = FALSE } +#endif +#ifdef RLIMIT_MSGQUEUE + ,.rlimit_msgqueue = { .value = 0, .is_set = FALSE } #endif #ifdef RLIMIT_NICE - , .rlimit_nice = { .value = 31, .is_set = TRUE } /* nice level of -11 */ + ,.rlimit_nice = { .value = 31, .is_set = TRUE } /* nice level of -11 */ #endif #ifdef RLIMIT_RTPRIO - , .rlimit_rtprio = { .value = 9, .is_set = TRUE } /* One below JACK's default for the server */ + ,.rlimit_rtprio = { .value = 9, .is_set = TRUE } /* One below JACK's default for the server */ +#endif +#ifdef RLIMIT_RTTIME + ,.rlimit_rttime = { .value = PA_USEC_PER_SEC, .is_set = TRUE } #endif #endif }; pa_daemon_conf* pa_daemon_conf_new(void) { - FILE *f; pa_daemon_conf *c = pa_xnewdup(pa_daemon_conf, &default_conf, 1); - if ((f = pa_open_config_file(DEFAULT_SCRIPT_FILE, DEFAULT_SCRIPT_FILE_USER, ENV_SCRIPT_FILE, &c->default_script_file, "r"))) - fclose(f); - c->dl_search_path = pa_xstrdup(PA_DLSEARCHPATH); return c; } @@ -412,25 +425,39 @@ int pa_daemon_conf_load(pa_daemon_conf *c, const char *filename) { { "default-fragment-size-msec", parse_fragment_size_msec, NULL }, { "nice-level", parse_nice_level, NULL }, { "disable-remixing", pa_config_parse_bool, NULL }, + { "load-default-script-file", pa_config_parse_bool, NULL }, #ifdef HAVE_SYS_RESOURCE_H - { "rlimit-as", parse_rlimit, NULL }, - { "rlimit-core", parse_rlimit, NULL }, - { "rlimit-data", parse_rlimit, NULL }, { "rlimit-fsize", parse_rlimit, NULL }, - { "rlimit-nofile", parse_rlimit, NULL }, + { "rlimit-data", parse_rlimit, NULL }, { "rlimit-stack", parse_rlimit, NULL }, + { "rlimit-core", parse_rlimit, NULL }, + { "rlimit-rss", parse_rlimit, NULL }, + { "rlimit-nofile", parse_rlimit, NULL }, + { "rlimit-as", parse_rlimit, NULL }, #ifdef RLIMIT_NPROC { "rlimit-nproc", parse_rlimit, NULL }, #endif #ifdef RLIMIT_MEMLOCK { "rlimit-memlock", parse_rlimit, NULL }, #endif +#ifdef RLIMIT_LOCKS + { "rlimit-locks", parse_rlimit, NULL }, +#endif +#ifdef RLIMIT_SIGPENDING + { "rlimit-sigpending", parse_rlimit, NULL }, +#endif +#ifdef RLIMIT_MSGQUEUE + { "rlimit-msgqueue", parse_rlimit, NULL }, +#endif #ifdef RLIMIT_NICE { "rlimit-nice", parse_rlimit, NULL }, #endif #ifdef RLIMIT_RTPRIO { "rlimit-rtprio", parse_rlimit, NULL }, #endif +#ifdef RLIMIT_RTTIME + { "rlimit-rttime", parse_rlimit, NULL }, +#endif #endif { NULL, NULL, NULL }, }; @@ -461,33 +488,66 @@ int pa_daemon_conf_load(pa_daemon_conf *c, const char *filename) { table[23].data = c; table[24].data = c; table[25].data = &c->disable_remixing; + table[26].data = &c->load_default_script_file; #ifdef HAVE_SYS_RESOURCE_H - table[26].data = &c->rlimit_as; - table[27].data = &c->rlimit_core; + table[27].data = &c->rlimit_fsize; table[28].data = &c->rlimit_data; - table[29].data = &c->rlimit_fsize; - table[30].data = &c->rlimit_nofile; - table[31].data = &c->rlimit_stack; + table[29].data = &c->rlimit_stack; + table[30].data = &c->rlimit_as; + table[31].data = &c->rlimit_core; + table[32].data = &c->rlimit_nofile; + table[33].data = &c->rlimit_as; #ifdef RLIMIT_NPROC - table[32].data = &c->rlimit_nproc; + table[34].data = &c->rlimit_nproc; #endif + #ifdef RLIMIT_MEMLOCK #ifndef RLIMIT_NPROC #error "Houston, we have a numbering problem!" #endif - table[33].data = &c->rlimit_memlock; + table[35].data = &c->rlimit_memlock; #endif -#ifdef RLIMIT_NICE + +#ifdef RLIMIT_LOCKS #ifndef RLIMIT_MEMLOCK #error "Houston, we have a numbering problem!" #endif - table[34].data = &c->rlimit_nice; + table[36].data = &c->rlimit_locks; +#endif + +#ifdef RLIMIT_SIGPENDING +#ifndef RLIMIT_LOCKS +#error "Houston, we have a numbering problem!" +#endif + table[37].data = &c->rlimit_sigpending; +#endif + +#ifdef RLIMIT_MSGQUEUE +#ifndef RLIMIT_SIGPENDING +#error "Houston, we have a numbering problem!" +#endif + table[38].data = &c->rlimit_msgqueue; +#endif + +#ifdef RLIMIT_NICE +#ifndef RLIMIT_MSGQUEUE +#error "Houston, we have a numbering problem!" +#endif + table[39].data = &c->rlimit_nice; #endif + #ifdef RLIMIT_RTPRIO #ifndef RLIMIT_NICE #error "Houston, we have a numbering problem!" #endif - table[35].data = &c->rlimit_rtprio; + table[40].data = &c->rlimit_rtprio; +#endif + +#ifdef RLIMIT_RTTIME +#ifndef RLIMIT_RTTIME +#error "Houston, we have a numbering problem!" +#endif + table[41].data = &c->rlimit_rttime; #endif #endif @@ -496,10 +556,10 @@ int pa_daemon_conf_load(pa_daemon_conf *c, const char *filename) { f = filename ? fopen(c->config_file = pa_xstrdup(filename), "r") : - pa_open_config_file(DEFAULT_CONFIG_FILE, DEFAULT_CONFIG_FILE_USER, ENV_CONFIG_FILE, &c->config_file, "r"); + pa_open_config_file(DEFAULT_CONFIG_FILE, DEFAULT_CONFIG_FILE_USER, ENV_CONFIG_FILE, &c->config_file); if (!f && errno != ENOENT) { - pa_log_warn("Failed to open configuration file '%s': %s", c->config_file, pa_cstrerror(errno)); + pa_log_warn("Failed to open configuration file: %s", pa_cstrerror(errno)); goto finish; } @@ -514,6 +574,7 @@ finish: int pa_daemon_conf_env(pa_daemon_conf *c) { char *e; + pa_assert(c); if ((e = getenv(ENV_DL_SEARCH_PATH))) { pa_xfree(c->dl_search_path); @@ -527,6 +588,35 @@ int pa_daemon_conf_env(pa_daemon_conf *c) { return 0; } +const char *pa_daemon_conf_get_default_script_file(pa_daemon_conf *c) { + pa_assert(c); + + if (!c->default_script_file) { + if (c->system_instance) + c->default_script_file = pa_find_config_file(DEFAULT_SYSTEM_SCRIPT_FILE, NULL, ENV_SCRIPT_FILE); + else + c->default_script_file = pa_find_config_file(DEFAULT_SCRIPT_FILE, DEFAULT_SCRIPT_FILE_USER, ENV_SCRIPT_FILE); + } + + return c->default_script_file; +} + +FILE *pa_daemon_conf_open_default_script_file(pa_daemon_conf *c) { + FILE *f; + pa_assert(c); + + if (!c->default_script_file) { + if (c->system_instance) + f = pa_open_config_file(DEFAULT_SYSTEM_SCRIPT_FILE, NULL, ENV_SCRIPT_FILE, &c->default_script_file); + else + f = pa_open_config_file(DEFAULT_SCRIPT_FILE, DEFAULT_SCRIPT_FILE_USER, ENV_SCRIPT_FILE, &c->default_script_file); + } else + f = fopen(c->default_script_file, "r"); + + return f; +} + + static const char* const log_level_to_string[] = { [PA_LOG_DEBUG] = "debug", [PA_LOG_INFO] = "info", @@ -561,8 +651,9 @@ char *pa_daemon_conf_dump(pa_daemon_conf *c) { pa_strbuf_printf(s, "exit-idle-time = %i\n", c->exit_idle_time); pa_strbuf_printf(s, "module-idle-time = %i\n", c->module_idle_time); pa_strbuf_printf(s, "scache-idle-time = %i\n", c->scache_idle_time); - pa_strbuf_printf(s, "dl-search-path = %s\n", c->dl_search_path ? c->dl_search_path : ""); - pa_strbuf_printf(s, "default-script-file = %s\n", c->default_script_file); + pa_strbuf_printf(s, "dl-search-path = %s\n", pa_strempty(c->dl_search_path)); + pa_strbuf_printf(s, "default-script-file = %s\n", pa_strempty(pa_daemon_conf_get_default_script_file(c))); + pa_strbuf_printf(s, "load-default-script-file = %s\n", pa_yes_no(c->load_default_script_file)); pa_strbuf_printf(s, "log-target = %s\n", c->auto_log_target ? "auto" : (c->log_target == PA_LOG_SYSLOG ? "syslog" : "stderr")); pa_strbuf_printf(s, "log-level = %s\n", log_level_to_string[c->log_level]); pa_strbuf_printf(s, "resample-method = %s\n", pa_resample_method_to_string(c->resample_method)); @@ -573,23 +664,36 @@ char *pa_daemon_conf_dump(pa_daemon_conf *c) { pa_strbuf_printf(s, "default-fragments = %u\n", c->default_n_fragments); pa_strbuf_printf(s, "default-fragment-size-msec = %u\n", c->default_fragment_size_msec); #ifdef HAVE_SYS_RESOURCE_H - pa_strbuf_printf(s, "rlimit-as = %li\n", c->rlimit_as.is_set ? (long int) c->rlimit_as.value : -1); - pa_strbuf_printf(s, "rlimit-core = %li\n", c->rlimit_core.is_set ? (long int) c->rlimit_core.value : -1); - pa_strbuf_printf(s, "rlimit-data = %li\n", c->rlimit_data.is_set ? (long int) c->rlimit_data.value : -1); pa_strbuf_printf(s, "rlimit-fsize = %li\n", c->rlimit_fsize.is_set ? (long int) c->rlimit_fsize.value : -1); - pa_strbuf_printf(s, "rlimit-nofile = %li\n", c->rlimit_nofile.is_set ? (long int) c->rlimit_nofile.value : -1); + pa_strbuf_printf(s, "rlimit-data = %li\n", c->rlimit_data.is_set ? (long int) c->rlimit_data.value : -1); pa_strbuf_printf(s, "rlimit-stack = %li\n", c->rlimit_stack.is_set ? (long int) c->rlimit_stack.value : -1); + pa_strbuf_printf(s, "rlimit-core = %li\n", c->rlimit_core.is_set ? (long int) c->rlimit_core.value : -1); + pa_strbuf_printf(s, "rlimit-as = %li\n", c->rlimit_as.is_set ? (long int) c->rlimit_as.value : -1); + pa_strbuf_printf(s, "rlimit-rss = %li\n", c->rlimit_rss.is_set ? (long int) c->rlimit_rss.value : -1); #ifdef RLIMIT_NPROC pa_strbuf_printf(s, "rlimit-nproc = %li\n", c->rlimit_nproc.is_set ? (long int) c->rlimit_nproc.value : -1); #endif + pa_strbuf_printf(s, "rlimit-nofile = %li\n", c->rlimit_nofile.is_set ? (long int) c->rlimit_nofile.value : -1); #ifdef RLIMIT_MEMLOCK pa_strbuf_printf(s, "rlimit-memlock = %li\n", c->rlimit_memlock.is_set ? (long int) c->rlimit_memlock.value : -1); #endif +#ifdef RLIMIT_LOCKS + pa_strbuf_printf(s, "rlimit-locks = %li\n", c->rlimit_locks.is_set ? (long int) c->rlimit_locks.value : -1); +#endif +#ifdef RLIMIT_SIGPENDING + pa_strbuf_printf(s, "rlimit-sigpending = %li\n", c->rlimit_sigpending.is_set ? (long int) c->rlimit_sigpending.value : -1); +#endif +#ifdef RLIMIT_MSGQUEUE + pa_strbuf_printf(s, "rlimit-msgqueue = %li\n", c->rlimit_msgqueue.is_set ? (long int) c->rlimit_msgqueue.value : -1); +#endif #ifdef RLIMIT_NICE - pa_strbuf_printf(s, "rlimit-nice = %li\n", c->rlimit_memlock.is_set ? (long int) c->rlimit_nice.value : -1); + pa_strbuf_printf(s, "rlimit-nice = %li\n", c->rlimit_nice.is_set ? (long int) c->rlimit_nice.value : -1); #endif #ifdef RLIMIT_RTPRIO - pa_strbuf_printf(s, "rlimit-rtprio = %li\n", c->rlimit_memlock.is_set ? (long int) c->rlimit_rtprio.value : -1); + pa_strbuf_printf(s, "rlimit-rtprio = %li\n", c->rlimit_rtprio.is_set ? (long int) c->rlimit_rtprio.value : -1); +#endif +#ifdef RLIMIT_RTTIME + pa_strbuf_printf(s, "rlimit-rttime = %li\n", c->rlimit_rttime.is_set ? (long int) c->rlimit_rttime.value : -1); #endif #endif diff --git a/src/daemon/daemon-conf.h b/src/daemon/daemon-conf.h index 3dcafbfe..03a75661 100644 --- a/src/daemon/daemon-conf.h +++ b/src/daemon/daemon-conf.h @@ -27,6 +27,7 @@ #include <pulsecore/log.h> #include <pulsecore/macro.h> +#include <pulsecore/core-util.h> #include <pulse/sample.h> #ifdef HAVE_SYS_RESOURCE_H @@ -65,7 +66,8 @@ typedef struct pa_daemon_conf { system_instance, no_cpu_limit, disable_shm, - disable_remixing; + disable_remixing, + load_default_script_file; int exit_idle_time, module_idle_time, scache_idle_time, @@ -79,19 +81,31 @@ typedef struct pa_daemon_conf { char *config_file; #ifdef HAVE_SYS_RESOURCE_H - pa_rlimit rlimit_as, rlimit_core, rlimit_data, rlimit_fsize, rlimit_nofile, rlimit_stack; + pa_rlimit rlimit_fsize, rlimit_data, rlimit_stack, rlimit_core, rlimit_rss, rlimit_nofile, rlimit_as; #ifdef RLIMIT_NPROC pa_rlimit rlimit_nproc; #endif #ifdef RLIMIT_MEMLOCK pa_rlimit rlimit_memlock; #endif +#ifdef RLIMIT_LOCKS + pa_rlimit rlimit_locks; +#endif +#ifdef RLIMIT_SIGPENDING + pa_rlimit rlimit_sigpending; +#endif +#ifdef RLIMIT_MSGQUEUE + pa_rlimit rlimit_msgqueue; +#endif #ifdef RLIMIT_NICE pa_rlimit rlimit_nice; #endif #ifdef RLIMIT_RTPRIO pa_rlimit rlimit_rtprio; #endif +#ifdef RLIMIT_RTTIME + pa_rlimit rlimit_rttime; +#endif #endif unsigned default_n_fragments, default_fragment_size_msec; @@ -121,4 +135,7 @@ int pa_daemon_conf_set_log_target(pa_daemon_conf *c, const char *string); int pa_daemon_conf_set_log_level(pa_daemon_conf *c, const char *string); int pa_daemon_conf_set_resample_method(pa_daemon_conf *c, const char *string); +const char *pa_daemon_conf_get_default_script_file(pa_daemon_conf *c); +FILE *pa_daemon_conf_open_default_script_file(pa_daemon_conf *c); + #endif diff --git a/src/daemon/daemon.conf.in b/src/daemon/daemon.conf.in index e4cfb82b..fd35c0f6 100644 --- a/src/daemon/daemon.conf.in +++ b/src/daemon/daemon.conf.in @@ -40,6 +40,7 @@ ; dl-search-path = (depends on architecture) +; load-defaul-script-file = yes ; default-script-file = @PA_DEFAULT_CONFIG_FILE@ ; log-target = auto @@ -50,16 +51,21 @@ ; no-cpu-limit = no -; rlimit-as = -1 -; rlimit-core = -1 -; rlimit-data = -1 ; rlimit-fsize = -1 -; rlimit-nofile = 256 +; rlimit-data = -1 ; rlimit-stack = -1 +; rlimit-core = -1 +; rlimit-as = -1 +; rlimit-rss = -1 ; rlimit-nproc = -1 +; rlimit-nofile = 256 ; rlimit-memlock = -1 +; rlimit-locks = -1 +; rlimit-sigpending = -1 +; rlimit-msgqueue = -1 ; rlimit-nice = 31 ; rlimit-rtprio = 9 +; rlimit-rtttime = 1000000 ; default-sample-format = s16le ; default-sample-rate = 44100 diff --git a/src/daemon/main.c b/src/daemon/main.c index 6b0c81da..789d104b 100644 --- a/src/daemon/main.c +++ b/src/daemon/main.c @@ -115,7 +115,7 @@ static void message_cb(pa_mainloop_api*a, pa_time_event*e, PA_GCC_UNUSED const s MSG msg; struct timeval tvnext; - while(PeekMessage(&msg, NULL, 0, 0, PM_REMOVE)) { + while (PeekMessage(&msg, NULL, 0, 0, PM_REMOVE)) { if (msg.message == WM_QUIT) raise(SIGTERM); else { @@ -164,8 +164,6 @@ static void signal_callback(pa_mainloop_api*m, PA_GCC_UNUSED pa_signal_event *e, } } -#define set_env(key, value) putenv(pa_sprintf_malloc("%s=%s", (key), (value))) - #if defined(HAVE_PWD_H) && defined(HAVE_GRP_H) static int change_user(void) { @@ -241,14 +239,14 @@ static int change_user(void) { return -1; } - set_env("USER", PA_SYSTEM_USER); - set_env("USERNAME", PA_SYSTEM_USER); - set_env("LOGNAME", PA_SYSTEM_USER); - set_env("HOME", PA_SYSTEM_RUNTIME_PATH); + pa_set_env("USER", PA_SYSTEM_USER); + pa_set_env("USERNAME", PA_SYSTEM_USER); + pa_set_env("LOGNAME", PA_SYSTEM_USER); + pa_set_env("HOME", PA_SYSTEM_RUNTIME_PATH); /* Relevant for pa_runtime_path() */ - set_env("PULSE_RUNTIME_PATH", PA_SYSTEM_RUNTIME_PATH); - set_env("PULSE_CONFIG_PATH", PA_SYSTEM_RUNTIME_PATH); + pa_set_env("PULSE_RUNTIME_PATH", PA_SYSTEM_RUNTIME_PATH); + pa_set_env("PULSE_CONFIG_PATH", PA_SYSTEM_RUNTIME_PATH); pa_log_info("Successfully dropped root privileges."); @@ -264,23 +262,6 @@ static int change_user(void) { #endif /* HAVE_PWD_H && HAVE_GRP_H */ -static int create_runtime_dir(void) { - char fn[PATH_MAX]; - - pa_runtime_path(NULL, fn, sizeof(fn)); - - /* This function is called only when the daemon is started in - * per-user mode. We create the runtime directory somewhere in - * /tmp/ with the current UID/GID */ - - if (pa_make_secure_dir(fn, 0700, (uid_t)-1, (gid_t)-1) < 0) { - pa_log("Failed to create '%s': %s", fn, pa_cstrerror(errno)); - return -1; - } - - return 0; -} - #ifdef HAVE_SYS_RESOURCE_H static int set_one_rlimit(const pa_rlimit *r, int resource, const char *name) { @@ -293,7 +274,7 @@ static int set_one_rlimit(const pa_rlimit *r, int resource, const char *name) { rl.rlim_cur = rl.rlim_max = r->value; if (setrlimit(resource, &rl) < 0) { - pa_log_warn("setrlimit(%s, (%u, %u)) failed: %s", name, (unsigned) r->value, (unsigned) r->value, pa_cstrerror(errno)); + pa_log_info("setrlimit(%s, (%u, %u)) failed: %s", name, (unsigned) r->value, (unsigned) r->value, pa_cstrerror(errno)); return -1; } @@ -301,24 +282,37 @@ static int set_one_rlimit(const pa_rlimit *r, int resource, const char *name) { } static void set_all_rlimits(const pa_daemon_conf *conf) { - set_one_rlimit(&conf->rlimit_as, RLIMIT_AS, "RLIMIT_AS"); - set_one_rlimit(&conf->rlimit_core, RLIMIT_CORE, "RLIMIT_CORE"); - set_one_rlimit(&conf->rlimit_data, RLIMIT_DATA, "RLIMIT_DATA"); set_one_rlimit(&conf->rlimit_fsize, RLIMIT_FSIZE, "RLIMIT_FSIZE"); - set_one_rlimit(&conf->rlimit_nofile, RLIMIT_NOFILE, "RLIMIT_NOFILE"); + set_one_rlimit(&conf->rlimit_data, RLIMIT_DATA, "RLIMIT_DATA"); set_one_rlimit(&conf->rlimit_stack, RLIMIT_STACK, "RLIMIT_STACK"); + set_one_rlimit(&conf->rlimit_core, RLIMIT_CORE, "RLIMIT_CORE"); + set_one_rlimit(&conf->rlimit_rss, RLIMIT_RSS, "RLIMIT_RSS"); #ifdef RLIMIT_NPROC set_one_rlimit(&conf->rlimit_nproc, RLIMIT_NPROC, "RLIMIT_NPROC"); #endif + set_one_rlimit(&conf->rlimit_nofile, RLIMIT_NOFILE, "RLIMIT_NOFILE"); #ifdef RLIMIT_MEMLOCK set_one_rlimit(&conf->rlimit_memlock, RLIMIT_MEMLOCK, "RLIMIT_MEMLOCK"); #endif + set_one_rlimit(&conf->rlimit_as, RLIMIT_AS, "RLIMIT_AS"); +#ifdef RLIMIT_LOCKS + set_one_rlimit(&conf->rlimit_locks, RLIMIT_LOCKS, "RLIMIT_LOCKS"); +#endif +#ifdef RLIMIT_SIGPENDING + set_one_rlimit(&conf->rlimit_sigpending, RLIMIT_SIGPENDING, "RLIMIT_SIGPENDING"); +#endif +#ifdef RLIMIT_MSGQUEUE + set_one_rlimit(&conf->rlimit_msgqueue, RLIMIT_MSGQUEUE, "RLIMIT_MSGQUEUE"); +#endif #ifdef RLIMIT_NICE set_one_rlimit(&conf->rlimit_nice, RLIMIT_NICE, "RLIMIT_NICE"); #endif #ifdef RLIMIT_RTPRIO set_one_rlimit(&conf->rlimit_rtprio, RLIMIT_RTPRIO, "RLIMIT_RTPRIO"); #endif +#ifdef RLIMIT_RTTIME + set_one_rlimit(&conf->rlimit_rttime, RLIMIT_RTTIME, "RLIMIT_RTTIME"); +#endif } #endif @@ -329,19 +323,20 @@ int main(int argc, char *argv[]) { pa_mainloop *mainloop = NULL; char *s; int r = 0, retval = 1, d = 0; - int daemon_pipe[2] = { -1, -1 }; pa_bool_t suid_root, real_root; - int valid_pid_file = 0; + pa_bool_t valid_pid_file = FALSE; gid_t gid = (gid_t) -1; - pa_bool_t allow_realtime, allow_high_priority; pa_bool_t ltdl_init = FALSE; - + int passed_fd = -1; + const char *e; +#ifdef HAVE_FORK + int daemon_pipe[2] = { -1, -1 }; +#endif #ifdef OS_IS_WIN32 - pa_time_event *timer; - struct timeval tv; + pa_time_event *win32_timer; + struct timeval win32_tv; #endif - #if defined(__linux__) && defined(__OPTIMIZE__) /* Disable lazy relocations to make usage of external libraries @@ -355,7 +350,7 @@ int main(int argc, char *argv[]) { /* We have to execute ourselves, because the libc caches the * value of $LD_BIND_NOW on initialization. */ - putenv(pa_xstrdup("LD_BIND_NOW=1")); + pa_set_env("LD_BIND_NOW", "1"); pa_assert_se(rp = pa_readlink("/proc/self/exe")); pa_assert_se(execv(rp, argv) == 0); } @@ -385,6 +380,18 @@ int main(int argc, char *argv[]) { * is just too risky tun let PA run as root all the time. */ } + if ((e = getenv("PULSE_PASSED_FD"))) { + passed_fd = atoi(e); + + if (passed_fd <= 2) + passed_fd = -1; + } + + pa_close_all(passed_fd, -1); + + pa_reset_sigs(-1); + pa_unblock_sigs(-1); + /* At this point, we are a normal user, possibly with CAP_NICE if * we were started SUID. If we are started as normal root, than we * still are normal root. */ @@ -410,67 +417,66 @@ int main(int argc, char *argv[]) { pa_log_set_target(conf->auto_log_target ? PA_LOG_STDERR : conf->log_target, NULL); if (suid_root) { + pa_bool_t allow_realtime, allow_high_priority; + /* Ok, we're suid root, so let's better not enable high prio * or RT by default */ allow_high_priority = allow_realtime = FALSE; + if (conf->high_priority || conf->realtime_scheduling) + if (pa_own_uid_in_group(PA_REALTIME_GROUP, &gid) > 0) { + pa_log_info("We're in the group '"PA_REALTIME_GROUP"', allowing real-time and high-priority scheduling."); + allow_realtime = conf->realtime_scheduling; + allow_high_priority = conf->high_priority; + } + #ifdef HAVE_POLKIT - if (conf->high_priority) { + if (conf->high_priority && !allow_high_priority) { if (pa_polkit_check("org.pulseaudio.acquire-high-priority") > 0) { - pa_log_info("PolicyKit grants us acquire-high-priority privilige."); + pa_log_info("PolicyKit grants us acquire-high-priority privilege."); allow_high_priority = TRUE; } else - pa_log_info("PolicyKit refuses acquire-high-priority privilige."); + pa_log_info("PolicyKit refuses acquire-high-priority privilege."); } - if (conf->realtime_scheduling) { + if (conf->realtime_scheduling && !allow_realtime) { if (pa_polkit_check("org.pulseaudio.acquire-real-time") > 0) { - pa_log_info("PolicyKit grants us acquire-real-time privilige."); + pa_log_info("PolicyKit grants us acquire-real-time privilege."); allow_realtime = TRUE; } else - pa_log_info("PolicyKit refuses acquire-real-time privilige."); + pa_log_info("PolicyKit refuses acquire-real-time privilege."); } #endif - if ((conf->high_priority || conf->realtime_scheduling) && pa_own_uid_in_group(PA_REALTIME_GROUP, &gid) > 0) { - pa_log_info("We're in the group '"PA_REALTIME_GROUP"', allowing real-time and high-priority scheduling."); - allow_realtime = conf->realtime_scheduling; - allow_high_priority = conf->high_priority; - } - if (!allow_high_priority && !allow_realtime) { /* OK, there's no further need to keep CAP_NICE. Hence * let's give it up early */ pa_drop_caps(); - pa_drop_root(); - suid_root = real_root = FALSE; + suid_root = FALSE; if (conf->high_priority || conf->realtime_scheduling) pa_log_notice("Called SUID root and real-time/high-priority scheduling was requested in the configuration. However, we lack the necessary priviliges:\n" "We are not in group '"PA_REALTIME_GROUP"' and PolicyKit refuse to grant us priviliges. Dropping SUID again.\n" "For enabling real-time scheduling please acquire the appropriate PolicyKit priviliges, or become a member of '"PA_REALTIME_GROUP"', or increase the RLIMIT_NICE/RLIMIT_RTPRIO resource limits for this user."); } - - } else { - - /* OK, we're a normal user, so let's allow the user evrything - * he asks for, it's now the kernel's job to enforce limits, - * not ours anymore */ - allow_high_priority = allow_realtime = TRUE; } - if (conf->high_priority && !allow_high_priority) { - pa_log_info("High-priority scheduling enabled in configuration but now allowed by policy. Disabling forcibly."); - conf->high_priority = FALSE; - } +#ifdef HAVE_SYS_RESOURCE_H + /* Reset resource limits. If we are run as root (for system mode) + * this might end up increasing the limits, which is intended + * behaviour. For all other cases, i.e. started as normal user, or + * SUID root at this point we should have no CAP_SYS_RESOURCE and + * increasing the limits thus should fail. Which is, too, intended + * behaviour */ - if (conf->realtime_scheduling && !allow_realtime) { - pa_log_info("Real-time scheduling enabled in configuration but now allowed by policy. Disabling forcibly."); - conf->realtime_scheduling = FALSE; - } + set_all_rlimits(conf); +#endif + + if (conf->high_priority && !pa_can_high_priority()) + pa_log_warn("High-priority scheduling enabled in configuration but not allowed by policy."); if (conf->high_priority && conf->cmd == PA_CMD_DAEMON) pa_raise_priority(conf->nice_level); @@ -482,28 +488,38 @@ int main(int argc, char *argv[]) { #ifdef RLIMIT_RTPRIO if (!drop) { - + struct rlimit rl; /* At this point we still have CAP_NICE if we were loaded * SUID root. If possible let's acquire RLIMIT_RTPRIO * instead and give CAP_NICE up. */ - const pa_rlimit rl = { 9, TRUE }; + if (getrlimit(RLIMIT_RTPRIO, &rl) >= 0) { - if (set_one_rlimit(&rl, RLIMIT_RTPRIO, "RLIMIT_RTPRIO") >= 0) { - pa_log_info("Successfully increased RLIMIT_RTPRIO, giving up CAP_NICE."); - drop = TRUE; - } else - pa_log_warn("RLIMIT_RTPRIO failed: %s", pa_cstrerror(errno)); + if (rl.rlim_cur >= 9) + drop = TRUE; + else { + rl.rlim_max = rl.rlim_cur = 9; + + if (setrlimit(RLIMIT_RTPRIO, &rl) >= 0) { + pa_log_info("Successfully increased RLIMIT_RTPRIO"); + drop = TRUE; + } else + pa_log_warn("RLIMIT_RTPRIO failed: %s", pa_cstrerror(errno)); + } + } } #endif if (drop) { + pa_log_info("Giving up CAP_NICE"); pa_drop_caps(); - pa_drop_root(); - suid_root = real_root = FALSE; + suid_root = FALSE; } } + if (conf->realtime_scheduling && !pa_can_realtime()) + pa_log_warn("Real-time scheduling enabled in configuration but not allowed by policy."); + LTDL_SET_PRELOADED_SYMBOLS(); pa_ltdl_init(); ltdl_init = TRUE; @@ -605,7 +621,7 @@ int main(int argc, char *argv[]) { #ifdef HAVE_FORK if (pipe(daemon_pipe) < 0) { - pa_log("Failed to create pipe."); + pa_log("pipe failed: %s", pa_cstrerror(errno)); goto finish; } @@ -615,20 +631,24 @@ int main(int argc, char *argv[]) { } if (child != 0) { + ssize_t n; /* Father */ pa_assert_se(pa_close(daemon_pipe[1]) == 0); daemon_pipe[1] = -1; - if (pa_loop_read(daemon_pipe[0], &retval, sizeof(retval), NULL) != sizeof(retval)) { - pa_log("read() failed: %s", pa_cstrerror(errno)); + if ((n = pa_loop_read(daemon_pipe[0], &retval, sizeof(retval), NULL)) != sizeof(retval)) { + + if (n < 0) + pa_log("read() failed: %s", pa_cstrerror(errno)); + retval = 1; } if (retval) - pa_log("daemon startup failed."); + pa_log("Daemon startup failed."); else - pa_log_info("daemon startup successful."); + pa_log_info("Daemon startup successful."); goto finish; } @@ -652,9 +672,9 @@ int main(int argc, char *argv[]) { pa_close(1); pa_close(2); - open("/dev/null", O_RDONLY); - open("/dev/null", O_WRONLY); - open("/dev/null", O_WRONLY); + pa_assert_se(open("/dev/null", O_RDONLY) == 0); + pa_assert_se(open("/dev/null", O_WRONLY) == 1); + pa_assert_se(open("/dev/null", O_WRONLY) == 2); #else FreeConsole(); #endif @@ -677,39 +697,32 @@ int main(int argc, char *argv[]) { #endif } + pa_set_env("PULSE_INTERNAL", "1"); pa_assert_se(chdir("/") == 0); umask(0022); - if (conf->system_instance) { + if (conf->system_instance) if (change_user() < 0) goto finish; - } else if (create_runtime_dir() < 0) - goto finish; + + pa_log_info("This is PulseAudio " PACKAGE_VERSION); + pa_log_info("Page size is %lu bytes", (unsigned long) PA_PAGE_SIZE); + pa_log_info("Using runtime directory %s.", s = pa_get_runtime_dir()); + pa_xfree(s); if (conf->use_pid_file) { if (pa_pid_file_create() < 0) { pa_log("pa_pid_file_create() failed."); -#ifdef HAVE_FORK - if (conf->daemonize) - pa_loop_write(daemon_pipe[1], &retval, sizeof(retval), NULL); -#endif goto finish; } - valid_pid_file = 1; + valid_pid_file = TRUE; } -#ifdef HAVE_SYS_RESOURCE_H - set_all_rlimits(conf); -#endif - #ifdef SIGPIPE signal(SIGPIPE, SIG_IGN); #endif - pa_log_info("This is PulseAudio " PACKAGE_VERSION); - pa_log_info("Page size is %lu bytes", (unsigned long) PA_PAGE_SIZE); - if (pa_rtclock_hrtimer()) pa_log_info("Fresh high-resolution timers available! Bon appetit!"); else @@ -738,11 +751,11 @@ int main(int argc, char *argv[]) { c->realtime_priority = conf->realtime_priority; c->realtime_scheduling = !!conf->realtime_scheduling; c->disable_remixing = !!conf->disable_remixing; + c->running_as_daemon = !!conf->daemonize; pa_assert_se(pa_signal_init(pa_mainloop_get_api(mainloop)) == 0); pa_signal_new(SIGINT, signal_callback, c); pa_signal_new(SIGTERM, signal_callback, c); - #ifdef SIGUSR1 pa_signal_new(SIGUSR1, signal_callback, c); #endif @@ -754,23 +767,27 @@ int main(int argc, char *argv[]) { #endif #ifdef OS_IS_WIN32 - pa_assert_se(timer = pa_mainloop_get_api(mainloop)->time_new(pa_mainloop_get_api(mainloop), pa_gettimeofday(&tv), message_cb, NULL)); + win32_timer = pa_mainloop_get_api(mainloop)->time_new(pa_mainloop_get_api(mainloop), pa_gettimeofday(&win32_tv), message_cb, NULL); #endif - if (conf->daemonize) - c->running_as_daemon = TRUE; - oil_init(); if (!conf->no_cpu_limit) pa_assert_se(pa_cpu_limit_init(pa_mainloop_get_api(mainloop)) == 0); buf = pa_strbuf_new(); - if (conf->default_script_file) - r = pa_cli_command_execute_file(c, conf->default_script_file, buf, &conf->fail); + if (conf->load_default_script_file) { + FILE *f; + + if ((f = pa_daemon_conf_open_default_script_file(conf))) { + r = pa_cli_command_execute_file_stream(c, f, buf, &conf->fail); + fclose(f); + } + } if (r >= 0) r = pa_cli_command_execute(c, conf->script_commands, buf, &conf->fail); + pa_log_error("%s", s = pa_strbuf_tostring_free(buf)); pa_xfree(s); @@ -780,53 +797,55 @@ int main(int argc, char *argv[]) { if (r < 0 && conf->fail) { pa_log("Failed to initialize daemon."); -#ifdef HAVE_FORK - if (conf->daemonize) - pa_loop_write(daemon_pipe[1], &retval, sizeof(retval), NULL); -#endif - } else if (!c->modules || pa_idxset_size(c->modules) == 0) { - pa_log("daemon startup without any loaded modules, refusing to work."); -#ifdef HAVE_FORK - if (conf->daemonize) - pa_loop_write(daemon_pipe[1], &retval, sizeof(retval), NULL); -#endif - } else { + goto finish; + } - retval = 0; + if (!c->modules || pa_idxset_size(c->modules) == 0) { + pa_log("Daemon startup without any loaded modules, refusing to work."); + goto finish; + } + + if (c->default_sink_name && !pa_namereg_get(c, c->default_sink_name, PA_NAMEREG_SINK, TRUE) && conf->fail) { + pa_log_error("Default sink name (%s) does not exist in name register.", c->default_sink_name); + goto finish; + } - if (c->default_sink_name && - pa_namereg_get(c, c->default_sink_name, PA_NAMEREG_SINK, 1) == NULL) { - pa_log_error("%s : Default sink name (%s) does not exist in name register.", __FILE__, c->default_sink_name); - retval = !!conf->fail; - } #ifdef HAVE_FORK - if (conf->daemonize) - pa_loop_write(daemon_pipe[1], &retval, sizeof(retval), NULL); + if (conf->daemonize) { + int ok = 0; + pa_loop_write(daemon_pipe[1], &ok, sizeof(ok), NULL); + } #endif - if (!retval) { - pa_log_info("Daemon startup complete."); - if (pa_mainloop_run(mainloop, &retval) < 0) - retval = 1; - pa_log_info("Daemon shutdown initiated."); - } - } + pa_log_info("Daemon startup complete."); + + retval = 0; + if (pa_mainloop_run(mainloop, &retval) < 0) + goto finish; + + pa_log_info("Daemon shutdown initiated."); + +finish: #ifdef OS_IS_WIN32 - pa_mainloop_get_api(mainloop)->time_free(timer); + if (win32_timer) + pa_mainloop_get_api(mainloop)->time_free(win32_timer); #endif - pa_core_unref(c); + if (c) { + pa_core_unref(c); + pa_log_info("Daemon terminated."); + } if (!conf->no_cpu_limit) pa_cpu_limit_done(); pa_signal_done(); - pa_log_info("Daemon terminated."); - -finish: +#ifdef HAVE_FORK + pa_close_pipe(daemon_pipe); +#endif if (mainloop) pa_mainloop_free(mainloop); @@ -837,8 +856,6 @@ finish: if (valid_pid_file) pa_pid_file_remove(); - pa_close_pipe(daemon_pipe); - #ifdef OS_IS_WIN32 WSACleanup(); #endif |