Пример #1
0
static iep_thread_driver_t *noit_stomp_allocate(noit_conf_section_t conf) {
  struct stomp_driver *dr;
  dr = calloc(1, sizeof(*dr));
  if(apr_pool_create(&dr->pool, NULL) != APR_SUCCESS) {
    free(dr);
    return NULL;
  }
  (void)noit_conf_get_string(conf, "exchange", &dr->exchange);
  if(!noit_conf_get_string(conf, "destination", &dr->destination))
  if(!dr->destination) dr->destination = strdup("/queue/noit.firehose");
  (void)noit_conf_get_string(conf, "username", &dr->user);
  (void)noit_conf_get_string(conf, "password", &dr->pass);
  (void)noit_conf_get_string(conf, "hostname", &dr->hostname);
  if(!dr->hostname) dr->hostname = strdup("127.0.0.1");
  if(!noit_conf_get_int(conf, "port", &dr->port))
    dr->port = 61613;
  return (iep_thread_driver_t *)dr;
}
Пример #2
0
static int
ip_acl_onload(noit_image_t *self) {
  int i, cnt;
  noit_conf_section_t *acl_c;
  ip_acl_module_id = noit_check_register_module("ip_acl");
  if(ip_acl_module_id < 0) return -1;

  acl_c = noit_conf_get_sections(NULL, "/noit/acls//acl", &cnt);
  if(acl_c) {
    for(i=0; i<cnt; i++) {
      char *name;
      int j, rcnt, arcnt = 0;
      noit_conf_section_t *rule_c;
      if(noit_conf_get_string(acl_c[i], "@name", &name)) {
        rule_c = noit_conf_get_sections(acl_c[i], "rule", &rcnt);
        if(rule_c) {
          btrie *acl = calloc(1, sizeof(*acl));
          for(j=0; j<rcnt; j++) {
            int mask = -1, rv;
            char dirstr[16] = "unspecified";
            char *cp, target[256] = "";
            union {
              struct in_addr addr4;
              struct in6_addr addr6;
            } a;

            noit_conf_get_stringbuf(rule_c[j], "self::node()", target, sizeof(target));
            if(NULL != (cp = strchr(target, '/'))) {
              *cp++ = '\0';
              mask = atoi(cp);
            }
            if(!noit_conf_get_stringbuf(rule_c[j], "@type", dirstr, sizeof(dirstr)) ||
               (strcmp(dirstr, "deny") && strcmp(dirstr, "allow"))) {
              noitL(noit_error, "Unknown acl rule type \"%s\" in acl \"%s\"\n",
                    dirstr, name);
            }
            else if(inet_pton(AF_INET, target, &a) == 1) {
              if(mask == -1) mask = 32;
              noit_add_route_ipv4(acl, &a.addr4, mask, strcmp(dirstr, "allow") ? DENY_PTR : ALLOW_PTR);
              arcnt++;
            }
            else if(inet_pton(AF_INET6, target, &a) == 1) {
              if(mask == -1) mask = 128;
              noit_add_route_ipv6(acl, &a.addr6, mask, strcmp(dirstr, "allow") ? DENY_PTR : ALLOW_PTR);
              arcnt++;
            }
          }
          noitL(noit_error, "ACL %s/%p -> %d/%d rules\n", name, acl, arcnt, rcnt);
          noit_hash_replace(&acls, name, strlen(name), acl, free, free_btrie);
          free(rule_c);
        }
      }
    }
    free(acl_c);
  }
  return 0;
}
Пример #3
0
static iep_thread_driver_t *noit_fq_allocate(noit_conf_section_t conf) {
  char *hostname, *cp, *brk;
  int i;

#define GETCONFSTR(w) noit_conf_get_stringbuf(conf, #w, global_fq_ctx.w, sizeof(global_fq_ctx.w))
  snprintf(global_fq_ctx.exchange, sizeof(global_fq_ctx.exchange), "%s",
           "noit.firehose");
  GETCONFSTR(exchange);
  if(!GETCONFSTR(routingkey))
    snprintf(global_fq_ctx.routingkey, sizeof(global_fq_ctx.routingkey), "%s", "check");
  snprintf(global_fq_ctx.username, sizeof(global_fq_ctx.username), "%s", "guest");
  GETCONFSTR(username);
  snprintf(global_fq_ctx.password, sizeof(global_fq_ctx.password), "%s", "guest");
  GETCONFSTR(password);
  if(!noit_conf_get_int(conf, "heartbeat", &global_fq_ctx.heartbeat))
    global_fq_ctx.heartbeat = 2000;
  if(!noit_conf_get_int(conf, "backlog", &global_fq_ctx.backlog))
    global_fq_ctx.backlog = 2000;
  if(!noit_conf_get_int(conf, "port", &global_fq_ctx.port))
    global_fq_ctx.port = 8765;
  (void)noit_conf_get_string(conf, "hostname", &hostname);
  if(!hostname) hostname = strdup("127.0.0.1");
  for(cp = hostname; cp; cp = strchr(cp+1, ',')) global_fq_ctx.nhosts++;
  if(global_fq_ctx.nhosts > MAX_HOSTS) global_fq_ctx.nhosts = MAX_HOSTS;
  for(i = 0, cp = strtok_r(hostname, ",", &brk);
      cp; cp = strtok_r(NULL, ",", &brk), i++) {
    char *pcp;
    fq_client *c = &global_fq_ctx.client[i];

    global_fq_ctx.ports[i] = global_fq_ctx.port;
    strlcpy(global_fq_ctx.hostname[i], cp, sizeof(global_fq_ctx.hostname[i]));
    pcp = strchr(global_fq_ctx.hostname[i], ':');
    if(pcp) {
      *pcp++ = '\0';
      global_fq_ctx.ports[i] = atoi(pcp);
    }
    fq_client_init(c, 0, fq_logger);
    fq_client_creds(*c, global_fq_ctx.hostname[i], global_fq_ctx.ports[i],
                    global_fq_ctx.username, global_fq_ctx.password);
    fq_client_heartbeat(*c, global_fq_ctx.heartbeat);
    fq_client_set_nonblock(*c, 1);
    fq_client_set_backlog(*c, global_fq_ctx.backlog, 0);
    fq_client_connect(*c);
  }
  free(hostname);

  return (iep_thread_driver_t *)&global_fq_ctx;
}
Пример #4
0
void
stratcon_datastore_core_init() {
  static int initialized = 0;
  if(initialized) return;
  initialized = 1;
  ds_err = noit_log_stream_find("error/datastore");
  ds_deb = noit_log_stream_find("debug/datastore");
  ds_pool_deb = noit_log_stream_find("debug/datastore_pool");
  ingest_err = noit_log_stream_find("error/ingest");
  if(!ds_err) ds_err = noit_error;
  if(!ingest_err) ingest_err = noit_error;
  if(!noit_conf_get_string(NULL, "//database/journal/path",
                           &basejpath)) {
    noitL(noit_error, "//database/journal/path is unspecified\n");
    exit(-1);
  }
}
Пример #5
0
static int handoff_ingestor_init(noit_module_generic_t *self) {
  ds_err = noit_log_stream_find("error/datastore");
  ds_deb = noit_log_stream_find("debug/datastore");
  ingest_err = noit_log_stream_find("error/ingest");
  if(!ds_err) ds_err = noit_error;
  if(!ingest_err) ingest_err = noit_error;
  if(!noit_conf_get_string(NULL, "/stratcon/database/journal/path",
                           &basejpath)) {
    noitL(noit_error, "/stratcon/database/journal/path is unspecified\n");
    exit(-1);
  }
  noitL(noit_error, "registering /handoff/journals REST endpoint\n");
  assert(noit_http_rest_register_auth(
    "GET", "/handoff/", "^journals$", handoff_stream,
    noit_http_rest_client_cert_auth
  ) == 0);
  return stratcon_datastore_set_ingestor(&handoff_ingestor_api);
}
Пример #6
0
static iep_thread_driver_t *noit_rabbimq_allocate() {
  char *hostname, *cp, *brk;
  struct amqp_driver *dr = NULL;
  int i;

  pthread_mutex_lock(&driver_lock);
  for(i=0; i<MAX_HOSTS; i++) {
    if(stats.thread_states[i].owner == (pthread_t)NULL) {
      stats.thread_states[i].owner = pthread_self();
      dr = &stats.thread_states[i];
      break;
    }
  }
  pthread_mutex_unlock(&driver_lock);
  if(!dr) return NULL;
  dr->nconnects = rand();
#define GETCONFSTR(w) noit_conf_get_stringbuf(NULL, "/stratcon/iep/mq/" #w, dr->w, sizeof(dr->w))
  GETCONFSTR(exchange);
  if(!GETCONFSTR(routingkey))
    dr->routingkey[0] = '\0';
  GETCONFSTR(username);
  GETCONFSTR(password);
  if(!GETCONFSTR(vhost)) { dr->vhost[0] = '/'; dr->vhost[1] = '\0'; }
  if(!noit_conf_get_int(NULL, "/stratcon/iep/mq/heartbeat", &dr->heartbeat))
    dr->heartbeat = 5000;
  dr->heartbeat = (dr->heartbeat + 999) / 1000;

  noit_conf_get_string(NULL, "/stratcon/iep/mq/hostname", &hostname);
  if(!hostname) hostname = strdup("127.0.0.1");
  for(cp = hostname; cp; cp = strchr(cp+1, ',')) dr->nhosts++;
  if(dr->nhosts > MAX_HOSTS) dr->nhosts = MAX_HOSTS;
  for(i = 0, cp = strtok_r(hostname, ",", &brk);
      cp; cp = strtok_r(NULL, ",", &brk), i++)
    strlcpy(dr->hostname[i], cp, sizeof(dr->hostname[i]));
  free(hostname);

  if(!noit_conf_get_int(NULL, "/stratcon/iep/mq/port", &dr->port))
    dr->port = 5672;
  noit_atomic_inc64(&stats.concurrency);
  return (iep_thread_driver_t *)dr;
}
Пример #7
0
int main(int argc, char **argv) {
  int fd, lockfd = -1;
  char lockfile[PATH_MAX];
  char user[32], group[32];
  char *trace_dir = NULL;
  parse_clargs(argc, argv);

  noit_log_init();
  noit_log_stream_add_stream(noit_debug, noit_stderr);
  noit_log_stream_add_stream(noit_error, noit_stderr);

  /* Next load the configs */
  noit_conf_init(APPNAME);
  if(noit_conf_load(config_file) == -1) {
    fprintf(stderr, "Cannot load config: '%s'\n", config_file);
    exit(-1);
  }

  /* Reinitialize the logging system now that we have a config */
  snprintf(user, sizeof(user), "%d", getuid());
  snprintf(group, sizeof(group), "%d", getgid());
  if(noit_security_usergroup(droptouser, droptogroup, noit_true)) {
    noitL(noit_stderr, "Failed to drop privileges, exiting.\n");
    exit(-1);
  }
  noit_conf_log_init(APPNAME);
  cli_log_switches();
  if(noit_security_usergroup(user, group, noit_true)) {
    noitL(noit_stderr, "Failed to regain privileges, exiting.\n");
    exit(-1);
  }
  if(debug)
    noit_debug->enabled = 1;

  if(!glider) noit_conf_get_string(NULL, "/" APPNAME "/watchdog/@glider", &glider);
  noit_watchdog_glider(glider);
  noit_conf_get_string(NULL, "/" APPNAME "/watchdog/@tracedir", &trace_dir);
  if(trace_dir) noit_watchdog_glider_trace_dir(trace_dir);

  if(chdir("/") != 0) {
    fprintf(stderr, "cannot chdir(\"/\"): %s\n", strerror(errno));
    exit(2);
  }

  noit_watchdog_prefork_init();

  /* Acquire the lock so that we can throw an error if it doesn't work.
   * If we've started -D, we'll have the lock.
   * If not we will daemon and must reacquire the lock.
   */
  lockfd = -1;
  lockfile[0] = '\0';
  if(noit_conf_get_stringbuf(NULL, "/" APPNAME "/@lockfile",
                             lockfile, sizeof(lockfile))) {
    if((lockfd = noit_lockfile_acquire(lockfile)) < 0) {
      noitL(noit_stderr, "Failed to acquire lock: %s\n", lockfile);
      exit(-1);
    }
  }

  if(foreground) exit(child_main());

  /* This isn't inherited across forks... */
  if(lockfd >= 0) noit_lockfile_release(lockfd);

  fd = open("/dev/null", O_RDWR);
  dup2(fd, STDIN_FILENO);
  dup2(fd, STDOUT_FILENO);
  dup2(fd, STDERR_FILENO);
  if(fork()) exit(0);
  setsid();
  if(fork()) exit(0);

  /* Reacquire the lock */
  if(*lockfile) {
    if(noit_lockfile_acquire(lockfile) < 0) {
      noitL(noit_stderr, "Failed to acquire lock: %s\n", lockfile);
      exit(-1);
    }
  }

  return noit_watchdog_start_child("stratcond", child_main, 0);
}
Пример #8
0
int
noit_main(const char *appname,
          const char *config_filename, int debug, int foreground,
          const char *_glider,
          const char *drop_to_user, const char *drop_to_group,
          int (*passed_child_main)(void)) {
  int fd, lockfd, watchdog_timeout = 0;
  char conf_str[1024];
  char lockfile[PATH_MAX];
  char user[32], group[32];
  char *trace_dir = NULL;
  char appscratch[1024];
  char *glider = (char *)_glider;
  char *watchdog_timeout_str;
   
  /* First initialize logging, so we can log errors */
  noit_log_init();
  noit_log_stream_add_stream(noit_debug, noit_stderr);
  noit_log_stream_add_stream(noit_error, noit_stderr);

  /* Next load the configs */
  noit_conf_init(appname);
  if(noit_conf_load(config_filename) == -1) {
    fprintf(stderr, "Cannot load config: '%s'\n", config_filename);
    exit(-1);
  }

  /* Reinitialize the logging system now that we have a config */
  snprintf(user, sizeof(user), "%d", getuid());
  snprintf(group, sizeof(group), "%d", getgid());
  if(noit_security_usergroup(drop_to_user, drop_to_group, noit_true)) {
    noitL(noit_stderr, "Failed to drop privileges, exiting.\n");
    exit(-1);
  }
  noit_conf_log_init(appname);
  cli_log_switches();
  if(noit_security_usergroup(user, group, noit_true)) {
    noitL(noit_stderr, "Failed to regain privileges, exiting.\n");
    exit(-1);
  }
  if(debug)
    noit_debug->enabled = 1;

  snprintf(appscratch, sizeof(appscratch), "/%s/watchdog/@glider", appname);
  if(!glider) noit_conf_get_string(NULL, appscratch, &glider);
  noit_watchdog_glider(glider);
  snprintf(appscratch, sizeof(appscratch), "/%s/watchdog/@tracedir", appname);
  noit_conf_get_string(NULL, appscratch, &trace_dir);
  if(trace_dir) noit_watchdog_glider_trace_dir(trace_dir);

  /* Lastly, run through all other system inits */
  snprintf(appscratch, sizeof(appscratch), "/%s/eventer/@implementation", appname);
  if(!noit_conf_get_stringbuf(NULL, appscratch, conf_str, sizeof(conf_str))) {
    noitL(noit_stderr, "Cannot find '%s' in configuration\n", appscratch);
    exit(-1);
  }
  if(eventer_choose(conf_str) == -1) {
    noitL(noit_stderr, "Cannot choose eventer %s\n", conf_str);
    exit(-1);
  }
  if(configure_eventer(appname) != 0) {
    noitL(noit_stderr, "Cannot configure eventer\n");
    exit(-1);
  }

  noit_watchdog_prefork_init();

  if(chdir("/") != 0) {
    noitL(noit_stderr, "Failed chdir(\"/\"): %s\n", strerror(errno));
    exit(-1);
  }

  /* Acquire the lock so that we can throw an error if it doesn't work.
   * If we've started -D, we'll have the lock.
   * If not we will daemon and must reacquire the lock.
   */
  lockfd = -1;
  lockfile[0] = '\0';
  snprintf(appscratch, sizeof(appscratch), "/%s/@lockfile", appname);
  if(noit_conf_get_stringbuf(NULL, appscratch,
                             lockfile, sizeof(lockfile))) {
    if((lockfd = noit_lockfile_acquire(lockfile)) < 0) {
      noitL(noit_stderr, "Failed to acquire lock: %s\n", lockfile);
      exit(-1);
    }
  }

  if(foreground) return passed_child_main();

  watchdog_timeout_str = getenv("WATCHDOG_TIMEOUT");
  if(watchdog_timeout_str) {
    watchdog_timeout = atoi(watchdog_timeout_str);
    noitL(noit_error, "Setting watchdog timeout to %d\n",
          watchdog_timeout);
  }

  /* This isn't inherited across forks... */
  if(lockfd >= 0) noit_lockfile_release(lockfd);

  fd = open("/dev/null", O_RDWR);
  dup2(fd, STDIN_FILENO);
  dup2(fd, STDOUT_FILENO);
  dup2(fd, STDERR_FILENO);
  if(fork()) exit(0);
  setsid();
  if(fork()) exit(0);

  /* Reacquire the lock */
  if(*lockfile) {
    if(noit_lockfile_acquire(lockfile) < 0) {
      noitL(noit_stderr, "Failed to acquire lock: %s\n", lockfile);
      exit(-1);
    }
  }

  signal(SIGHUP, SIG_IGN);
  return noit_watchdog_start_child("noitd", passed_child_main, watchdog_timeout);
}