static void reconfigure(void)
{
int rc;
daemon_conf_t tdc;
conf_llist tmp_plugin;
lnode *tpconf;
/* Read new daemon config */
rc = load_config(&tdc, config_file);
if (rc == 0) {
if (tdc.q_depth > daemon_config.q_depth) {
increase_queue_depth(tdc.q_depth);
daemon_config.q_depth = tdc.q_depth;
}
daemon_config.overflow_action = tdc.overflow_action;
reset_suspended();
/* We just fill these in because they are used by this
* same thread when we return
*/
daemon_config.node_name_format = tdc.node_name_format;
free((char *)daemon_config.name);
daemon_config.name = tdc.name;
}
/* The idea for handling SIGHUP to children goes like this:
* 1) load the current config in temp list
* 2) mark all in real list unchecked
* 3) for each one in tmp list, scan old list
* 4) if new, start it, append to list, mark done
* 5) else check if there was a change to active state
* 6) if so, copy config over and start
* 7) If no change, send sighup to non-builtins and mark done
* 8) Finally, scan real list for unchecked, terminate and deactivate
*/
load_plugin_conf(&tmp_plugin);
plist_mark_all_unchecked(&plugin_conf);
plist_first(&tmp_plugin);
tpconf = plist_get_cur(&tmp_plugin);
while (tpconf && tpconf->p) {
lnode *opconf;
opconf = plist_find_name(&plugin_conf, tpconf->p->name);
if (opconf == NULL) {
/* We have a new service */
if (tpconf->p->active == A_YES) {
tpconf->p->checked = 1;
plist_last(&plugin_conf);
plist_append(&plugin_conf, tpconf->p);
free(tpconf->p);
tpconf->p = NULL;
start_one_plugin(plist_get_cur(&plugin_conf));
}
} else {
if (opconf->p->active == tpconf->p->active) {
if (opconf->p->type == S_ALWAYS)
kill(opconf->p->pid, SIGHUP);
opconf->p->checked = 1;
} else {
/* A change in state */
if (tpconf->p->active == A_YES) {
/* starting - copy config and exec */
free_pconfig(opconf->p);
free(opconf->p);
opconf->p = tpconf->p;
opconf->p->checked = 1;
start_one_plugin(opconf);
tpconf->p = NULL;
}
}
}
tpconf = plist_next(&tmp_plugin);
}
/* Now see what's left over */
while ( (tpconf = plist_find_unchecked(&plugin_conf)) ) {
/* Anything not checked is something removed from the config */
tpconf->p->active = A_NO;
kill(tpconf->p->pid, SIGTERM);
tpconf->p->pid = 0;
tpconf->p->checked = 1;
}
/* Release memory from temp config */
plist_first(&tmp_plugin);
tpconf = plist_get_cur(&tmp_plugin);
while (tpconf) {
free_pconfig(tpconf->p);
tpconf = plist_next(&tmp_plugin);
}
plist_clear(&tmp_plugin);
}
int main(int argc, char *argv[])
{
int rc;
const char *cpath;
char buf[1024];
struct sigaction sa;
sigset_t ss;
auparse_state_t *au;
ssize_t len;
mypid = getpid();
log_info("starting with pid=%d", mypid);
/*
* install signal handlers
*/
sa.sa_flags = 0;
sigemptyset(&sa.sa_mask);
sa.sa_handler = term_handler;
sigaction(SIGTERM, &sa, NULL);
sa.sa_handler = hup_handler;
sigaction(SIGHUP, &sa, NULL);
sa.sa_handler = alarm_handler;
sigaction(SIGALRM, &sa, NULL);
/*
* the main program accepts a single (optional) argument:
* it's configuration file (this is NOT the plugin configuration
* usually located at /etc/audisp/plugin.d)
* We use the default (def_config_file) if no arguments are given
*/
if (argc == 1) {
cpath = def_config_file;
log_warn("No configuration file specified - using default (%s)", cpath);
} else if (argc == 2) {
cpath = argv[1];
log_info("Using configuration file: %s", cpath);
} else {
log_err("Error - invalid number of parameters passed. Aborting");
return 1;
}
/* initialize record counter */
conf.counter = 1;
/* initialize configuration with default values */
plugin_clear_config(&conf);
/* initialize the submission queue */
if (init_queue(conf.q_depth) != 0) {
log_err("Error - Can't initialize event queue. Aborting");
return -1;
}
/* set stdin to O_NONBLOCK */
if (fcntl(0, F_SETFL, O_NONBLOCK) == -1) {
log_err("Error - Can't set input to Non-blocking mode: %s. Aborting",
strerror(errno));
return -1;
}
do {
hup = 0; /* don't flush unless hup == 1 */
/*
* initialization is done in 4 steps:
*/
/*
* load configuration and
* increase queue depth if needed
*/
rc = plugin_load_config(&conf, cpath);
if (rc != 0) {
log_err("Error - Can't load configuration. Aborting");
return -1;
}
increase_queue_depth(conf.q_depth); /* 1 */
/* initialize auparse */
au = auparse_init(AUSOURCE_FEED, 0); /* 2 */
/*
* Block signals for everyone,
* Initialize submission thread, and
* Unblock signals for this thread
*/
sigfillset(&ss);
pthread_sigmask(SIG_BLOCK, &ss, NULL);
pthread_create(&submission_thread, NULL,
submission_thread_main, NULL);
pthread_sigmask(SIG_UNBLOCK, &ss, NULL); /* 3 */
/* add our event consumer callback */
auparse_add_callback(au, push_event, NULL, NULL); /* 4 */
/* main loop */
while (hup == 0 && stop == 0) {
fd_set rfds;
struct timeval tv;
FD_ZERO(&rfds);
FD_SET(0, &rfds);
tv.tv_sec = 5;
tv.tv_usec = 0;
rc = select(1, &rfds, NULL, NULL, &tv);
if (rc == -1) {
if (errno == EINTR) {
log_debug("Select call interrupted");
continue;
}
else {
log_err("Error - Fatal error while monitoring input: %s. Aborting",
strerror(errno));
stop = 1;
}
}
else if (rc) {
len = read(0, buf, 1024);
if (len > 0)
/* let our callback know of the new data */
auparse_feed(au, buf, len);
else if (len == 0) {
log_debug("End of input - Exiting");
stop = 1;
}
else {
/* ignore interrupted call or empty pipe */
if (errno != EINTR && errno != EAGAIN) {
log_err("Error - Fatal error while reading input: %s. Aborting",
strerror(errno));
stop = 1;
}
else {
log_debug("Ignoring read interruption: %s",
strerror(errno));
}
}
}
}
/* flush everything, in order */
auparse_flush_feed(au); /* 4 */
alarm(10); /* 10 seconds to clear the queue */
pthread_join(submission_thread, NULL); /* 3 */
alarm(0); /* cancel any pending alarm */
auparse_destroy(au); /* 2 */
plugin_free_config(&conf); /* 1 */
}
while (hup && stop == 0);
/* destroy queue before leaving */
destroy_queue();
log_info("Exiting");
return 0;
}