diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json index 926d4ff9b2..5e4bbf5df4 100644 --- a/Godeps/Godeps.json +++ b/Godeps/Godeps.json @@ -715,28 +715,28 @@ }, { "ImportPath": "github.com/coreos/go-systemd/daemon", - "Comment": "v8-2-g4484981", - "Rev": "4484981625c1a6a2ecb40a390fcb6a9bcfee76e3" + "Comment": "v14", + "Rev": "48702e0da86bd25e76cfef347e2adeb434a0d0a6" }, { "ImportPath": "github.com/coreos/go-systemd/dbus", - "Comment": "v8-2-g4484981", - "Rev": "4484981625c1a6a2ecb40a390fcb6a9bcfee76e3" + "Comment": "v14", + "Rev": "48702e0da86bd25e76cfef347e2adeb434a0d0a6" }, { "ImportPath": "github.com/coreos/go-systemd/journal", - "Comment": "v8-2-g4484981", - "Rev": "4484981625c1a6a2ecb40a390fcb6a9bcfee76e3" + "Comment": "v14", + "Rev": "48702e0da86bd25e76cfef347e2adeb434a0d0a6" }, { "ImportPath": "github.com/coreos/go-systemd/unit", - "Comment": "v8-2-g4484981", - "Rev": "4484981625c1a6a2ecb40a390fcb6a9bcfee76e3" + "Comment": "v14", + "Rev": "48702e0da86bd25e76cfef347e2adeb434a0d0a6" }, { "ImportPath": "github.com/coreos/go-systemd/util", - "Comment": "v8-2-g4484981", - "Rev": "4484981625c1a6a2ecb40a390fcb6a9bcfee76e3" + "Comment": "v14", + "Rev": "48702e0da86bd25e76cfef347e2adeb434a0d0a6" }, { "ImportPath": "github.com/coreos/pkg/capnslog", diff --git a/staging/src/k8s.io/apiserver/Godeps/Godeps.json b/staging/src/k8s.io/apiserver/Godeps/Godeps.json index 47c3f8a235..2f6c6d8d0e 100644 --- a/staging/src/k8s.io/apiserver/Godeps/Godeps.json +++ b/staging/src/k8s.io/apiserver/Godeps/Godeps.json @@ -260,11 +260,11 @@ }, { "ImportPath": "github.com/coreos/go-systemd/daemon", - "Rev": "4484981625c1a6a2ecb40a390fcb6a9bcfee76e3" + "Rev": "48702e0da86bd25e76cfef347e2adeb434a0d0a6" }, { "ImportPath": "github.com/coreos/go-systemd/journal", - "Rev": "4484981625c1a6a2ecb40a390fcb6a9bcfee76e3" + "Rev": "48702e0da86bd25e76cfef347e2adeb434a0d0a6" }, { "ImportPath": "github.com/coreos/pkg/capnslog", diff --git a/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json b/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json index 2552883b23..cce6389967 100644 --- a/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json +++ b/staging/src/k8s.io/kube-aggregator/Godeps/Godeps.json @@ -68,11 +68,11 @@ }, { "ImportPath": "github.com/coreos/go-systemd/daemon", - "Rev": "4484981625c1a6a2ecb40a390fcb6a9bcfee76e3" + "Rev": "48702e0da86bd25e76cfef347e2adeb434a0d0a6" }, { "ImportPath": "github.com/coreos/go-systemd/journal", - "Rev": "4484981625c1a6a2ecb40a390fcb6a9bcfee76e3" + "Rev": "48702e0da86bd25e76cfef347e2adeb434a0d0a6" }, { "ImportPath": "github.com/coreos/pkg/capnslog", diff --git a/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json b/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json index 02c5655c9e..ab887e779b 100644 --- a/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json +++ b/staging/src/k8s.io/sample-apiserver/Godeps/Godeps.json @@ -68,11 +68,11 @@ }, { "ImportPath": "github.com/coreos/go-systemd/daemon", - "Rev": "4484981625c1a6a2ecb40a390fcb6a9bcfee76e3" + "Rev": "48702e0da86bd25e76cfef347e2adeb434a0d0a6" }, { "ImportPath": "github.com/coreos/go-systemd/journal", - "Rev": "4484981625c1a6a2ecb40a390fcb6a9bcfee76e3" + "Rev": "48702e0da86bd25e76cfef347e2adeb434a0d0a6" }, { "ImportPath": "github.com/coreos/pkg/capnslog", diff --git a/vendor/github.com/coreos/go-systemd/daemon/sdnotify.go b/vendor/github.com/coreos/go-systemd/daemon/sdnotify.go index b92b1911c1..ba6d41d85b 100644 --- a/vendor/github.com/coreos/go-systemd/daemon/sdnotify.go +++ b/vendor/github.com/coreos/go-systemd/daemon/sdnotify.go @@ -1,31 +1,63 @@ +// Copyright 2014 Docker, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// + // Code forked from Docker project package daemon import ( - "errors" "net" "os" ) -var SdNotifyNoSocket = errors.New("No socket") - // SdNotify sends a message to the init daemon. It is common to ignore the error. -func SdNotify(state string) error { +// If `unsetEnvironment` is true, the environment variable `NOTIFY_SOCKET` +// will be unconditionally unset. +// +// It returns one of the following: +// (false, nil) - notification not supported (i.e. NOTIFY_SOCKET is unset) +// (false, err) - notification supported, but failure happened (e.g. error connecting to NOTIFY_SOCKET or while sending data) +// (true, nil) - notification supported, data has been sent +func SdNotify(unsetEnvironment bool, state string) (sent bool, err error) { socketAddr := &net.UnixAddr{ Name: os.Getenv("NOTIFY_SOCKET"), Net: "unixgram", } + // NOTIFY_SOCKET not set if socketAddr.Name == "" { - return SdNotifyNoSocket + return false, nil + } + + if unsetEnvironment { + err = os.Unsetenv("NOTIFY_SOCKET") + } + if err != nil { + return false, err } conn, err := net.DialUnix(socketAddr.Net, nil, socketAddr) + // Error connecting to NOTIFY_SOCKET if err != nil { - return err + return false, err } defer conn.Close() _, err = conn.Write([]byte(state)) - return err + // Error sending the message + if err != nil { + return false, err + } + return true, nil } diff --git a/vendor/github.com/coreos/go-systemd/daemon/watchdog.go b/vendor/github.com/coreos/go-systemd/daemon/watchdog.go new file mode 100644 index 0000000000..35a92e6e67 --- /dev/null +++ b/vendor/github.com/coreos/go-systemd/daemon/watchdog.go @@ -0,0 +1,72 @@ +// Copyright 2016 CoreOS, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package daemon + +import ( + "fmt" + "os" + "strconv" + "time" +) + +// SdWatchdogEnabled return watchdog information for a service. +// Process should send daemon.SdNotify("WATCHDOG=1") every time / 2. +// If `unsetEnvironment` is true, the environment variables `WATCHDOG_USEC` +// and `WATCHDOG_PID` will be unconditionally unset. +// +// It returns one of the following: +// (0, nil) - watchdog isn't enabled or we aren't the watched PID. +// (0, err) - an error happened (e.g. error converting time). +// (time, nil) - watchdog is enabled and we can send ping. +// time is delay before inactive service will be killed. +func SdWatchdogEnabled(unsetEnvironment bool) (time.Duration, error) { + wusec := os.Getenv("WATCHDOG_USEC") + wpid := os.Getenv("WATCHDOG_PID") + if unsetEnvironment { + wusecErr := os.Unsetenv("WATCHDOG_USEC") + wpidErr := os.Unsetenv("WATCHDOG_PID") + if wusecErr != nil { + return 0, wusecErr + } + if wpidErr != nil { + return 0, wpidErr + } + } + + if wusec == "" { + return 0, nil + } + s, err := strconv.Atoi(wusec) + if err != nil { + return 0, fmt.Errorf("error converting WATCHDOG_USEC: %s", err) + } + if s <= 0 { + return 0, fmt.Errorf("error WATCHDOG_USEC must be a positive number") + } + interval := time.Duration(s) * time.Microsecond + + if wpid == "" { + return interval, nil + } + p, err := strconv.Atoi(wpid) + if err != nil { + return 0, fmt.Errorf("error converting WATCHDOG_PID: %s", err) + } + if os.Getpid() != p { + return 0, nil + } + + return interval, nil +} diff --git a/vendor/github.com/coreos/go-systemd/dbus/dbus.go b/vendor/github.com/coreos/go-systemd/dbus/dbus.go index 1699b90332..c1694fb522 100644 --- a/vendor/github.com/coreos/go-systemd/dbus/dbus.go +++ b/vendor/github.com/coreos/go-systemd/dbus/dbus.go @@ -83,9 +83,19 @@ type Conn struct { } } -// New establishes a connection to the system bus and authenticates. +// New establishes a connection to any available bus and authenticates. // Callers should call Close() when done with the connection. func New() (*Conn, error) { + conn, err := NewSystemConnection() + if err != nil && os.Geteuid() == 0 { + return NewSystemdConnection() + } + return conn, err +} + +// NewSystemConnection establishes a connection to the system bus and authenticates. +// Callers should call Close() when done with the connection +func NewSystemConnection() (*Conn, error) { return NewConnection(func() (*dbus.Conn, error) { return dbusAuthHelloConnection(dbus.SystemBusPrivate) }) diff --git a/vendor/github.com/coreos/go-systemd/dbus/methods.go b/vendor/github.com/coreos/go-systemd/dbus/methods.go index 403c2f0f7b..ab17f7cc75 100644 --- a/vendor/github.com/coreos/go-systemd/dbus/methods.go +++ b/vendor/github.com/coreos/go-systemd/dbus/methods.go @@ -239,12 +239,11 @@ type UnitStatus struct { JobPath dbus.ObjectPath // The job object path } -// ListUnits returns an array with all currently loaded units. Note that -// units may be known by multiple names at the same time, and hence there might -// be more unit names loaded than actual units behind them. -func (c *Conn) ListUnits() ([]UnitStatus, error) { +type storeFunc func(retvalues ...interface{}) error + +func (c *Conn) listUnitsInternal(f storeFunc) ([]UnitStatus, error) { result := make([][]interface{}, 0) - err := c.sysobj.Call("org.freedesktop.systemd1.Manager.ListUnits", 0).Store(&result) + err := f(&result) if err != nil { return nil, err } @@ -268,15 +267,43 @@ func (c *Conn) ListUnits() ([]UnitStatus, error) { return status, nil } +// ListUnits returns an array with all currently loaded units. Note that +// units may be known by multiple names at the same time, and hence there might +// be more unit names loaded than actual units behind them. +func (c *Conn) ListUnits() ([]UnitStatus, error) { + return c.listUnitsInternal(c.sysobj.Call("org.freedesktop.systemd1.Manager.ListUnits", 0).Store) +} + +// ListUnitsFiltered returns an array with units filtered by state. +// It takes a list of units' statuses to filter. +func (c *Conn) ListUnitsFiltered(states []string) ([]UnitStatus, error) { + return c.listUnitsInternal(c.sysobj.Call("org.freedesktop.systemd1.Manager.ListUnitsFiltered", 0, states).Store) +} + +// ListUnitsByPatterns returns an array with units. +// It takes a list of units' statuses and names to filter. +// Note that units may be known by multiple names at the same time, +// and hence there might be more unit names loaded than actual units behind them. +func (c *Conn) ListUnitsByPatterns(states []string, patterns []string) ([]UnitStatus, error) { + return c.listUnitsInternal(c.sysobj.Call("org.freedesktop.systemd1.Manager.ListUnitsByPatterns", 0, states, patterns).Store) +} + +// ListUnitsByNames returns an array with units. It takes a list of units' +// names and returns an UnitStatus array. Comparing to ListUnitsByPatterns +// method, this method returns statuses even for inactive or non-existing +// units. Input array should contain exact unit names, but not patterns. +func (c *Conn) ListUnitsByNames(units []string) ([]UnitStatus, error) { + return c.listUnitsInternal(c.sysobj.Call("org.freedesktop.systemd1.Manager.ListUnitsByNames", 0, units).Store) +} + type UnitFile struct { Path string Type string } -// ListUnitFiles returns an array of all available units on disk. -func (c *Conn) ListUnitFiles() ([]UnitFile, error) { +func (c *Conn) listUnitFilesInternal(f storeFunc) ([]UnitFile, error) { result := make([][]interface{}, 0) - err := c.sysobj.Call("org.freedesktop.systemd1.Manager.ListUnitFiles", 0).Store(&result) + err := f(&result) if err != nil { return nil, err } @@ -300,6 +327,16 @@ func (c *Conn) ListUnitFiles() ([]UnitFile, error) { return files, nil } +// ListUnitFiles returns an array of all available units on disk. +func (c *Conn) ListUnitFiles() ([]UnitFile, error) { + return c.listUnitFilesInternal(c.sysobj.Call("org.freedesktop.systemd1.Manager.ListUnitFiles", 0).Store) +} + +// ListUnitFilesByPatterns returns an array of all available units on disk matched the patterns. +func (c *Conn) ListUnitFilesByPatterns(states []string, patterns []string) ([]UnitFile, error) { + return c.listUnitFilesInternal(c.sysobj.Call("org.freedesktop.systemd1.Manager.ListUnitFilesByPatterns", 0, states, patterns).Store) +} + type LinkUnitFileChange EnableUnitFileChange // LinkUnitFiles() links unit files (that are located outside of the @@ -436,6 +473,87 @@ type DisableUnitFileChange struct { Destination string // Destination of the symlink } +// MaskUnitFiles masks one or more units in the system +// +// It takes three arguments: +// * list of units to mask (either just file names or full +// absolute paths if the unit files are residing outside +// the usual unit search paths) +// * runtime to specify whether the unit was enabled for runtime +// only (true, /run/systemd/..), or persistently (false, /etc/systemd/..) +// * force flag +func (c *Conn) MaskUnitFiles(files []string, runtime bool, force bool) ([]MaskUnitFileChange, error) { + result := make([][]interface{}, 0) + err := c.sysobj.Call("org.freedesktop.systemd1.Manager.MaskUnitFiles", 0, files, runtime, force).Store(&result) + if err != nil { + return nil, err + } + + resultInterface := make([]interface{}, len(result)) + for i := range result { + resultInterface[i] = result[i] + } + + changes := make([]MaskUnitFileChange, len(result)) + changesInterface := make([]interface{}, len(changes)) + for i := range changes { + changesInterface[i] = &changes[i] + } + + err = dbus.Store(resultInterface, changesInterface...) + if err != nil { + return nil, err + } + + return changes, nil +} + +type MaskUnitFileChange struct { + Type string // Type of the change (one of symlink or unlink) + Filename string // File name of the symlink + Destination string // Destination of the symlink +} + +// UnmaskUnitFiles unmasks one or more units in the system +// +// It takes two arguments: +// * list of unit files to mask (either just file names or full +// absolute paths if the unit files are residing outside +// the usual unit search paths) +// * runtime to specify whether the unit was enabled for runtime +// only (true, /run/systemd/..), or persistently (false, /etc/systemd/..) +func (c *Conn) UnmaskUnitFiles(files []string, runtime bool) ([]UnmaskUnitFileChange, error) { + result := make([][]interface{}, 0) + err := c.sysobj.Call("org.freedesktop.systemd1.Manager.UnmaskUnitFiles", 0, files, runtime).Store(&result) + if err != nil { + return nil, err + } + + resultInterface := make([]interface{}, len(result)) + for i := range result { + resultInterface[i] = result[i] + } + + changes := make([]UnmaskUnitFileChange, len(result)) + changesInterface := make([]interface{}, len(changes)) + for i := range changes { + changesInterface[i] = &changes[i] + } + + err = dbus.Store(resultInterface, changesInterface...) + if err != nil { + return nil, err + } + + return changes, nil +} + +type UnmaskUnitFileChange struct { + Type string // Type of the change (one of symlink or unlink) + Filename string // File name of the symlink + Destination string // Destination of the symlink +} + // Reload instructs systemd to scan for and reload unit files. This is // equivalent to a 'systemctl daemon-reload'. func (c *Conn) Reload() error { diff --git a/vendor/github.com/coreos/go-systemd/dbus/properties.go b/vendor/github.com/coreos/go-systemd/dbus/properties.go index 7520011564..6c81895876 100644 --- a/vendor/github.com/coreos/go-systemd/dbus/properties.go +++ b/vendor/github.com/coreos/go-systemd/dbus/properties.go @@ -78,6 +78,15 @@ func PropRemainAfterExit(b bool) Property { } } +// PropType sets the Type service property. See +// http://www.freedesktop.org/software/systemd/man/systemd.service.html#Type= +func PropType(t string) Property { + return Property{ + Name: "Type", + Value: dbus.MakeVariant(t), + } +} + // PropDescription sets the Description unit property. See // http://www.freedesktop.org/software/systemd/man/systemd.unit#Description= func PropDescription(desc string) Property { @@ -216,3 +225,13 @@ func PropSlice(slice string) Property { Value: dbus.MakeVariant(slice), } } + +// PropPids sets the PIDs field of scope units used in the initial construction +// of the scope only and specifies the initial PIDs to add to the scope object. +// See https://www.freedesktop.org/wiki/Software/systemd/ControlGroupInterface/#properties +func PropPids(pids ...uint32) Property { + return Property{ + Name: "PIDs", + Value: dbus.MakeVariant(pids), + } +} diff --git a/vendor/github.com/coreos/go-systemd/util/util.go b/vendor/github.com/coreos/go-systemd/util/util.go index e4ed8b2639..7828ce6f04 100644 --- a/vendor/github.com/coreos/go-systemd/util/util.go +++ b/vendor/github.com/coreos/go-systemd/util/util.go @@ -18,96 +18,23 @@ // than linking against them. package util -// #include -// #include -// #include -// -// int -// my_sd_pid_get_owner_uid(void *f, pid_t pid, uid_t *uid) -// { -// int (*sd_pid_get_owner_uid)(pid_t, uid_t *); -// -// sd_pid_get_owner_uid = (int (*)(pid_t, uid_t *))f; -// return sd_pid_get_owner_uid(pid, uid); -// } -// -// int -// my_sd_pid_get_unit(void *f, pid_t pid, char **unit) -// { -// int (*sd_pid_get_unit)(pid_t, char **); -// -// sd_pid_get_unit = (int (*)(pid_t, char **))f; -// return sd_pid_get_unit(pid, unit); -// } -// -// int -// my_sd_pid_get_slice(void *f, pid_t pid, char **slice) -// { -// int (*sd_pid_get_slice)(pid_t, char **); -// -// sd_pid_get_slice = (int (*)(pid_t, char **))f; -// return sd_pid_get_slice(pid, slice); -// } -// -// int -// am_session_leader() -// { -// return (getsid(0) == getpid()); -// } -import "C" import ( "fmt" "io/ioutil" "os" "strings" - "syscall" - "unsafe" - - "github.com/coreos/pkg/dlopen" ) -var libsystemdNames = []string{ - // systemd < 209 - "libsystemd-login.so.0", - "libsystemd-login.so", - - // systemd >= 209 merged libsystemd-login into libsystemd proper - "libsystemd.so.0", - "libsystemd.so", -} +var ( + ErrNoCGO = fmt.Errorf("go-systemd built with CGO disabled") +) // GetRunningSlice attempts to retrieve the name of the systemd slice in which // the current process is running. // This function is a wrapper around the libsystemd C library; if it cannot be // opened, an error is returned. -func GetRunningSlice() (slice string, err error) { - var h *dlopen.LibHandle - h, err = dlopen.GetHandle(libsystemdNames) - if err != nil { - return - } - defer func() { - if err1 := h.Close(); err1 != nil { - err = err1 - } - }() - - sd_pid_get_slice, err := h.GetSymbolPointer("sd_pid_get_slice") - if err != nil { - return - } - - var s string - sl := C.CString(s) - defer C.free(unsafe.Pointer(sl)) - - ret := C.my_sd_pid_get_slice(sd_pid_get_slice, 0, &sl) - if ret < 0 { - err = fmt.Errorf("error calling sd_pid_get_slice: %v", syscall.Errno(-ret)) - return - } - - return C.GoString(sl), nil +func GetRunningSlice() (string, error) { + return getRunningSlice() } // RunningFromSystemService tries to detect whether the current process has @@ -125,81 +52,17 @@ func GetRunningSlice() (slice string, err error) { // // This function is a wrapper around the libsystemd C library; if this is // unable to successfully open a handle to the library for any reason (e.g. it -// cannot be found), an errr will be returned -func RunningFromSystemService() (ret bool, err error) { - var h *dlopen.LibHandle - h, err = dlopen.GetHandle(libsystemdNames) - if err != nil { - return - } - defer func() { - if err1 := h.Close(); err1 != nil { - err = err1 - } - }() - - sd_pid_get_owner_uid, err := h.GetSymbolPointer("sd_pid_get_owner_uid") - if err != nil { - return - } - - var uid C.uid_t - errno := C.my_sd_pid_get_owner_uid(sd_pid_get_owner_uid, 0, &uid) - serrno := syscall.Errno(-errno) - // when we're running from a unit file, sd_pid_get_owner_uid returns - // ENOENT (systemd <220) or ENXIO (systemd >=220) - switch { - case errno >= 0: - ret = false - case serrno == syscall.ENOENT, serrno == syscall.ENXIO: - // Since the implementation of sessions in systemd relies on - // the `pam_systemd` module, using the sd_pid_get_owner_uid - // heuristic alone can result in false positives if that module - // (or PAM itself) is not present or properly configured on the - // system. As such, we also check if we're the session leader, - // which should be the case if we're invoked from a unit file, - // but not if e.g. we're invoked from the command line from a - // user's login session - ret = C.am_session_leader() == 1 - default: - err = fmt.Errorf("error calling sd_pid_get_owner_uid: %v", syscall.Errno(-errno)) - } - return +// cannot be found), an error will be returned. +func RunningFromSystemService() (bool, error) { + return runningFromSystemService() } // CurrentUnitName attempts to retrieve the name of the systemd system unit // from which the calling process has been invoked. It wraps the systemd // `sd_pid_get_unit` call, with the same caveat: for processes not part of a // systemd system unit, this function will return an error. -func CurrentUnitName() (unit string, err error) { - var h *dlopen.LibHandle - h, err = dlopen.GetHandle(libsystemdNames) - if err != nil { - return - } - defer func() { - if err1 := h.Close(); err1 != nil { - err = err1 - } - }() - - sd_pid_get_unit, err := h.GetSymbolPointer("sd_pid_get_unit") - if err != nil { - return - } - - var s string - u := C.CString(s) - defer C.free(unsafe.Pointer(u)) - - ret := C.my_sd_pid_get_unit(sd_pid_get_unit, 0, &u) - if ret < 0 { - err = fmt.Errorf("error calling sd_pid_get_unit: %v", syscall.Errno(-ret)) - return - } - - unit = C.GoString(u) - return +func CurrentUnitName() (string, error) { + return currentUnitName() } // IsRunningSystemd checks whether the host was booted with systemd as its init diff --git a/vendor/github.com/coreos/go-systemd/util/util_cgo.go b/vendor/github.com/coreos/go-systemd/util/util_cgo.go new file mode 100644 index 0000000000..22c0d6099d --- /dev/null +++ b/vendor/github.com/coreos/go-systemd/util/util_cgo.go @@ -0,0 +1,174 @@ +// Copyright 2016 CoreOS, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build cgo + +package util + +// #include +// #include +// #include +// +// int +// my_sd_pid_get_owner_uid(void *f, pid_t pid, uid_t *uid) +// { +// int (*sd_pid_get_owner_uid)(pid_t, uid_t *); +// +// sd_pid_get_owner_uid = (int (*)(pid_t, uid_t *))f; +// return sd_pid_get_owner_uid(pid, uid); +// } +// +// int +// my_sd_pid_get_unit(void *f, pid_t pid, char **unit) +// { +// int (*sd_pid_get_unit)(pid_t, char **); +// +// sd_pid_get_unit = (int (*)(pid_t, char **))f; +// return sd_pid_get_unit(pid, unit); +// } +// +// int +// my_sd_pid_get_slice(void *f, pid_t pid, char **slice) +// { +// int (*sd_pid_get_slice)(pid_t, char **); +// +// sd_pid_get_slice = (int (*)(pid_t, char **))f; +// return sd_pid_get_slice(pid, slice); +// } +// +// int +// am_session_leader() +// { +// return (getsid(0) == getpid()); +// } +import "C" +import ( + "fmt" + "syscall" + "unsafe" + + "github.com/coreos/pkg/dlopen" +) + +var libsystemdNames = []string{ + // systemd < 209 + "libsystemd-login.so.0", + "libsystemd-login.so", + + // systemd >= 209 merged libsystemd-login into libsystemd proper + "libsystemd.so.0", + "libsystemd.so", +} + +func getRunningSlice() (slice string, err error) { + var h *dlopen.LibHandle + h, err = dlopen.GetHandle(libsystemdNames) + if err != nil { + return + } + defer func() { + if err1 := h.Close(); err1 != nil { + err = err1 + } + }() + + sd_pid_get_slice, err := h.GetSymbolPointer("sd_pid_get_slice") + if err != nil { + return + } + + var s string + sl := C.CString(s) + defer C.free(unsafe.Pointer(sl)) + + ret := C.my_sd_pid_get_slice(sd_pid_get_slice, 0, &sl) + if ret < 0 { + err = fmt.Errorf("error calling sd_pid_get_slice: %v", syscall.Errno(-ret)) + return + } + + return C.GoString(sl), nil +} + +func runningFromSystemService() (ret bool, err error) { + var h *dlopen.LibHandle + h, err = dlopen.GetHandle(libsystemdNames) + if err != nil { + return + } + defer func() { + if err1 := h.Close(); err1 != nil { + err = err1 + } + }() + + sd_pid_get_owner_uid, err := h.GetSymbolPointer("sd_pid_get_owner_uid") + if err != nil { + return + } + + var uid C.uid_t + errno := C.my_sd_pid_get_owner_uid(sd_pid_get_owner_uid, 0, &uid) + serrno := syscall.Errno(-errno) + // when we're running from a unit file, sd_pid_get_owner_uid returns + // ENOENT (systemd <220) or ENXIO (systemd >=220) + switch { + case errno >= 0: + ret = false + case serrno == syscall.ENOENT, serrno == syscall.ENXIO: + // Since the implementation of sessions in systemd relies on + // the `pam_systemd` module, using the sd_pid_get_owner_uid + // heuristic alone can result in false positives if that module + // (or PAM itself) is not present or properly configured on the + // system. As such, we also check if we're the session leader, + // which should be the case if we're invoked from a unit file, + // but not if e.g. we're invoked from the command line from a + // user's login session + ret = C.am_session_leader() == 1 + default: + err = fmt.Errorf("error calling sd_pid_get_owner_uid: %v", syscall.Errno(-errno)) + } + return +} + +func currentUnitName() (unit string, err error) { + var h *dlopen.LibHandle + h, err = dlopen.GetHandle(libsystemdNames) + if err != nil { + return + } + defer func() { + if err1 := h.Close(); err1 != nil { + err = err1 + } + }() + + sd_pid_get_unit, err := h.GetSymbolPointer("sd_pid_get_unit") + if err != nil { + return + } + + var s string + u := C.CString(s) + defer C.free(unsafe.Pointer(u)) + + ret := C.my_sd_pid_get_unit(sd_pid_get_unit, 0, &u) + if ret < 0 { + err = fmt.Errorf("error calling sd_pid_get_unit: %v", syscall.Errno(-ret)) + return + } + + unit = C.GoString(u) + return +} diff --git a/vendor/github.com/coreos/go-systemd/util/util_stub.go b/vendor/github.com/coreos/go-systemd/util/util_stub.go new file mode 100644 index 0000000000..477589e122 --- /dev/null +++ b/vendor/github.com/coreos/go-systemd/util/util_stub.go @@ -0,0 +1,23 @@ +// Copyright 2016 CoreOS, Inc. +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +// +build !cgo + +package util + +func getRunningSlice() (string, error) { return "", ErrNoCGO } + +func runningFromSystemService() (bool, error) { return false, ErrNoCGO } + +func currentUnitName() (string, error) { return "", ErrNoCGO }