Mercurial > hg > rlgwebd
comparison rlgwebd.js @ 28:2ad2b6491aa9
rlgwebd.js: become a real daemon.
The RLG-Web server now forks off, writes to a logfile, and reads from a
control socket. Unfortunately it can't handle the problem of another
rlgwebd process already running. Maybe a lockfile would help.
| author | John "Elwin" Edwards <elwin@sdf.org> |
|---|---|
| date | Mon, 04 Jun 2012 20:45:27 -0700 |
| parents | 83f9a799a374 |
| children | cf9d294bc52f |
comparison
equal
deleted
inserted
replaced
| 27:83f9a799a374 | 28:2ad2b6491aa9 |
|---|---|
| 1 #!/usr/bin/env node | 1 #!/usr/bin/env node |
| 2 | 2 |
| 3 // If you can't quite trust node to find it on its own | 3 // If you can't quite trust node to find it on its own |
| 4 var localModules = '/usr/local/lib/node_modules/'; | 4 var localModules = '/usr/local/lib/node_modules/'; |
| 5 var http = require('http'); | 5 var http = require('http'); |
| 6 var net = require('net'); | |
| 6 var url = require('url'); | 7 var url = require('url'); |
| 7 var path = require('path'); | 8 var path = require('path'); |
| 8 var fs = require('fs'); | 9 var fs = require('fs'); |
| 9 var child_process = require('child_process'); | 10 var child_process = require('child_process'); |
| 10 var daemon = require(path.join(localModules, "daemon")); | 11 var daemon = require(path.join(localModules, "daemon")); |
| 11 | 12 |
| 13 // These first two files are NOT in the chroot. | |
| 14 var ctlsocket = "/var/local/rlgwebd/ctl"; | |
| 15 var logfile = "/var/local/rlgwebd/log"; | |
| 12 var chrootDir = "/var/dgl/"; | 16 var chrootDir = "/var/dgl/"; |
| 13 var dropToUID = 501; | 17 var dropToUID = 501; |
| 14 var dropToGID = 501; | 18 var dropToGID = 501; |
| 15 var serveStaticRoot = "/var/www/"; // inside the chroot | 19 var serveStaticRoot = "/var/www/"; // inside the chroot |
| 16 var passwdfile = "/dgldir/dgl-login"; | 20 var passwdfile = "/dgldir/dgl-login"; |
| 649 } | 653 } |
| 650 | 654 |
| 651 function shutdown () { | 655 function shutdown () { |
| 652 httpServer.close(); | 656 httpServer.close(); |
| 653 httpServer.removeAllListeners('request'); | 657 httpServer.removeAllListeners('request'); |
| 654 process.stdin.removeAllListeners('data'); | 658 ctlServer.close(); |
| 655 tslog("Shutting down..."); | 659 tslog("Shutting down..."); |
| 656 process.exit(); | 660 process.exit(); |
| 657 } | 661 } |
| 658 | 662 |
| 659 function conHandler(chunk) { | 663 function conHandler(chunk) { |
| 682 | 686 |
| 683 if (process.getuid() != 0) { | 687 if (process.getuid() != 0) { |
| 684 tslog("Not running as root, cannot chroot."); | 688 tslog("Not running as root, cannot chroot."); |
| 685 process.exit(1); | 689 process.exit(1); |
| 686 } | 690 } |
| 687 try { | 691 |
| 688 process.chdir(chrootDir); | 692 /* Open the control socket before chrooting where it can't be found */ |
| 689 } | 693 var ctlServer = net.createServer(function (sock) { |
| 690 catch (err) { | 694 sock.on('data', conHandler); |
| 691 tslog("Cannot enter %s: %s", chrootDir, err); | 695 }); |
| 692 process.exit(1); | 696 ctlServer.listen(ctlsocket, function () { |
| 693 } | 697 /* fork off and die */ |
| 694 try { | 698 try { |
| 695 daemon.chroot(chrootDir); | 699 daemon.start(logfile); |
| 696 } | 700 } |
| 697 catch (err) { | 701 catch (err) { |
| 698 tslog("chroot to %s failed: %s", chrootDir, err); | 702 tslog("Daemonization failed: %s", err); |
| 699 process.exit(1); | 703 process.exit(1); |
| 700 } | 704 } |
| 701 try { | 705 /* chroot and drop permissions. daemon.chroot() does chdir() itself. */ |
| 702 // drop gid first, that requires UID=0 | 706 try { |
| 703 process.setgid(dropToGID); | 707 daemon.chroot(chrootDir); |
| 704 process.setuid(dropToUID); | 708 } |
| 705 } | 709 catch (err) { |
| 706 catch (err) { | 710 tslog("chroot to %s failed: %s", chrootDir, err); |
| 707 tslog("Could not drop permissions: %s", err); | 711 process.exit(1); |
| 708 process.exit(1); | 712 } |
| 709 } | 713 try { |
| 710 | 714 // drop gid first, that requires UID=0 |
| 711 process.stdin.on('data', conHandler); | 715 process.setgid(dropToGID); |
| 712 process.stdin.resume(); | 716 process.setuid(dropToUID); |
| 713 var httpServer = http.createServer(webHandler); | 717 } |
| 714 httpServer.listen(8080, "127.0.0.1"); | 718 catch (err) { |
| 715 tslog('rlgwebd running at http://127.0.0.1:8080/'); | 719 tslog("Could not drop permissions: %s", err); |
| 720 process.exit(1); | |
| 721 } | |
| 722 var httpServer = http.createServer(webHandler); | |
| 723 httpServer.listen(8080, "127.0.0.1"); | |
| 724 tslog('rlgwebd running at http://127.0.0.1:8080/'); | |
| 725 }); | |
| 726 |