[PATCH 00/20] *** uuidd: refactoring & systemd support + build-sys fixes ***

[PATCH 00/20] *** uuidd: refactoring & systemd support + build-sys fixes ***

[Petr Uzel]

Hi all.

The primary goal of the patch series below was to implement systemd support in
for uuidd as it was one of the items on Karel's wish list for util-linux-2.22 [1].

First two patches are just minor cleanups I came across while working on the code.

Then I added --no-pid, --no-fork, --socket-activation and --keep-privs options
to make uuidd play nicely with systemd (or any compatible init system should
there be any).  Note that --socket-activation automatically implies all other
mentioned options. With the socket activation mode [2], uuidd is started on
demand when the first request comes to its request socket and quits after 60
seconds of inactivity (can be overridden in the provided unit files).

To make socket-activation work, the uuidd has to be compiled with the
sd-daemon.c files.  This is controlled via the --enable-uuidd-socket-activation
configure option. The second alternative would be to link with libsystemd
shared library, but after discussion with Karel I decided not to do it to avoid
some build dependency cycles between systemd and util-linux (to make life
easier for distributions).

I tried not to break or change the behavior of any existing uuidd options.

Next, there is new configure option for libuuid, the
--disable-libuuid-exec-uuidd, which prevents uuidd daemon to be executed
from the libuuid library, as it does not make sense with socket-activated
uuidd. I did not change the former libuuid behavior (exec the daemon), but when
building for systemd-based systems, it should be configured with 
--disable-libuuid-exec-uuidd.

Lastly, in order to make 'make distcheck' work (and verify the changes I did), I
fixed some minor issues in the build system.

I'd very much welcome any feedback/comments.

Thanks,

	Petr

[1] http://www.spinics.net/lists/util-linux-ng/msg05793.html
[2] http://0pointer.de/blog/projects/socket-activation.html



Petr Uzel (20):
  uuidd: use UUIDD_OP_GETPID instead of magic number
  uuidd: remove useless initialization of cleanup_socket
  uuidd: factor out pidfile creation into separate function
  uuidd: implement --no-pid option
  uuidd: implement --no-fork option
  uuidd: factor out socket creation into separate function
  uuidd: implement --socket-activation option
  uuidd: print all debugging information to stderr
  uuidd: factor out dropping of privileges into separate function
  uuidd: make drop_privs true by default in main()
  uuidd: introduce --keep-privs option
  uuidd: --socket-activation implies --keep-privs
  uuidd: add systemd unit files
  libuuid: use EXIT_FAILURE
  libuuid: implement --disable-libuuid-exec-uuidd configure option
  libuuid: fix typo in uuid_compare manpage
  build-sys: run distcheck with verbose make rules
  build-sys: add ttyutils.h to dist
  build-sys: add fsprobe.h to dist
  build-sys: fix installation of uuidd units with make distcheck

 Makefile.am                 |    4 +-
 configure.ac                |   35 +++
 include/Makefile.am         |    1 +
 libuuid/man/uuid_compare.3  |    2 +-
 libuuid/src/gen_uuid.c      |   11 +-
 misc-utils/.gitignore       |    2 +-
 misc-utils/Makefile.am      |   17 ++-
 misc-utils/sd-daemon.c      |  530 +++++++++++++++++++++++++++++++++++++++++++
 misc-utils/sd-daemon.h      |  282 +++++++++++++++++++++++
 misc-utils/uuidd.8          |   17 ++
 misc-utils/uuidd.c          |  295 +++++++++++++++++-------
 misc-utils/uuidd.service.in |    9 +
 misc-utils/uuidd.socket     |    8 +
 mount/Makefile.am           |    2 +-
 14 files changed, 1121 insertions(+), 94 deletions(-)
 create mode 100644 misc-utils/sd-daemon.c
 create mode 100644 misc-utils/sd-daemon.h
 create mode 100644 misc-utils/uuidd.service.in
 create mode 100644 misc-utils/uuidd.socket

-- 
1.7.7

[PATCH 01/20] uuidd: use UUIDD_OP_GETPID instead of magic number

[Petr Uzel]

Make parameters passed to call_daemon() more descriptive:
- use UUIDD_OP_GETPID instead of magic number 0
- call_daemon() takes pointer as a last argument, so pass NULL instead
  of 0

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 misc-utils/uuidd.c |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/misc-utils/uuidd.c b/misc-utils/uuidd.c
index 492ae4d..ffb7319 100644
--- a/misc-utils/uuidd.c
+++ b/misc-utils/uuidd.c
@@ -243,7 +243,7 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 			fprintf(stderr, _("Failed to lock %s: %m\n"), pidfile_path);
 		exit(EXIT_FAILURE);
 	}
-	ret = call_daemon(socket_path, 0, reply_buf, sizeof(reply_buf), 0, 0);
+	ret = call_daemon(socket_path, UUIDD_OP_GETPID, reply_buf, sizeof(reply_buf), 0, NULL);
 	if (ret > 0) {
 		if (!quiet)
 			printf(_("uuidd daemon already running at pid %s\n"),
@@ -576,7 +576,7 @@ int main(int argc, char **argv)
 	}
 
 	if (do_kill) {
-		ret = call_daemon(socket_path, 0, buf, sizeof(buf), 0, 0);
+		ret = call_daemon(socket_path, UUIDD_OP_GETPID, buf, sizeof(buf), 0, NULL);
 		if ((ret > 0) && ((do_kill = atoi((char *) buf)) > 0)) {
 			ret = kill(do_kill, SIGTERM);
 			if (ret < 0) {
-- 
1.7.7

[PATCH 02/20] uuidd: remove useless initialization of cleanup_socket

[Petr Uzel]

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 misc-utils/uuidd.c |    1 -
 1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/misc-utils/uuidd.c b/misc-utils/uuidd.c
index ffb7319..28648ad 100644
--- a/misc-utils/uuidd.c
+++ b/misc-utils/uuidd.c
@@ -228,7 +228,6 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 		exit(EXIT_FAILURE);
 	}
 	cleanup_pidfile = pidfile_path;
-	cleanup_socket = 0;
 	signal(SIGALRM, terminate_intr);
 	alarm(30);
 	fl.l_type = F_WRLCK;
-- 
1.7.7

[PATCH 03/20] uuidd: factor out pidfile creation into separate function

[Petr Uzel]

Introduce create_pidfile() function.

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 misc-utils/uuidd.c |   48 ++++++++++++++++++++++++++++++++++--------------
 1 files changed, 34 insertions(+), 14 deletions(-)

diff --git a/misc-utils/uuidd.c b/misc-utils/uuidd.c
index 28648ad..0288a03 100644
--- a/misc-utils/uuidd.c
+++ b/misc-utils/uuidd.c
@@ -206,19 +206,18 @@ static int call_daemon(const char *socket_path, int op, char *buf,
 	return ret;
 }
 
-static void server_loop(const char *socket_path, const char *pidfile_path,
-			int debug, int timeout, int quiet)
+/*
+ * Exclusively create and open a pid file with path @pidfile_path
+ *
+ * Set cleanup_pidfile global variable for the cleanup
+ * handler. @pidfile_path must not be NULL.
+ *
+ * Return file descriptor of the created pid_file.
+ */
+static int create_pidfile(const char *pidfile_path, int quiet)
 {
-	struct sockaddr_un	my_addr, from_addr;
-	struct flock		fl;
-	socklen_t		fromlen;
-	int32_t			reply_len = 0;
-	uuid_t			uu;
-	mode_t			save_umask;
-	char			reply_buf[1024], *cp;
-	char			op, str[UUID_STR_LEN];
-	int			i, s, ns, len, num;
-	int			fd_pidfile, ret;
+	int		fd_pidfile;
+	struct flock	fl;
 
 	fd_pidfile = open(pidfile_path, O_CREAT | O_RDWR, 0664);
 	if (fd_pidfile < 0) {
@@ -228,8 +227,7 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 		exit(EXIT_FAILURE);
 	}
 	cleanup_pidfile = pidfile_path;
-	signal(SIGALRM, terminate_intr);
-	alarm(30);
+
 	fl.l_type = F_WRLCK;
 	fl.l_whence = SEEK_SET;
 	fl.l_start = 0;
@@ -242,6 +240,28 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 			fprintf(stderr, _("Failed to lock %s: %m\n"), pidfile_path);
 		exit(EXIT_FAILURE);
 	}
+
+	return fd_pidfile;
+}
+
+static void server_loop(const char *socket_path, const char *pidfile_path,
+			int debug, int timeout, int quiet)
+{
+	struct sockaddr_un	my_addr, from_addr;
+	socklen_t		fromlen;
+	int32_t			reply_len = 0;
+	uuid_t			uu;
+	mode_t			save_umask;
+	char			reply_buf[1024], *cp;
+	char			op, str[UUID_STR_LEN];
+	int			i, s, ns, len, num;
+	int			fd_pidfile, ret;
+
+	signal(SIGALRM, terminate_intr);
+	alarm(30);
+
+	fd_pidfile = create_pidfile(pidfile_path, quiet);
+
 	ret = call_daemon(socket_path, UUIDD_OP_GETPID, reply_buf, sizeof(reply_buf), 0, NULL);
 	if (ret > 0) {
 		if (!quiet)
-- 
1.7.7

[PATCH 04/20] uuidd: implement --no-pid option

[Petr Uzel]

With this option, uuidd does not create the PID file.

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 misc-utils/uuidd.8 |    3 +++
 misc-utils/uuidd.c |   48 ++++++++++++++++++++++++++++++++++++------------
 2 files changed, 39 insertions(+), 12 deletions(-)

diff --git a/misc-utils/uuidd.8 b/misc-utils/uuidd.8
index 8e82b10..07e533b 100644
--- a/misc-utils/uuidd.8
+++ b/misc-utils/uuidd.8
@@ -36,6 +36,9 @@ UUIDs.
 Specify the pathname where the pid file should be written.  By default,
 the pid file is written to /var/run/uuidd/uuidd.pid.
 .TP
+.BR \-P , " \-\-no-pid "
+Do not create pid file.
+.TP
 .B \-q
 Suppress some failure messages.
 .TP
diff --git a/misc-utils/uuidd.c b/misc-utils/uuidd.c
index 0288a03..79da894 100644
--- a/misc-utils/uuidd.c
+++ b/misc-utils/uuidd.c
@@ -63,6 +63,7 @@ static void __attribute__ ((__noreturn__)) usage(FILE * out)
 		" -r, --random        test random-based generation\n"
 		" -t, --time          test time-based generation\n"
 		" -n, --uuids <num>   request number of uuids\n"
+		" -P, --no-pid        do not create pid file\n"
 		" -d, --debug         run in debugging mode\n"
 		" -q, --quiet         turn on quiet mode\n"
 		" -V, --version       output version information and exit\n"
@@ -111,7 +112,8 @@ static const char *cleanup_pidfile, *cleanup_socket;
 
 static void terminate_intr(int signo CODE_ATTR((unused)))
 {
-	unlink(cleanup_pidfile);
+	if (cleanup_pidfile)
+		unlink(cleanup_pidfile);
 	if (cleanup_socket)
 		unlink(cleanup_socket);
 	exit(EXIT_SUCCESS);
@@ -255,12 +257,14 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 	char			reply_buf[1024], *cp;
 	char			op, str[UUID_STR_LEN];
 	int			i, s, ns, len, num;
-	int			fd_pidfile, ret;
+	int			fd_pidfile = -1;
+	int			ret;
 
 	signal(SIGALRM, terminate_intr);
 	alarm(30);
 
-	fd_pidfile = create_pidfile(pidfile_path, quiet);
+	if (pidfile_path)
+		fd_pidfile = create_pidfile(pidfile_path, quiet);
 
 	ret = call_daemon(socket_path, UUIDD_OP_GETPID, reply_buf, sizeof(reply_buf), 0, NULL);
 	if (ret > 0) {
@@ -320,13 +324,15 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 	signal(SIGALRM, terminate_intr);
 	signal(SIGPIPE, SIG_IGN);
 
-	sprintf(reply_buf, "%8d\n", getpid());
-	if (ftruncate(fd_pidfile, 0)) {
-		/* Silence warn_unused_result */
+	if (pidfile_path) {
+		sprintf(reply_buf, "%8d\n", getpid());
+		if (ftruncate(fd_pidfile, 0)) {
+			/* Silence warn_unused_result */
+		}
+		write_all(fd_pidfile, reply_buf, strlen(reply_buf));
+		if (fd_pidfile > 1)
+			close(fd_pidfile); /* Unlock the pid file */
 	}
-	write_all(fd_pidfile, reply_buf, strlen(reply_buf));
-	if (fd_pidfile > 1)
-		close(fd_pidfile); /* Unlock the pid file */
 
 	while (1) {
 		fromlen = sizeof(from_addr);
@@ -445,7 +451,8 @@ static void __attribute__ ((__noreturn__)) unexpected_size(int size)
 int main(int argc, char **argv)
 {
 	const char	*socket_path = UUIDD_SOCKET_PATH;
-	const char	*pidfile_path = UUIDD_PIDFILE_PATH;
+	const char	*pidfile_path = NULL;
+	const char	*pidfile_path_param = NULL;
 	const char	*err_context;
 	char		buf[1024], *cp;
 	char		str[UUID_STR_LEN], *tmp;
@@ -455,6 +462,7 @@ int main(int argc, char **argv)
 	int		i, c, ret;
 	int		debug = 0, do_type = 0, do_kill = 0, num = 0;
 	int		timeout = 0, quiet = 0, drop_privs = 0;
+	int		no_pid = 0;
 
 	static const struct option longopts[] = {
 		{"pid", required_argument, NULL, 'p'},
@@ -464,6 +472,7 @@ int main(int argc, char **argv)
 		{"random", no_argument, NULL, 'r'},
 		{"time", no_argument, NULL, 't'},
 		{"uuids", required_argument, NULL, 'n'},
+		{"no-pid", no_argument, NULL, 'P'},
 		{"debug", no_argument, NULL, 'd'},
 		{"quiet", no_argument, NULL, 'q'},
 		{"version", no_argument, NULL, 'V'},
@@ -476,7 +485,7 @@ int main(int argc, char **argv)
 	textdomain(PACKAGE);
 
 	while ((c =
-		getopt_long(argc, argv, "p:s:T:krtn:dqVh", longopts,
+		getopt_long(argc, argv, "p:s:T:krtn:PdqVh", longopts,
 			    NULL)) != -1) {
 		switch (c) {
 		case 'd':
@@ -495,7 +504,11 @@ int main(int argc, char **argv)
 			}
 			break;
 		case 'p':
-			pidfile_path = optarg;
+			pidfile_path_param = optarg;
+			drop_privs = 1;
+			break;
+		case 'P':
+			no_pid = 1;
 			drop_privs = 1;
 			break;
 		case 'q':
@@ -531,6 +544,17 @@ int main(int argc, char **argv)
 			usage(stderr);
 		}
 	}
+
+	if (no_pid && pidfile_path_param && !quiet)
+		fprintf(stderr, _("Both --pid and --no-pid specified. "
+				  "Ignoring --no-pid.\n"));
+
+	if (!no_pid && !pidfile_path_param)
+		pidfile_path = UUIDD_PIDFILE_PATH;
+	else if (pidfile_path_param)
+		pidfile_path = pidfile_path_param;
+
+
 	uid = getuid();
 	if (uid && drop_privs) {
 		gid = getgid();
-- 
1.7.7

[PATCH 05/20] uuidd: implement --no-fork option

[Petr Uzel]

With this option, uuidd does not daemonize itself but stays
in the foreground.

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 misc-utils/uuidd.8 |    3 +++
 misc-utils/uuidd.c |   18 ++++++++++++------
 2 files changed, 15 insertions(+), 6 deletions(-)

diff --git a/misc-utils/uuidd.8 b/misc-utils/uuidd.8
index 07e533b..e3ccf6f 100644
--- a/misc-utils/uuidd.8
+++ b/misc-utils/uuidd.8
@@ -39,6 +39,9 @@ the pid file is written to /var/run/uuidd/uuidd.pid.
 .BR \-P , " \-\-no-pid "
 Do not create pid file.
 .TP
+.BR \-F , " \-\-no-fork "
+Do not daemonize using double-fork.
+.TP
 .B \-q
 Suppress some failure messages.
 .TP
diff --git a/misc-utils/uuidd.c b/misc-utils/uuidd.c
index 79da894..c5886fd 100644
--- a/misc-utils/uuidd.c
+++ b/misc-utils/uuidd.c
@@ -64,6 +64,7 @@ static void __attribute__ ((__noreturn__)) usage(FILE * out)
 		" -t, --time          test time-based generation\n"
 		" -n, --uuids <num>   request number of uuids\n"
 		" -P, --no-pid        do not create pid file\n"
+		" -F, --no-fork       do not daemonize using double-fork\n"
 		" -d, --debug         run in debugging mode\n"
 		" -q, --quiet         turn on quiet mode\n"
 		" -V, --version       output version information and exit\n"
@@ -247,7 +248,7 @@ static int create_pidfile(const char *pidfile_path, int quiet)
 }
 
 static void server_loop(const char *socket_path, const char *pidfile_path,
-			int debug, int timeout, int quiet)
+			int debug, int timeout, int quiet, int no_fork)
 {
 	struct sockaddr_un	my_addr, from_addr;
 	socklen_t		fromlen;
@@ -285,7 +286,7 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 	 * Make sure the socket isn't using fd numbers 0-2 to avoid it
 	 * getting closed by create_daemon()
 	 */
-	while (!debug && s <= 2) {
+	while ((!debug || no_fork) && s <= 2) {
 		s = dup(s);
 		if (s < 0)
 			err(EXIT_FAILURE, "dup");
@@ -316,7 +317,7 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 	}
 
 	cleanup_socket = socket_path;
-	if (!debug)
+	if (!debug && !no_fork)
 		create_daemon();
 	signal(SIGHUP, terminate_intr);
 	signal(SIGINT, terminate_intr);
@@ -462,7 +463,7 @@ int main(int argc, char **argv)
 	int		i, c, ret;
 	int		debug = 0, do_type = 0, do_kill = 0, num = 0;
 	int		timeout = 0, quiet = 0, drop_privs = 0;
-	int		no_pid = 0;
+	int		no_pid = 0, no_fork = 0;
 
 	static const struct option longopts[] = {
 		{"pid", required_argument, NULL, 'p'},
@@ -473,6 +474,7 @@ int main(int argc, char **argv)
 		{"time", no_argument, NULL, 't'},
 		{"uuids", required_argument, NULL, 'n'},
 		{"no-pid", no_argument, NULL, 'P'},
+		{"no-fork", no_argument, NULL, 'F'},
 		{"debug", no_argument, NULL, 'd'},
 		{"quiet", no_argument, NULL, 'q'},
 		{"version", no_argument, NULL, 'V'},
@@ -485,7 +487,7 @@ int main(int argc, char **argv)
 	textdomain(PACKAGE);
 
 	while ((c =
-		getopt_long(argc, argv, "p:s:T:krtn:PdqVh", longopts,
+		getopt_long(argc, argv, "p:s:T:krtn:PFdqVh", longopts,
 			    NULL)) != -1) {
 		switch (c) {
 		case 'd':
@@ -511,6 +513,10 @@ int main(int argc, char **argv)
 			no_pid = 1;
 			drop_privs = 1;
 			break;
+		case 'F':
+			no_fork = 1;
+			drop_privs = 1;
+			break;
 		case 'q':
 			quiet++;
 			break;
@@ -636,6 +642,6 @@ int main(int argc, char **argv)
 		return EXIT_SUCCESS;
 	}
 
-	server_loop(socket_path, pidfile_path, debug, timeout, quiet);
+	server_loop(socket_path, pidfile_path, debug, timeout, quiet, no_fork);
 	return EXIT_SUCCESS;
 }
-- 
1.7.7

[PATCH 06/20] uuidd: factor out socket creation into separate function

[Petr Uzel]

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 misc-utils/uuidd.c |   74 ++++++++++++++++++++++++++++++++-------------------
 1 files changed, 46 insertions(+), 28 deletions(-)

diff --git a/misc-utils/uuidd.c b/misc-utils/uuidd.c
index c5886fd..a135816 100644
--- a/misc-utils/uuidd.c
+++ b/misc-utils/uuidd.c
@@ -247,34 +247,20 @@ static int create_pidfile(const char *pidfile_path, int quiet)
 	return fd_pidfile;
 }
 
-static void server_loop(const char *socket_path, const char *pidfile_path,
-			int debug, int timeout, int quiet, int no_fork)
+/*
+ * Create AF_UNIX, SOCK_STREAM socket and bind to @socket_path
+ *
+ * If @will_fork is true, then make sure the descriptor
+ * of the socket is >2, so that it wont be later closed
+ * during create_daemon().
+ *
+ * Return file descriptor corresponding to created socket.
+ */
+static int create_socket(const char *socket_path, int will_fork, int quiet)
 {
-	struct sockaddr_un	my_addr, from_addr;
-	socklen_t		fromlen;
-	int32_t			reply_len = 0;
-	uuid_t			uu;
+	struct sockaddr_un	my_addr;
 	mode_t			save_umask;
-	char			reply_buf[1024], *cp;
-	char			op, str[UUID_STR_LEN];
-	int			i, s, ns, len, num;
-	int			fd_pidfile = -1;
-	int			ret;
-
-	signal(SIGALRM, terminate_intr);
-	alarm(30);
-
-	if (pidfile_path)
-		fd_pidfile = create_pidfile(pidfile_path, quiet);
-
-	ret = call_daemon(socket_path, UUIDD_OP_GETPID, reply_buf, sizeof(reply_buf), 0, NULL);
-	if (ret > 0) {
-		if (!quiet)
-			printf(_("uuidd daemon already running at pid %s\n"),
-			       reply_buf);
-		exit(EXIT_FAILURE);
-	}
-	alarm(0);
+	int 			s;
 
 	if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0) {
 		if (!quiet)
@@ -286,7 +272,7 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 	 * Make sure the socket isn't using fd numbers 0-2 to avoid it
 	 * getting closed by create_daemon()
 	 */
-	while ((!debug || no_fork) && s <= 2) {
+	while (will_fork && s <= 2) {
 		s = dup(s);
 		if (s < 0)
 			err(EXIT_FAILURE, "dup");
@@ -308,7 +294,40 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 		exit(EXIT_FAILURE);
 	}
 	umask(save_umask);
+	cleanup_socket = socket_path;
 
+	return s;
+}
+
+static void server_loop(const char *socket_path, const char *pidfile_path,
+			int debug, int timeout, int quiet, int no_fork)
+{
+	struct sockaddr_un	from_addr;
+	socklen_t		fromlen;
+	int32_t			reply_len = 0;
+	uuid_t			uu;
+	char			reply_buf[1024], *cp;
+	char			op, str[UUID_STR_LEN];
+	int			i, s, ns, len, num;
+	int			fd_pidfile = -1;
+	int			ret;
+
+	signal(SIGALRM, terminate_intr);
+	alarm(30);
+
+	if (pidfile_path)
+		fd_pidfile = create_pidfile(pidfile_path, quiet);
+
+	ret = call_daemon(socket_path, UUIDD_OP_GETPID, reply_buf, sizeof(reply_buf), 0, NULL);
+	if (ret > 0) {
+		if (!quiet)
+			printf(_("uuidd daemon already running at pid %s\n"),
+			       reply_buf);
+		exit(EXIT_FAILURE);
+	}
+	alarm(0);
+
+	s = create_socket(socket_path, (!debug || !no_fork), quiet);
 	if (listen(s, SOMAXCONN) < 0) {
 		if (!quiet)
 			fprintf(stderr, _("Couldn't listen on unix "
@@ -316,7 +335,6 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 		exit(EXIT_FAILURE);
 	}
 
-	cleanup_socket = socket_path;
 	if (!debug && !no_fork)
 		create_daemon();
 	signal(SIGHUP, terminate_intr);
-- 
1.7.7

[PATCH 07/20] uuidd: implement --socket-activation option

[Petr Uzel]

Implement --socket-activatoin option, which is supposed to be used
with systemd (or equivalent init system) socket activation mechanism.
With this option, the UUID daemon does not create the socket on its own,
but instead expect the connection fd to be provided by the calling
process.

This option is only available if util-linux is configured with
--enable-uuidd-socket-activation option. With this configure
option, the uuidd is compiled with sd-daemon.c.

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 configure.ac           |   12 +
 misc-utils/Makefile.am |    6 +
 misc-utils/sd-daemon.c |  530 ++++++++++++++++++++++++++++++++++++++++++++++++
 misc-utils/sd-daemon.h |  282 +++++++++++++++++++++++++
 misc-utils/uuidd.8     |    6 +
 misc-utils/uuidd.c     |   89 ++++++--
 6 files changed, 903 insertions(+), 22 deletions(-)
 create mode 100644 misc-utils/sd-daemon.c
 create mode 100644 misc-utils/sd-daemon.h

diff --git a/configure.ac b/configure.ac
index 2140bc5..bb56948 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1101,6 +1101,18 @@ if test "x$enable_login_chown_vcs" = xyes; then
 fi
 
 
+AC_ARG_ENABLE([uuidd-socket-activation],
+  AS_HELP_STRING([--enable-uuidd-socket-activation], [build uuidd with support for systemd socket activation]),
+  [], enable_uuidd_socket_activation=no
+)
+
+AM_CONDITIONAL(UUIDD_SOCKET_ACTIVATION, test "x$enable_uuidd_socket_activation" = xyes)
+
+if test "x$enable_uuidd_socket_activation" = xyes; then
+  AC_DEFINE(UUIDD_SOCKET_ACTIVATION, 1, [Should uuidd support socket activation?])
+fi
+
+
 AC_ARG_ENABLE([login-stat-mail],
   AS_HELP_STRING([--enable-login-stat-mail], [let login stat() the mailbox]),
   [], enable_login_stat_mail=no
diff --git a/misc-utils/Makefile.am b/misc-utils/Makefile.am
index acf2c9d..5db5183 100644
--- a/misc-utils/Makefile.am
+++ b/misc-utils/Makefile.am
@@ -79,6 +79,12 @@ usrsbin_exec_PROGRAMS += uuidd
 dist_man_MANS += uuidd.8
 uuidd_LDADD = $(ul_libuuid_la)
 uuidd_CFLAGS = $(AM_CFLAGS) -I$(ul_libuuid_srcdir)
+uuidd_SOURCES = \
+	uuidd.c
+if UUIDD_SOCKET_ACTIVATION
+uuidd_SOURCES += sd-daemon.c
+uuidd_LDADD += -lrt
+endif
 endif
 
 if BUILD_LIBBLKID
diff --git a/misc-utils/sd-daemon.c b/misc-utils/sd-daemon.c
new file mode 100644
index 0000000..763e079
--- /dev/null
+++ b/misc-utils/sd-daemon.c
@@ -0,0 +1,530 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+  Copyright 2010 Lennart Poettering
+
+  Permission is hereby granted, free of charge, to any person
+  obtaining a copy of this software and associated documentation files
+  (the "Software"), to deal in the Software without restriction,
+  including without limitation the rights to use, copy, modify, merge,
+  publish, distribute, sublicense, and/or sell copies of the Software,
+  and to permit persons to whom the Software is furnished to do so,
+  subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be
+  included in all copies or substantial portions of the Software.
+
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+  EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+  MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+  NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+  BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+  ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+  CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+  SOFTWARE.
+***/
+
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE
+#endif
+
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#ifdef __BIONIC__
+#include <linux/fcntl.h>
+#else
+#include <sys/fcntl.h>
+#endif
+#include <netinet/in.h>
+#include <stdlib.h>
+#include <errno.h>
+#include <unistd.h>
+#include <string.h>
+#include <stdarg.h>
+#include <stdio.h>
+#include <stddef.h>
+#include <limits.h>
+
+#if defined(__linux__)
+#include <mqueue.h>
+#endif
+
+#include "sd-daemon.h"
+
+#if (__GNUC__ >= 4)
+#ifdef SD_EXPORT_SYMBOLS
+/* Export symbols */
+#define _sd_export_ __attribute__ ((visibility("default")))
+#else
+/* Don't export the symbols */
+#define _sd_export_ __attribute__ ((visibility("hidden")))
+#endif
+#else
+#define _sd_export_
+#endif
+
+_sd_export_ int sd_listen_fds(int unset_environment) {
+
+#if defined(DISABLE_SYSTEMD) || !defined(__linux__)
+        return 0;
+#else
+        int r, fd;
+        const char *e;
+        char *p = NULL;
+        unsigned long l;
+
+        if (!(e = getenv("LISTEN_PID"))) {
+                r = 0;
+                goto finish;
+        }
+
+        errno = 0;
+        l = strtoul(e, &p, 10);
+
+        if (errno != 0) {
+                r = -errno;
+                goto finish;
+        }
+
+        if (!p || *p || l <= 0) {
+                r = -EINVAL;
+                goto finish;
+        }
+
+        /* Is this for us? */
+        if (getpid() != (pid_t) l) {
+                r = 0;
+                goto finish;
+        }
+
+        if (!(e = getenv("LISTEN_FDS"))) {
+                r = 0;
+                goto finish;
+        }
+
+        errno = 0;
+        l = strtoul(e, &p, 10);
+
+        if (errno != 0) {
+                r = -errno;
+                goto finish;
+        }
+
+        if (!p || *p) {
+                r = -EINVAL;
+                goto finish;
+        }
+
+        for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + (int) l; fd ++) {
+                int flags;
+
+                if ((flags = fcntl(fd, F_GETFD)) < 0) {
+                        r = -errno;
+                        goto finish;
+                }
+
+                if (flags & FD_CLOEXEC)
+                        continue;
+
+                if (fcntl(fd, F_SETFD, flags | FD_CLOEXEC) < 0) {
+                        r = -errno;
+                        goto finish;
+                }
+        }
+
+        r = (int) l;
+
+finish:
+        if (unset_environment) {
+                unsetenv("LISTEN_PID");
+                unsetenv("LISTEN_FDS");
+        }
+
+        return r;
+#endif
+}
+
+_sd_export_ int sd_is_fifo(int fd, const char *path) {
+        struct stat st_fd;
+
+        if (fd < 0)
+                return -EINVAL;
+
+        memset(&st_fd, 0, sizeof(st_fd));
+        if (fstat(fd, &st_fd) < 0)
+                return -errno;
+
+        if (!S_ISFIFO(st_fd.st_mode))
+                return 0;
+
+        if (path) {
+                struct stat st_path;
+
+                memset(&st_path, 0, sizeof(st_path));
+                if (stat(path, &st_path) < 0) {
+
+                        if (errno == ENOENT || errno == ENOTDIR)
+                                return 0;
+
+                        return -errno;
+                }
+
+                return
+                        st_path.st_dev == st_fd.st_dev &&
+                        st_path.st_ino == st_fd.st_ino;
+        }
+
+        return 1;
+}
+
+_sd_export_ int sd_is_special(int fd, const char *path) {
+        struct stat st_fd;
+
+        if (fd < 0)
+                return -EINVAL;
+
+        if (fstat(fd, &st_fd) < 0)
+                return -errno;
+
+        if (!S_ISREG(st_fd.st_mode) && !S_ISCHR(st_fd.st_mode))
+                return 0;
+
+        if (path) {
+                struct stat st_path;
+
+                if (stat(path, &st_path) < 0) {
+
+                        if (errno == ENOENT || errno == ENOTDIR)
+                                return 0;
+
+                        return -errno;
+                }
+
+                if (S_ISREG(st_fd.st_mode) && S_ISREG(st_path.st_mode))
+                        return
+                                st_path.st_dev == st_fd.st_dev &&
+                                st_path.st_ino == st_fd.st_ino;
+                else if (S_ISCHR(st_fd.st_mode) && S_ISCHR(st_path.st_mode))
+                        return st_path.st_rdev == st_fd.st_rdev;
+                else
+                        return 0;
+        }
+
+        return 1;
+}
+
+static int sd_is_socket_internal(int fd, int type, int listening) {
+        struct stat st_fd;
+
+        if (fd < 0 || type < 0)
+                return -EINVAL;
+
+        if (fstat(fd, &st_fd) < 0)
+                return -errno;
+
+        if (!S_ISSOCK(st_fd.st_mode))
+                return 0;
+
+        if (type != 0) {
+                int other_type = 0;
+                socklen_t l = sizeof(other_type);
+
+                if (getsockopt(fd, SOL_SOCKET, SO_TYPE, &other_type, &l) < 0)
+                        return -errno;
+
+                if (l != sizeof(other_type))
+                        return -EINVAL;
+
+                if (other_type != type)
+                        return 0;
+        }
+
+        if (listening >= 0) {
+                int accepting = 0;
+                socklen_t l = sizeof(accepting);
+
+                if (getsockopt(fd, SOL_SOCKET, SO_ACCEPTCONN, &accepting, &l) < 0)
+                        return -errno;
+
+                if (l != sizeof(accepting))
+                        return -EINVAL;
+
+                if (!accepting != !listening)
+                        return 0;
+        }
+
+        return 1;
+}
+
+union sockaddr_union {
+        struct sockaddr sa;
+        struct sockaddr_in in4;
+        struct sockaddr_in6 in6;
+        struct sockaddr_un un;
+        struct sockaddr_storage storage;
+};
+
+_sd_export_ int sd_is_socket(int fd, int family, int type, int listening) {
+        int r;
+
+        if (family < 0)
+                return -EINVAL;
+
+        if ((r = sd_is_socket_internal(fd, type, listening)) <= 0)
+                return r;
+
+        if (family > 0) {
+                union sockaddr_union sockaddr;
+                socklen_t l;
+
+                memset(&sockaddr, 0, sizeof(sockaddr));
+                l = sizeof(sockaddr);
+
+                if (getsockname(fd, &sockaddr.sa, &l) < 0)
+                        return -errno;
+
+                if (l < sizeof(sa_family_t))
+                        return -EINVAL;
+
+                return sockaddr.sa.sa_family == family;
+        }
+
+        return 1;
+}
+
+_sd_export_ int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port) {
+        union sockaddr_union sockaddr;
+        socklen_t l;
+        int r;
+
+        if (family != 0 && family != AF_INET && family != AF_INET6)
+                return -EINVAL;
+
+        if ((r = sd_is_socket_internal(fd, type, listening)) <= 0)
+                return r;
+
+        memset(&sockaddr, 0, sizeof(sockaddr));
+        l = sizeof(sockaddr);
+
+        if (getsockname(fd, &sockaddr.sa, &l) < 0)
+                return -errno;
+
+        if (l < sizeof(sa_family_t))
+                return -EINVAL;
+
+        if (sockaddr.sa.sa_family != AF_INET &&
+            sockaddr.sa.sa_family != AF_INET6)
+                return 0;
+
+        if (family > 0)
+                if (sockaddr.sa.sa_family != family)
+                        return 0;
+
+        if (port > 0) {
+                if (sockaddr.sa.sa_family == AF_INET) {
+                        if (l < sizeof(struct sockaddr_in))
+                                return -EINVAL;
+
+                        return htons(port) == sockaddr.in4.sin_port;
+                } else {
+                        if (l < sizeof(struct sockaddr_in6))
+                                return -EINVAL;
+
+                        return htons(port) == sockaddr.in6.sin6_port;
+                }
+        }
+
+        return 1;
+}
+
+_sd_export_ int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length) {
+        union sockaddr_union sockaddr;
+        socklen_t l;
+        int r;
+
+        if ((r = sd_is_socket_internal(fd, type, listening)) <= 0)
+                return r;
+
+        memset(&sockaddr, 0, sizeof(sockaddr));
+        l = sizeof(sockaddr);
+
+        if (getsockname(fd, &sockaddr.sa, &l) < 0)
+                return -errno;
+
+        if (l < sizeof(sa_family_t))
+                return -EINVAL;
+
+        if (sockaddr.sa.sa_family != AF_UNIX)
+                return 0;
+
+        if (path) {
+                if (length <= 0)
+                        length = strlen(path);
+
+                if (length <= 0)
+                        /* Unnamed socket */
+                        return l == offsetof(struct sockaddr_un, sun_path);
+
+                if (path[0])
+                        /* Normal path socket */
+                        return
+                                (l >= offsetof(struct sockaddr_un, sun_path) + length + 1) &&
+                                memcmp(path, sockaddr.un.sun_path, length+1) == 0;
+                else
+                        /* Abstract namespace socket */
+                        return
+                                (l == offsetof(struct sockaddr_un, sun_path) + length) &&
+                                memcmp(path, sockaddr.un.sun_path, length) == 0;
+        }
+
+        return 1;
+}
+
+_sd_export_ int sd_is_mq(int fd, const char *path) {
+#if !defined(__linux__)
+        return 0;
+#else
+        struct mq_attr attr;
+
+        if (fd < 0)
+                return -EINVAL;
+
+        if (mq_getattr(fd, &attr) < 0)
+                return -errno;
+
+        if (path) {
+                char fpath[PATH_MAX];
+                struct stat a, b;
+
+                if (path[0] != '/')
+                        return -EINVAL;
+
+                if (fstat(fd, &a) < 0)
+                        return -errno;
+
+                strncpy(stpcpy(fpath, "/dev/mqueue"), path, sizeof(fpath) - 12);
+                fpath[sizeof(fpath)-1] = 0;
+
+                if (stat(fpath, &b) < 0)
+                        return -errno;
+
+                if (a.st_dev != b.st_dev ||
+                    a.st_ino != b.st_ino)
+                        return 0;
+        }
+
+        return 1;
+#endif
+}
+
+_sd_export_ int sd_notify(int unset_environment, const char *state) {
+#if defined(DISABLE_SYSTEMD) || !defined(__linux__) || !defined(SOCK_CLOEXEC)
+        return 0;
+#else
+        int fd = -1, r;
+        struct msghdr msghdr;
+        struct iovec iovec;
+        union sockaddr_union sockaddr;
+        const char *e;
+
+        if (!state) {
+                r = -EINVAL;
+                goto finish;
+        }
+
+        if (!(e = getenv("NOTIFY_SOCKET")))
+                return 0;
+
+        /* Must be an abstract socket, or an absolute path */
+        if ((e[0] != '@' && e[0] != '/') || e[1] == 0) {
+                r = -EINVAL;
+                goto finish;
+        }
+
+        if ((fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0)) < 0) {
+                r = -errno;
+                goto finish;
+        }
+
+        memset(&sockaddr, 0, sizeof(sockaddr));
+        sockaddr.sa.sa_family = AF_UNIX;
+        strncpy(sockaddr.un.sun_path, e, sizeof(sockaddr.un.sun_path));
+
+        if (sockaddr.un.sun_path[0] == '@')
+                sockaddr.un.sun_path[0] = 0;
+
+        memset(&iovec, 0, sizeof(iovec));
+        iovec.iov_base = (char*) state;
+        iovec.iov_len = strlen(state);
+
+        memset(&msghdr, 0, sizeof(msghdr));
+        msghdr.msg_name = &sockaddr;
+        msghdr.msg_namelen = offsetof(struct sockaddr_un, sun_path) + strlen(e);
+
+        if (msghdr.msg_namelen > sizeof(struct sockaddr_un))
+                msghdr.msg_namelen = sizeof(struct sockaddr_un);
+
+        msghdr.msg_iov = &iovec;
+        msghdr.msg_iovlen = 1;
+
+        if (sendmsg(fd, &msghdr, MSG_NOSIGNAL) < 0) {
+                r = -errno;
+                goto finish;
+        }
+
+        r = 1;
+
+finish:
+        if (unset_environment)
+                unsetenv("NOTIFY_SOCKET");
+
+        if (fd >= 0)
+                close(fd);
+
+        return r;
+#endif
+}
+
+_sd_export_ int sd_notifyf(int unset_environment, const char *format, ...) {
+#if defined(DISABLE_SYSTEMD) || !defined(__linux__)
+        return 0;
+#else
+        va_list ap;
+        char *p = NULL;
+        int r;
+
+        va_start(ap, format);
+        r = vasprintf(&p, format, ap);
+        va_end(ap);
+
+        if (r < 0 || !p)
+                return -ENOMEM;
+
+        r = sd_notify(unset_environment, p);
+        free(p);
+
+        return r;
+#endif
+}
+
+_sd_export_ int sd_booted(void) {
+#if defined(DISABLE_SYSTEMD) || !defined(__linux__)
+        return 0;
+#else
+
+        struct stat a, b;
+
+        /* We simply test whether the systemd cgroup hierarchy is
+         * mounted */
+
+        if (lstat("/sys/fs/cgroup", &a) < 0)
+                return 0;
+
+        if (lstat("/sys/fs/cgroup/systemd", &b) < 0)
+                return 0;
+
+        return a.st_dev != b.st_dev;
+#endif
+}
diff --git a/misc-utils/sd-daemon.h b/misc-utils/sd-daemon.h
new file mode 100644
index 0000000..fe51159
--- /dev/null
+++ b/misc-utils/sd-daemon.h
@@ -0,0 +1,282 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+#ifndef foosddaemonhfoo
+#define foosddaemonhfoo
+
+/***
+  Copyright 2010 Lennart Poettering
+
+  Permission is hereby granted, free of charge, to any person
+  obtaining a copy of this software and associated documentation files
+  (the "Software"), to deal in the Software without restriction,
+  including without limitation the rights to use, copy, modify, merge,
+  publish, distribute, sublicense, and/or sell copies of the Software,
+  and to permit persons to whom the Software is furnished to do so,
+  subject to the following conditions:
+
+  The above copyright notice and this permission notice shall be
+  included in all copies or substantial portions of the Software.
+
+  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+  EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+  MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+  NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+  BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
+  ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+  CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+  SOFTWARE.
+***/
+
+#include <sys/types.h>
+#include <inttypes.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+  Reference implementation of a few systemd related interfaces for
+  writing daemons. These interfaces are trivial to implement. To
+  simplify porting we provide this reference implementation.
+  Applications are welcome to reimplement the algorithms described
+  here if they do not want to include these two source files.
+
+  The following functionality is provided:
+
+  - Support for logging with log levels on stderr
+  - File descriptor passing for socket-based activation
+  - Daemon startup and status notification
+  - Detection of systemd boots
+
+  You may compile this with -DDISABLE_SYSTEMD to disable systemd
+  support. This makes all those calls NOPs that are directly related to
+  systemd (i.e. only sd_is_xxx() will stay useful).
+
+  Since this is drop-in code we don't want any of our symbols to be
+  exported in any case. Hence we declare hidden visibility for all of
+  them.
+
+  You may find an up-to-date version of these source files online:
+
+  http://cgit.freedesktop.org/systemd/systemd/plain/src/systemd/sd-daemon.h
+  http://cgit.freedesktop.org/systemd/systemd/plain/src/sd-daemon.c
+
+  This should compile on non-Linux systems, too, but with the
+  exception of the sd_is_xxx() calls all functions will become NOPs.
+
+  See sd-daemon(7) for more information.
+*/
+
+#ifndef _sd_printf_attr_
+#if __GNUC__ >= 4
+#define _sd_printf_attr_(a,b) __attribute__ ((format (printf, a, b)))
+#else
+#define _sd_printf_attr_(a,b)
+#endif
+#endif
+
+/*
+  Log levels for usage on stderr:
+
+          fprintf(stderr, SD_NOTICE "Hello World!\n");
+
+  This is similar to printk() usage in the kernel.
+*/
+#define SD_EMERG   "<0>"  /* system is unusable */
+#define SD_ALERT   "<1>"  /* action must be taken immediately */
+#define SD_CRIT    "<2>"  /* critical conditions */
+#define SD_ERR     "<3>"  /* error conditions */
+#define SD_WARNING "<4>"  /* warning conditions */
+#define SD_NOTICE  "<5>"  /* normal but significant condition */
+#define SD_INFO    "<6>"  /* informational */
+#define SD_DEBUG   "<7>"  /* debug-level messages */
+
+/* The first passed file descriptor is fd 3 */
+#define SD_LISTEN_FDS_START 3
+
+/*
+  Returns how many file descriptors have been passed, or a negative
+  errno code on failure. Optionally, removes the $LISTEN_FDS and
+  $LISTEN_PID file descriptors from the environment (recommended, but
+  problematic in threaded environments). If r is the return value of
+  this function you'll find the file descriptors passed as fds
+  SD_LISTEN_FDS_START to SD_LISTEN_FDS_START+r-1. Returns a negative
+  errno style error code on failure. This function call ensures that
+  the FD_CLOEXEC flag is set for the passed file descriptors, to make
+  sure they are not passed on to child processes. If FD_CLOEXEC shall
+  not be set, the caller needs to unset it after this call for all file
+  descriptors that are used.
+
+  See sd_listen_fds(3) for more information.
+*/
+int sd_listen_fds(int unset_environment);
+
+/*
+  Helper call for identifying a passed file descriptor. Returns 1 if
+  the file descriptor is a FIFO in the file system stored under the
+  specified path, 0 otherwise. If path is NULL a path name check will
+  not be done and the call only verifies if the file descriptor
+  refers to a FIFO. Returns a negative errno style error code on
+  failure.
+
+  See sd_is_fifo(3) for more information.
+*/
+int sd_is_fifo(int fd, const char *path);
+
+/*
+  Helper call for identifying a passed file descriptor. Returns 1 if
+  the file descriptor is a special character device on the file
+  system stored under the specified path, 0 otherwise.
+  If path is NULL a path name check will not be done and the call
+  only verifies if the file descriptor refers to a special character.
+  Returns a negative errno style error code on failure.
+
+  See sd_is_special(3) for more information.
+*/
+int sd_is_special(int fd, const char *path);
+
+/*
+  Helper call for identifying a passed file descriptor. Returns 1 if
+  the file descriptor is a socket of the specified family (AF_INET,
+  ...) and type (SOCK_DGRAM, SOCK_STREAM, ...), 0 otherwise. If
+  family is 0 a socket family check will not be done. If type is 0 a
+  socket type check will not be done and the call only verifies if
+  the file descriptor refers to a socket. If listening is > 0 it is
+  verified that the socket is in listening mode. (i.e. listen() has
+  been called) If listening is == 0 it is verified that the socket is
+  not in listening mode. If listening is < 0 no listening mode check
+  is done. Returns a negative errno style error code on failure.
+
+  See sd_is_socket(3) for more information.
+*/
+int sd_is_socket(int fd, int family, int type, int listening);
+
+/*
+  Helper call for identifying a passed file descriptor. Returns 1 if
+  the file descriptor is an Internet socket, of the specified family
+  (either AF_INET or AF_INET6) and the specified type (SOCK_DGRAM,
+  SOCK_STREAM, ...), 0 otherwise. If version is 0 a protocol version
+  check is not done. If type is 0 a socket type check will not be
+  done. If port is 0 a socket port check will not be done. The
+  listening flag is used the same way as in sd_is_socket(). Returns a
+  negative errno style error code on failure.
+
+  See sd_is_socket_inet(3) for more information.
+*/
+int sd_is_socket_inet(int fd, int family, int type, int listening, uint16_t port);
+
+/*
+  Helper call for identifying a passed file descriptor. Returns 1 if
+  the file descriptor is an AF_UNIX socket of the specified type
+  (SOCK_DGRAM, SOCK_STREAM, ...) and path, 0 otherwise. If type is 0
+  a socket type check will not be done. If path is NULL a socket path
+  check will not be done. For normal AF_UNIX sockets set length to
+  0. For abstract namespace sockets set length to the length of the
+  socket name (including the initial 0 byte), and pass the full
+  socket path in path (including the initial 0 byte). The listening
+  flag is used the same way as in sd_is_socket(). Returns a negative
+  errno style error code on failure.
+
+  See sd_is_socket_unix(3) for more information.
+*/
+int sd_is_socket_unix(int fd, int type, int listening, const char *path, size_t length);
+
+/*
+  Helper call for identifying a passed file descriptor. Returns 1 if
+  the file descriptor is a POSIX Message Queue of the specified name,
+  0 otherwise. If path is NULL a message queue name check is not
+  done. Returns a negative errno style error code on failure.
+*/
+int sd_is_mq(int fd, const char *path);
+
+/*
+  Informs systemd about changed daemon state. This takes a number of
+  newline separated environment-style variable assignments in a
+  string. The following variables are known:
+
+     READY=1      Tells systemd that daemon startup is finished (only
+                  relevant for services of Type=notify). The passed
+                  argument is a boolean "1" or "0". Since there is
+                  little value in signaling non-readiness the only
+                  value daemons should send is "READY=1".
+
+     STATUS=...   Passes a single-line status string back to systemd
+                  that describes the daemon state. This is free-from
+                  and can be used for various purposes: general state
+                  feedback, fsck-like programs could pass completion
+                  percentages and failing programs could pass a human
+                  readable error message. Example: "STATUS=Completed
+                  66% of file system check..."
+
+     ERRNO=...    If a daemon fails, the errno-style error code,
+                  formatted as string. Example: "ERRNO=2" for ENOENT.
+
+     BUSERROR=... If a daemon fails, the D-Bus error-style error
+                  code. Example: "BUSERROR=org.freedesktop.DBus.Error.TimedOut"
+
+     MAINPID=...  The main pid of a daemon, in case systemd did not
+                  fork off the process itself. Example: "MAINPID=4711"
+
+     WATCHDOG=1   Tells systemd to update the watchdog timestamp.
+                  Services using this feature should do this in
+                  regular intervals. A watchdog framework can use the
+                  timestamps to detect failed services.
+
+  Daemons can choose to send additional variables. However, it is
+  recommended to prefix variable names not listed above with X_.
+
+  Returns a negative errno-style error code on failure. Returns > 0
+  if systemd could be notified, 0 if it couldn't possibly because
+  systemd is not running.
+
+  Example: When a daemon finished starting up, it could issue this
+  call to notify systemd about it:
+
+     sd_notify(0, "READY=1");
+
+  See sd_notifyf() for more complete examples.
+
+  See sd_notify(3) for more information.
+*/
+int sd_notify(int unset_environment, const char *state);
+
+/*
+  Similar to sd_notify() but takes a format string.
+
+  Example 1: A daemon could send the following after initialization:
+
+     sd_notifyf(0, "READY=1\n"
+                   "STATUS=Processing requests...\n"
+                   "MAINPID=%lu",
+                   (unsigned long) getpid());
+
+  Example 2: A daemon could send the following shortly before
+  exiting, on failure:
+
+     sd_notifyf(0, "STATUS=Failed to start up: %s\n"
+                   "ERRNO=%i",
+                   strerror(errno),
+                   errno);
+
+  See sd_notifyf(3) for more information.
+*/
+int sd_notifyf(int unset_environment, const char *format, ...) _sd_printf_attr_(2,3);
+
+/*
+  Returns > 0 if the system was booted with systemd. Returns < 0 on
+  error. Returns 0 if the system was not booted with systemd. Note
+  that all of the functions above handle non-systemd boots just
+  fine. You should NOT protect them with a call to this function. Also
+  note that this function checks whether the system, not the user
+  session is controlled by systemd. However the functions above work
+  for both user and system services.
+
+  See sd_booted(3) for more information.
+*/
+int sd_booted(void);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/misc-utils/uuidd.8 b/misc-utils/uuidd.8
index e3ccf6f..f5fb5f0 100644
--- a/misc-utils/uuidd.8
+++ b/misc-utils/uuidd.8
@@ -42,6 +42,12 @@ Do not create pid file.
 .BR \-F , " \-\-no-fork "
 Do not daemonize using double-fork.
 .TP
+.BR \-S , " \-\-socket-activation "
+Do not create the socket and instead expect it to be provided by the calling
+process.  Implies --no-fork and --no-pid.  As of this writing, this option is
+supposed to be used only with systemd. It needs to enabled with configure
+option --enable--uuid-socket-activation.
+.TP
 .B \-q
 Suppress some failure messages.
 .TP
diff --git a/misc-utils/uuidd.c b/misc-utils/uuidd.c
index a135816..abc24a4 100644
--- a/misc-utils/uuidd.c
+++ b/misc-utils/uuidd.c
@@ -35,6 +35,10 @@ extern int optind;
 #include "uuidd.h"
 #include "writeall.h"
 
+#ifdef UUIDD_SOCKET_ACTIVATION
+#include "sd-daemon.h"
+#endif
+
 #include "nls.h"
 
 #ifdef __GNUC__
@@ -56,19 +60,20 @@ static void __attribute__ ((__noreturn__)) usage(FILE * out)
 	      _(" %s [options]\n"), program_invocation_short_name);
 
 	fputs(_("\nOptions:\n"), out);
-	fputs(_(" -p, --pid <path>    path to pid file\n"
-		" -s, --socket <path> path to socket\n"
-		" -T, --timeout <sec> specify inactivity timeout\n"
-		" -k, --kill          kill running daemon\n"
-		" -r, --random        test random-based generation\n"
-		" -t, --time          test time-based generation\n"
-		" -n, --uuids <num>   request number of uuids\n"
-		" -P, --no-pid        do not create pid file\n"
-		" -F, --no-fork       do not daemonize using double-fork\n"
-		" -d, --debug         run in debugging mode\n"
-		" -q, --quiet         turn on quiet mode\n"
-		" -V, --version       output version information and exit\n"
-		" -h, --help          display this help and exit\n\n"), out);
+	fputs(_(" -p, --pid <path>        path to pid file\n"
+		" -s, --socket <path>     path to socket\n"
+		" -T, --timeout <sec>     specify inactivity timeout\n"
+		" -k, --kill              kill running daemon\n"
+		" -r, --random            test random-based generation\n"
+		" -t, --time              test time-based generation\n"
+		" -n, --uuids <num>       request number of uuids\n"
+		" -P, --no-pid            do not create pid file\n"
+		" -F, --no-fork           do not daemonize using double-fork\n"
+		" -S, --socket-activation do not create listening socket\n"
+		" -d, --debug             run in debugging mode\n"
+		" -q, --quiet             turn on quiet mode\n"
+		" -V, --version           output version information and exit\n"
+		" -h, --help              display this help and exit\n\n"), out);
 
 	exit(out == stderr ? EXIT_FAILURE : EXIT_SUCCESS);
 }
@@ -300,7 +305,8 @@ static int create_socket(const char *socket_path, int will_fork, int quiet)
 }
 
 static void server_loop(const char *socket_path, const char *pidfile_path,
-			int debug, int timeout, int quiet, int no_fork)
+			int debug, int timeout, int quiet, int no_fork,
+			int no_sock)
 {
 	struct sockaddr_un	from_addr;
 	socklen_t		fromlen;
@@ -312,9 +318,14 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 	int			fd_pidfile = -1;
 	int			ret;
 
+#ifdef UUIDD_SOCKET_ACTIVATION
+	if (no_sock)
+		/* no_sock implies no_fork and no_pid */
+		goto socket_ready;
+#endif
+
 	signal(SIGALRM, terminate_intr);
 	alarm(30);
-
 	if (pidfile_path)
 		fd_pidfile = create_pidfile(pidfile_path, quiet);
 
@@ -337,11 +348,6 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 
 	if (!debug && !no_fork)
 		create_daemon();
-	signal(SIGHUP, terminate_intr);
-	signal(SIGINT, terminate_intr);
-	signal(SIGTERM, terminate_intr);
-	signal(SIGALRM, terminate_intr);
-	signal(SIGPIPE, SIG_IGN);
 
 	if (pidfile_path) {
 		sprintf(reply_buf, "%8d\n", getpid());
@@ -353,6 +359,24 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 			close(fd_pidfile); /* Unlock the pid file */
 	}
 
+socket_ready:
+	signal(SIGHUP, terminate_intr);
+	signal(SIGINT, terminate_intr);
+	signal(SIGTERM, terminate_intr);
+	signal(SIGALRM, terminate_intr);
+	signal(SIGPIPE, SIG_IGN);
+
+#ifdef UUIDD_SOCKET_ACTIVATION
+	if (no_sock) {
+		if (sd_listen_fds(0) != 1) {
+			fprintf(stderr, _("No or too many file descriptors received.\n"));
+			exit(EXIT_FAILURE);
+		}
+
+		s = SD_LISTEN_FDS_START + 0;
+	}
+#endif
+
 	while (1) {
 		fromlen = sizeof(from_addr);
 		if (timeout > 0)
@@ -482,6 +506,7 @@ int main(int argc, char **argv)
 	int		debug = 0, do_type = 0, do_kill = 0, num = 0;
 	int		timeout = 0, quiet = 0, drop_privs = 0;
 	int		no_pid = 0, no_fork = 0;
+	int		no_sock = 0, s_flag = 0;
 
 	static const struct option longopts[] = {
 		{"pid", required_argument, NULL, 'p'},
@@ -493,6 +518,7 @@ int main(int argc, char **argv)
 		{"uuids", required_argument, NULL, 'n'},
 		{"no-pid", no_argument, NULL, 'P'},
 		{"no-fork", no_argument, NULL, 'F'},
+		{"socket-activation", no_argument, NULL, 'S'},
 		{"debug", no_argument, NULL, 'd'},
 		{"quiet", no_argument, NULL, 'q'},
 		{"version", no_argument, NULL, 'V'},
@@ -505,7 +531,7 @@ int main(int argc, char **argv)
 	textdomain(PACKAGE);
 
 	while ((c =
-		getopt_long(argc, argv, "p:s:T:krtn:PFdqVh", longopts,
+		getopt_long(argc, argv, "p:s:T:krtn:PFSdqVh", longopts,
 			    NULL)) != -1) {
 		switch (c) {
 		case 'd':
@@ -535,6 +561,19 @@ int main(int argc, char **argv)
 			no_fork = 1;
 			drop_privs = 1;
 			break;
+		case 'S':
+#ifdef UUIDD_SOCKET_ACTIVATION
+			no_sock = 1;
+			drop_privs = 1;
+			no_fork = 1;
+			no_pid = 1;
+#else
+			fprintf(stderr,
+				_("uuidd has been built without support for socket activation.\n"
+				  "Configure with --enable-uuidd-socket-activation to enable it.\n"));
+			return EXIT_FAILURE;
+#endif
+			break;
 		case 'q':
 			quiet++;
 			break;
@@ -544,6 +583,7 @@ int main(int argc, char **argv)
 			break;
 		case 's':
 			socket_path = optarg;
+			s_flag = 1;
 			drop_privs = 1;
 			break;
 		case 't':
@@ -578,6 +618,10 @@ int main(int argc, char **argv)
 	else if (pidfile_path_param)
 		pidfile_path = pidfile_path_param;
 
+	/* custom socket path and socket-activation make no sense */
+	if (s_flag && no_sock && !quiet)
+		fprintf(stderr, _("Both --socket-activation and --socket specified. "
+				  "Ignoring --socket\n"));
 
 	uid = getuid();
 	if (uid && drop_privs) {
@@ -660,6 +704,7 @@ int main(int argc, char **argv)
 		return EXIT_SUCCESS;
 	}
 
-	server_loop(socket_path, pidfile_path, debug, timeout, quiet, no_fork);
+	server_loop(socket_path, pidfile_path, debug, timeout, quiet, no_fork,
+		    no_sock);
 	return EXIT_SUCCESS;
 }
-- 
1.7.7

[PATCH 08/20] uuidd: print all debugging information to stderr

[Petr Uzel]

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 misc-utils/uuidd.c |   28 ++++++++++++++--------------
 1 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/misc-utils/uuidd.c b/misc-utils/uuidd.c
index abc24a4..aae5dbf 100644
--- a/misc-utils/uuidd.c
+++ b/misc-utils/uuidd.c
@@ -332,7 +332,7 @@ static void server_loop(const char *socket_path, const char *pidfile_path,
 	ret = call_daemon(socket_path, UUIDD_OP_GETPID, reply_buf, sizeof(reply_buf), 0, NULL);
 	if (ret > 0) {
 		if (!quiet)
-			printf(_("uuidd daemon already running at pid %s\n"),
+			fprintf(stderr, _("uuidd daemon already running at pid %s\n"),
 			       reply_buf);
 		exit(EXIT_FAILURE);
 	}
@@ -394,7 +394,7 @@ socket_ready:
 			if (len < 0)
 				perror("read");
 			else
-				printf(_("Error reading from client, "
+				fprintf(stderr, _("Error reading from client, "
 					 "len = %d\n"), len);
 			goto shutdown_socket;
 		}
@@ -403,10 +403,10 @@ socket_ready:
 			if (read_all(ns, (char *) &num, sizeof(num)) != 4)
 				goto shutdown_socket;
 			if (debug)
-				printf(_("operation %d, incoming num = %d\n"),
+				fprintf(stderr, _("operation %d, incoming num = %d\n"),
 				       op, num);
 		} else if (debug)
-			printf(_("operation %d\n"), op);
+			fprintf(stderr, _("operation %d\n"), op);
 
 		switch (op) {
 		case UUIDD_OP_GETPID:
@@ -422,7 +422,7 @@ socket_ready:
 			__uuid_generate_time(uu, &num);
 			if (debug) {
 				uuid_unparse(uu, str);
-				printf(_("Generated time UUID: %s\n"), str);
+				fprintf(stderr, _("Generated time UUID: %s\n"), str);
 			}
 			memcpy(reply_buf, uu, sizeof(uu));
 			reply_len = sizeof(uu);
@@ -432,7 +432,7 @@ socket_ready:
 			__uuid_generate_random(uu, &num);
 			if (debug) {
 				uuid_unparse(uu, str);
-				printf(_("Generated random UUID: %s\n"), str);
+				fprintf(stderr, _("Generated random UUID: %s\n"), str);
 			}
 			memcpy(reply_buf, uu, sizeof(uu));
 			reply_len = sizeof(uu);
@@ -441,10 +441,10 @@ socket_ready:
 			__uuid_generate_time(uu, &num);
 			if (debug) {
 				uuid_unparse(uu, str);
-				printf(P_("Generated time UUID %s "
-					  "and %d following\n",
-					  "Generated time UUID %s "
-					  "and %d following\n", num - 1),
+				fprintf(stderr, P_("Generated time UUID %s "
+						   "and %d following\n",
+						   "Generated time UUID %s "
+						   "and %d following\n", num - 1),
 				       str, num - 1);
 			}
 			memcpy(reply_buf, uu, sizeof(uu));
@@ -462,13 +462,13 @@ socket_ready:
 			__uuid_generate_random((unsigned char *) reply_buf +
 					      sizeof(num), &num);
 			if (debug) {
-				printf(P_("Generated %d UUID:\n",
-					  "Generated %d UUIDs:\n", num), num);
+				fprintf(stderr, P_("Generated %d UUID:\n",
+						   "Generated %d UUIDs:\n", num), num);
 				for (i = 0, cp = reply_buf + sizeof(num);
 				     i < num;
 				     i++, cp += UUID_LEN) {
 					uuid_unparse((unsigned char *)cp, str);
-					printf("\t%s\n", str);
+					fprintf(stderr, "\t%s\n", str);
 				}
 			}
 			reply_len = (num * UUID_LEN) + sizeof(num);
@@ -476,7 +476,7 @@ socket_ready:
 			break;
 		default:
 			if (debug)
-				printf(_("Invalid operation %d\n"), op);
+				fprintf(stderr, _("Invalid operation %d\n"), op);
 			goto shutdown_socket;
 		}
 		write_all(ns, (char *) &reply_len, sizeof(reply_len));
-- 
1.7.7

[PATCH 09/20] uuidd: factor out dropping of privileges into separate function

[Petr Uzel]

Simplify main by moving dropping of privileges into newly
introduced drop_privileges() function.

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 misc-utils/uuidd.c |   47 +++++++++++++++++++++++++++++------------------
 1 files changed, 29 insertions(+), 18 deletions(-)

diff --git a/misc-utils/uuidd.c b/misc-utils/uuidd.c
index aae5dbf..10c3019 100644
--- a/misc-utils/uuidd.c
+++ b/misc-utils/uuidd.c
@@ -486,6 +486,33 @@ socket_ready:
 	}
 }
 
+/*
+ * Drop privileges of the process
+ *
+ * Set real uid, effective uid and - if supported by the system - also
+ * saved set-user-id. Similarly for gid.
+ *
+ * Exits the program with error upon failure.
+ */
+static void drop_privileges(uid_t uid, gid_t gid)
+{
+#ifdef HAVE_SETRESGID
+	if (setresgid(gid, gid, gid) < 0)
+		err(EXIT_FAILURE, "setresgid");
+#else
+	if (setregid(gid, gid) < 0)
+		err(EXIT_FAILURE, "setregid");
+#endif
+
+#ifdef HAVE_SETRESUID
+	if (setresuid(uid, uid, uid) < 0)
+		err(EXIT_FAILURE, "setresuid");
+#else
+	if (setreuid(uid, uid) < 0)
+		err(EXIT_FAILURE, "setreuid");
+#endif
+}
+
 static void __attribute__ ((__noreturn__)) unexpected_size(int size)
 {
 	errx(EXIT_FAILURE, _("Unexpected reply length from server %d"), size);
@@ -501,7 +528,6 @@ int main(int argc, char **argv)
 	char		str[UUID_STR_LEN], *tmp;
 	uuid_t		uu;
 	uid_t		uid;
-	gid_t		gid;
 	int		i, c, ret;
 	int		debug = 0, do_type = 0, do_kill = 0, num = 0;
 	int		timeout = 0, quiet = 0, drop_privs = 0;
@@ -624,24 +650,9 @@ int main(int argc, char **argv)
 				  "Ignoring --socket\n"));
 
 	uid = getuid();
-	if (uid && drop_privs) {
-		gid = getgid();
-#ifdef HAVE_SETRESGID
-		if (setresgid(gid, gid, gid) < 0)
-			err(EXIT_FAILURE, "setresgid");
-#else
-		if (setregid(gid, gid) < 0)
-			err(EXIT_FAILURE, "setregid");
-#endif
+	if (uid && drop_privs)
+		drop_privileges(uid, getgid());
 
-#ifdef HAVE_SETRESUID
-		if (setresuid(uid, uid, uid) < 0)
-			err(EXIT_FAILURE, "setresuid");
-#else
-		if (setreuid(uid, uid) < 0)
-			err(EXIT_FAILURE, "setreuid");
-#endif
-	}
 	if (num && do_type) {
 		ret = call_daemon(socket_path, do_type + 2, buf,
 				  sizeof(buf), &num, &err_context);
-- 
1.7.7

[PATCH 10/20] uuidd: make drop_privs true by default in main()

[Petr Uzel]

The drop_privs variable in main() was used to determine whether the
daemon will attempt to drop privileges (provided it has been installed
suid). As of now, it makes sense to drop the privileges each time it is
started. Therefore, this patch inverts the default value of drop_privs
to true, so that it does not need to be set in the getopt loop at
multiple places.

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 misc-utils/uuidd.c |   12 ++----------
 1 files changed, 2 insertions(+), 10 deletions(-)

diff --git a/misc-utils/uuidd.c b/misc-utils/uuidd.c
index 10c3019..4b04390 100644
--- a/misc-utils/uuidd.c
+++ b/misc-utils/uuidd.c
@@ -530,9 +530,10 @@ int main(int argc, char **argv)
 	uid_t		uid;
 	int		i, c, ret;
 	int		debug = 0, do_type = 0, do_kill = 0, num = 0;
-	int		timeout = 0, quiet = 0, drop_privs = 0;
+	int		timeout = 0, quiet = 0;
 	int		no_pid = 0, no_fork = 0;
 	int		no_sock = 0, s_flag = 0;
+	int 		drop_privs = 1;
 
 	static const struct option longopts[] = {
 		{"pid", required_argument, NULL, 'p'},
@@ -562,11 +563,9 @@ int main(int argc, char **argv)
 		switch (c) {
 		case 'd':
 			debug++;
-			drop_privs = 1;
 			break;
 		case 'k':
 			do_kill++;
-			drop_privs = 1;
 			break;
 		case 'n':
 			num = strtol(optarg, &tmp, 0);
@@ -577,20 +576,16 @@ int main(int argc, char **argv)
 			break;
 		case 'p':
 			pidfile_path_param = optarg;
-			drop_privs = 1;
 			break;
 		case 'P':
 			no_pid = 1;
-			drop_privs = 1;
 			break;
 		case 'F':
 			no_fork = 1;
-			drop_privs = 1;
 			break;
 		case 'S':
 #ifdef UUIDD_SOCKET_ACTIVATION
 			no_sock = 1;
-			drop_privs = 1;
 			no_fork = 1;
 			no_pid = 1;
 #else
@@ -605,16 +600,13 @@ int main(int argc, char **argv)
 			break;
 		case 'r':
 			do_type = UUIDD_OP_RANDOM_UUID;
-			drop_privs = 1;
 			break;
 		case 's':
 			socket_path = optarg;
 			s_flag = 1;
-			drop_privs = 1;
 			break;
 		case 't':
 			do_type = UUIDD_OP_TIME_UUID;
-			drop_privs = 1;
 			break;
 		case 'T':
 			timeout = strtol(optarg, &tmp, 0);
-- 
1.7.7

[PATCH 11/20] uuidd: introduce --keep-privs option

[Petr Uzel]

This option makes uuidd _not_ to drop its privileges if installed suid
and exectued by root.

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 misc-utils/uuidd.8 |    5 +++++
 misc-utils/uuidd.c |    7 ++++++-
 2 files changed, 11 insertions(+), 1 deletions(-)

diff --git a/misc-utils/uuidd.8 b/misc-utils/uuidd.8
index f5fb5f0..892f236 100644
--- a/misc-utils/uuidd.8
+++ b/misc-utils/uuidd.8
@@ -48,6 +48,11 @@ process.  Implies --no-fork and --no-pid.  As of this writing, this option is
 supposed to be used only with systemd. It needs to enabled with configure
 option --enable--uuid-socket-activation.
 .TP
+.BR \-K , " \-\-keep-privs "
+If uuidd is installed set-uid and executed by root, it by default drops its
+privileges to match the owner and group of the binary.  This option makes uuidd
+keep its privileges.
+.TP
 .B \-q
 Suppress some failure messages.
 .TP
diff --git a/misc-utils/uuidd.c b/misc-utils/uuidd.c
index 4b04390..54978aa 100644
--- a/misc-utils/uuidd.c
+++ b/misc-utils/uuidd.c
@@ -70,6 +70,7 @@ static void __attribute__ ((__noreturn__)) usage(FILE * out)
 		" -P, --no-pid            do not create pid file\n"
 		" -F, --no-fork           do not daemonize using double-fork\n"
 		" -S, --socket-activation do not create listening socket\n"
+		" -K, --keep-privs 	  do not drop privileges\n"
 		" -d, --debug             run in debugging mode\n"
 		" -q, --quiet             turn on quiet mode\n"
 		" -V, --version           output version information and exit\n"
@@ -546,6 +547,7 @@ int main(int argc, char **argv)
 		{"no-pid", no_argument, NULL, 'P'},
 		{"no-fork", no_argument, NULL, 'F'},
 		{"socket-activation", no_argument, NULL, 'S'},
+		{"keep-privs", no_argument, NULL, 'K'},
 		{"debug", no_argument, NULL, 'd'},
 		{"quiet", no_argument, NULL, 'q'},
 		{"version", no_argument, NULL, 'V'},
@@ -558,7 +560,7 @@ int main(int argc, char **argv)
 	textdomain(PACKAGE);
 
 	while ((c =
-		getopt_long(argc, argv, "p:s:T:krtn:PFSdqVh", longopts,
+		getopt_long(argc, argv, "p:s:T:krtn:PFSKdqVh", longopts,
 			    NULL)) != -1) {
 		switch (c) {
 		case 'd':
@@ -595,6 +597,9 @@ int main(int argc, char **argv)
 			return EXIT_FAILURE;
 #endif
 			break;
+		case 'K':
+			drop_privs = 0;
+			break;
 		case 'q':
 			quiet++;
 			break;
-- 
1.7.7

[PATCH 12/20] uuidd: --socket-activation implies --keep-privs

[Petr Uzel]

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 misc-utils/uuidd.8 |    6 +++---
 misc-utils/uuidd.c |    1 +
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/misc-utils/uuidd.8 b/misc-utils/uuidd.8
index 892f236..8bf5da8 100644
--- a/misc-utils/uuidd.8
+++ b/misc-utils/uuidd.8
@@ -44,9 +44,9 @@ Do not daemonize using double-fork.
 .TP
 .BR \-S , " \-\-socket-activation "
 Do not create the socket and instead expect it to be provided by the calling
-process.  Implies --no-fork and --no-pid.  As of this writing, this option is
-supposed to be used only with systemd. It needs to enabled with configure
-option --enable--uuid-socket-activation.
+process.  Implies --no-fork, --no-pid and --keep-privs.  As of this writing,
+this option is supposed to be used only with systemd. It needs to enabled with
+configure option --enable--uuid-socket-activation.
 .TP
 .BR \-K , " \-\-keep-privs "
 If uuidd is installed set-uid and executed by root, it by default drops its
diff --git a/misc-utils/uuidd.c b/misc-utils/uuidd.c
index 54978aa..795129f 100644
--- a/misc-utils/uuidd.c
+++ b/misc-utils/uuidd.c
@@ -590,6 +590,7 @@ int main(int argc, char **argv)
 			no_sock = 1;
 			no_fork = 1;
 			no_pid = 1;
+			drop_privs = 0;
 #else
 			fprintf(stderr,
 				_("uuidd has been built without support for socket activation.\n"
-- 
1.7.7

[PATCH 13/20] uuidd: add systemd unit files

[Petr Uzel]

Add systemd unit files which use the socket activation mechanism
of systemd. The uuidd deamon is started upon first request on the
socket and quits after 1 minute of inactivity.

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 configure.ac                |   11 +++++++++++
 misc-utils/.gitignore       |    2 +-
 misc-utils/Makefile.am      |   11 +++++++++--
 misc-utils/uuidd.service.in |    9 +++++++++
 misc-utils/uuidd.socket     |    8 ++++++++
 5 files changed, 38 insertions(+), 3 deletions(-)
 create mode 100644 misc-utils/uuidd.service.in
 create mode 100644 misc-utils/uuidd.socket

diff --git a/configure.ac b/configure.ac
index bb56948..8f89639 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1112,6 +1112,16 @@ if test "x$enable_uuidd_socket_activation" = xyes; then
   AC_DEFINE(UUIDD_SOCKET_ACTIVATION, 1, [Should uuidd support socket activation?])
 fi
 
+AC_ARG_WITH([systemdsystemunitdir],
+  AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [directory for systemd service files]),
+  [], [with_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)])
+
+if test "x$with_systemdsystemunitdir" != "xno"; then
+  AC_SUBST([systemdsystemunitdir], [$with_systemdsystemunitdir])
+fi
+
+AM_CONDITIONAL(WITH_SYSTEMD, [test -n "$with_systemdsystemunitdir" -a "x$with_systemdsystemunitdir" != "xno" ])
+
 
 AC_ARG_ENABLE([login-stat-mail],
   AS_HELP_STRING([--enable-login-stat-mail], [let login stat() the mailbox]),
@@ -1235,6 +1245,7 @@ libuuid/uuid.pc
 login-utils/Makefile
 man/ru/Makefile
 misc-utils/Makefile
+misc-utils/uuidd.service
 misc-utils/chkdupexe:misc-utils/chkdupexe.pl
 mount/Makefile
 partx/Makefile
diff --git a/misc-utils/.gitignore b/misc-utils/.gitignore
index bde3ab8..3fe5567 100644
--- a/misc-utils/.gitignore
+++ b/misc-utils/.gitignore
@@ -18,4 +18,4 @@ wipefs
 findmnt
 lsblk
 lslocks
-
+uuidd.service
diff --git a/misc-utils/Makefile.am b/misc-utils/Makefile.am
index 5db5183..e0232e8 100644
--- a/misc-utils/Makefile.am
+++ b/misc-utils/Makefile.am
@@ -1,7 +1,5 @@
 include $(top_srcdir)/config/include-Makefile.am
 
-EXTRA_DIST = uuidd.rc
-
 bin_PROGRAMS =
 sbin_PROGRAMS =
 usrsbin_exec_PROGRAMS =
@@ -85,8 +83,17 @@ if UUIDD_SOCKET_ACTIVATION
 uuidd_SOURCES += sd-daemon.c
 uuidd_LDADD += -lrt
 endif
+if WITH_SYSTEMD
+systemdsystemunit_DATA = \
+	uuidd.service \
+	uuidd.socket
+endif
 endif
 
+EXTRA_DIST = uuidd.rc uuidd.service.in uuidd.socket
+CLEANFILES += uuidd.service
+
+
 if BUILD_LIBBLKID
 sbin_PROGRAMS += blkid findfs wipefs
 dist_man_MANS += blkid.8 findfs.8 wipefs.8
diff --git a/misc-utils/uuidd.service.in b/misc-utils/uuidd.service.in
new file mode 100644
index 0000000..750fc31
--- /dev/null
+++ b/misc-utils/uuidd.service.in
@@ -0,0 +1,9 @@
+[Unit]
+Description=Daemon for generating UUIDs
+Requires=uuidd.socket
+
+[Service]
+ExecStart=@sbindir@/uuidd -S -T 60
+Restart=no
+User=uuidd
+Group=uuidd
diff --git a/misc-utils/uuidd.socket b/misc-utils/uuidd.socket
new file mode 100644
index 0000000..4eba789
--- /dev/null
+++ b/misc-utils/uuidd.socket
@@ -0,0 +1,8 @@
+[Unit]
+Description=UUID daemon activation socket
+
+[Socket]
+ListenStream=/var/run/uuidd/request
+
+[Install]
+WantedBy=sockets.target
-- 
1.7.7

[PATCH 14/20] libuuid: use EXIT_FAILURE

[Petr Uzel]

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 libuuid/src/gen_uuid.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/libuuid/src/gen_uuid.c b/libuuid/src/gen_uuid.c
index 492bb75..29211b9 100644
--- a/libuuid/src/gen_uuid.c
+++ b/libuuid/src/gen_uuid.c
@@ -517,7 +517,7 @@ static int get_uuid_via_daemon(int op, uuid_t out, int *num)
 				close_all_fds();
 				execl(uuidd_path, "uuidd", "-qT", "300",
 				      (char *) NULL);
-				exit(1);
+				exit(EXIT_FAILURE);
 			}
 			(void) waitpid(pid, 0, 0);
 			if (connect(s, (const struct sockaddr *) &srv_addr,
-- 
1.7.7

[PATCH 15/20] libuuid: implement --disable-libuuid-exec-uuidd configure option

[Petr Uzel]

This option prevents libuuid from attempting to spawn uuidd. This
is intended to be used in conjunction with socket-activated uuidd.

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 configure.ac           |   12 ++++++++++++
 libuuid/src/gen_uuid.c |    9 +++++++++
 2 files changed, 21 insertions(+), 0 deletions(-)

diff --git a/configure.ac b/configure.ac
index 8f89639..05e024a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1123,6 +1123,18 @@ fi
 AM_CONDITIONAL(WITH_SYSTEMD, [test -n "$with_systemdsystemunitdir" -a "x$with_systemdsystemunitdir" != "xno" ])
 
 
+AC_ARG_ENABLE([libuuid-exec-uuidd],
+  AS_HELP_STRING([--disable-libuuid-exec-uuidd], [disable spawning of uuidd from libuuid library]),
+  [], enable_libuuid_exec_uuidd=yes
+)
+
+AM_CONDITIONAL(LIBUUID_EXEC_UUIDD, test "x$enable_libuuid_exec_uuidd" = xyes)
+
+if test "x$enable_libuuid_exec_uuidd" = xyes; then
+  AC_DEFINE(LIBUUID_EXEC_UUIDD, 1, [Should libuuid attempt to exec uuidd daemon?])
+fi
+
+
 AC_ARG_ENABLE([login-stat-mail],
   AS_HELP_STRING([--enable-login-stat-mail], [let login stat() the mailbox]),
   [], enable_login_stat_mail=no
diff --git a/libuuid/src/gen_uuid.c b/libuuid/src/gen_uuid.c
index 29211b9..0a75137 100644
--- a/libuuid/src/gen_uuid.c
+++ b/libuuid/src/gen_uuid.c
@@ -452,6 +452,7 @@ static ssize_t read_all(int fd, char *buf, size_t count)
 	return c;
 }
 
+#ifdef LIBUUID_EXEC_UUIDD
 /*
  * Close all file descriptors
  */
@@ -478,6 +479,7 @@ static void close_all_fds(void)
 			open("/dev/null", O_RDWR);
 	}
 }
+#endif
 
 /*
  * Try using the uuidd daemon to generate the UUID
@@ -495,8 +497,10 @@ static int get_uuid_via_daemon(int op, uuid_t out, int *num)
 	struct stat st;
 	pid_t pid;
 	static const char *uuidd_path = UUIDD_PATH;
+#ifdef LIBUUID_EXEC_UUIDD
 	static int access_ret = -2;
 	static int start_attempts = 0;
+#endif
 
 	if ((s = socket(AF_UNIX, SOCK_STREAM, 0)) < 0)
 		return -1;
@@ -506,6 +510,7 @@ static int get_uuid_via_daemon(int op, uuid_t out, int *num)
 
 	if (connect(s, (const struct sockaddr *) &srv_addr,
 		    sizeof(struct sockaddr_un)) < 0) {
+#ifdef LIBUUID_EXEC_UUIDD
 		if (access_ret == -2)
 			access_ret = access(uuidd_path, X_OK);
 		if (access_ret == 0)
@@ -525,7 +530,11 @@ static int get_uuid_via_daemon(int op, uuid_t out, int *num)
 				goto fail;
 		} else
 			goto fail;
+#else
+		goto fail;
+#endif
 	}
+
 	op_buf[0] = op;
 	op_len = 1;
 	if (op == UUIDD_OP_BULK_TIME_UUID) {
-- 
1.7.7

[PATCH 16/20] libuuid: fix typo in uuid_compare manpage

[Petr Uzel]

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 libuuid/man/uuid_compare.3 |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/libuuid/man/uuid_compare.3 b/libuuid/man/uuid_compare.3
index e748eac..9300c51 100644
--- a/libuuid/man/uuid_compare.3
+++ b/libuuid/man/uuid_compare.3
@@ -47,7 +47,7 @@ to each other.
 .SH RETURN VALUE
 Returns an integer less than, equal to, or greater than zero if
 .I uu1
-is found,  respectively, to be lexigraphically less than, equal, or
+is found,  respectively, to be lexicographically less than, equal, or
 greater than
 .IR uu2 .
 .SH AUTHOR
-- 
1.7.7

[PATCH 17/20] build-sys: run distcheck with verbose make rules

[Petr Uzel]

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 Makefile.am |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index 9ac1ffc..6fec32d 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -88,7 +88,8 @@ checkxalloc:
 	@ $(top_srcdir)/tools/checkxalloc.sh
 
 ENABLE_ALL = --enable-static-programs --enable-most-builds
-DISTCHECK_CONFIGURE_FLAGS = --enable-gtk-doc --disable-use-tty-group $(ENABLE_ALL)
+DISTCHECK_CONFIGURE_FLAGS = --enable-gtk-doc --disable-use-tty-group \
+			    --disable-silent-rules $(ENABLE_ALL)
 
 
 BUILT_SOURCES = .version
-- 
1.7.7

[PATCH 18/20] build-sys: add ttyutils.h to dist

[Petr Uzel]

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 include/Makefile.am |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/include/Makefile.am b/include/Makefile.am
index b939f89..cc355ed 100644
--- a/include/Makefile.am
+++ b/include/Makefile.am
@@ -34,6 +34,7 @@ dist_noinst_HEADERS = \
 	swapheader.h \
 	sysfs.h \
 	tt.h \
+	ttyutils.h \
 	usleep.h \
 	wholedisk.h \
 	widechar.h \
-- 
1.7.7

[PATCH 19/20] build-sys: add fsprobe.h to dist

[Petr Uzel]

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 mount/Makefile.am |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/mount/Makefile.am b/mount/Makefile.am
index 3bd6da4..2591f23 100644
--- a/mount/Makefile.am
+++ b/mount/Makefile.am
@@ -10,7 +10,7 @@ srcs_common = \
 	sundries.h
 
 # generic header for mount and umount
-hdrs_mount = fstab.h mount_mntent.h mount_constants.h getusername.h
+hdrs_mount = fstab.h mount_mntent.h mount_constants.h getusername.h fsprobe.h
 
 # generic sources for mount and umount
 srcs_mount = \
-- 
1.7.7

[PATCH 20/20] build-sys: fix installation of uuidd units with make distcheck

[Petr Uzel]

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 Makefile.am |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/Makefile.am b/Makefile.am
index 6fec32d..12e1103 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -89,7 +89,8 @@ checkxalloc:
 
 ENABLE_ALL = --enable-static-programs --enable-most-builds
 DISTCHECK_CONFIGURE_FLAGS = --enable-gtk-doc --disable-use-tty-group \
-			    --disable-silent-rules $(ENABLE_ALL)
+			    --disable-silent-rules $(ENABLE_ALL) \
+			    --with-systemdsystemunitdir=$$dc_install_base/$(systemdsystemunitdir)
 
 
 BUILT_SOURCES = .version
-- 
1.7.7

Re: [PATCH 10/20] uuidd: make drop_privs true by default in main()

[Ted Ts'o]

On Thu, Mar 29, 2012 at 06:45:18PM +0200, Petr Uzel wrote:
> The drop_privs variable in main() was used to determine whether the
> daemon will attempt to drop privileges (provided it has been installed
> suid). As of now, it makes sense to drop the privileges each time it is
> started. Therefore, this patch inverts the default value of drop_privs
> to true, so that it does not need to be set in the getopt loop at
> multiple places.
> 
> Signed-off-by: Petr Uzel <petr.uzel@suse.cz>

This breaks the configuration where libuuid starts uuidd if it's not
available, since there the user process probably doesn't have access
to write to /var/lib/libuuid/clock.txt, and so dropping the setgid
privileges of uuid will cause it not to work.

Also, if you're going to have a -K option to keep the privileges,
there isn't much of a security benefit, since if there's a bug in
uuidd, the attacker can always call uuidd with -K and and then attempt
to exploint any problem that might be there.

So it's not clear adding the ability to drop privileges is really all
that functional; if uuidd is setuid/setgid, it's probably because it
**needs** those privileges.

						- Ted

Re: [PATCH 10/20] uuidd: make drop_privs true by default in main()

[Petr Uzel]

[-- Attachment #1: Type: text/plain, Size: 2215 bytes --]

On Thu, Mar 29, 2012 at 02:29:11PM -0700, Ted Ts'o wrote:
> On Thu, Mar 29, 2012 at 06:45:18PM +0200, Petr Uzel wrote:
> > The drop_privs variable in main() was used to determine whether the
> > daemon will attempt to drop privileges (provided it has been installed
> > suid). As of now, it makes sense to drop the privileges each time it is
> > started. Therefore, this patch inverts the default value of drop_privs
> > to true, so that it does not need to be set in the getopt loop at
> > multiple places.
> > 
> > Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
> 
> This breaks the configuration where libuuid starts uuidd if it's not
> available, since there the user process probably doesn't have access
> to write to /var/lib/libuuid/clock.txt, and so dropping the setgid
> privileges of uuid will cause it not to work.

I don't think the commit you are referring to changes uuidd behavior
in any way and if it does, then I overlooked something and it is a
bug. The change is meant to be a cleanup - instead of initializing the
drop_privs to 0 and changing it to 1 in the getopt loop, it is initialized
to 1. IOW, I don't see a use case where it should be left 0, except
with later introduced --keep-privs (but see below). Or do I miss
something?

> Also, if you're going to have a -K option to keep the privileges,
> there isn't much of a security benefit, since if there's a bug in
> uuidd, the attacker can always call uuidd with -K and and then attempt
> to exploint any problem that might be there.
> 
> So it's not clear adding the ability to drop privileges is really all
> that functional; if uuidd is setuid/setgid, it's probably because it
> **needs** those privileges.

If I get it right, the setuid/setgid bit for uuidd is "only" useful
for the case when uuidd is spawned from the libuuid library running
with normal user privileges, right? Since this is useless with the
socket activated uuidd, the solution might be to conditionally drop
the code for dropping privileges if uuidd is configured 
--with-uuidd-socket-activation. Also the --keep-privs would
go away. Does that sound good?


Thanks,

        Petr

--
Petr Uzel
IRC: ptr_uzl @ freenode

[-- Attachment #2: Type: application/pgp-signature, Size: 198 bytes --]

Re: [PATCH 04/20] uuidd: implement --no-pid option

[Karel Zak]

On Thu, Mar 29, 2012 at 06:45:12PM +0200, Petr Uzel wrote:
> +	if (pidfile_path) {
> +		sprintf(reply_buf, "%8d\n", getpid());
> +		if (ftruncate(fd_pidfile, 0)) {
> +			/* Silence warn_unused_result */
> +		}

 #include "c.h"

 ignore_result( ftruncate(fd_pidfile, 0) );


-- 
 Karel Zak  <kzak@redhat.com>
 http://karelzak.blogspot.com

Re: [PATCH 07/20] uuidd: implement --socket-activation option

[Karel Zak]

On Thu, Mar 29, 2012 at 06:45:15PM +0200, Petr Uzel wrote:
> Implement --socket-activatoin option, which is supposed to be used
> with systemd (or equivalent init system) socket activation mechanism.
> With this option, the UUID daemon does not create the socket on its own,
> but instead expect the connection fd to be provided by the calling
> process.
> 
> This option is only available if util-linux is configured with
> --enable-uuidd-socket-activation option. With this configure
> option, the uuidd is compiled with sd-daemon.c.
> 
> Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
> ---
>  configure.ac           |   12 +
>  misc-utils/Makefile.am |    6 +
>  misc-utils/sd-daemon.c |  530 ++++++++++++++++++++++++++++++++++++++++++++++++
>  misc-utils/sd-daemon.h |  282 +++++++++++++++++++++++++
>  misc-utils/uuidd.8     |    6 +
>  misc-utils/uuidd.c     |   89 ++++++--
>  6 files changed, 903 insertions(+), 22 deletions(-)
>  create mode 100644 misc-utils/sd-daemon.c
>  create mode 100644 misc-utils/sd-daemon.h
> 
> diff --git a/configure.ac b/configure.ac
> index 2140bc5..bb56948 100644
> --- a/configure.ac
> +++ b/configure.ac
> @@ -1101,6 +1101,18 @@ if test "x$enable_login_chown_vcs" = xyes; then
>  fi
>  
>  
> +AC_ARG_ENABLE([uuidd-socket-activation],
> +  AS_HELP_STRING([--enable-uuidd-socket-activation], [build uuidd with support for systemd socket activation]),
> +  [], enable_uuidd_socket_activation=no
> +)

 What about --enable-socket-activation (without -uuidd-)?

 If you have distro with systemd then all your stuff should compatible
 with the initd (it's detail that currently we have one daemon only).

> +AM_CONDITIONAL(UUIDD_SOCKET_ACTIVATION, test "x$enable_uuidd_socket_activation" = xyes)

 USE_SOCKET_ACTIVATION

> +if test "x$enable_uuidd_socket_activation" = xyes; then
> +  AC_DEFINE(UUIDD_SOCKET_ACTIVATION, 1, [Should uuidd support socket activation?])

 USE_SOCKET_ACTIVATION

 [...]

>  static void server_loop(const char *socket_path, const char *pidfile_path,
> -			int debug, int timeout, int quiet, int no_fork)
> +			int debug, int timeout, int quiet, int no_fork,
> +			int no_sock)

 hmm... pretty long argument lists :-)

 Maybe use struct uuidd_cxt with bit array for all the arguments. If
 yes, then use a separate patch for this change.

    Karel

-- 
 Karel Zak  <kzak@redhat.com>
 http://karelzak.blogspot.com

Re: [PATCH 11/20] uuidd: introduce --keep-privs option

[Karel Zak]

On Thu, Mar 29, 2012 at 06:45:19PM +0200, Petr Uzel wrote:
> This option makes uuidd _not_ to drop its privileges if installed suid
> and exectued by root.
> 
> Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
> ---
>  misc-utils/uuidd.8 |    5 +++++
>  misc-utils/uuidd.c |    7 ++++++-
>  2 files changed, 11 insertions(+), 1 deletions(-)

 Please, drop this patch.

 For socket activation we can use the "drop_privs = 0" internally, it's
 unnecessary to export this functionality to command line.


 Anyway, do we really need to support suid uuidd? What about to drop
 all this stuff and require that uuidd has to be started by init
 scripts only? What about to drop exec-from-library at all?

 RHEL/Fedora/Suse starts uuidd by init, and for another distros is
 whole uuidd almost unnecessary thing... It seems that Debian uses
 suid uuidd, but I think that they can add an init script too.

 IMHO the current exec-from-library and suid is not elegant solution.

 Ted?

    Karel

-- 
 Karel Zak  <kzak@redhat.com>
 http://karelzak.blogspot.com

Re: [PATCH 12/20] uuidd: --socket-activation implies --keep-privs

[Karel Zak]

On Thu, Mar 29, 2012 at 06:45:20PM +0200, Petr Uzel wrote:
> +process.  Implies --no-fork, --no-pid and --keep-privs.  As of this writing,
> +this option is supposed to be used only with systemd. It needs to enabled with
> +configure option --enable--uuid-socket-activation.

 It would be better to add a NOTES section to the man page and add there
 a note about socket activation.

    Karel

-- 
 Karel Zak  <kzak@redhat.com>
 http://karelzak.blogspot.com

Re: [PATCH 13/20] uuidd: add systemd unit files

[Karel Zak]

On Thu, Mar 29, 2012 at 06:45:21PM +0200, Petr Uzel wrote:
> +AC_ARG_WITH([systemdsystemunitdir],
> +  AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [directory for systemd service files]),

 systemdsystemunitdir ???

 Don't use German dictionary as inspiration, words maybe short :-)

 --with-unitdir=DIR

> +  [], [with_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)])
> +
> +if test "x$with_systemdsystemunitdir" != "xno"; then
> +  AC_SUBST([systemdsystemunitdir], [$with_systemdsystemunitdir])
> +fi
> +
> +AM_CONDITIONAL(WITH_SYSTEMD, [test -n "$with_systemdsystemunitdir" -a "x$with_systemdsystemunitdir" != "xno" ])

 Is it necessary? Shouldn't be --enable-socket-activation enough?

> +if WITH_SYSTEMD
> +systemdsystemunit_DATA = \

 unitdir_DATA=

    Karel

-- 
 Karel Zak  <kzak@redhat.com>
 http://karelzak.blogspot.com

Re: [PATCH 13/20] uuidd: add systemd unit files

[Tom Gundersen]

On Tue, Apr 3, 2012 at 4:01 PM, Karel Zak <kzak@redhat.com> wrote:
> On Thu, Mar 29, 2012 at 06:45:21PM +0200, Petr Uzel wrote:
>> +AC_ARG_WITH([systemdsystemunitdir],
>> + =C2=A0AS_HELP_STRING([--with-systemdsystemunitdir=3DDIR], [directory f=
or systemd service files]),
>
> =C2=A0systemdsystemunitdir ???

This is the variable name most other projcts use for this purpos. The
reason being that it is suggested here:
<http://0pointer.de/public/systemd-man/daemon.html>.

-t

Re: [PATCH 04/20] uuidd: implement --no-pid option

[Petr Uzel]

[-- Attachment #1: Type: text/plain, Size: 446 bytes --]

On Tue, Apr 03, 2012 at 02:51:46PM +0200, Karel Zak wrote:
> On Thu, Mar 29, 2012 at 06:45:12PM +0200, Petr Uzel wrote:
> > +	if (pidfile_path) {
> > +		sprintf(reply_buf, "%8d\n", getpid());
> > +		if (ftruncate(fd_pidfile, 0)) {
> > +			/* Silence warn_unused_result */
> > +		}
> 
>  #include "c.h"
> 
>  ignore_result( ftruncate(fd_pidfile, 0) );

I'll change this in v2. Thanks

Petr

--
Petr Uzel
IRC: ptr_uzl @ freenode

[-- Attachment #2: Type: application/pgp-signature, Size: 198 bytes --]

Re: [PATCH 07/20] uuidd: implement --socket-activation option

[Petr Uzel]

[-- Attachment #1: Type: text/plain, Size: 2148 bytes --]

On Tue, Apr 03, 2012 at 03:03:19PM +0200, Karel Zak wrote:
> On Thu, Mar 29, 2012 at 06:45:15PM +0200, Petr Uzel wrote:
> > Implement --socket-activatoin option, which is supposed to be used
> > with systemd (or equivalent init system) socket activation mechanism.
> > With this option, the UUID daemon does not create the socket on its own,
> > but instead expect the connection fd to be provided by the calling
> > process.
> > 
> > This option is only available if util-linux is configured with
> > --enable-uuidd-socket-activation option. With this configure
> > option, the uuidd is compiled with sd-daemon.c.
> > 
[...]
> > diff --git a/configure.ac b/configure.ac
> > index 2140bc5..bb56948 100644
> > --- a/configure.ac
> > +++ b/configure.ac
> > @@ -1101,6 +1101,18 @@ if test "x$enable_login_chown_vcs" = xyes; then
> >  fi
> >  
> >  
> > +AC_ARG_ENABLE([uuidd-socket-activation],
> > +  AS_HELP_STRING([--enable-uuidd-socket-activation], [build uuidd with support for systemd socket activation]),
> > +  [], enable_uuidd_socket_activation=no
> > +)
> 
>  What about --enable-socket-activation (without -uuidd-)?
> 
>  If you have distro with systemd then all your stuff should compatible
>  with the initd (it's detail that currently we have one daemon only).

Good idea.

> 
> > +AM_CONDITIONAL(UUIDD_SOCKET_ACTIVATION, test "x$enable_uuidd_socket_activation" = xyes)
> 
>  USE_SOCKET_ACTIVATION

OK

> 
> > +if test "x$enable_uuidd_socket_activation" = xyes; then
> > +  AC_DEFINE(UUIDD_SOCKET_ACTIVATION, 1, [Should uuidd support socket activation?])
> 
>  USE_SOCKET_ACTIVATION

OK

> 
>  [...]
> 
> >  static void server_loop(const char *socket_path, const char *pidfile_path,
> > -			int debug, int timeout, int quiet, int no_fork)
> > +			int debug, int timeout, int quiet, int no_fork,
> > +			int no_sock)
> 
>  hmm... pretty long argument lists :-)
> 
>  Maybe use struct uuidd_cxt with bit array for all the arguments. If
>  yes, then use a separate patch for this change.

OK, I'll change this in v2.

Thanks,

Petr

--
Petr Uzel
IRC: ptr_uzl @ freenode

[-- Attachment #2: Type: application/pgp-signature, Size: 198 bytes --]

Re: [PATCH 11/20] uuidd: introduce --keep-privs option

[Petr Uzel]

[-- Attachment #1: Type: text/plain, Size: 1263 bytes --]

On Tue, Apr 03, 2012 at 03:32:26PM +0200, Karel Zak wrote:
> On Thu, Mar 29, 2012 at 06:45:19PM +0200, Petr Uzel wrote:
> > This option makes uuidd _not_ to drop its privileges if installed suid
> > and exectued by root.
> > 
> > Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
> > ---
> >  misc-utils/uuidd.8 |    5 +++++
> >  misc-utils/uuidd.c |    7 ++++++-
> >  2 files changed, 11 insertions(+), 1 deletions(-)
> 
>  Please, drop this patch.
> 
>  For socket activation we can use the "drop_privs = 0" internally, it's
>  unnecessary to export this functionality to command line.

Agreed. Exporting this via cli argument was a stupid idea.

>  Anyway, do we really need to support suid uuidd? What about to drop
>  all this stuff and require that uuidd has to be started by init
>  scripts only? What about to drop exec-from-library at all?
> 
>  RHEL/Fedora/Suse starts uuidd by init, and for another distros is
>  whole uuidd almost unnecessary thing... It seems that Debian uses
>  suid uuidd, but I think that they can add an init script too.
> 
>  IMHO the current exec-from-library and suid is not elegant solution.

FWIW, I'm all for dropping spawning uuidd from libuuid.


Petr

--
Petr Uzel
IRC: ptr_uzl @ freenode

[-- Attachment #2: Type: application/pgp-signature, Size: 198 bytes --]

Re: [PATCH 12/20] uuidd: --socket-activation implies --keep-privs

[Petr Uzel]

[-- Attachment #1: Type: text/plain, Size: 565 bytes --]

On Tue, Apr 03, 2012 at 03:38:28PM +0200, Karel Zak wrote:
> On Thu, Mar 29, 2012 at 06:45:20PM +0200, Petr Uzel wrote:
> > +process.  Implies --no-fork, --no-pid and --keep-privs.  As of this writing,
> > +this option is supposed to be used only with systemd. It needs to enabled with
> > +configure option --enable--uuid-socket-activation.
> 
>  It would be better to add a NOTES section to the man page and add there
>  a note about socket activation.

Yes, that'd be better. I'll do in v2.

Thanks,

Petr

--
Petr Uzel
IRC: ptr_uzl @ freenode

[-- Attachment #2: Type: application/pgp-signature, Size: 198 bytes --]

Re: [PATCH 13/20] uuidd: add systemd unit files

[Petr Uzel]

[-- Attachment #1: Type: text/plain, Size: 767 bytes --]

On Tue, Apr 03, 2012 at 04:47:00PM +0200, Tom Gundersen wrote:
> On Tue, Apr 3, 2012 at 4:01 PM, Karel Zak <kzak@redhat.com> wrote:
> > On Thu, Mar 29, 2012 at 06:45:21PM +0200, Petr Uzel wrote:
> >> +AC_ARG_WITH([systemdsystemunitdir],
> >> +  AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [directory for systemd service files]),
> >
> >  systemdsystemunitdir ???
> 
> This is the variable name most other projcts use for this purpos. The
> reason being that it is suggested here:
> <http://0pointer.de/public/systemd-man/daemon.html>.

I'd prefer to stick with what systemd doc recommends (^^) and what
other projects use, even if it might be unnecessarily long. Karel, OK
with you to keep this?

Petr

--
Petr Uzel
IRC: ptr_uzl @ freenode

[-- Attachment #2: Type: application/pgp-signature, Size: 198 bytes --]

Re: [PATCH 13/20] uuidd: add systemd unit files

[Karel Zak]

On Thu, Apr 05, 2012 at 09:52:40AM +0200, Petr Uzel wrote:
> On Tue, Apr 03, 2012 at 04:47:00PM +0200, Tom Gundersen wrote:
> > On Tue, Apr 3, 2012 at 4:01 PM, Karel Zak <kzak@redhat.com> wrote:
> > > On Thu, Mar 29, 2012 at 06:45:21PM +0200, Petr Uzel wrote:
> > >> +AC_ARG_WITH([systemdsystemunitdir],
> > >> +  AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [directory for systemd service files]),
> > >
> > >  systemdsystemunitdir ???
> > 
> > This is the variable name most other projcts use for this purpos. The
> > reason being that it is suggested here:
> > <http://0pointer.de/public/systemd-man/daemon.html>.
> 
> I'd prefer to stick with what systemd doc recommends (^^) and what
> other projects use, even if it might be unnecessarily long. Karel, OK
> with you to keep this?

 OK

-- 
 Karel Zak  <kzak@redhat.com>
 http://karelzak.blogspot.com