From 87c5b2118efcee65eeda3f743d081ea9c2b866d9 Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Thu, 15 Jan 2015 20:14:44 +0000 Subject: Move Unix domain utilities and access control utilites, as well as the accessrules library, from s6-networking to here --- doc/fifodir.html | 8 +- doc/ftrig.html | 184 ++++++++++++++++++++ doc/index.html | 50 +++++- doc/libftrig.html | 184 -------------------- doc/libftrigr.html | 283 ------------------------------ doc/libftrigw.html | 115 ------------- doc/libs6/accessrules.html | 331 ++++++++++++++++++++++++++++++++++++ doc/libs6/ftrigr.html | 268 +++++++++++++++++++++++++++++ doc/libs6/ftrigw.html | 100 +++++++++++ doc/libs6/index.html | 72 ++++++++ doc/libs6/s6-ftrigrd.html | 80 +++++++++ doc/libs6/s6lock.html | 238 ++++++++++++++++++++++++++ doc/libs6/s6lockd-helper.html | 52 ++++++ doc/libs6/s6lockd.html | 73 ++++++++ doc/libs6lock/index.html | 256 ---------------------------- doc/libs6lock/s6lockd-helper.html | 52 ------ doc/libs6lock/s6lockd.html | 73 -------- doc/localservice.html | 153 +++++++++++++++++ doc/s6-accessrules-cdb-from-fs.html | 141 +++++++++++++++ doc/s6-accessrules-fs-from-cdb.html | 60 +++++++ doc/s6-cleanfifodir.html | 2 +- doc/s6-connlimit.html | 107 ++++++++++++ doc/s6-ftrig-notify.html | 2 +- doc/s6-ftrigrd.html | 79 --------- doc/s6-ioconnect.html | 90 ++++++++++ doc/s6-ipcclient.html | 74 ++++++++ doc/s6-ipcserver-access.html | 172 +++++++++++++++++++ doc/s6-ipcserver-socketbinder.html | 72 ++++++++ doc/s6-ipcserver.html | 173 +++++++++++++++++++ doc/s6-ipcserverd.html | 131 ++++++++++++++ doc/s6-notifywhenup.html | 8 +- doc/s6-setlock.html | 2 +- doc/s6-sudo.html | 59 +++++++ doc/s6-sudoc.html | 80 +++++++++ doc/s6-sudod.html | 170 ++++++++++++++++++ doc/s6-supervise.html | 2 +- doc/s6-svc.html | 2 +- doc/s6-svwait.html | 4 +- doc/upgrade.html | 8 + doc/why.html | 4 +- 40 files changed, 2946 insertions(+), 1068 deletions(-) create mode 100644 doc/ftrig.html delete mode 100644 doc/libftrig.html delete mode 100644 doc/libftrigr.html delete mode 100644 doc/libftrigw.html create mode 100644 doc/libs6/accessrules.html create mode 100644 doc/libs6/ftrigr.html create mode 100644 doc/libs6/ftrigw.html create mode 100644 doc/libs6/index.html create mode 100644 doc/libs6/s6-ftrigrd.html create mode 100644 doc/libs6/s6lock.html create mode 100644 doc/libs6/s6lockd-helper.html create mode 100644 doc/libs6/s6lockd.html delete mode 100644 doc/libs6lock/index.html delete mode 100644 doc/libs6lock/s6lockd-helper.html delete mode 100644 doc/libs6lock/s6lockd.html create mode 100644 doc/localservice.html create mode 100644 doc/s6-accessrules-cdb-from-fs.html create mode 100644 doc/s6-accessrules-fs-from-cdb.html create mode 100644 doc/s6-connlimit.html delete mode 100644 doc/s6-ftrigrd.html create mode 100644 doc/s6-ioconnect.html create mode 100644 doc/s6-ipcclient.html create mode 100644 doc/s6-ipcserver-access.html create mode 100644 doc/s6-ipcserver-socketbinder.html create mode 100644 doc/s6-ipcserver.html create mode 100644 doc/s6-ipcserverd.html create mode 100644 doc/s6-sudo.html create mode 100644 doc/s6-sudoc.html create mode 100644 doc/s6-sudod.html (limited to 'doc') diff --git a/doc/fifodir.html b/doc/fifodir.html index 99805ed..c45dea5 100644 --- a/doc/fifodir.html +++ b/doc/fifodir.html @@ -31,13 +31,13 @@ create fifodirs in a RAM filesystem.

- The libftrig interface takes care of all + The libftrig interface takes care of all the subtleties.

diff --git a/doc/ftrig.html b/doc/ftrig.html new file mode 100644 index 0000000..f4c4d6e --- /dev/null +++ b/doc/ftrig.html @@ -0,0 +1,184 @@ + + + + + s6: libftrig + + + + + + +

+s6
+Software
+skarnet.org +

+ +

libftrig

+ +

+libftrig is a portable Unix C programming interface allowing a +process (the subscriber or listener) to be instantly +notified when another process (the notifier or writer) +signals an event. +

+ + +

What is notification ?

+
+ +

Notification vs. polling

+ +

+ Process A is notified of an event E when it gets a instant +notice that event E has happened; the notice may disrupt A's execution +flow. Notification is the opposite of polling, where A has to +periodically (every T milliseconds) check whether E happened and has no +other way to be informed of it. +

+ +

+ Polling is generally considered bad practice - and is inferior to +notification in practically every case - for three reasons: +

+ + + +

+ Notification, on the other hand, is generally optimal: reaction time is +zero, and resource consumption is minimal - a process can sleep as soon as +it's not handling an event, and only wake up when needed. +

+ +

+ Of course, the problem of notification is that it's often more difficult +to implement. Notification frameworks are generally more complex, involving +lots of asynchronism; polling is widely used +because +it's easy. +

+ +

Notifications and Unix

+ +

+ Unix provides several frameworks so that a process B (or the kernel) can +notify process A. +

+ + + +

What we want

+ +

+ We need a general framework to: +

+ + + +

+ This requires a many-to-many approach that Unix does not provide natively, and +that is what libftrig does. +

+ + +

That's what a bus is for. D-Bus already does all this.

+
+ +

+ Yes, a bus is a good many-to-many notification mechanism indeed. However, +a Unix bus can only be implemented via a daemon - you need a long-running +process, i.e. a service, to implement a bus. And s6 is a +supervision suite, i.e. a set of programs designed to manage +services; we would like to be able to use notifications in the supervision +suite, to be able to wait for a service to be up or down... without +relying on a particular service to be up. libftrig provides a notification +mechanism that does not need a bus service to be up, that's its +main advantage over a bus. +

+ +

+ If you are not concerned with supervision and can depend on a bus service, +though, then yes, by all means, use a bus for your notification needs. +There is a skabus +project in the making, which aims to be simpler, smaller and more +maintainable than D-Bus. +

+ +

How to use libftrig

+ +

+ libftrig is really a part of libs6: all the functions +are implemented in the libs6.a archive, or the libs6.so +dynamic shared object. However, the interfaces are different for notifiers +and listeners: +

+ + + + + diff --git a/doc/index.html b/doc/index.html index 1507705..9e3dde3 100644 --- a/doc/index.html +++ b/doc/index.html @@ -37,7 +37,8 @@ supervision that might help you understand the basics. @@ -67,7 +68,7 @@ supervision that might help you understand the basics.

Download

@@ -151,7 +152,7 @@ counterpart. These programs are a clean rewrite of the obsolete "pipe-tools" package; they are now based on a properly designed notification library. They provide a command-line interface to -inter-process notification and +inter-process notification and synchronization.

@@ -172,21 +173,51 @@ synchronization.
  • The s6-ftrig-listen program
  • +

    Local service management and access control

    + + +

    + +

    + + +

    suidless privilege gain

    + + +

    Internal commands

    Libraries

    Definitions

    @@ -195,7 +226,8 @@ synchronization.
  • What is a fifodir
  • What is a service directory
  • What is a scan directory
  • -
  • Why are the libftrigw and libftrigr needed
  • +
  • What is a local service
  • +
  • Why are the libftrigw and libftrigr needed

  • diff --git a/doc/libftrig.html b/doc/libftrig.html deleted file mode 100644 index da4c25b..0000000 --- a/doc/libftrig.html +++ /dev/null @@ -1,184 +0,0 @@ - - - - - s6: libftrig - - - - - - -

    -s6
    -Software
    -skarnet.org -

    - -

    libftrig

    - -

    -libftrig is a portable Unix C programming interface allowing a -process (the subscriber or listener) to be instantly -notified when another process (the notifier or writer) -signals an event. -

    - - -

    What is notification ?

    -
    - -

    Notification vs. polling

    - -

    - Process A is notified of an event E when it gets a instant -notice that event E has happened; the notice may disrupt A's execution -flow. Notification is the opposite of polling, where A has to -periodically (every T milliseconds) check whether E happened and has no -other way to be informed of it. -

    - -

    - Polling is generally considered bad practice - and is inferior to -notification in practically every case - for three reasons: -

    - - - -

    - Notification, on the other hand, is generally optimal: reaction time is -zero, and resource consumption is minimal - a process can sleep as soon as -it's not handling an event, and only wake up when needed. -

    - -

    - Of course, the problem of notification is that it's often more difficult -to implement. Notification frameworks are generally more complex, involving -lots of asynchronism; polling is widely used -because -it's easy. -

    - -

    Notifications and Unix

    - -

    - Unix provides several frameworks so that a process B (or the kernel) can -notify process A. -

    - - - -

    What we want

    - -

    - We need a general framework to: -

    - - - -

    - This requires a many-to-many approach that Unix does not provide natively, and -that is what libftrig does. -

    - - -

    That's what a bus is for. D-Bus already does all this.

    -
    - -

    - Yes, a bus is a good many-to-many notification mechanism indeed. However, -a Unix bus can only be implemented via a daemon - you need a long-running -process, i.e. a service, to implement a bus. And s6 is a -supervision suite, i.e. a set of programs designed to manage -services; we would like to be able to use notifications in the supervision -suite, to be able to wait for a service to be up or down... without -relying on a particular service to be up. libftrig provides a notification -mechanism that does not need a bus service to be up, that's its -main advantage over a bus. -

    - -

    - If you are not concerned with supervision and can depend on a bus service, -though, then yes, by all means, use a bus for your notification needs. -There is a skabus -project in the making, which aims to be simpler, smaller and more -maintainable than D-Bus. -

    - -

    How to use libftrig

    - -

    - libftrig is really a part of libs6: all the functions -are implemented in the libs6.a archive, or the libs6.so -dynamic shared object. However, the interfaces are different for notifiers -and listeners: -

    - - - - - diff --git a/doc/libftrigr.html b/doc/libftrigr.html deleted file mode 100644 index 79c7694..0000000 --- a/doc/libftrigr.html +++ /dev/null @@ -1,283 +0,0 @@ - - - - - s6: the ftrigr library interface - - - - - - -

    -s6
    -Software
    -skarnet.org -

    - -

    The ftrigr library interface

    - -

    - The ftrigr library provides an API for listeners, i.e. -programs that want to subscribe to fifodirs and be instantly -notified when the proper sequence of events happens. -

    - -

    Compiling

    - - - -

    Linking

    - - - -

    Programming

    - -

    - Check the s6/ftrigr.h header for the -exact function prototypes. -

    - -

    - Make sure your application is not disturbed by children it doesn't -know it has. This means paying some attention to the SIGCHLD handler, -if any, and to the way you perform waitpid()s. The best -practice is to use a -self-pipe -to handle SIGCHLD (as well as other signals the application needs to trap), -and to always use wait_nohang() to reap children, -simply ignoring pids you don't know. -

    - -

    - If your (badly programmed) application has trouble handling unknown -children, consider using a ftrigrd service. -

    - -

    A programming example

    - -

    - The src/pipe-tools/s6-ftrig-listen1.c and -src/supervision/s6-svwait.c files in the s6 package, -for instance, illustrate how to use the ftrigr library. -

    - - -

    Synchronous functions with a specified maximum execution time

    - - - - -

    Starting and ending a session

    - -
    -ftrigr_t a = FTRIGR_ZERO ;
    -tain_t deadline, stamp ;
    -
    -tain_now(&stamp) ;
    -tain_addsec(&deadline, &stamp, 2)
    -
    -// char const *path = FTRIGR_IPCPATH ;
    -// ftrigr_start(&a, path, &deadline, &stamp) ;
    -ftrigr_startf(&a, &deadline, &stamp) ;
    -
    - -

    -ftrigr_start starts a session with a ftrigrd service listening on -path.
    -ftrigr_startf starts a session with a ftrigrd process as a child -(which is the simplest usage).
    -a is a ftrigr_t structure that must be declared in the stack and -initialized to FTRIGR_ZERO. -stamp must be an accurate enough timestamp.
    -If the session initialization fails, the function returns 0 and errno is set; -else the function returns 1. -

    -

    -If the absolute time deadline is reached and the function -has not returned yet, it immediately returns 0 with errno set to ETIMEDOUT. - -Only local interprocess communications are involved; unless your system is -heavily overloaded, the function should return near-instantly. One or two -seconds of delay between stamp and deadline should be -enough: if the function takes more than that to return, then there is a -problem with the underlying processes. -

    - -

    - You can have more than one session open in parallel, by declaring -several distinct ftrigr_t structures and calling -ftrigr_startf (or ftrigr_start) more than once. -However, this is useless, since one single session can handle -virtually as many concurrent fifodirs as your application needs. -

    - -
    -ftrigr_end(&a) ;
    -
    - -

    -ftrigr_end frees all the resources used by the session. The -a structure is then reusable for another session. -

    - -

    Subscribing to a fifodir

    - -
    -char const *path = "/var/lib/myservice/fifodir" ;
    -char const *re = "a.*b|c*d" ;
    -uint32 options = 0 ;
    -
    -uint16 id = ftrigr_subscribe (&a, path, re, options, &deadline, &stamp) ;
    -
    - -

    -ftrigr_subscribe instructs the -s6-ftrigrd daemon, related to the open -session represented by the a structure, to subscribe to the -path fifodir, and to notify the application when it receives -a series of events that matches the re regexp. -options can be 0 or FTRIGR_REPEAT. If it is 0, the daemon will -automatically unsubscribe from path once re has been -matched by a series of events. If it is FTRIGR_REPEAT, it will remain -subscribed until told otherwise. -

    - -

    - ftrigr_subscribe() returns 0 and sets errno in case of failure, or -a nonzero 16-bit number identifying the subscription in case of success. -

    - -

    -ftrigr_subscribe should return near-instantly, but if -deadline is reached, it will return 0 ETIMEDOUT. If -ftrigr_subscribe returns successfully, then the -s6-ftrigrd daemon is guaranteed to be listening on path, -and events can be sent without the risk of a race condition. -

    - -

    Synchronously waiting for events

    - -
    -uint16 list[1] ;
    -unsigned int n = 1 ;
    -char trigger ;
    -list[0] = id ;
    -
    -// r = ftrigr_wait_and(&a, list, n, &deadline) ;
    -r = ftrigr_wait_or(&a, list, n, &deadline, &trigger) ;
    -
    - -

    - ftrigr_wait_and() waits for all the n fifodirs -whose ids are listed in list to receive an event. It returns -1 -in case of error or timeout, or a non-negative integer in case of success.
    - ftrigr_wait_or() waits for one of the n fifodirs -whose ids are listed in list to receive an event. It returns -1 -in case of error or timeout; if it succeeds, the return value is the -position in list, starting at 0, of the identifier that received -an event; and trigger is set to the character that triggered that -event, i.e. the last character of a sequence that matched the regular -expression re used in the subscription. -

    - -

    Asynchronously waiting for events

    - -

    - (from now on, the functions are listed with their prototypes instead -of usage examples.) -

    - -
    -int ftrigr_fd (ftrigr_t const *a)
    -
    - -

    - Returns a file descriptor to select on for reading. Do not -read() it though. -

    - -
    -int ftrigr_update (ftrigr_t *a)
    -
    - -

    - Call this function whenever the fd checks readability: it will -update a's internal structures with information from the -s6-ftrigrd daemon. It returns -1 if an error -occurs; in case of success, it returns the number of identifiers for -which something happened. -

    - -

    - When ftrigr_update returns, -genalloc_s(uint16, &a->list) points to an array of -genalloc_len(uint16, &a->list) 16-bit unsigned -integers. Those integers are ids waiting to be passed to -ftrigr_check. -

    - -
    -int ftrigr_check (ftrigr_t *a, uint16 id, char *what)
    -
    - -

    - Checks whether an event happened to id. Use after a -call to ftrigr_update(). -

    - - - - - diff --git a/doc/libftrigw.html b/doc/libftrigw.html deleted file mode 100644 index d625f2b..0000000 --- a/doc/libftrigw.html +++ /dev/null @@ -1,115 +0,0 @@ - - - - - s6: the ftrigw library interface - - - - - - -

    -s6
    -Software
    -skarnet.org -

    - -

    The ftrigw library interface

    - -

    - The ftrigw library provides an API for notifiers, i.e. -programs that want to regularly announce what they're doing. -

    - -

    - Notifiers should create a fifodir in a hardcoded place in the -filesystem, and document its location. Listeners will then be -able to subscribe to that fifodir, and receive the events. -

    - -

    Compiling

    - - - -

    Linking

    - - - -

    Programming

    - -

    - Check the s6/ftrigw.h header for the -exact function prototypes. -

    - -

    Creating a fifodir

    - -
    -char const *path = "/var/lib/myservice/fifodir" ;
    -int gid = -1 ;
    -int forceperms = 0 ;
    -int r = ftrigw_fifodir_make(path, gid, forceperms) ;
    -
    - -

    -ftrigw_fifodir_make creates a fifodir at the path location. -It returns 0, and sets errno, if an error occurs. -It returns 1 if it succeeds.
    -If a fifodir, owned by the user, already exists at path, and -forceperms is zero, then ftrigw_fifodir_make immediately -returns a success. If forceperms is nonzero, then -it tries to adjust path's permissions before returning. -

    - -

    -If gid is negative, then path is created "public". -Any listener will be able to subscribe to path. -If gid is nonnegative, then path is created "private". -Only processes belonging to group gid will be able to -subscribe to path. -

    - -

    Sending an event

    - -
    -char event = 'a' ;
    -r = ftrigw_notify(path, event) ;
    -
    - -

    -ftrigw_notify sends event to all the processes that are -currently subscribed to path. -It returns -1 if an error occurs, or the number of successfully notified -processes. -

    - -

    Cleaning up

    - -

    -When stray KILL signals hit s6-ftrigrd processes, -1. it's a sign of incorrect system administration, 2. they can leave -unused named pipes in the fifodir. It's the fifodir's owner's job, i.e. -the notifier's job, to periodically do some housecleaning and remove -those unused pipes. -

    - -
    -r = ftrigw_clean(path) ;
    -
    - -

    -ftrigw_clean cleans path. It returns 0, and sets errno, -if it encounters an error. It returns 1 if it succeeds. -

    - - - diff --git a/doc/libs6/accessrules.html b/doc/libs6/accessrules.html new file mode 100644 index 0000000..bd98b5f --- /dev/null +++ b/doc/libs6/accessrules.html @@ -0,0 +1,331 @@ + + + + + s6: the accessrules library interface + + + + + + +

    +libs6
    +s6
    +Software
    +skarnet.org +

    + +

    The accessrules library interface

    + +

    + The following functions and structures are declared in the s6/accessrules.h header, +and implemented in the libs6.a or libs6.so library. +

    + +

    General information

    + +

    + accessrules is an access control library. It looks up +a key in a user-specified database, then returns a code depending on +whether the database allows access (in which case additional information +can also be returned), denies access, or does not contain the key. +

    + +

    + accessrules has been designed to be easily extensible to any +database format and any key format. +

    + +

    + Check the s6/accessrules.h header for the exact definitions. +

    + +

    Data structures

    + + + +

    Function types

    + +

    Backend lookups

    + +

    + A s6_accessrules_backend_func_t is the type of a function +that takes a single key, looks it up in a database, and returns the result. +Namely: +

    + +

    +s6_accessrules_result_t f (char const *key, unsigned int keylen, void *handle, s6_accessrules_params_t *params) +

    + +

    + f looks up key key of length keylen in the database +represented by handle in an implementation-defined way. It returns a +number that says the key has been allowed, denied or not found, or an error +occurred. If the key has been allowed, f stores additional information +from the database into *params. +

    + +

    + Two s6_accessrules_backend_func_t functions are natively implemented: +

    + + + +

    Frontend key checking

    + +

    + A s6_accessrules_keycheck_func_t is the type of a function that +takes a user-level key, makes a list of corresponding backend-level keys and +calls a s6_accessrules_backend_func_t function until it finds +a match. Namely: +

    + +

    +s6_accessrules_result_t f (void const *key, void *handle, s6_accessrules_params_t *params, s6_accessrules_backend_func_t *backend) +

    + +

    + f derives a list of low-level keys to check from key. +Then, for each key k of length klen in this list, it calls +(*backend)(k, klen, handle, params), returning *backend's result if it +is not S6_ACCESSRULES_NOTFOUND. If no match can be found in the whole list, +f finally returns S6_ACCESSRULES_NOTFOUND. +

    + +

    + Five s6_accessrules_keycheck_func_t functions are natively implemented: +

    + + + +

    Ready-to-use functions

    + + Those functions are mostly macros; they're built by associating a frontend +function with a backend function. + +

    + s6_accessrules_result_t s6_accessrules_uidgid_cdb +(unsigned int u, unsigned int g, struct cdb *c, +s6_accessrules_params_t *params)
    +Checks the *c CDB database for an authorization for uid u +and gid g. If the result is S6_ACCESSRULES_ALLOW, additional +information may be stored into params. +

    + +

    + s6_accessrules_result_t s6_accessrules_uidgid_fs +(unsigned int u, unsigned int g, char const *dir, +s6_accessrules_params_t *params)
    +Checks the dir base directory for an authorization for uid u +and gid g. If the result is S6_ACCESSRULES_ALLOW, additional +information may be stored into params. +

    + +

    + s6_accessrules_result_t s6_accessrules_reversedns_cdb +(char const *name, struct cdb *c, +s6_accessrules_params_t *params)
    +Checks the *c CDB database for an authorization for the +name FQDN. If the result is S6_ACCESSRULES_ALLOW, additional +information may be stored into params. +

    + +

    + s6_accessrules_result_t s6_accessrules_reversedns_fs +(char const *name, char const *dir, +s6_accessrules_params_t *params)
    +Checks the dir base directory for an authorization for the +name FQDN. If the result is S6_ACCESSRULES_ALLOW, additional +information may be stored into params. +

    + +

    + s6_accessrules_result_t s6_accessrules_ip4_cdb +(char const *ip4, struct cdb *c, +s6_accessrules_params_t *params)
    +Checks the *c CDB database for an authorization for the +ip4 IPv4 address (4 network byte order characters). +If the result is S6_ACCESSRULES_ALLOW, additional +information may be stored into params. +

    + +

    + s6_accessrules_result_t s6_accessrules_ip4_fs +(char const *ip4, char const *dir, +s6_accessrules_params_t *params)
    +Checks the dir base directory for an authorization for the +ip4 IPv4 address (4 network byte order characters). +If the result is S6_ACCESSRULES_ALLOW, additional +information may be stored into params. +

    + +

    + s6_accessrules_result_t s6_accessrules_ip6_cdb +(char const *ip6, struct cdb *c, +s6_accessrules_params_t *params)
    +Checks the *c CDB database for an authorization for the +ip6 IPv6 address (16 network byte order characters). +If the result is S6_ACCESSRULES_ALLOW, additional +information may be stored into params. +

    + +

    + s6_accessrules_result_t s6_accessrules_ip6_fs +(char const *ip6, char const *dir, +s6_accessrules_params_t *params)
    +Checks the dir base directory for an authorization for the +ip6 IPv6 address (16 network byte order characters). +If the result is S6_ACCESSRULES_ALLOW, additional +information may be stored into params. +

    + +

    + s6_accessrules_result_t s6_accessrules_ip46_cdb +(ip46_t *ip, struct cdb *c, +s6_accessrules_params_t *params)
    +Checks the *c CDB database for an authorization for the +ip IP address. +If the result is S6_ACCESSRULES_ALLOW, additional +information may be stored into params. +

    + +

    + s6_accessrules_result_t s6_accessrules_ip46_fs +(ip46_t const *ip, char const *dir, +s6_accessrules_params_t *params)
    +Checks the dir base directory for an authorization for the +ip IP address. +If the result is S6_ACCESSRULES_ALLOW, additional +information may be stored into params. +

    + + + diff --git a/doc/libs6/ftrigr.html b/doc/libs6/ftrigr.html new file mode 100644 index 0000000..2c9bf88 --- /dev/null +++ b/doc/libs6/ftrigr.html @@ -0,0 +1,268 @@ + + + + + s6: the ftrigr library interface + + + + + + +

    +libs6
    +s6
    +Software
    +skarnet.org +

    + +

    The ftrigr library interface

    + +

    + The ftrigr library provides an API for listeners, i.e. +programs that want to subscribe to fifodirs and be instantly +notified when the proper sequence of events happens. +

    + +

    Programming

    + +

    + Check the s6/ftrigr.h header for the +exact function prototypes. +

    + +

    + Make sure your application is not disturbed by children it doesn't +know it has. This means paying some attention to the SIGCHLD handler, +if any, and to the way you perform waitpid()s. The best +practice is to use a +self-pipe +to handle SIGCHLD (as well as other signals the application needs to trap), +and to always use wait_nohang() to reap children, +simply ignoring pids you don't know. +

    + +

    + If your (badly programmed) application has trouble handling unknown +children, consider using a ftrigrd service. +

    + +

    A programming example

    + +

    + The src/pipe-tools/s6-ftrig-listen1.c and +src/supervision/s6-svwait.c files in the s6 package, +for instance, illustrate how to use the ftrigr library. +

    + + +

    Synchronous functions with a specified maximum execution time

    + + + + +

    Starting and ending a session

    + +
    +ftrigr_t a = FTRIGR_ZERO ;
    +tain_t deadline, stamp ;
    +
    +tain_now(&stamp) ;
    +tain_addsec(&deadline, &stamp, 2)
    +
    +// char const *path = FTRIGR_IPCPATH ;
    +// ftrigr_start(&a, path, &deadline, &stamp) ;
    +ftrigr_startf(&a, &deadline, &stamp) ;
    +
    + +

    +ftrigr_start starts a session with a ftrigrd service listening on +path.
    +ftrigr_startf starts a session with a ftrigrd process as a child +(which is the simplest usage).
    +a is a ftrigr_t structure that must be declared in the stack and +initialized to FTRIGR_ZERO. +stamp must be an accurate enough timestamp.
    +If the session initialization fails, the function returns 0 and errno is set; +else the function returns 1. +

    +

    +If the absolute time deadline is reached and the function +has not returned yet, it immediately returns 0 with errno set to ETIMEDOUT. + +Only local interprocess communications are involved; unless your system is +heavily overloaded, the function should return near-instantly. One or two +seconds of delay between stamp and deadline should be +enough: if the function takes more than that to return, then there is a +problem with the underlying processes. +

    + +

    + You can have more than one session open in parallel, by declaring +several distinct ftrigr_t structures and calling +ftrigr_startf (or ftrigr_start) more than once. +However, this is useless, since one single session can handle +virtually as many concurrent fifodirs as your application needs. +

    + +
    +ftrigr_end(&a) ;
    +
    + +

    +ftrigr_end frees all the resources used by the session. The +a structure is then reusable for another session. +

    + +

    Subscribing to a fifodir

    + +
    +char const *path = "/var/lib/myservice/fifodir" ;
    +char const *re = "a.*b|c*d" ;
    +uint32 options = 0 ;
    +
    +uint16 id = ftrigr_subscribe (&a, path, re, options, &deadline, &stamp) ;
    +
    + +

    +ftrigr_subscribe instructs the +s6-ftrigrd daemon, related to the open +session represented by the a structure, to subscribe to the +path fifodir, and to notify the application when it receives +a series of events that matches the re regexp. +options can be 0 or FTRIGR_REPEAT. If it is 0, the daemon will +automatically unsubscribe from path once re has been +matched by a series of events. If it is FTRIGR_REPEAT, it will remain +subscribed until told otherwise. +

    + +

    + ftrigr_subscribe() returns 0 and sets errno in case of failure, or +a nonzero 16-bit number identifying the subscription in case of success. +

    + +

    +ftrigr_subscribe should return near-instantly, but if +deadline is reached, it will return 0 ETIMEDOUT. If +ftrigr_subscribe returns successfully, then the +s6-ftrigrd daemon is guaranteed to be listening on path, +and events can be sent without the risk of a race condition. +

    + +

    Synchronously waiting for events

    + +
    +uint16 list[1] ;
    +unsigned int n = 1 ;
    +char trigger ;
    +list[0] = id ;
    +
    +// r = ftrigr_wait_and(&a, list, n, &deadline) ;
    +r = ftrigr_wait_or(&a, list, n, &deadline, &trigger) ;
    +
    + +

    + ftrigr_wait_and() waits for all the n fifodirs +whose ids are listed in list to receive an event. It returns -1 +in case of error or timeout, or a non-negative integer in case of success.
    + ftrigr_wait_or() waits for one of the n fifodirs +whose ids are listed in list to receive an event. It returns -1 +in case of error or timeout; if it succeeds, the return value is the +position in list, starting at 0, of the identifier that received +an event; and trigger is set to the character that triggered that +event, i.e. the last character of a sequence that matched the regular +expression re used in the subscription. +

    + +

    Asynchronously waiting for events

    + +

    + (from now on, the functions are listed with their prototypes instead +of usage examples.) +

    + +
    +int ftrigr_fd (ftrigr_t const *a)
    +
    + +

    + Returns a file descriptor to select on for reading. Do not +read() it though. +

    + +
    +int ftrigr_update (ftrigr_t *a)
    +
    + +

    + Call this function whenever the fd checks readability: it will +update a's internal structures with information from the +s6-ftrigrd daemon. It returns -1 if an error +occurs; in case of success, it returns the number of identifiers for +which something happened. +

    + +

    + When ftrigr_update returns, +genalloc_s(uint16, &a->list) points to an array of +genalloc_len(uint16, &a->list) 16-bit unsigned +integers. Those integers are ids waiting to be passed to +ftrigr_check. +

    + +
    +int ftrigr_check (ftrigr_t *a, uint16 id, char *what)
    +
    + +

    + Checks whether an event happened to id. Use after a +call to ftrigr_update(). +

    + + + + + diff --git a/doc/libs6/ftrigw.html b/doc/libs6/ftrigw.html new file mode 100644 index 0000000..b0feb31 --- /dev/null +++ b/doc/libs6/ftrigw.html @@ -0,0 +1,100 @@ + + + + + s6: the ftrigw library interface + + + + + + +

    +libs6
    +s6
    +Software
    +skarnet.org +

    + +

    The ftrigw library interface

    + +

    + The ftrigw library provides an API for notifiers, i.e. +programs that want to regularly announce what they're doing. +

    + +

    + Notifiers should create a fifodir in a hardcoded place in the +filesystem, and document its location. Listeners will then be +able to subscribe to that fifodir, and receive the events. +

    + +

    Programming

    + +

    + Check the s6/ftrigw.h header for the +exact function prototypes. +

    + +

    Creating a fifodir

    + +
    +char const *path = "/var/lib/myservice/fifodir" ;
    +int gid = -1 ;
    +int forceperms = 0 ;
    +int r = ftrigw_fifodir_make(path, gid, forceperms) ;
    +
    + +

    +ftrigw_fifodir_make creates a fifodir at the path location. +It returns 0, and sets errno, if an error occurs. +It returns 1 if it succeeds.
    +If a fifodir, owned by the user, already exists at path, and +forceperms is zero, then ftrigw_fifodir_make immediately +returns a success. If forceperms is nonzero, then +it tries to adjust path's permissions before returning. +

    + +

    +If gid is negative, then path is created "public". +Any listener will be able to subscribe to path. +If gid is nonnegative, then path is created "private". +Only processes belonging to group gid will be able to +subscribe to path. +

    + +

    Sending an event

    + +
    +char event = 'a' ;
    +r = ftrigw_notify(path, event) ;
    +
    + +

    +ftrigw_notify sends event to all the processes that are +currently subscribed to path. +It returns -1 if an error occurs, or the number of successfully notified +processes. +

    + +

    Cleaning up

    + +

    +When stray KILL signals hit s6-ftrigrd processes, +1. it's a sign of incorrect system administration, 2. they can leave +unused named pipes in the fifodir. It's the fifodir's owner's job, i.e. +the notifier's job, to periodically do some housecleaning and remove +those unused pipes. +

    + +
    +r = ftrigw_clean(path) ;
    +
    + +

    +ftrigw_clean cleans path. It returns 0, and sets errno, +if it encounters an error. It returns 1 if it succeeds. +

    + + + diff --git a/doc/libs6/index.html b/doc/libs6/index.html new file mode 100644 index 0000000..9fe7e65 --- /dev/null +++ b/doc/libs6/index.html @@ -0,0 +1,72 @@ + + + + + s6: the s6 library interface + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6 library interface

    + +

    General information

    + +

    + libs6 is a collection of utility +C interfaces, used in the s6 executables. +

    + +

    Compiling

    + + + +

    Linking

    + + + +

    Programming

    + +

    + The s6/s6.h header is actually a +concatenation of other headers: +the libs6net is separated into several modules, each of them with its +own header. +

    + + + + + diff --git a/doc/libs6/s6-ftrigrd.html b/doc/libs6/s6-ftrigrd.html new file mode 100644 index 0000000..4bbfc69 --- /dev/null +++ b/doc/libs6/s6-ftrigrd.html @@ -0,0 +1,80 @@ + + + + + s6: the s6-ftrigrd program + + + + + + +

    +libs6
    +s6
    +Software
    +skarnet.org +

    + +

    The s6-ftrigrd program

    + +

    +s6-ftrigrd is a helper program that manages a set of subscriptions to fifodirs as well +as regular expressions on events. It takes orders from its client program that controls +it via the ftrigr library, and notifies it when desired +events happen. +

    + +

    Interface

    + +

    + s6-ftrigrd is not meant to be called directly. +

    + + + +

    + s6-ftrigrd handles the grunt work of creating fifos in a +fifodir for a subscriber. It also wakes up on every +event, and compares the chain of events it received on a given fifodir with the +client-provided regexp. If the chain of events matches the regexp, it notifies +the client. +

    + +

    Notes

    + +

    + The connection management between the client and s6-ftrigrd is entirely done +by the skaclient +library. +

    + +

    + s6-ftrigrd is entirely asynchronous. It stores unread notifications into heap +memory; it can grow in size if there are a lot of events and the client fails +to read them. To avoid uncontrolled growth, make sure your client calls +ftrigr_update() as soon as ftrigr_fd() becomes readable. +

    + +

    + A s6-ftrigrd instance can only handle up to FTRIGRD_MAX (defined in s6/ftrigr.h) +subscriptions at once. By default, this number is 1000, which is more than enough for +any reasonable system. +

    + + + diff --git a/doc/libs6/s6lock.html b/doc/libs6/s6lock.html new file mode 100644 index 0000000..ca22fe4 --- /dev/null +++ b/doc/libs6/s6lock.html @@ -0,0 +1,238 @@ + + + + + s6: the s6lock library interface + + + + + + +

    +libs6
    +s6
    +Software
    +skarnet.org +

    + +

    The s6lock library interface

    + +

    General information

    + +

    + s6lock is a C interface to timed locks. Unix natively provides +locks, but the locking primitives are synchronous, so either they are +unbounded in execution time or they require polling. s6lock provides +poll-free locks that can timeout during attempted acquisition. +

    + +

    Programming

    + + + +

    Starting and ending a session

    + +
    +s6lock_t a = S6LOCK_ZERO ;
    +tain_t deadline ;
    +
    +tain_now_g() ;
    +tain_addsec_g(&deadline, 2)
    +
    +char const *path = S6LOCK_IPCPATH ;
    +s6lock_start_g(&a, path, &deadline) ;
    +// char const *lockdir = "/tmp/lock" ;
    +// s6lock_startf_g(&a, lockdir, &deadline) ;
    +
    + +

    +s6lock_start_g starts a session by connecting to a s6lockd service +listening on path. The working directory is set by the administrator +of the service.
    +s6lock_startf_g starts a session with a s6lockd process as a child, +using lockdir as its working directory. +
    +a is a s6lock_t structure that must be declared in the stack and +initialized to S6LOCK_ZERO. +If the session initialization fails, the function returns 0 and errno is set; +else the function returns 1. +

    +

    +If the absolute time deadline is reached and the function +has not returned yet, it immediately returns 0 with errno set to ETIMEDOUT. + +Only local interprocess communications are involved; unless your system is +heavily overloaded, the function should return near-instantly. One or two +seconds of delay between the current time and deadline should be +enough: if the function takes more than that to return, then there is a +problem with the underlying processes. +

    + +

    + You can have more than one session open in parallel, by declaring +several distinct s6lock_t structures and calling +s6lock_startf_g (or s6lock_start_g) more than once. +However, one single session can handle +virtually as many concurrent locks as your application needs, so +opening several sessions is only useful if you need to acquire locks +in various distinct lock directories. +

    + +
    +s6lock_end(&a) ;
    +
    + +

    +s6lock_end frees all the resources used by the session. The +a structure is then reusable for another session. +

    + +

    Acquiring and releasing locks

    + +
    +uint16 id ;
    +char const *file = "lockfile" ;
    +tain_t limit ;
    +tain_t deadline ;
    +
    +int r = s6lock_acquire_sh_g (&a, &id, file, &limit, &deadline) ;
    +/* int r = s6lock_acquire_ex_g (&a, &id, file, &limit, &deadline) ; */
    +r = s6lock_release_g(&a, id, &deadline) ;
    +
    + +

    +s6lock_acquire_sh_g instructs the +s6lockd daemon, related to the open +session represented by the a handle, to try and acquire a +shared lock on the +file file located under that daemon's working directory +(typically /var/lock). file will be interpreted as +relative to the daemon's working directory even if it starts with a +slash; however, slashes in the middle of file are likely to +result in an error. +

    + +

    +limit and deadline are two absolute dates. +deadline is a deadline for the execution of the +function: if by deadline the function has not returned, +then it instantly returns 0 and sets errno to ETIMEDOUT. The +function is normally near-instantaneous, so deadline can +be very close in the future and serves only as a protection against +malicious servers. limit is the acquisition deadline: if +by limit the daemon still has not been able to acquire a lock +on file, then it will report a timeout to the client. +

    + +

    +The function returns 1 in case of success, or 0 if an error occurs, +with errno set to a suitable value. If it succeeds, then a 16-bit +number is stored into *id; this number serves as an identifier +for this lock. +

    + +

    +s6lock_acquire_ex_g works just like s6lock_acquire_sh_g, +except that the daemon tries to acquire an exclusive lock. +

    + +

    +s6lock_release_g releases the lock identified by id. +It normally returns 1. It can return 0 with errno set to a suitable +value if it fails. id is not valid after the corresponding +lock has been released. The function normally returns instantly, with +deadline as a safeguard. +

    + +

    Asynchronously waiting for locks

    + +

    + (from now on, the functions are listed with their prototypes instead +of usage examples.) +

    + +
    +int s6lock_fd (s6lock_t const *a)
    +
    + +

    + Returns a file descriptor to select on for reading. Do not +read() it though. +

    + +
    +int s6lock_update (s6lock_t *a)
    +
    + +

    + Call this function whenever the fd checks readability: it will +update a's internal structures with information from the +s6lockd daemon. It returns -1 if an error +occurs; in case of success, it returns the number of identifiers for +which something happened. +

    + +

    + When s6lock_update returns, +genalloc_s(uint16, &a->list) points to an array of +genalloc_len(uint16, &a->list) 16-bit unsigned +integers. Those integers are ids waiting to be passed to +s6lock_check. +

    + +
    +int s6lock_check (s6lock_t *a, uint16 id, char *what)
    +
    + +

    + Checks whether the lock identified by id has +been acquired. Use after a call to s6lock_update(). +

    + + + +

    Synchronously waiting for locks

    + +

    + int s6lock_wait_or_g (s6lock_t *a, uint16 const *idlist, unsigned int n, tain_t const *deadline)
    +Synchronously waits for one of the locks represented by the array pointed to +by idlist of length n to be acquired. Returns -1 if it fails, +or a nonnegative number on success, which is the index in idlist of the +acquired lock's id. If no result has been obtained by deadline, the +function returns -1 ETIMEDOUT. +

    + +

    + int s6lock_wait_and_g (s6lock_t *a, uint16 const *idlist, unsigned int n, tain_t const *deadline)
    +Synchronously waits for all of the locks represented by the array pointed to +by idlist of length n to be acquired. Returns -1 if it fails and +0 if it succeeds. If no result has been obtained by deadline, the +function returns -1 ETIMEDOUT. +

    + + + diff --git a/doc/libs6/s6lockd-helper.html b/doc/libs6/s6lockd-helper.html new file mode 100644 index 0000000..2c54e5c --- /dev/null +++ b/doc/libs6/s6lockd-helper.html @@ -0,0 +1,52 @@ + + + + + s6: the s6lockd-helper internal program + + + + + + +libs6
    +s6
    +Software
    +skarnet.org

    + +

    The s6lockd-helper program

    + +

    +s6lockd-helper is a helper program for the s6lock daemon. +It just acquires a lock and holds it until it is killed or told to +exit by its parent daemon. +

    + +

    Interface

    + +

    + s6lockd-helper is not meant to be invoked directly by the user: +it will be spawned by the +s6lockd program. +

    + +

    Notes

    + + + + + diff --git a/doc/libs6/s6lockd.html b/doc/libs6/s6lockd.html new file mode 100644 index 0000000..7db76be --- /dev/null +++ b/doc/libs6/s6lockd.html @@ -0,0 +1,73 @@ + + + + + s6: the s6lockd internal program + + + + + + +libs6
    +s6
    +Software
    +skarnet.org

    + +

    The s6lockd program

    + +

    +s6lockd is the s6lock daemon. It is a program that manages +a set of lock files in a given directory, and associated timeouts. +

    + +

    Interface

    + +

    + s6lockd does not fork, does not background itself automatically, +and does not use syslog. It is not meant to be run directly by the +user: it will be spawned by the +s6lock client library. +

    + +

    + There are 2 ways to use s6lockd: +

    + +
      +
    1. Use the s6lock_startf() library call. +A s6lockd child will then be spawned from your +calling process, and automatically reaped when you call +s6lock_end(). It requires care with applications that +trap SIGCHLD. It also requires care with lock file permissions: +a s6lockd instance might not be able +to open a lock file created by a former instance run by another +client with different permissions.
    2. +
    3. Use the s6lock_start() library call, together with a +s6lockd service. +For once, this is the recommended setup: s6lockd creates empty +lock files, and having all s6lockd instances run under the same user +simplifies permissions management considerably.
    4. + +
    + +

    +When run as a service, s6lockd has no "standalone" mode: it is +designed to work with a Unix +domain superserver, like +s6-ipcserver. +s6lockd follows the UCSPI +interface, it can be directly executed from the superserver. +

    + +

    Notes

    + + + + + diff --git a/doc/libs6lock/index.html b/doc/libs6lock/index.html deleted file mode 100644 index 7237823..0000000 --- a/doc/libs6lock/index.html +++ /dev/null @@ -1,256 +0,0 @@ - - - - - s6: the s6lock library interface - - - - - - -

    -s6
    -Software
    -skarnet.org -

    - -

    The s6lock library interface

    - -

    General information

    - -

    - libs6lock is a C interface to timed locks. Unix natively provides -locks, but the locking primitives are synchronous, so either they are -unbounded in execution time or they require polling. libs6lock provides -poll-free locks that can timeout during attempted acquisition. -

    - -

    Compiling

    - - - -

    Linking

    - - - -

    Programming

    - - - -

    Starting and ending a session

    - -
    -s6lock_t a = S6LOCK_ZERO ;
    -tain_t deadline ;
    -
    -tain_now_g() ;
    -tain_addsec_g(&deadline, 2)
    -
    -char const *path = S6LOCK_IPCPATH ;
    -s6lock_start_g(&a, path, &deadline) ;
    -// char const *lockdir = "/tmp/lock" ;
    -// s6lock_startf_g(&a, lockdir, &deadline) ;
    -
    - -

    -s6lock_start_g starts a session by connecting to a s6lockd service -listening on path. The working directory is set by the administrator -of the service.
    -s6lock_startf_g starts a session with a s6lockd process as a child, -using lockdir as its working directory. -
    -a is a s6lock_t structure that must be declared in the stack and -initialized to S6LOCK_ZERO. -If the session initialization fails, the function returns 0 and errno is set; -else the function returns 1. -

    -

    -If the absolute time deadline is reached and the function -has not returned yet, it immediately returns 0 with errno set to ETIMEDOUT. - -Only local interprocess communications are involved; unless your system is -heavily overloaded, the function should return near-instantly. One or two -seconds of delay between the current time and deadline should be -enough: if the function takes more than that to return, then there is a -problem with the underlying processes. -

    - -

    - You can have more than one session open in parallel, by declaring -several distinct s6lock_t structures and calling -s6lock_startf_g (or s6lock_start_g) more than once. -However, one single session can handle -virtually as many concurrent locks as your application needs, so -opening several sessions is only useful if you need to acquire locks -in various distinct lock directories. -

    - -
    -s6lock_end(&a) ;
    -
    - -

    -s6lock_end frees all the resources used by the session. The -a structure is then reusable for another session. -

    - -

    Acquiring and releasing locks

    - -
    -uint16 id ;
    -char const *file = "lockfile" ;
    -tain_t limit ;
    -tain_t deadline ;
    -
    -int r = s6lock_acquire_sh_g (&a, &id, file, &limit, &deadline) ;
    -/* int r = s6lock_acquire_ex_g (&a, &id, file, &limit, &deadline) ; */
    -r = s6lock_release_g(&a, id, &deadline) ;
    -
    - -

    -s6lock_acquire_sh_g instructs the -s6lockd daemon, related to the open -session represented by the a handle, to try and acquire a -shared lock on the -file file located under that daemon's working directory -(typically /var/lock). file will be interpreted as -relative to the daemon's working directory even if it starts with a -slash; however, slashes in the middle of file are likely to -result in an error. -

    - -

    -limit and deadline are two absolute dates. -deadline is a deadline for the execution of the -function: if by deadline the function has not returned, -then it instantly returns 0 and sets errno to ETIMEDOUT. The -function is normally near-instantaneous, so deadline can -be very close in the future and serves only as a protection against -malicious servers. limit is the acquisition deadline: if -by limit the daemon still has not been able to acquire a lock -on file, then it will report a timeout to the client. -

    - -

    -The function returns 1 in case of success, or 0 if an error occurs, -with errno set to a suitable value. If it succeeds, then a 16-bit -number is stored into *id; this number serves as an identifier -for this lock. -

    - -

    -s6lock_acquire_ex_g works just like s6lock_acquire_sh_g, -except that the daemon tries to acquire an exclusive lock. -

    - -

    -s6lock_release_g releases the lock identified by id. -It normally returns 1. It can return 0 with errno set to a suitable -value if it fails. id is not valid after the corresponding -lock has been released. The function normally returns instantly, with -deadline as a safeguard. -

    - -

    Asynchronously waiting for locks

    - -

    - (from now on, the functions are listed with their prototypes instead -of usage examples.) -

    - -
    -int s6lock_fd (s6lock_t const *a)
    -
    - -

    - Returns a file descriptor to select on for reading. Do not -read() it though. -

    - -
    -int s6lock_update (s6lock_t *a)
    -
    - -

    - Call this function whenever the fd checks readability: it will -update a's internal structures with information from the -s6lockd daemon. It returns -1 if an error -occurs; in case of success, it returns the number of identifiers for -which something happened. -

    - -

    - When s6lock_update returns, -genalloc_s(uint16, &a->list) points to an array of -genalloc_len(uint16, &a->list) 16-bit unsigned -integers. Those integers are ids waiting to be passed to -s6lock_check. -

    - -
    -int s6lock_check (s6lock_t *a, uint16 id, char *what)
    -
    - -

    - Checks whether the lock identified by id has -been acquired. Use after a call to s6lock_update(). -

    - - - -

    Synchronously waiting for locks

    - -

    - int s6lock_wait_or_g (s6lock_t *a, uint16 const *idlist, unsigned int n, tain_t const *deadline)
    -Synchronously waits for one of the locks represented by the array pointed to -by idlist of length n to be acquired. Returns -1 if it fails, -or a nonnegative number on success, which is the index in idlist of the -acquired lock's id. If no result has been obtained by deadline, the -function returns -1 ETIMEDOUT. -

    - -

    - int s6lock_wait_and_g (s6lock_t *a, uint16 const *idlist, unsigned int n, tain_t const *deadline)
    -Synchronously waits for all of the locks represented by the array pointed to -by idlist of length n to be acquired. Returns -1 if it fails and -0 if it succeeds. If no result has been obtained by deadline, the -function returns -1 ETIMEDOUT. -

    - - - diff --git a/doc/libs6lock/s6lockd-helper.html b/doc/libs6lock/s6lockd-helper.html deleted file mode 100644 index 839dce4..0000000 --- a/doc/libs6lock/s6lockd-helper.html +++ /dev/null @@ -1,52 +0,0 @@ - - - - - s6: the s6lockd-helper internal program - - - - - - -libs6lock
    -s6
    -Software
    -skarnet.org

    - -

    The s6lockd-helper program

    - -

    -s6lockd-helper is a helper program for the s6lock daemon. -It just acquires a lock and holds it until it is killed or told to -exit by its parent daemon. -

    - -

    Interface

    - -

    - s6lockd-helper is not meant to be invoked directly by the user: -it will be spawned by the -s6lockd program. -

    - -

    Notes

    - - - - - diff --git a/doc/libs6lock/s6lockd.html b/doc/libs6lock/s6lockd.html deleted file mode 100644 index 726d2f8..0000000 --- a/doc/libs6lock/s6lockd.html +++ /dev/null @@ -1,73 +0,0 @@ - - - - - s6: the s6lockd internal program - - - - - - -libs6lock
    -s6
    -Software
    -skarnet.org

    - -

    The s6lockd program

    - -

    -s6lockd is the s6lock daemon. It is a program that manages -a set of lock files in a given directory, and associated timeouts. -

    - -

    Interface

    - -

    - s6lockd does not fork, does not background itself automatically, -and does not use syslog. It is not meant to be run directly by the -user: it will be spawned by the -s6lock client library. -

    - -

    - There are 2 ways to use s6lockd: -

    - -
      -
    1. Use the s6lock_startf() library call. -A s6lockd child will then be spawned from your -calling process, and automatically reaped when you call -s6lock_end(). It requires care with applications that -trap SIGCHLD. It also requires care with lock file permissions: -a s6lockd instance might not be able -to open a lock file created by a former instance run by another -client with different permissions.
    2. -
    3. Use the s6lock_start() library call, together with a -s6lockd service. -For once, this is the recommended setup: s6lockd creates empty -lock files, and having all s6lockd instances run under the same user -simplifies permissions management considerably.
    4. - -
    - -

    -When run as a service, s6lockd has no "standalone" mode: it is -designed to work with a Unix -domain superserver, like -s6-ipcserver. -s6lockd follows the UCSPI -interface, it can be directly executed from the superserver. -

    - -

    Notes

    - - - - - diff --git a/doc/localservice.html b/doc/localservice.html new file mode 100644 index 0000000..3b555fd --- /dev/null +++ b/doc/localservice.html @@ -0,0 +1,153 @@ + + + + + s6: what is a local service + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    Local services

    + +

    + A local service is a daemon that listens to incoming connections +on a Unix domain socket. Clients of the service are programs connecting to +this socket: the daemon performs operations on their behalf. +

    + +

    + The service is called local because it is not accessible to +clients from the network. +

    + +

    + A widely known example of a local service is the syslogd daemon. +On most implementations, it listens to the /dev/log socket. +Its clients connect to it and send their logs via the socket. The +openlog() function is just a wrapper arround the connect() +system call, the syslog() function a wrapper around write(), +and so on. +

    + +

    Benefits

    + +

    Privileges

    + +

    + The most important benefit of a local service is that it permits +controlled privilege gains without using setuid programs. +The daemon is run as user S; a client running as user C and connecting to +the daemon asks it to perform operations: those will be done as user S. +

    + +

    + Standard Unix permissions on the listening socket can be used to implement +some basic access control: to restrict access to clients belonging to group +G, change the socket to user S and group G, and give it 0420 permissions. +This is functionally equivalent to the basic access control for setuid +programs: a program having user S, group G and permissions 4750 will be +executable by group G and run with S rights. +

    + +

    + But modern systems implement the +getpeereid() +system call or library function. This function allows the server to know the +client's credentials: so fine-grained access control is possible. On those +systems, local services can do as much authentication as setuid programs, +in a much more controlled environment. +

    + +

    fd-passing

    + +

    + The most obvious difference between a local service and a network service +is that a local service does not serve network clients. But local services +have another nice perk: while network services usually only provide you +with a single channel (a TCP or UDP socket) of communication between the +client and the server, forcing you to multiplex your data into that +channel, local services allow you to have as many +communication channels as you want. +

    + +

    +(The SCTP transport layer provides a way for network services to use +several communication channels. Unfortunately, it is not widely deployed +yet, and a lot of network services still depend on TCP.) +

    + +

    + The fd-passing mechanism is Unix domain socket black magic +that allows one peer of the socket to send open file descriptors to +the other peer. So, if the server opens a pipe and sends one end of +this pipe to a client via this mechanism, there is effectively a +socket and a pipe between the client and the server. +

    + +

    UCSPI

    + +

    + The UCSPI protocol +is an easy way of abstracting clients and servers from the network. +A server written as a UCSPI server, just as it can be run +under inetd or +s6-tcpserver, +can be run under +s6-ipcserver: choose a socket +location and you have a local service. +

    + +

    + Fine-grained access control can be added by inserting +s6-ipcserver-access in +your server command line after s6-ipcserver. +

    + +

    + A client written as an UCSPI client, i.e. assuming it has descriptor +6 (resp. 7) open and reading from (resp. writing to) the server socket, +can be run under s6-ipcclient. +

    + +

    Use in skarnet.org software

    + +

    + skarnet.org libraries often use a separate process to handle +asynchronicity and background work in a way that's invisible to +the user. Among them are: +

    + + + +

    + Those processes are usually spawned from a client, via the corresponding +*_startf*() library call. But they can also be spawned from a +s6-ipcserver program in a local service configuration. In both cases, they +need an additional control channel to be passed from the server to +the client: the main socket is used for synchronous commands from the client +to the server and their answers, whereas the additional channel, which is +now implemented as a socket as well (but created by the server on-demand +and not bound to a local path), is used for asynchronous +notifications from the server to the client. The fd-passing mechanism +is used to transfer the additional channel from the server to the client. +

    + + + diff --git a/doc/s6-accessrules-cdb-from-fs.html b/doc/s6-accessrules-cdb-from-fs.html new file mode 100644 index 0000000..f7b6be0 --- /dev/null +++ b/doc/s6-accessrules-cdb-from-fs.html @@ -0,0 +1,141 @@ + + + + + s6: the s6-accessrules-cdb-from-fs program + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6-accessrules-cdb-from-fs program

    + +

    +s6-accessrules-cdb-from-fs compiles a directory +containing a ruleset suitable for +s6-ipcserver-access or +s6-tcpserver-access into a +CDB file. +

    + +

    Interface

    + +
    +     s6-accessrules-cdb-from-fs cdbfile dir
    +
    + + + +

    Ruleset directory format

    + +

    + To be understood by s6-accessrules-cdb-from-fs, +s6-ipcserver-access, or +s6-tcpserver-access, +dir must have a specific format. +

    + +

    + dir contains a series of directories: +

    + + + +

    +Depending on the application, other directories can appear in dir +and be compiled into cdbfile, but +s6-tcpserver-access only +uses the first three, and +s6-ipcserver-access only +uses the last two. +

    + +

    + Each of those directories contains a set of rules. A rule is +a subdirectory named after the set of keys it matches, and containing +actions that will be executed if the rule is the first matching rule +for the tested key. +

    + +

    + The syntax for the rule name is dependent on the nature of keys, and +fully documented on the +accessrules +library page. For instance, a subdirectory named 192.168.0.0_27 +in the ip4 directory will match every IPv4 address in the +192.168.0.0/27 network that does not match a more precise rule. +

    + +

    + The syntax for the actions, however, is the same for every type of key. +A rule subdirectory can contain the following elements: +

    + + + +

    Notes

    + + + + + diff --git a/doc/s6-accessrules-fs-from-cdb.html b/doc/s6-accessrules-fs-from-cdb.html new file mode 100644 index 0000000..b8c6b12 --- /dev/null +++ b/doc/s6-accessrules-fs-from-cdb.html @@ -0,0 +1,60 @@ + + + + + s6: the s6-accessrules-fs-from-cdb program + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6-accessrules-fs-from-cdb program

    + +

    +s6-accessrules-fs-from-cdb decompiles a CDB database +containing a ruleset suitable for +s6-ipcserver-access or +s6-tcpserver-access and +that has been compiled with +s6-accessrules-cdb-from-fs. +

    + +

    Interface

    + +
    +     s6-accessrules-fs-from-cdb dir cdbfile
    +
    + +
    + +

    Notes

    + + + + + diff --git a/doc/s6-cleanfifodir.html b/doc/s6-cleanfifodir.html index 5724666..cfbbc90 100644 --- a/doc/s6-cleanfifodir.html +++ b/doc/s6-cleanfifodir.html @@ -34,7 +34,7 @@ That means it removes all stale FIFOs in fifodir.

    In normal use, it is not necessary to call s6-cleanfifodir. However, stale -FIFOs can be left by s6-ftrigrd processes that +FIFOs can be left by s6-ftrigrd processes that were violently killed, so it's good practice to regularly clean up fifodirs.

    diff --git a/doc/s6-connlimit.html b/doc/s6-connlimit.html new file mode 100644 index 0000000..fc316cf --- /dev/null +++ b/doc/s6-connlimit.html @@ -0,0 +1,107 @@ + + + + + s6: the s6-connlimit program + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6-connlimit program

    + +

    +s6-connlimit is a small utility to perform IP-based +control on the number of client connections to a TCP socket, and +uid-based control on the number of client connections to a Unix +domain socket. +

    + +

    Interface

    + +
    +     s6-connlimit prog...
    +
    + + + +

    Usage

    + +

    + The s6-tcpserver4 and +s6-tcpserver6 define the PROTO environment +variable to "TCP", and spawn every child server with the TCPCONNNUM environment +variable set to the number of connections from the same IP address. + The s6-tcpserver-access program +can set environment variables depending on the client's IP address. If the +s6-tcpserver-access database is configured to set the TCPCONNMAX environment +variable for a given set of IP addresses, and s6-tcpserver-access execs into +s6-connlimit, then s6-connlimit will drop connections if there already are +${TCPCONNMAX} connections from the same client IP address. +

    + +

    + The s6-ipcserver and +s6-ipcserver-access programs can +be used the same way, with "IPC" instead of "TCP", to limit the number +of client connections by UID. +

    + +

    Example

    + +

    + The following command line: +

    + +
    +     s6-tcpserver4 -v2 -c1000 -C40 1.2.3.4 80 \
    +     s6-tcpserver-access -v2 -RHl0 -i dir \
    +     s6-connlimit \
    +     prog...
    +
    + +

    + will run a server listening to IPv4 address 1.2.3.4, on port 80, +serving up to 1000 concurrent connections, and up to 40 concurrent +connections from the same IP address, no matter what the IP address. +For every client connection, it will look up the database set up +in dir; if the connection is accepted, it will run prog.... +

    + +

    + If the dir/ip4/5.6.7.8_32/env/TCPCONNMAX file +exists and contains the string 30, then at most 30 concurrent +connections from 5.6.7.8 will execute prog..., instead of the +default of 40. +

    + +

    Notes

    + + + + + diff --git a/doc/s6-ftrig-notify.html b/doc/s6-ftrig-notify.html index 4f881eb..c10bf71 100644 --- a/doc/s6-ftrig-notify.html +++ b/doc/s6-ftrig-notify.html @@ -37,7 +37,7 @@ with all the characters in message.

    s6-ftrig-notify cannot be used to send the null character (event 0x00). If you need to send the null character, use the C API: -ftrigw_notify(). +ftrigw_notify().

    diff --git a/doc/s6-ftrigrd.html b/doc/s6-ftrigrd.html deleted file mode 100644 index 049164d..0000000 --- a/doc/s6-ftrigrd.html +++ /dev/null @@ -1,79 +0,0 @@ - - - - - s6: the s6-ftrigrd program - - - - - - -

    -s6
    -Software
    -skarnet.org -

    - -

    The s6-ftrigrd program

    - -

    -s6-ftrigrd is a helper program that manages a set of subscriptions to fifodirs as well -as regular expressions on events. It takes orders from its client program that controls -it via the ftrigr library, and notifies it when desired -events happen. -

    - -

    Interface

    - -

    - s6-ftrigrd is not meant to be called directly. -

    - - - -

    - s6-ftrigrd handles the grunt work of creating fifos in a -fifodir for a subscriber. It also wakes up on every -event, and compares the chain of events it received on a given fifodir with the -client-provided regexp. If the chain of events matches the regexp, it notifies -the client. -

    - -

    Notes

    - -

    - The connection management between the client and s6-ftrigrd is entirely done -by the skaclient -library. -

    - -

    - s6-ftrigrd is entirely asynchronous. It stores unread notifications into heap -memory; it can grow in size if there are a lot of events and the client fails -to read them. To avoid uncontrolled growth, make sure your client calls -ftrigr_update() as soon as ftrigr_fd() becomes readable. -

    - -

    - A s6-ftrigrd instance can only handle up to FTRIGRD_MAX (defined in s6/ftrigr.h) -subscriptions at once. By default, this number is 1000, which is more than enough for -any reasonable system. -

    - - - diff --git a/doc/s6-ioconnect.html b/doc/s6-ioconnect.html new file mode 100644 index 0000000..9972222 --- /dev/null +++ b/doc/s6-ioconnect.html @@ -0,0 +1,90 @@ + + + + + s6: the s6-ioconnect program + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6-ioconnect program

    + +

    +s6-ioconnect performs full-duplex data transmission +between two sets of open file descriptors. +

    + +

    Interface

    + +
    +     s6-ioconnect [ -t millisecs ] [ -r fdr ] [ -w fdw ] [ -0 ] [ -1 ] [ -6 ] [ -7 ]
    +
    + + + +

    Options

    + + + +

    Notes

    + + + + + diff --git a/doc/s6-ipcclient.html b/doc/s6-ipcclient.html new file mode 100644 index 0000000..fee6e52 --- /dev/null +++ b/doc/s6-ipcclient.html @@ -0,0 +1,74 @@ + + + + + s6: the s6-ipcclient program + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6-ipcclient program

    + +

    +s6-ipcclient is an +UCSPI client tool for +Unix domain sockets. It connects to a socket, then executes into +a program. +

    + +

    Interface

    + +
    +     s6-ipcclient [ -q | -Q | -v ] [ -p bindpath ] [ -l localname ] path prog...
    +
    + + + +

    Environment variables

    + +

    + prog... is run with +the following variables set: +

    + + + +

    Options

    + + + +

    Notes

    + + + + + diff --git a/doc/s6-ipcserver-access.html b/doc/s6-ipcserver-access.html new file mode 100644 index 0000000..a462c4f --- /dev/null +++ b/doc/s6-ipcserver-access.html @@ -0,0 +1,172 @@ + + + + + s6: the s6-ipcserver-access program + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6-ipcserver-access program

    + +

    +s6-ipcserver-access is a command-line access +control tool for Unix domain sockets on systems where the +getpeereid() system call can be implemented. +It is meant to be run after +s6-ipcserverd and before +the application program on the s6-ipcserver command line. +

    + +

    Interface

    + +
    +     s6-ipcserver-access [ -v verbosity ] [ -E | -e ] [ -l localname ] [ -i rulesdir | -x rulesfile ] prog...
    +
    + + + +

    Environment variables

    + +

    +s6-ipcserver-access expects to inherit some environment variables from +its parent: +

    + + + +

    + Additionally, it exports the following variables before executing into +prog...: +

    + + + +

    + Also, the access rules database can instruct s6-ipcserver-access to set +up, or unset, more environment variables, depending on the client address. +

    + +

    Options

    + + + +

    Access rule checking

    + +

    + s6-ipcserver-access checks its client connection against +a ruleset. This ruleset can be implemented: +

    + + + +

    + The exact format of the ruleset is described on the +s6-accessrules-cdb-from-fs page. +

    + +

    +s6-ipcserver-access first reads the client UID uid and +GID gid from the +${PROTO}REMOTEEUID and ${PROTO}REMOTEEGID environment variables, and checks +them with the +s6_accessrules_keycheck_uidgid() +function. In other words, it tries to match: + +

    + +

    + in that order. If no S6_ACCESSRULES_ALLOW result can be obtained, +the connection is denied. +

    + +

    Environment and executable modifications

    + +

    + s6-ipcserver-access interprets non-empty env subdirectories +and exec files +it finds in the first matching rule of the ruleset, as explained +in the s6-accessrules-cdb-from-fs +page. +

    + + + + + diff --git a/doc/s6-ipcserver-socketbinder.html b/doc/s6-ipcserver-socketbinder.html new file mode 100644 index 0000000..1edfe19 --- /dev/null +++ b/doc/s6-ipcserver-socketbinder.html @@ -0,0 +1,72 @@ + + + + + s6: the s6-ipcserver-socketbinder program + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6-ipcserver-socketbinder program

    + +

    +s6-ipcserver-socketbinder binds a Unix domain +socket, then executes a program. +

    + +

    Interface

    + +
    +     s6-ipcserver-socketbinder [ -d | -D ] [ -b backlog ] path prog...
    +
    + + + +

    Options

    + + + +

    Notes

    + + + + + diff --git a/doc/s6-ipcserver.html b/doc/s6-ipcserver.html new file mode 100644 index 0000000..855fe4b --- /dev/null +++ b/doc/s6-ipcserver.html @@ -0,0 +1,173 @@ + + + + + s6: the s6-ipcserver program + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6-ipcserver program

    + +

    +s6-ipcserver is an +UCSPI server tool for +Unix domain sockets, i.e. a super-server. +It accepts connections from clients, and forks a +program to handle each connection. +

    + +

    Interface

    + +
    +     s6-ipcserver [ -1 ] [ -q | -Q | -v ] [ -d | -D ] [ -P | -p ] [ -c maxconn ] [ -C localmaxconn ] [ -b backlog ] [ -G gidlist ] [ -g gid ] [ -u uid ] [ -U ] path prog...
    +
    + + + +

    Implementation

    + + + + +

    Options

    + + + +

    Implementation

    + + + +

    Notes

    + + + + + diff --git a/doc/s6-ipcserverd.html b/doc/s6-ipcserverd.html new file mode 100644 index 0000000..8bf5ea4 --- /dev/null +++ b/doc/s6-ipcserverd.html @@ -0,0 +1,131 @@ + + + + + s6: the s6-ipcserverd program + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6-ipcserverd program

    + +

    +s6-ipcserverd is the serving part of the +s6-ipcserver super-server. +It assumes that its stdin is a bound and listening Unix +domain socket, and +it accepts connections from clients connecting to it, forking a +program to handle each connection. +

    + +

    Interface

    + +
    +     s6-ipcserverd [ -1 ] [ -v verbosity ] [ -P | -p ] [ -c maxconn ] [ -C localmaxconn ] prog...
    +
    + + + +

    Environment variables

    + +

    + For each connection, an instance of prog... is spawned with +the following variables set: +

    + + + +

    + If client credentials lookup has been disabled, IPCREMOTEEUID and +IPCREMOTEEUID will be set, but empty. +

    + + +

    Options

    + + + +

    Signals

    + + + +

    Notes

    + + + + + diff --git a/doc/s6-notifywhenup.html b/doc/s6-notifywhenup.html index b772925..054e0f5 100644 --- a/doc/s6-notifywhenup.html +++ b/doc/s6-notifywhenup.html @@ -68,11 +68,11 @@ Default is 0, meaning infinite. for prog to keep the same pid, which is vital for supervised processes.
  • s6-notifywhenup can be used, for instance, with -s6-tcpserver +s6-ipcserver and its -1 option, so that reliable startup notification is -achieved. s6-notifywhenup -f s6-tcpserver -1 args will -send a 'U' event to ./event when s6-tcpserver is actually -listening to its network socket.
  • +achieved. s6-notifywhenup -f s6-ipcserver -1 args will +send a 'U' event to ./event when s6-ipcserver is actually +listening to its socket.
  • The s6-svwait program can be used to wait for 'U' events.
  • diff --git a/doc/s6-setlock.html b/doc/s6-setlock.html index f425656..f163336 100644 --- a/doc/s6-setlock.html +++ b/doc/s6-setlock.html @@ -55,7 +55,7 @@ execution. This is intended: the fd holds the lock, which is released when prog exits. prog must not touch fds it does not know about.
  • If the timed lock option is chosen, s6-setlock does not acquire the lock -itself. Instead, it spawns a s6lockd-helper +itself. Instead, it spawns a s6lockd-helper process that acquires the lock while s6-setlock controls the timeout; the s6lockd-helper process then holds the lock and lives as long as prog.
  • diff --git a/doc/s6-sudo.html b/doc/s6-sudo.html new file mode 100644 index 0000000..0120816 --- /dev/null +++ b/doc/s6-sudo.html @@ -0,0 +1,59 @@ + + + + + s6: the s6-sudo program + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6-sudo program

    + +

    +s6-sudo connects to a Unix domain socket and passes +its standard file descriptors, command-line arguments and +environment to a program running on the server side, potentially +with different privileges. +

    + +

    Interface

    + +
    +     s6-sudo [ -q | -Q | -v ] [ -p bindpath ] [ -l localname ] [ -e ] [ -t timeoutconn ] [ -T timeoutrun ] path [ args... ]
    +
    + + + +

    Options

    + + + + + diff --git a/doc/s6-sudoc.html b/doc/s6-sudoc.html new file mode 100644 index 0000000..0eec1c9 --- /dev/null +++ b/doc/s6-sudoc.html @@ -0,0 +1,80 @@ + + + + + s6: the s6-sudoc program + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6-sudoc program

    + +

    +s6-sudoc talks to a peer s6-sudod +program over a Unix socket, passing it command-line arguments, environment +variables and standard descriptors. +

    + +

    Interface

    + +
    +     s6-sudoc [ -e ] [ -t timeoutconn ] [ -T timeoutrun ] [ args... ]
    +
    + + + +

    Options

    + + + +

    Notes

    + + + + + diff --git a/doc/s6-sudod.html b/doc/s6-sudod.html new file mode 100644 index 0000000..37ac996 --- /dev/null +++ b/doc/s6-sudod.html @@ -0,0 +1,170 @@ + + + + + s6: the s6-sudod program + + + + + + +

    +s6
    +Software
    +skarnet.org +

    + +

    The s6-sudod program

    + +

    +s6-sudod receives command-line arguments, environment variables +and standard descriptors from a peer s6-sudoc +program over a Unix socket, then forks another program. +

    + +

    Interface

    + +
    +     s6-sudod [ -0 ] [ -1 ] [ -2 ] [ -s ] [ -t timeout ] [ sargv... ]
    +
    + + + +

    Environment

    + +

    +s6-sudod transmits its own environment to its child, plus the environment sent +by s6-sudoc, filtered in the following manner: +for every variable sent by s6-sudoc, if the +variable is present but empty in s6-sudod's environment, then +its value is overriden by the value given by s6-sudoc. A variable that is +already nonempty, or that doesn't exist, in s6-sudod's environment, will not +be transmitted to the child. +

    + +

    Options

    + + + +

    Usage example

    + +

    + The typical use of s6-sudod is in a +local service with a +s6-ipcserver process listening on a Unix +socket, a s6-ipcserver-access process +performing client authentication and access control, and possibly a +s6-envdir +process setting up the environment variables that will be accepted by +s6-sudod. The following script, meant to be a run script in a +service directory, +will set up a privileged program: +

    + +
    +#!/command/execlineb -P
    +fdmove -c 2 1
    +s6-envuidgid serveruser
    +s6-notifywhenup -f
    +s6-ipcserver -U -1 -- serversocket
    +s6-ipcserver-access -v2 -l0 -i rules --
    +exec -c
    +s6-envdir env
    +s6-sudod
    +sargv
    +
    + + + +

    + This means that user clientuser running +s6-sudo serversocket cargv will be +able, if authorized by the configuration in rules, to run +sargv cargv as user serveruser, with stdin, +stdout, stderr and the environment variables properly listed in env +transmitted to sargv. +

    + +

    Notes

    + + + + + diff --git a/doc/s6-supervise.html b/doc/s6-supervise.html index 60c72b5..b080626 100644 --- a/doc/s6-supervise.html +++ b/doc/s6-supervise.html @@ -39,7 +39,7 @@ being a leaf. s6-supervise creates it and allows subscriptions to it from processes having the same effective group id as the s6-supervise process. If it already exists, it uses it as is, without modifying the subscription rights. -
  • It sends a 's' event to ./event.
  • +
  • It sends a 's' event to ./event.
  • If the default service state is up, s6-supervise spawns ./run.
  • s6-supervise sends a 'u' event to ./event whenever it successfully spawns ./run.
  • diff --git a/doc/s6-svc.html b/doc/s6-svc.html index 72f0776..606cc16 100644 --- a/doc/s6-svc.html +++ b/doc/s6-svc.html @@ -57,7 +57,7 @@ a SIGTERM and a SIGCONT. Do not restart it.
  • -u : up. If the supervised process is down, start it. Automatically restart it when it dies.
  • -x : exit. When the service is asked to be down and -the supervised process dies, supervise will exit too. This command should +the supervised process dies, s6-supervise will exit too. This command should normally never be used on a working system.
  • -O : Once at most. Do not restart the supervised process when it dies. If it is down when the command is received, do not even start diff --git a/doc/s6-svwait.html b/doc/s6-svwait.html index 5f3cb08..11e9821 100644 --- a/doc/s6-svwait.html +++ b/doc/s6-svwait.html @@ -55,7 +55,7 @@ See the explanation on this page.
  • given services comes up or down.
  • -a : and. s6-svwait will wait until all of the given services come up or down. This is the default.
  • -
  • -t timeout : if the requested events have not +
  • -t timeout : if the requested events have not happened after timeout milliseconds, s6-svwait will print a message to stderr and exit 1. By default, timeout is 0, which means no time limit.
  • @@ -64,7 +64,7 @@ limit.

    Internals

    -s6-svwait spawns a s6-ftrigrd child to +s6-svwait spawns a s6-ftrigrd child to listen to notifications sent by s6-supervise. It also checks supervise/status files, as well as the supervise/ready files if necessary, to get the current service diff --git a/doc/upgrade.html b/doc/upgrade.html index 0851534..5a1b1ec 100644 --- a/doc/upgrade.html +++ b/doc/upgrade.html @@ -17,6 +17,14 @@

    What has changed in s6

    +

    in 2.0.2.0

    + + +

    in 2.0.1.0

    -- cgit v1.2.3