/* * Copyright (C) 2013 Red Hat, Inc. * Authors: * Thomas Woerner * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see . * */ #include "firewalld.h" #include "dbus.h" #include "fw.h" #include #include #include #include #include #include #include /* ************************************************************************* */ static gboolean opt_help; static gint opt_debug=0; #ifdef WITHFORK static gboolean opt_nofork; #endif static gboolean opt_nopid; /* ************************************************************************* */ static gboolean parse_opt_debug(const char *key, const char *value, gpointer user_data, GError **error) { if (value == NULL) { opt_debug = 1; } else { opt_debug = atoi(value); if (opt_debug <= FWLOG_NO_DEBUG || opt_debug > FWLOG_DEBUG_MAX) { g_set_error(error, G_OPTION_ERROR, G_OPTION_ERROR_BAD_VALUE, "%s: %s", key, value); return FALSE; } } fwlog_set_info_level(FWLOG_INFO_MAX); fwlog_set_debug_level(opt_debug); return TRUE; } static GOptionEntry entries[] = { { "help", 'h', 0, G_OPTION_ARG_NONE, &opt_help, "Show this help message and exit", NULL }, { "debug", 0, G_OPTION_FLAG_OPTIONAL_ARG, G_OPTION_ARG_CALLBACK, parse_opt_debug, "Enable logging of debug messages. Additional argument in range " "1..10 can be used to specify log level.", "1..10" }, #ifdef WITHFORK { "nofork", 0, 0, G_OPTION_ARG_NONE, &opt_nofork, "Turn off daemon forking, run as a foreground process.", NULL }, #endif { "nopid", 0, 0, G_OPTION_ARG_NONE, &opt_nopid, "Disable writing pid file and don't check for existing " "server process.", NULL }, { NULL } }; /* ************************************************************************* */ int main(int argc, char **argv) { #ifdef WITHFORK pid_t pid, sid; int i, maxfd; struct rlimit rlim; #endif FILE *f; const char *pid_file="/var/run/firewalld-new.pid"; GError *error=NULL; GOptionContext *context; GMainLoop *loop; /* root check */ if (getuid() != 0) { g_print("You need to be root to run '%s'.\n", argv[0]); exit(EXIT_FAILURE); } fwlog_init(FWLOG_NO_INFO, FWLOG_NO_DEBUG); /* parse args */ context = g_option_context_new(""); g_option_context_add_main_entries (context, entries, DOMAIN); if (!g_option_context_parse(context, &argc, &argv, &error)) { g_print("option parsing failed: %s\n", error->message); exit(EXIT_FAILURE); } g_option_context_free(context); #ifdef SYSLOG /* open log */ openlog(argv[0], LOG_NOWAIT|LOG_PID, LOG_USER); #endif #ifdef WITHFORK if (opt_nofork != TRUE) { /* fork */ pid = fork(); if (pid == -1) { fwlog_error("Failed to fork\n"); exit(EXIT_FAILURE); } if (pid > 0) { exit(EXIT_SUCCESS); } /* decouple from parent environment */ if (chdir("/") < 0) { fwlog_error("Failed to change working directory to '/'"); exit(EXIT_FAILURE); } if ((sid = setsid()) < 0) { fwlog_error("Failed to create session group."); exit(EXIT_FAILURE); } umask(umask(077) | 022); /* close open files */ if (getrlimit(RLIMIT_NOFILE, &rlim) < 0) { fwlog_error("Failed to get RLIMIT_NOFILE"); return -errno; } maxfd = rlim.rlim_max; if (maxfd == RLIM_INFINITY) maxfd = 1024; for (i=0; i