Initial commit

5 files changed, 496 insertions, 0 deletions

diff --git a/doc/index.html b/doc/index.html
new file mode 100644
index 0000000..140f1e5
--- /dev/null
+++ b/doc/index.html
@@ -0,0 +1,134 @@
+<html>
+  <head>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <meta http-equiv="Content-Language" content="en" />
+    <title>skabus - a Unix bus system</title>
+    <meta name="Description" content="skabus - a Unix bus system" />
+    <meta name="Keywords" content="skabus bus unix linux laurent bercot ska skarnet dbus ubus" />
+    <!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> -->
+  </head>
+<body>
+
+<p>
+<a href="//skarnet.org/software/">Software</a><br />
+<a href="//skarnet.org/">skarnet.org</a>
+</p>
+
+<h1> skabus </h1>
+
+<h2> What is it&nbsp;? </h2>
+
+<p>
+ skabus is a suite of programs and libraries for Unix systems
+that aim to implement a bus, i.e. a many-to-many interprocess
+communication mechanism.
+</p>
+
+<p>
+ It is very much a work in progress, and won't be complete for a long time.
+For now, it looks like a random collection of tools, even though there is
+a consistent vision behind them.
+</p>
+
+<hr />
+
+<!--
+<ul>
+ <li> <a href="why.html">Why skabus&nbsp;?</a> Why not just use D-Bus&nbsp;?</li> -->
+ <li> <a href="overview.html">An overview of skabus</a> </li>
+</ul>
+
+<hr />
+-->
+
+<h2> Installation </h2>
+
+<h3> Requirements </h3>
+
+<ul>
+ <li> A POSIX-compliant system with a standard C development environment </li>
+ <li> GNU make, version 3.81 or later </li>
+ <li> <a href="//skarnet.org/software/skalibs/">skalibs</a> version
+2.6.1.0 or later </li>
+ <li> <a href="//skarnet.org/software/execline/">execline</a> version
+2.3.0.3 or later </li>
+ <li> <a href="//skarnet.org/software/s6/">s6</a> version
+2.6.1.1 or later </li>
+
+</ul>
+
+<h3> Licensing </h3>
+
+<p>
+ skabus is free software. It is available under the
+<a href="http://opensource.org/licenses/ISC">ISC license</a>.
+</p>
+
+<h3> Download </h3>
+
+<ul>
+ <li> The current released version of skabus is <a href="skabus-0.0.1.0.tar.gz">0.0.1.0</a>. </li>
+ <li> Alternatively, you can checkout a copy of the skabus git repository:
+<pre> git clone git://git.skarnet.org/skabus </pre> </li>
+</ul>
+
+<h3> Compilation </h3>
+
+<ul>
+ <li> See the enclosed INSTALL file for installation details. </li>
+</ul>
+
+<h3> Upgrade notes </h3>
+
+<ul>
+ <li> <a href="upgrade.html">This page</a> lists the differences to be aware of between
+the previous versions of skabus and the current one. </li>
+</ul>
+
+<hr />
+
+<h2> Reference </h2>
+
+<h3> Commands </h3>
+
+<p>
+ All these commands exit 111 if they encounter a temporary error or
+hardware error, and
+100 if they encounter a permanent error - such as a misuse. Short-lived
+commands exit 0 on success. Other exit codes are documented in the
+relevant page.
+</p>
+
+<h4> Publication/subscription </h4>
+
+<ul>
+ <li> The <a href="skabus-dyntee.html">skabus-dyntee</a> program </li>
+ <li> The <a href="skabus-dynteed.html">skabus-dynteed</a> program </li>
+ <li> The <a href="skabus-dyntee-client.html">skabus-dyntee-client</a> program </li>
+</ul>
+
+<hr />
+
+<a name="related">
+<h2> Related resources </h2>
+</a>
+
+<h3> skabus discussion </h3>
+
+<ul>
+ <li> <tt>skabus</tt> is discussed on the
+<a href="//skarnet.org/lists.html#skaware">skaware</a> mailing-list. </li>
+</ul>
+
+<h3> Similar work </h3>
+
+<ul>
+ <li> <a href="http://www.freedesktop.org/wiki/Software/dbus/">D-Bus</a> is
+the most widely used Linux bus. It's also a horrible, inefficient mess. </li>
+ <li> <a href="http://wiki.openwrt.org/doc/techref/ubus">ubus</a> is
+OpenWrt's micro-bus architecture. </li>
+</ul>
+
+</body>
+</html>
diff --git a/doc/skabus-dyntee-client.html b/doc/skabus-dyntee-client.html
new file mode 100644
index 0000000..1f54a8b
--- /dev/null
+++ b/doc/skabus-dyntee-client.html
@@ -0,0 +1,57 @@
+<html>
+  <head>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <meta http-equiv="Content-Language" content="en" />
+    <title>skabus: the skabus-dyntee-client program</title>
+    <meta name="Description" content="skabus: the skabus-dyntee-client program" />
+    <meta name="Keywords" content="skabus dynamic tee dyntee skabus-dyntee-client unix linux socket pubsub client" />
+    <!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> -->
+  </head>
+<body>
+
+<p>
+<a href="index.html">skabus</a><br />
+<a href="//skarnet.org/software/">Software</a><br />
+<a href="//skarnet.org/">skarnet.org</a>
+</p>
+
+<h1> The <tt>skabus-dyntee-client</tt> program </h1>
+
+<p>
+<tt>skabus-dyntee-client</tt> is a client for the
+<a href="skabus-dyntee.html">skabus-dyntee</a> server.
+It connects to a Unix domain socket where a
+<a href="skabus-dyntee.html">skabus-dyntee</a> instance is listening,
+then executes into a program with the data stream from skabus-dyntee
+on its standard input.
+</p>
+
+<h2> Interface </h2>
+
+<pre>
+     skabus-dyntee-client <em>path</em> <em>prog...</em>
+</pre>
+
+<ul>
+ <li> skabus-dyntee-client connects to the Unix domain socket at <em>path</em>.
+It assumes the other end of the socket is a <a href="skabus-dyntee.html">skabus-dyntee</a>
+(or <a href="skabus-dynteed.html">skabus-dynteed</a>, which is the same) instance. </li>
+ <li> It executes into the <em>prog...</em> command line with the
+socket as <em>prog</em>'s standard input. </li>
+</ul>
+
+<h2> Notes </h2>
+
+<ul>
+ <li> It is possible for <em>prog</em> to immediately get EOF on its
+standard input. This likely means that the server has denied the
+connection (skabus-dyntee-client did not run with an authorized uid
+or gid). But it could also mean that the stream ended right after
+the client connected. </li>
+ <li> The socket is shut down for writing, so <em>prog</em> can
+only read on its stdin; attempts to write will always fail. </li>
+</ul>
+
+</body>
+</html>
diff --git a/doc/skabus-dyntee.html b/doc/skabus-dyntee.html
new file mode 100644
index 0000000..57b34f3
--- /dev/null
+++ b/doc/skabus-dyntee.html
@@ -0,0 +1,123 @@
+<html>
+  <head>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <meta http-equiv="Content-Language" content="en" />
+    <title>skabus: the skabus-dyntee program</title>
+    <meta name="Description" content="skabus: the skabus-dyntee program" />
+    <meta name="Keywords" content="skabus dynamic tee dyntee skabus-dyntee unix linux socket pubsub server daemon" />
+    <!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> -->
+  </head>
+<body>
+
+<p>
+<a href="index.html">skabus</a><br />
+<a href="//skarnet.org/software/">Software</a><br />
+<a href="//skarnet.org/">skarnet.org</a>
+</p>
+
+<h1> The <tt>skabus-dyntee</tt> program </h1>
+
+<p>
+<tt>skabus-dyntee</tt> is a <em>dynamic tee</em>, which is the
+simplest publisher daemon possible.
+It listens on a Unix domain socket, accepts client connections, and
+publishes to its clients everything it reads on its standard
+input, as a byte stream. It only writes to clients and never reads
+from them.
+</p>
+
+<h2> Interface </h2>
+
+<pre>
+     skabus-dyntee [ -1 ] [ -D | -d ] [ -c <em>maxconn</em> ] [ -b <em>backlog</em> ] [ -G <em>gidlist</em> ] [ -g <em>gid</em> ] [ -u <em>uid</em> ] [ -U ] [ -t <em>clienttimeout</em> ] [ -T <em>lameducktimeout</em> ] [ -i <em>rulesdir</em> | -x <em>rulesfile</em> ] <em>path</em>
+</pre>
+
+<ul>
+ <li> skabus-dyntee binds to the Unix domain socket at <em>path</em>. </li>
+ <li> If applicable, it drops root privileges. </li>
+ <li> It listens to its socket and accepts client connections. </li>
+ <li> Whenever it has data available on its standard input, it reads
+that data and writes it to every client it has. It duplicates its
+stdin stream to all its clients, hence the name <em>dynamic tee</em>. </li>
+ <li> When it reads EOF on its stdin, or when it receives a SIGTERM,
+it waits for its clients to read their pending data, then exits 0. </li>
+</ul>
+
+<p>
+ skabus-dyntee is just a wrapper that binds to its socket and
+drops privileges before executing into
+<a href="skabus-dynteed.html">skabus-dynteed</a>. For details of
+the daemon's operation, see the
+<a href="skabus-dynteed.html">skabus-dynteed</a> documentation.
+</p>
+
+<h2> Options </h2>
+
+<ul>
+ <li> <tt>-1</tt>&nbsp;: write a newline to stdout, before
+closing it, right after binding and listening to the Unix socket.
+If stdout is suitably redirected, this can be used by monitoring
+programs to check when the server is ready to accept connections. </li>
+ <li> <tt>-d</tt>&nbsp;: allow instant rebinding to the same path
+even if it has been used not long ago - this is the SO_REUSEADDR flag to
+<a href="http://pubs.opengroup.org/onlinepubs/9699919799/functions/setsockopt.html">setsockopt()</a>
+and is generally used with server programs. This is the default. Note that
+<em>path</em> will be deleted if it already exists at program start time. </li>
+ <li> <tt>-D</tt>&nbsp;: disallow instant rebinding to the same path. </li>
+ <li> <tt>-c&nbsp;<em>maxconn</em></tt>&nbsp;: accept at most
+<em>maxconn</em> concurrent client connections. Default is 40. It is
+impossible to set it higher than the value of the SKABUS_DYNTEE_MAX macro,
+which is 1000.
+ <li> <tt>-b&nbsp;<em>backlog</em></tt>&nbsp;: set a maximum of
+<em>backlog</em> backlog connections on the socket. Extra
+connection attempts will rejected by the kernel. </li>
+ <li> <tt>-G&nbsp;<em>gidlist</em></tt>&nbsp;: change skabus-dyntee's
+supplementary group list to <em>gidlist</em> after binding the socket.
+This is only valid when run as root. <em>gidlist</em> must be a
+comma-separated list of numerical group IDs. </li>
+ <li> <tt>-g&nbsp;<em>gid</em></tt>&nbsp;: change skabus-dyntee's groupid
+to <em>gid</em> after binding the socket. This is only valid when run
+as root. </li>
+ <li> <tt>-u&nbsp;<em>uid</em></tt>&nbsp;: change skabus-dyntee's userid
+to <em>uid</em> after binding the socket. This is only valid when run
+as root. </li>
+ <li> <tt>-U</tt>&nbsp;: change skabus-dyntee's user id, group id and
+supplementary group list
+according to the values of the UID, GID and GIDLIST environment variables
+after binding the socket. This is only valid when run as root.
+This can be used with the
+<a href="s6-envuidgid.html">s6-envuidgid</a>
+program to easily script a service that binds to a privileged socket
+then drops its privileges to those of a named non-root account. </li>
+ <li> <tt>-t&nbsp;<em>clienttimeout</em></tt>&nbsp;: disconnect a client
+that has not read its data after <em>clienttimeout</em> milliseconds.
+By default, <em>clienttimeout</em> is 0, which means infinite. </li>
+ <li> <tt>-T&nbsp;<em>lameducktimeout</em></tt>&nbsp;: after
+skabus-dyntee has been told to exit, clients will have
+<em>lameducktimeout</em> milliseconds to read their pending data,
+after which skabus-dyntee will exit anyway.
+By default, <em>lameducktimeout</em> is 0, which means infinite. </li>
+ <li> <tt>-x&nbsp;<em>rulesfile</em></tt>&nbsp;: read access rights
+configuration from CDB file <em>rulesfile</em>. </li>
+ <li> <tt>-i&nbsp;<em>rulesdir</em></tt>&nbsp;: read access rights
+configuration from the filesystem in directory <em>rulesdir</em>. </li>
+</ul>
+
+<h2> Notes </h2>
+
+<ul>
+ <li> skabus-dyntee does not interpret its options itself. It just
+dispatches them to the appropriate program on the command line that
+it builds. </li>
+ <li> From the user's point of view, skabus-dyntee behaves like a
+long-lived process, even if the long-lived process itself is called
+<a href="skabus-dynteed.html">skabus-dynteed</a>. Every operational detail
+of skabus-dynteed applies to skabus-dyntee as well; in particular,
+make sure to properly
+<a href="skabus-dynteed.html#configuration">configure the clients'
+access rights</a>. </li>
+</ul>
+
+</body>
+</html>
diff --git a/doc/skabus-dynteed.html b/doc/skabus-dynteed.html
new file mode 100644
index 0000000..7573f3b
--- /dev/null
+++ b/doc/skabus-dynteed.html
@@ -0,0 +1,154 @@
+<html>
+  <head>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <meta http-equiv="Content-Language" content="en" />
+    <title>skabus: the skabus-dynteed program</title>
+    <meta name="Description" content="skabus: the skabus-dynteed program" />
+    <meta name="Keywords" content="skabus skabus-dynteed publisher dynamic tee daemon publication unix linux server daemon" />
+    <!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> -->
+  </head>
+<body>
+
+<p>
+<a href="index.html">skabus</a><br />
+<a href="//skarnet.org/software/">Software</a><br />
+<a href="//skarnet.org/">skarnet.org</a>
+</p>
+
+<h1> The <tt>skabus-dynteed</tt> program </h1>
+
+<p>
+<tt>skabus-dynteed</tt> is the serving part of the
+<a href="skabus-dyntee.html">skabus-dyntee</a> program.
+It assumes that one of its file descriptors (3 or above) is a
+bound, listening, non-blocking domain socket;
+it accepts connections from clients connecting to that socket,
+and copies its stdin stream to all its clients.
+</p>
+
+<h2> Interface </h2>
+
+<pre>
+     skabus-dynteed [ -1 ] [ -c <em>maxconn</em> ] [ -t <em>clienttimeout</em> ] [ -T <em>lameducktimeout</em> ] [ -i <em>rulesdir</em> | -x <em>rulesfile</em> ]
+</pre>
+
+<ul>
+ <li> skabus-dynteed accepts connections from clients to an already
+bound and listening SOCK_STREAM Unix domain socket, by default on
+its file descriptor 3. </li>
+ <li> It runs until it receives a SIGTERM or until it reads EOF
+on its stdin. In that case, it stops accepting new client connections,
+and exits 0 when all clients have read their pending data. </li>
+ <li> Client connections last as long as the client wants to, unless an
+error occurs, or unless the server is told to exit - in which cases
+skabus-dynteed forcibly disconnects the client. </li>
+ <li> Clients cannot write anything to skabus-dynteed. They can only
+read a stream of bytes on their socket, which is a copy of what
+skabus-dynteed reads on its standard input. </li>
+</ul>
+
+<h2> Options </h2>
+
+<ul>
+ <li> <tt>-1</tt>&nbsp;: write a newline to stdout, and close stdout,
+right before entering the client-accepting loop.
+If stdout is suitably redirected, this can be used by monitoring
+programs to check when the server is accepting connections. See
+<a href="//skarnet.org/software/s6/notifywhenup.html">this page</a>
+for more information on readiness notification. </li>
+ <li> <tt>-c&nbsp;<em>maxconn</em></tt>&nbsp;: accept at most
+<em>maxconn</em> concurrent connections. Default is 40. It is
+impossible to set it higher than the value of the SKABUS_DYNTEE_MAX macro,
+i.e. 1000. </li>
+ <li> <tt>-t&nbsp;<em>clienttimeout</em></tt>&nbsp;: disconnect a client
+if it has not read its pending data after <em>clienttimeout</em> milliseconds.
+By default, <em>clienttimeout</em> is 0, which means infinite. </li>
+ <li> <tt>-T&nbsp;<em>lameducktimeout</em></tt>&nbsp;: give clients
+<em>lameducktimeout</em> milliseconds to read their pending data when
+skabus-dynteed is going to exit.
+By default, <em>lameducktimeout</em> is 0, which means infinite. </li>
+ <li> <tt>-x&nbsp;<em>rulesfile</em></tt>&nbsp;: read access rights
+configuration from
+<a href="http://en.wikipedia.org/wiki/Cdb_%28software%29">CDB</a>
+file <em>rulesfile</em>. </li>
+ <li> <tt>-i&nbsp;<em>rulesdir</em></tt>&nbsp;: read access rights
+configuration from the filesystem in directory <em>rulesdir</em>. </li>
+</ul>
+
+<h2> Signals </h2>
+
+<ul>
+ <li> SIGTERM: enter lameduck mode, then exit when all clients have
+read their pending data (or <em>lameducktimeout</em> milliseconds have
+elapsed). </li>
+ <li> SIGHUP: reopen <em>rulesfile</em>, if skabus-dynteed has been run
+with the <tt>-x</tt> option. It is not necessary to send skabus-dynteed
+a SIGHUP when the <tt>-i</tt> option is used instead: configuration
+changes in the filesystem are automatically picked up. </li>
+</ul>
+
+<a name="configuration">
+<h2> Configuration </h2>
+</a>
+
+<p>
+skabus-dynteed (or its wrapper <a href="skabus-dyntee.html">skabus-dyntee</a>)
+can be instructed not to accept every client. This is achieved
+via a series of rules, or <em>ruleset</em>, stored in either a
+<em>rulesfile</em> in the
+<a href="http://en.wikipedia.org/wiki/Cdb_%28software%29">CDB</a> format,
+and given to skabus-dynteed with the <tt>-x</tt> option,
+or in a <em>rulesdir</em>, i.e. a directory in the filesystem following a
+certain format, and given to skabus-dynteed with the <tt>-i</tt> option.
+If neither the <tt>-i</tt> nor the <tt>-x</tt> option has been provided,
+skabus-dynteed will accept connections from any client.
+</p>
+
+<p>
+ Rulesets can be converted between the <em>rulesdir</em> and
+<em>rulesfile</em> formats with the
+<a href="s6-accessrules-cdb-from-fs.html">s6-accessrules-cdb-from-fs</a> and
+<a href="s6-accessrules-fs-from-cdb.html">s6-accessrules-fs-from-cdb</a>
+conversion tools.
+</p>
+
+<h3> Rules format </h3>
+
+<p>
+ The rules file, or rules directory, follows the
+<a href="libs6/accessrules.html">s6 accessrules format</a> for uid and
+gid checking. For every connecting client, skabus-dynteed matches the uid
+and gid of the client against the provided ruleset, and determines whether
+the client is authorized or not to connect.
+The right to connect is given if an
+<tt>allow</tt> file is found in one of the subdirectories checked by
+<a href="libs6/accessrules.html#uidgid">s6_accessrules_keycheck_uidgid</a>.
+For instance, to allow everyone to connect, touch
+<tt><em>rulesdir</em>/uid/default/allow</tt>.
+</p>
+
+<p>
+ If a <em>rulesfile</em> or <em>rulesdir</em> has been provided to
+skabus-dynteed, and the client's uid and gid match no rule in the
+ruleset, then the connection is denied.
+</p>
+
+<h2> Notes </h2>
+
+<ul>
+ <li> skabus-dynteed is meant to be execve'd into by a program that gets
+the listening socket. That program is normally
+<a href="//skarnet.org/software/s6/s6-ipcserver-socketbinder.html">s6-ipcserver-socketbinder</a>,
+which creates the socket itself; but it can be a different one if the
+socket is to be obtained by another means, for instance if it has
+been retrieved from a fd-holding daemon. </li>
+ <li> Clients can plug into the data stream at any time. The data stream
+should have a format making it easy for clients to synchronize with it. </li>
+ <li> The simplest way of connecting to a skabus-dynteed instance and
+reading the data stream is via the
+<a href="skabus-dyntee-client.html">skabus-dyntee-client</a> program. </li>
+</ul>
+
+</body>
+</html>
diff --git a/doc/upgrade.html b/doc/upgrade.html
new file mode 100644
index 0000000..0827f95
--- /dev/null
+++ b/doc/upgrade.html
@@ -0,0 +1,28 @@
+<html>
+  <head>
+    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
+    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
+    <meta http-equiv="Content-Language" content="en" />
+    <title>skabus: how to upgrade</title>
+    <meta name="Description" content="skabus: how to upgrade" />
+    <meta name="Keywords" content="skabus installation upgrade" />
+    <!-- <link rel="stylesheet" type="text/css" href="//skarnet.org/default.css" /> -->
+  </head>
+<body>
+
+<p>
+<a href="index.html">skabus</a><br />
+<a href="//skarnet.org/software/">Software</a><br />
+<a href="//skarnet.org/">skarnet.org</a>
+</p>
+
+<h1> What has changed in skabus </h1>
+
+<h2> in 0.0.1.0 </h2>
+
+<ul>
+ <li> Initial release. </li>
+</ul>
+
+</body>
+</html>