[PATCH] Run 'samba' daemon in foreground
Andreas Schneider
asn at samba.org
Tue Nov 28 09:59:15 UTC 2017
On Monday, 27 November 2017 22:33:22 CET Andrew Bartlett via samba-technical
wrote:
> On Mon, 2017-11-27 at 19:43 +0100, Andreas Schneider via samba-
>
> technical wrote:
> > Hi,
> >
> > attached is a patch to address an issue with systemd and Samba daemons
> > running in notify mode. In this mode we should not double fork. So we
> > should start the daemons with --foreground. Also systemd will take care
> > of the process group we should not handle that in Samba.
> >
> > For this I've added --foreground to the 'samba' daemon.
> >
> >
> > Review is much appreciated. If OK please push.
>
> My main question comes from not really understanding what a session ID
> is in unix. Your patch makes --no-process-group also change us to call
> getsid(), which was unconditionally false previously.
>
> Is that reasonable? If so, can you just write up what exactly it means
> in the commit message?
If you have a SysV Daemon, you should call setsid() to detach from any
terminal and create an independent session.
If we are running in systemd we should run in forground mode and not call
setsid()!
See
https://www.freedesktop.org/software/systemd/man/daemon.html
how SysV Daemons should be implemented.
> The options here are a confusing mess, so noting the differences with
> -i (--interactive) would be helpful. As I read it, the only difference
> is that with -i logs got to STDOUT and with --foreground
> become_daemon() is called, potentially allowing --no-process-group to
> trigger the setsid()?
No, --no-process-group does NOT trigger setsid()!
samba --no-process-group:
no_process_group=true => become_daemon(no_session=true)
if (!no_session) {
setsid()
}
Updated patchset attached.
Andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
-------------- next part --------------
>From 8436d812094b003d8d2d8d311ccc632bff90b369 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Wed, 15 Nov 2017 10:00:52 +0100
Subject: [PATCH 1/3] s4:samba: Do not segfault if we run into issues
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source4/smbd/server.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index eef0f7bf3d2..f107350e1af 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -105,8 +105,16 @@ static void cleanup_tmp_files(struct loadparm_context *lp_ctx)
{
char *path;
TALLOC_CTX *mem_ctx = talloc_new(NULL);
+ if (mem_ctx == NULL) {
+ exit_daemon("Failed to create memory context",
+ ENOMEM);
+ }
path = smbd_tmp_path(mem_ctx, lp_ctx, NULL);
+ if (path == NULL) {
+ exit_daemon("Failed to cleanup temporary files",
+ EINVAL);
+ }
recursive_delete(path);
talloc_free(mem_ctx);
--
2.15.0
>From ffd8a6529e4503c2c5528aab2ecd8cdc7fe4ceac Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Fri, 10 Nov 2017 09:18:18 +0100
Subject: [PATCH 2/3] s4:samba: Allow samba daemon to run in foreground
We are passing the no_process_group to become_daemon() that setsid() is
not called. In case we are double forking, we run in SysV daemon mode,
setsid() should be called!
See:
https://www.freedesktop.org/software/systemd/man/daemon.html
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13129
Signed-off-by: Andreas Schneider <asn at samba.org>
---
source3/smbd/server.c | 2 +-
source4/smbd/server.c | 11 +++++++++--
2 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 916727635f9..5b421ff4bb3 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -1593,7 +1593,7 @@ extern void build_options(bool screen);
struct poptOption long_options[] = {
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON, "Become a daemon (default)" },
- {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon)"},
+ {"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE, "Run interactive (not a daemon) and log to stdout"},
{"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FORK, "Run daemon in foreground (for daemontools, etc.)" },
{"no-process-group", '\0', POPT_ARG_NONE, NULL, OPT_NO_PROCESS_GROUP, "Don't create a new process group" },
{"log-stdout", 'S', POPT_ARG_NONE, NULL, OPT_LOG_STDOUT, "Log to stdout" },
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index f107350e1af..006f76bc859 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -367,6 +367,7 @@ static int binary_smbd_main(const char *binary_name,
const char *argv[])
{
bool opt_daemon = false;
+ bool opt_fork = true;
bool opt_interactive = false;
bool opt_no_process_group = false;
int opt;
@@ -382,6 +383,7 @@ static int binary_smbd_main(const char *binary_name,
struct stat st;
enum {
OPT_DAEMON = 1000,
+ OPT_FOREGROUND,
OPT_INTERACTIVE,
OPT_PROCESS_MODEL,
OPT_SHOW_BUILD,
@@ -391,6 +393,8 @@ static int binary_smbd_main(const char *binary_name,
POPT_AUTOHELP
{"daemon", 'D', POPT_ARG_NONE, NULL, OPT_DAEMON,
"Become a daemon (default)", NULL },
+ {"foreground", 'F', POPT_ARG_NONE, NULL, OPT_FOREGROUND,
+ "Run the daemon in foreground", NULL },
{"interactive", 'i', POPT_ARG_NONE, NULL, OPT_INTERACTIVE,
"Run interactive (not a daemon)", NULL},
{"model", 'M', POPT_ARG_STRING, NULL, OPT_PROCESS_MODEL,
@@ -417,6 +421,9 @@ static int binary_smbd_main(const char *binary_name,
case OPT_DAEMON:
opt_daemon = true;
break;
+ case OPT_FOREGROUND:
+ opt_fork = false;
+ break;
case OPT_INTERACTIVE:
opt_interactive = true;
break;
@@ -443,7 +450,7 @@ static int binary_smbd_main(const char *binary_name,
"not allowed together with -D|--daemon\n\n");
poptPrintUsage(pc, stderr, 0);
return 1;
- } else if (!opt_interactive) {
+ } else if (!opt_interactive && !opt_fork) {
/* default is --daemon */
opt_daemon = true;
}
@@ -480,7 +487,7 @@ static int binary_smbd_main(const char *binary_name,
if (opt_daemon) {
DBG_NOTICE("Becoming a daemon.\n");
- become_daemon(true, false, false);
+ become_daemon(opt_fork, opt_no_process_group, false);
}
/* Create the memory context to hang everything off. */
--
2.15.0
>From 04f426fc55592730d54f84663430e51e0c9d68d1 Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn at samba.org>
Date: Fri, 10 Nov 2017 09:32:27 +0100
Subject: [PATCH 3/3] systemd: Start processes in forground and without a
process group
We should not double fork in notify mode or systemd think something
during startup will be wrong and send SIGTERM to the process. So
sometimes the daemon will not start up correctly.
systemd will also handle the process group.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13129
Signed-off-by: Andreas Schneider <asn at samba.org>
---
packaging/systemd/nmb.service | 2 +-
packaging/systemd/samba.service | 2 +-
packaging/systemd/smb.service | 2 +-
packaging/systemd/winbind.service | 2 +-
4 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/packaging/systemd/nmb.service b/packaging/systemd/nmb.service
index 992c0cd9d2b..71c93d6088b 100644
--- a/packaging/systemd/nmb.service
+++ b/packaging/systemd/nmb.service
@@ -7,7 +7,7 @@ Type=notify
NotifyAccess=all
PIDFile=/run/nmbd.pid
EnvironmentFile=-/etc/sysconfig/samba
-ExecStart=/usr/sbin/nmbd $NMBDOPTIONS
+ExecStart=/usr/sbin/nmbd --foreground --no-process-group $NMBDOPTIONS
ExecReload=/usr/bin/kill -HUP $MAINPID
LimitCORE=infinity
diff --git a/packaging/systemd/samba.service b/packaging/systemd/samba.service
index 824f89c2030..1b64c3b779d 100644
--- a/packaging/systemd/samba.service
+++ b/packaging/systemd/samba.service
@@ -8,7 +8,7 @@ NotifyAccess=all
PIDFile=/run/samba.pid
LimitNOFILE=16384
EnvironmentFile=-/etc/sysconfig/samba
-ExecStart=/usr/sbin/samba $SAMBAOPTIONS
+ExecStart=/usr/sbin/samba --foreground --no-process-group $SAMBAOPTIONS
ExecReload=/usr/bin/kill -HUP $MAINPID
[Install]
diff --git a/packaging/systemd/smb.service b/packaging/systemd/smb.service
index 6053a5caaa5..adf6684c7d9 100644
--- a/packaging/systemd/smb.service
+++ b/packaging/systemd/smb.service
@@ -8,7 +8,7 @@ NotifyAccess=all
PIDFile=/run/smbd.pid
LimitNOFILE=16384
EnvironmentFile=-/etc/sysconfig/samba
-ExecStart=/usr/sbin/smbd $SMBDOPTIONS
+ExecStart=/usr/sbin/smbd --foreground --no-process-group $SMBDOPTIONS
ExecReload=/usr/bin/kill -HUP $MAINPID
LimitCORE=infinity
diff --git a/packaging/systemd/winbind.service b/packaging/systemd/winbind.service
index c511488166e..46b3797251d 100644
--- a/packaging/systemd/winbind.service
+++ b/packaging/systemd/winbind.service
@@ -7,7 +7,7 @@ Type=notify
NotifyAccess=all
PIDFile=/run/winbindd.pid
EnvironmentFile=-/etc/sysconfig/samba
-ExecStart=/usr/sbin/winbindd "$WINBINDOPTIONS"
+ExecStart=/usr/sbin/winbindd --foreground --no-process-group "$WINBINDOPTIONS"
ExecReload=/usr/bin/kill -HUP $MAINPID
LimitCORE=infinity
--
2.15.0
More information about the samba-technical
mailing list