comparison rlgwebd.js @ 28:2ad2b6491aa9

rlgwebd.js: become a real daemon. The RLG-Web server now forks off, writes to a logfile, and reads from a control socket. Unfortunately it can't handle the problem of another rlgwebd process already running. Maybe a lockfile would help.
author John "Elwin" Edwards <elwin@sdf.org>
date Mon, 04 Jun 2012 20:45:27 -0700
parents 83f9a799a374
children cf9d294bc52f
comparison
equal deleted inserted replaced
27:83f9a799a374 28:2ad2b6491aa9
1 #!/usr/bin/env node 1 #!/usr/bin/env node
2 2
3 // If you can't quite trust node to find it on its own 3 // If you can't quite trust node to find it on its own
4 var localModules = '/usr/local/lib/node_modules/'; 4 var localModules = '/usr/local/lib/node_modules/';
5 var http = require('http'); 5 var http = require('http');
6 var net = require('net');
6 var url = require('url'); 7 var url = require('url');
7 var path = require('path'); 8 var path = require('path');
8 var fs = require('fs'); 9 var fs = require('fs');
9 var child_process = require('child_process'); 10 var child_process = require('child_process');
10 var daemon = require(path.join(localModules, "daemon")); 11 var daemon = require(path.join(localModules, "daemon"));
11 12
13 // These first two files are NOT in the chroot.
14 var ctlsocket = "/var/local/rlgwebd/ctl";
15 var logfile = "/var/local/rlgwebd/log";
12 var chrootDir = "/var/dgl/"; 16 var chrootDir = "/var/dgl/";
13 var dropToUID = 501; 17 var dropToUID = 501;
14 var dropToGID = 501; 18 var dropToGID = 501;
15 var serveStaticRoot = "/var/www/"; // inside the chroot 19 var serveStaticRoot = "/var/www/"; // inside the chroot
16 var passwdfile = "/dgldir/dgl-login"; 20 var passwdfile = "/dgldir/dgl-login";
649 } 653 }
650 654
651 function shutdown () { 655 function shutdown () {
652 httpServer.close(); 656 httpServer.close();
653 httpServer.removeAllListeners('request'); 657 httpServer.removeAllListeners('request');
654 process.stdin.removeAllListeners('data'); 658 ctlServer.close();
655 tslog("Shutting down..."); 659 tslog("Shutting down...");
656 process.exit(); 660 process.exit();
657 } 661 }
658 662
659 function conHandler(chunk) { 663 function conHandler(chunk) {
682 686
683 if (process.getuid() != 0) { 687 if (process.getuid() != 0) {
684 tslog("Not running as root, cannot chroot."); 688 tslog("Not running as root, cannot chroot.");
685 process.exit(1); 689 process.exit(1);
686 } 690 }
687 try { 691
688 process.chdir(chrootDir); 692 /* Open the control socket before chrooting where it can't be found */
689 } 693 var ctlServer = net.createServer(function (sock) {
690 catch (err) { 694 sock.on('data', conHandler);
691 tslog("Cannot enter %s: %s", chrootDir, err); 695 });
692 process.exit(1); 696 ctlServer.listen(ctlsocket, function () {
693 } 697 /* fork off and die */
694 try { 698 try {
695 daemon.chroot(chrootDir); 699 daemon.start(logfile);
696 } 700 }
697 catch (err) { 701 catch (err) {
698 tslog("chroot to %s failed: %s", chrootDir, err); 702 tslog("Daemonization failed: %s", err);
699 process.exit(1); 703 process.exit(1);
700 } 704 }
701 try { 705 /* chroot and drop permissions. daemon.chroot() does chdir() itself. */
702 // drop gid first, that requires UID=0 706 try {
703 process.setgid(dropToGID); 707 daemon.chroot(chrootDir);
704 process.setuid(dropToUID); 708 }
705 } 709 catch (err) {
706 catch (err) { 710 tslog("chroot to %s failed: %s", chrootDir, err);
707 tslog("Could not drop permissions: %s", err); 711 process.exit(1);
708 process.exit(1); 712 }
709 } 713 try {
710 714 // drop gid first, that requires UID=0
711 process.stdin.on('data', conHandler); 715 process.setgid(dropToGID);
712 process.stdin.resume(); 716 process.setuid(dropToUID);
713 var httpServer = http.createServer(webHandler); 717 }
714 httpServer.listen(8080, "127.0.0.1"); 718 catch (err) {
715 tslog('rlgwebd running at http://127.0.0.1:8080/'); 719 tslog("Could not drop permissions: %s", err);
720 process.exit(1);
721 }
722 var httpServer = http.createServer(webHandler);
723 httpServer.listen(8080, "127.0.0.1");
724 tslog('rlgwebd running at http://127.0.0.1:8080/');
725 });
726