.\" Automatically generated by Pod::Man 4.07 (Pod::Simple 3.32) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. \*(C+ will .\" give a nicer C++. Capital omega is used to do unbreakable dashes and .\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, .\" nothing in troff, for use with C<>. .tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` . ds C' 'br\} .el\{\ . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .if !\nF .nr F 0 .if \nF>0 \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} .\} .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] \fP .\} .if t \{\ . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff .if n \{\ . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} .if t \{\ . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V' .ds 8 \h'\*(#H'\(*b\h'-\*(#H' .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#] .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H' .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u' .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#] .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#] .ds ae a\h'-(\w'a'u*4/10)'e .ds Ae A\h'-(\w'A'u*4/10)'E . \" corrections for vroff .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u' .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u' . \" for low resolution devices (crt and lpr) .if \n(.H>23 .if \n(.V>19 \ \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} .rm #[ #] #H #V #F C .\" ======================================================================== .\" .IX Title "DAEMON.C 1" .TH DAEMON.C 1 "2010-06-14" "perl v5.24.1" "User Commands" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH "NAME" daemon \- turns other processes into daemons .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 2 \& usage: daemon [options] [\-\-] [cmd arg...] \& options: \& \& \-h, \-\-help \- Print a help message then exit \& \-V, \-\-version \- Print a version message then exit \& \-v, \-\-verbose[=level] \- Set the verbosity level \& \-d, \-\-debug[=level] \- Set the debugging level \& \& \-C, \-\-config=path \- Specify the system configuration file \& \-N, \-\-noconfig \- Bypass the system configuration file \& \-n, \-\-name=name \- Guarantee a single named instance \& \-X, \-\-command=cmd \- Specify the client command as an option \& \-P, \-\-pidfiles=/dir \- Override standard pidfile location \& \-F, \-\-pidfile=/path \- Override standard pidfile name and location \& \& \-u, \-\-user=user[:[group]] \- Run the client as user[:group] \& \-R, \-\-chroot=path \- Run the client with path as root \& \-D, \-\-chdir=path \- Run the client in directory path \& \-m, \-\-umask=umask \- Run the client with the given umask \& \-e, \-\-env="var=val" \- Set a client environment variable \& \-i, \-\-inherit \- Inherit environment variables \& \-U, \-\-unsafe \- Allow execution of unsafe executable \& \-S, \-\-safe \- Deny execution of unsafe executable \& \-c, \-\-core \- Allow core file generation \& \& \-r, \-\-respawn \- Respawn the client when it terminates \& \-a, \-\-acceptable=# \- Minimum acceptable client duration (seconds) \& \-A, \-\-attempts=# \- Respawn # times on error before delay \& \-L, \-\-delay=# \- Delay between spawn attempt bursts (seconds) \& \-M, \-\-limit=# \- Maximum number of spawn attempt bursts \& \-\-idiot \- Idiot mode (trust root with the above) \& \& \-f, \-\-foreground \- Run the client in the foreground \& \-p, \-\-pty[=noecho] \- Allocate a pseudo terminal for the client \& \& \-l, \-\-errlog=spec \- Send daemon\*(Aqs error output to syslog or file \& \-b, \-\-dbglog=spec \- Send daemon\*(Aqs debug output to syslog or file \& \-o, \-\-output=spec \- Send client\*(Aqs output to syslog or file \& \-O, \-\-stdout=spec \- Send client\*(Aqs stdout to syslog or file \& \-E, \-\-stderr=spec \- Send client\*(Aqs stderr to syslog or file \& \& \-\-running \- Check if a named daemon is running \& \-\-restart \- Restart a named daemon client \& \-\-stop \- Terminate a named daemon process .Ve .SH "DESCRIPTION" .IX Header "DESCRIPTION" \&\fI\fIdaemon\fI\|(1)\fR turns other processes into daemons. There are many tasks that need to be performed to correctly set up a daemon process. This can be tedious. \fIdaemon\fR performs these tasks for other processes. .PP The preparatory tasks that \fIdaemon\fR performs for other processes are: .IP "\(bu" 4 First revoke any setuid or setgid privileges that \fIdaemon\fR may have been installed with (by system administrators who laugh in the face of danger). .IP "\(bu" 4 Process command line options. .IP "\(bu" 4 Change the root directory if the \f(CW\*(C`\-\-chroot\*(C'\fR option was supplied. .IP "\(bu" 4 Change the process uid and gid if the \f(CW\*(C`\-\-user\*(C'\fR option was supplied. Only \&\fIroot\fR can use this option. Note that the uid of \fIdaemon\fR itself is changed, rather than just changing the uid of the client process. .IP "\(bu" 4 Read the system configuration file (\f(CW\*(C`/etc/daemon.conf\*(C'\fR by default, or specified by the \f(CW\*(C`\-\-config\*(C'\fR option) unless the \f(CW\*(C`\-\-noconfig\*(C'\fR option was supplied. Then read the user's configuration file (\f(CW\*(C`~/.daemonrc\*(C'\fR), if any. Generic options are processed first, then options specific to the daemon with the given name. \fBNote: The root directory and the user must be set before access to the configuration file can be attempted so neither \f(CB\*(C`\-\-chroot\*(C'\fB nor \f(CB\*(C`\-\-user\*(C'\fB options may appear in the configuration file.\fR .IP "\(bu" 4 Disable core file generation to prevent leaking sensitive information in daemons run by \fIroot\fR (unless the \f(CW\*(C`\-\-core\*(C'\fR option was supplied). .IP "\(bu" 4 Become a daemon process: .RS 4 .IP "\(bu" 4 If \fIdaemon\fR was not invoked by \fI\fIinit\fI\|(8)\fR or \fI\fIinetd\fI\|(8)\fR: .RS 4 .IP "\(bu" 4 Background the process to lose process group leadership. .IP "\(bu" 4 Start a new process session. .IP "\(bu" 4 Under \fI\s-1SVR4\s0\fR, background the process again to lose process session leadership. This prevents the process from ever gaining a controlling terminal. This only happens when \f(CW\*(C`SVR4\*(C'\fR is defined and \&\f(CW\*(C`NO_EXTRA_SVR4_FORK\*(C'\fR is not defined when \fI\fIlibslack\fI\|(3)\fR is compiled. Before doing this, ignore \f(CW\*(C`SIGHUP\*(C'\fR because when the session leader terminates, all processes in the foreground process group are sent a \f(CW\*(C`SIGHUP\*(C'\fR signal (apparently). Note that this code may not execute (e.g. when started by \&\fI\fIinit\fI\|(8)\fR or \fI\fIinetd\fI\|(8)\fR or when either \f(CW\*(C`SVR4\*(C'\fR was not defined or \&\f(CW\*(C`NO_EXTRA_SVR4_FORK\*(C'\fR was defined when \fI\fIlibslack\fI\|(3)\fR was compiled). This means that the client can't make any assumptions about the \f(CW\*(C`SIGHUP\*(C'\fR handler. .RE .RS 4 .RE .IP "\(bu" 4 Change directory to the root directory so as not to hamper umounts. .IP "\(bu" 4 Clear the umask to enable explicit file creation modes. .IP "\(bu" 4 Close all open file descriptors. If \fIdaemon\fR was invoked by \fI\fIinetd\fI\|(8)\fR, \&\f(CW\*(C`stdin\*(C'\fR, \f(CW\*(C`stdout\*(C'\fR and \f(CW\*(C`stderr\*(C'\fR are left open since they are open to a socket. .IP "\(bu" 4 Open \f(CW\*(C`stdin\*(C'\fR, \f(CW\*(C`stdout\*(C'\fR and \f(CW\*(C`stderr\*(C'\fR to \f(CW\*(C`/dev/null\*(C'\fR in case something requires them to be open. Of course, this is not done if \fIdaemon\fR was invoked by \fI\fIinetd\fI\|(8)\fR. .IP "\(bu" 4 If the \f(CW\*(C`\-\-name\*(C'\fR option was supplied, create and lock a file containing the process id of the \fIdaemon\fR process. The presence of this locked file prevents two instances of a daemon with the same name from running at the same time. The standard location of the pidfile is \f(CW\*(C`/var/run\*(C'\fR for \fIroot\fR or \f(CW\*(C`/tmp\*(C'\fR for ordinary users. If the \f(CW\*(C`\-\-pidfiles\*(C'\fR option was supplied, its argument specifies the directory in which the pidfile will be placed. If the \f(CW\*(C`\-\-pidfile\*(C'\fR option was supplied, its argument specifies the name of the pidfile and the directory in which it will be placed. .RE .RS 4 .RE .IP "\(bu" 4 If the \f(CW\*(C`\-\-umask\*(C'\fR option was supplied, set the umask to its argument. Otherwise, set the umask to \f(CW022\fR to prevent clients from accidentally creating group or world writable files. .IP "\(bu" 4 Set the current directory if the \f(CW\*(C`\-\-chdir\*(C'\fR option was supplied. .IP "\(bu" 4 Spawn the client command and wait for it to terminate. The client command may be specified as command line arguments or as the argument of the \&\f(CW\*(C`\-\-command\*(C'\fR option. If both the \f(CW\*(C`\-\-command\*(C'\fR option and command line arguments are present, the client command is the result of appending the command line arguments to the argument of the \f(CW\*(C`\-\-command\*(C'\fR option. .IP "\(bu" 4 If the \f(CW\*(C`\-\-syslog\*(C'\fR, \f(CW\*(C`\-\-outlog\*(C'\fR and/or \f(CW\*(C`\-\-errlog\*(C'\fR options were supplied, the client's standard output and/or standard error are captured by \fIdaemon\fR and sent to the respective \fIsyslog\fR destinations. .IP "\(bu" 4 When the client terminates, \fIdaemon\fR respawns it if the \f(CW\*(C`\-\-respawn\*(C'\fR option was supplied. If the client ran for less than 300 seconds (or the value of the \f(CW\*(C`\-\-acceptable\*(C'\fR option), then \fIdaemon\fR sees this as an error. It will attempt to restart the client up to five times (or the value of the \&\f(CW\*(C`\-\-attempts\*(C'\fR option) before waiting for 300 seconds (or the value of the \&\f(CW\*(C`\-\-delay\*(C'\fR option). This gives the administrator the chance to correct whatever is preventing the client from running without overloading system resources. If the \f(CW\*(C`\-\-limit\*(C'\fR option was supplied, \fIdaemon\fR terminates after the specified number of spawn attempt bursts. The default is zero which means never give up, never surrender. .Sp When the client terminates and the \f(CW\*(C`\-\-respawn\*(C'\fR option wasn't supplied, \&\fIdaemon\fR terminates. .IP "\(bu" 4 If \fIdaemon\fR receives a \f(CW\*(C`SIGTERM\*(C'\fR signal, it propagates the signal to the client and then terminates. .IP "\(bu" 4 If \fIdaemon\fR receives a \f(CW\*(C`SIGUSR1\*(C'\fR signal (from another invocation of \&\fIdaemon\fR supplied with the \f(CW\*(C`\-\-restart\*(C'\fR option), it sends a \f(CW\*(C`SIGTERM\*(C'\fR signal to the client. If started with the \f(CW\*(C`\-\-respawn\*(C'\fR option, the client process will be restarted after it is killed by the \f(CW\*(C`SIGTERM\*(C'\fR signal. .IP "\(bu" 4 If the \f(CW\*(C`\-\-foreground\*(C'\fR option was supplied, the client process is run as a foreground process and is not turned into a daemon. If \fIdaemon\fR is connected to a terminal, so will the client process. If \fIdaemon\fR is not connected to a terminal but the client needs to be connected to a terminal, use the \f(CW\*(C`\-\-pty\*(C'\fR option. .SH "OPTIONS" .IX Header "OPTIONS" .ie n .IP "\*(C`\-h\*(C', \*(C`\-\-help\*(C'" 4 .el .IP "\f(CW\*(C`\-h\*(C'\fR, \f(CW\*(C`\-\-help\*(C'\fR" 4 .IX Item "-h, --help" Display a help message and exit. .ie n .IP "\*(C`\-V\*(C', \*(C`\-\-version\*(C'" 4 .el .IP "\f(CW\*(C`\-V\*(C'\fR, \f(CW\*(C`\-\-version\*(C'\fR" 4 .IX Item "-V, --version" Display a version message and exit. .ie n .IP "\*(C`\-v\*(C'\fI[level]\fR, \*(C`\-\-verbose\*(C'\fI[=level]\fR" 4 .el .IP "\f(CW\*(C`\-v\*(C'\fR\fI[level]\fR, \f(CW\*(C`\-\-verbose\*(C'\fR\fI[=level]\fR" 4 .IX Item "-v[level], --verbose[=level]" Set the message verbosity level to \fIlevel\fR (or 1 if \fIlevel\fR is not supplied). \fIdaemon\fR does not have any verbose messages so this has no effect unless the \f(CW\*(C`\-\-running\*(C'\fR option is supplied. .ie n .IP "\*(C`\-d\*(C'\fI[level]\fR, \*(C`\-\-debug\*(C'\fI[=level]\fR" 4 .el .IP "\f(CW\*(C`\-d\*(C'\fR\fI[level]\fR, \f(CW\*(C`\-\-debug\*(C'\fR\fI[=level]\fR" 4 .IX Item "-d[level], --debug[=level]" Set the debug message level to \fIlevel\fR (or 1 if \fIlevel\fR is not supplied). Level 1 traces high level function calls. Level 2 traces lower level function calls and shows configuration information. Level 3 adds environment variables. Level 9 adds every return value from \fI\fIselect\fI\|(2)\fR to the output. Debug messages are sent to the destination specified by the \f(CW\*(C`\-\-dbglog\*(C'\fR option (by default, the \fI\fIsyslog\fI\|(3)\fR facility, \f(CW\*(C`daemon.debug\*(C'\fR). .ie n .IP "\*(C`\-C\*(C' \fIpath\fR, \*(C`\-\-config=\*(C'\fIpath\fR" 4 .el .IP "\f(CW\*(C`\-C\*(C'\fR \fIpath\fR, \f(CW\*(C`\-\-config=\*(C'\fR\fIpath\fR" 4 .IX Item "-C path, --config=path" Specify the configuration file to use. By default, \f(CW\*(C`/etc/daemon.conf\*(C'\fR is the configuration file if it exists and is not group or world writable and does not exist in a group or world writable directory. The configuration file lets you predefine options that apply to all clients and to specifically named clients. .ie n .IP "\*(C`\-N\*(C', \*(C`\-\-noconfig\*(C'" 4 .el .IP "\f(CW\*(C`\-N\*(C'\fR, \f(CW\*(C`\-\-noconfig\*(C'\fR" 4 .IX Item "-N, --noconfig" Bypass the system configuration file, \f(CW\*(C`/etc/daemon.conf\*(C'\fR. Only the user's \&\f(CW\*(C`~/.daemonrc\*(C'\fR configuration file will be read (if it exists). .ie n .IP "\*(C`\-n\*(C' \fIname\fR, \*(C`\-\-name=\*(C'\fIname\fR" 4 .el .IP "\f(CW\*(C`\-n\*(C'\fR \fIname\fR, \f(CW\*(C`\-\-name=\*(C'\fR\fIname\fR" 4 .IX Item "-n name, --name=name" Create and lock a pid file (\f(CW\*(C`/var/run/\*(C'\fR\fIname\fR\f(CW\*(C`.pid\*(C'\fR), ensuring that only one daemon with the given \fIname\fR is active at the same time. .ie n .IP "\*(C`\-X\*(C' \fIcmd\fR, \*(C`\-\-command=\*(C'\fIcmd\fR" 4 .el .IP "\f(CW\*(C`\-X\*(C'\fR \fIcmd\fR, \f(CW\*(C`\-\-command=\*(C'\fR\fIcmd\fR" 4 .IX Item "-X cmd, --command=cmd" Specify the client command as an option. If a command is specified along with its name in the configuration file, then daemons can be started merely by mentioning their name: .Sp .Vb 1 \& daemon \-\-name ftumpch .Ve .Sp \&\fBNote:\fR Specifying the client command in the configuration file means that no shell features are available (i.e. no meta characters). .ie n .IP "\*(C`\-P\*(C' \fI/dir\fR, \*(C`\-\-pidfiles=\*(C'\fI/dir\fR" 4 .el .IP "\f(CW\*(C`\-P\*(C'\fR \fI/dir\fR, \f(CW\*(C`\-\-pidfiles=\*(C'\fR\fI/dir\fR" 4 .IX Item "-P /dir, --pidfiles=/dir" Override the standard pidfile location. The standard pidfile location is user dependent: \fIroot\fR's pidfiles live in \f(CW\*(C`/var/run\*(C'\fR. Normal users' pidfiles live in \f(CW\*(C`/tmp\*(C'\fR. This option can only be used with the \&\f(CW\*(C`\-\-name\*(C'\fR option. Use this option if these locations are unacceptable but make sure you don't forget where you put your pidfiles. This option is best used in configuration files or in shell scripts, not on the command line. .ie n .IP "\*(C`\-F\*(C' \fI/path\fR, \*(C`\-\-pidfile=\*(C'\fI/path\fR" 4 .el .IP "\f(CW\*(C`\-F\*(C'\fR \fI/path\fR, \f(CW\*(C`\-\-pidfile=\*(C'\fR\fI/path\fR" 4 .IX Item "-F /path, --pidfile=/path" Override the standard pidfile name and location. The standard pidfile location is described immediately above. The standard pidfile name is the argument of the \f(CW\*(C`\-\-name\*(C'\fR option followed by \f(CW\*(C`.pid\*(C'\fR. Use this option if the standard pidfile name and location are unacceptable but make sure you don't forget where you put your pidfile. This option should only be used in configuration files or in shell scripts, not on the command line. .ie n .IP "\*(C`\-u\*(C' \fIuser[:[group]]\fR, \*(C`\-\-user=\*(C'\fIuser[:[group]]\fR" 4 .el .IP "\f(CW\*(C`\-u\*(C'\fR \fIuser[:[group]]\fR, \f(CW\*(C`\-\-user=\*(C'\fR\fIuser[:[group]]\fR" 4 .IX Item "-u user[:[group]], --user=user[:[group]]" Run the client as a different user (and group). This only works for \fIroot\fR. If the argument includes a \fI:group\fR specifier, \fIdaemon\fR will assume the specified group and no other. Otherwise, \fIdaemon\fR will assume all groups that the specified user is in. For backwards compatibility, \f(CW"."\fR may be used instead of \f(CW":"\fR to separate the user and group but since \f(CW"."\fR may appear in user and group names, ambiguities can arise such as using \&\f(CW\*(C`\-\-user=\*(C'\fR\fIu.g\fR with users \fIu\fR and \fIu.g\fR and group \fIg\fR. With such an ambiguity, \fIdaemon\fR will assume the user \fIu\fR and group \fIg\fR. Use \&\f(CW\*(C`\-\-user=\*(C'\fR\fIu.g:\fR instead for the other interpretation. .ie n .IP "\*(C`\-R\*(C' \fIpath\fR, \*(C`\-\-chroot=\*(C'\fIpath\fR" 4 .el .IP "\f(CW\*(C`\-R\*(C'\fR \fIpath\fR, \f(CW\*(C`\-\-chroot=\*(C'\fR\fIpath\fR" 4 .IX Item "-R path, --chroot=path" Change the root directory to \fIpath\fR before running the client. On some systems, only \fIroot\fR can do this. Note that the path to the client program and to the configuration file (if any) must be relative to the new root path. .ie n .IP "\*(C`\-D\*(C' \fIpath\fR, \*(C`\-\-chdir=\*(C'\fIpath\fR" 4 .el .IP "\f(CW\*(C`\-D\*(C'\fR \fIpath\fR, \f(CW\*(C`\-\-chdir=\*(C'\fR\fIpath\fR" 4 .IX Item "-D path, --chdir=path" Change the directory to \fIpath\fR before running the client. .ie n .IP "\*(C`\-m\*(C' \fIumask\fR, \*(C`\-\-umask=\*(C'\fIumask\fR" 4 .el .IP "\f(CW\*(C`\-m\*(C'\fR \fIumask\fR, \f(CW\*(C`\-\-umask=\*(C'\fR\fIumask\fR" 4 .IX Item "-m umask, --umask=umask" Change the umask to \fIumask\fR before running the client. \fIumask\fR must be a valid octal mode. The default umask is \f(CW022\fR. .ie n .IP "\*(C`\-e\*(C' \fIvar=val\fR, \*(C`\-\-env=\*(C'\fIvar=val\fR" 4 .el .IP "\f(CW\*(C`\-e\*(C'\fR \fIvar=val\fR, \f(CW\*(C`\-\-env=\*(C'\fR\fIvar=val\fR" 4 .IX Item "-e var=val, --env=var=val" Set an environment variable for the client process. This option can be used any number of times. If it is used, only the supplied environment variables are passed to the client process. Otherwise, the client process inherits the current set of environment variables. .ie n .IP "\*(C`\-i\*(C', \*(C`\-\-inherit\*(C'" 4 .el .IP "\f(CW\*(C`\-i\*(C'\fR, \f(CW\*(C`\-\-inherit\*(C'\fR" 4 .IX Item "-i, --inherit" Explicitly inherit environment variables. This is only needed when the \&\f(CW\*(C`\-\-env\*(C'\fR option is used. When this option is used, the \f(CW\*(C`\-\-env\*(C'\fR option adds to the inherited environment, rather than replacing it. .ie n .IP "\*(C`\-U\*(C', \*(C`\-\-unsafe\*(C'" 4 .el .IP "\f(CW\*(C`\-U\*(C'\fR, \f(CW\*(C`\-\-unsafe\*(C'\fR" 4 .IX Item "-U, --unsafe" Allow reading an unsafe configuration file and execution of an unsafe executable. A configuration file or executable is unsafe if it is group or world writable or is in a directory that is group or world writable (following symbolic links). If an executable is a script interpreted by another executable, then it is considered unsafe if the interpreter is unsafe. If the interpreter is \f(CW\*(C`/usr/bin/env\*(C'\fR (with an argument that is a command name to be searched for in \f(CW$PATH\fR), then that command must be safe. By default, \fI\fIdaemon\fI\|(1)\fR will refuse to read an unsafe configuration file or to execute an unsafe executable when run by \fIroot\fR. This option overrides that behaviour and hence should never be used. .ie n .IP "\*(C`\-S\*(C', \*(C`\-\-safe\*(C'" 4 .el .IP "\f(CW\*(C`\-S\*(C'\fR, \f(CW\*(C`\-\-safe\*(C'\fR" 4 .IX Item "-S, --safe" Deny reading an unsafe configuration file and execution of an unsafe executable. By default, \fI\fIdaemon\fI\|(1)\fR will allow reading an unsafe configuration file and execution of an unsafe executable when run by ordinary users. This option overrides that behaviour. .ie n .IP "\*(C`\-c\*(C', \*(C`\-\-core\*(C'" 4 .el .IP "\f(CW\*(C`\-c\*(C'\fR, \f(CW\*(C`\-\-core\*(C'\fR" 4 .IX Item "-c, --core" Allow the client to create a core file. This should only be used for debugging as it could lead to security holes in daemons run by \fIroot\fR. .ie n .IP "\*(C`\-r\*(C', \*(C`\-\-respawn\*(C'" 4 .el .IP "\f(CW\*(C`\-r\*(C'\fR, \f(CW\*(C`\-\-respawn\*(C'\fR" 4 .IX Item "-r, --respawn" Respawn the client when it terminates. .ie n .IP "\*(C`\-a\*(C' \fI#\fR, \*(C`\-\-acceptable=\*(C'\fI#\fR" 4 .el .IP "\f(CW\*(C`\-a\*(C'\fR \fI#\fR, \f(CW\*(C`\-\-acceptable=\*(C'\fR\fI#\fR" 4 .IX Item "-a #, --acceptable=#" Specify the minimum acceptable duration in seconds of a client process. The default value is 300 seconds. It cannot be set to less than 10 seconds except by \fIroot\fR when used in conjunction with the \f(CW\*(C`\-\-idiot\*(C'\fR option. This option can only be used with the \f(CW\*(C`\-\-respawn\*(C'\fR option. .Sp less than this, it is considered to have failed. .ie n .IP "\*(C`\-A\*(C' \fI#\fR, \*(C`\-\-attempts=\*(C'\fI#\fR" 4 .el .IP "\f(CW\*(C`\-A\*(C'\fR \fI#\fR, \f(CW\*(C`\-\-attempts=\*(C'\fR\fI#\fR" 4 .IX Item "-A #, --attempts=#" Number of attempts to spawn before delaying. The default value is 5. It cannot be set to more than 100 attempts except by \fIroot\fR when used in conjunction with the \f(CW\*(C`\-\-idiot\*(C'\fR option. This option can only be used with the \f(CW\*(C`\-\-respawn\*(C'\fR option. .ie n .IP "\*(C`\-L\*(C' \fI#\fR, \*(C`\-\-delay=\*(C'\fI#\fR" 4 .el .IP "\f(CW\*(C`\-L\*(C'\fR \fI#\fR, \f(CW\*(C`\-\-delay=\*(C'\fR\fI#\fR" 4 .IX Item "-L #, --delay=#" Delay in seconds between each burst of spawn attempts. The default value is 300 seconds. It cannot be set to less than 10 seconds except by \fIroot\fR when used in conjunction with the \f(CW\*(C`\-\-idiot\*(C'\fR option. This option can only be used with the \f(CW\*(C`\-\-respawn\*(C'\fR option. .ie n .IP "\*(C`\-M\*(C' \fI#\fR, \-\*(C`\-\-limit=\*(C'\fI#\fR" 4 .el .IP "\f(CW\*(C`\-M\*(C'\fR \fI#\fR, \-\f(CW\*(C`\-\-limit=\*(C'\fR\fI#\fR" 4 .IX Item "-M #, ---limit=#" Limit the number of spawn attempt bursts. The default value is zero which means no limit. This option can only be used with the \f(CW\*(C`\-\-respawn\*(C'\fR option. .ie n .IP "\*(C`\-\-idiot\*(C'" 4 .el .IP "\f(CW\*(C`\-\-idiot\*(C'\fR" 4 .IX Item "--idiot" Turn on idiot mode in which \fIdaemon\fR will not enforce the minimum or maximum values normally imposed on the \f(CW\*(C`\-\-acceptable\*(C'\fR, \f(CW\*(C`\-\-attempts\*(C'\fR and \&\f(CW\*(C`\-\-delay\*(C'\fR option arguments. The \f(CW\*(C`\-\-idiot\*(C'\fR option must appear before any of these options. Only the \fIroot\fR user may use this option because it can turn a slight misconfiguration into a lot of wasted \s-1CPU\s0 effort and log messages. .ie n .IP "\*(C`\-f\*(C', \*(C`\-\-foreground\*(C'" 4 .el .IP "\f(CW\*(C`\-f\*(C'\fR, \f(CW\*(C`\-\-foreground\*(C'\fR" 4 .IX Item "-f, --foreground" Run the client in the foreground. The client is not turned into a daemon. .ie n .IP "\*(C`\-p\*(C'\fI[noecho]\fR, \*(C`\-\-pty\*(C'\fI[=noecho]\fR" 4 .el .IP "\f(CW\*(C`\-p\*(C'\fR\fI[noecho]\fR, \f(CW\*(C`\-\-pty\*(C'\fR\fI[=noecho]\fR" 4 .IX Item "-p[noecho], --pty[=noecho]" Connect the client to a pseudo terminal. This option can only be used with the \f(CW\*(C`\-\-foreground\*(C'\fR option. This is the default when the \f(CW\*(C`\-\-foreground\*(C'\fR option is supplied and \fIdaemon\fR's standard input is connected to a terminal. This option is only necessary when the client process must be connected to a controlling terminal but \fIdaemon\fR itself has been run without a controlling terminal (e.g. from \fI\fIcron\fI\|(8)\fR or a pipeline). .Sp If the \f(CW\*(C`noecho\*(C'\fR argument is supplied with this option, the client's side of the pseudo terminal will be set to noecho mode. Use this only if there really is a terminal involved and input is being echoed twice. .ie n .IP "\*(C`\-l\*(C' \fIspec\fR, \*(C`\-\-errlog=\*(C'\fIspec\fR" 4 .el .IP "\f(CW\*(C`\-l\*(C'\fR \fIspec\fR, \f(CW\*(C`\-\-errlog=\*(C'\fR\fIspec\fR" 4 .IX Item "-l spec, --errlog=spec" Send \fIdaemon\fR's standard output and error to the syslog destination or file specified by \fIspec\fR. If \fIspec\fR is of the form \f(CW"facility.priority"\fR, then output is sent to \fI\fIsyslog\fI\|(3)\fR. Otherwise, output is appended to the file whose path is given in \fIspec\fR. By default, output is sent to \f(CW\*(C`daemon.err\*(C'\fR. .ie n .IP "\*(C`\-b\*(C' \fIspec\fR, \*(C`\-\-dbglog=\*(C'\fIspec\fR" 4 .el .IP "\f(CW\*(C`\-b\*(C'\fR \fIspec\fR, \f(CW\*(C`\-\-dbglog=\*(C'\fR\fIspec\fR" 4 .IX Item "-b spec, --dbglog=spec" Send \fIdaemon\fR's debug output to the syslog destination or file specified by \&\fIspec\fR. If \fIspec\fR is of the form \f(CW"facility.priority"\fR, then output is sent to \fI\fIsyslog\fI\|(3)\fR. Otherwise, output is appended to the file whose path is given in \fIspec\fR. By default, output is sent to \f(CW\*(C`daemon.debug\*(C'\fR. .ie n .IP "\*(C`\-o\*(C' \fIspec\fR, \*(C`\-\-output=\*(C'\fIspec\fR" 4 .el .IP "\f(CW\*(C`\-o\*(C'\fR \fIspec\fR, \f(CW\*(C`\-\-output=\*(C'\fR\fIspec\fR" 4 .IX Item "-o spec, --output=spec" Capture the client's standard output and error and send it to the syslog destination or file specified by \fIspec\fR. If \fIspec\fR is of the form \&\f(CW"facility.priority"\fR, then output is sent to \fI\fIsyslog\fI\|(3)\fR. Otherwise, output is appended to the file whose path is given in \fIspec\fR. By default, output is discarded unless the \f(CW\*(C`\-\-foreground\*(C'\fR option is present. In this case, the client's stdout and stderr are propagated to \fIdaemon\fR's stdout and stderr respectively. .ie n .IP "\*(C`\-O\*(C' \fIspec\fR, \*(C`\-\-stdout=\*(C'\fIspec\fR" 4 .el .IP "\f(CW\*(C`\-O\*(C'\fR \fIspec\fR, \f(CW\*(C`\-\-stdout=\*(C'\fR\fIspec\fR" 4 .IX Item "-O spec, --stdout=spec" Capture the client's standard output and send it to the syslog destination or file specified by \fIspec\fR. If \fIspec\fR is of the form \&\f(CW"facility.priority"\fR, then output is sent to \fI\fIsyslog\fI\|(3)\fR. Otherwise, stdout is appended to the file whose path is given in \fIspec\fR. By default, stdout is discarded unless the \f(CW\*(C`\-\-foreground\*(C'\fR option is present, in which case, the client's stdout is propagated to \fIdaemon\fR's stdout. .ie n .IP "\*(C`\-E\*(C' \fIspec\fR, \*(C`\-\-stderr=\*(C'\fIspec\fR" 4 .el .IP "\f(CW\*(C`\-E\*(C'\fR \fIspec\fR, \f(CW\*(C`\-\-stderr=\*(C'\fR\fIspec\fR" 4 .IX Item "-E spec, --stderr=spec" Capture the client's standard error and send it to the syslog destination specified by \fIspec\fR. If \fIspec\fR is of the form \f(CW"facility.priority"\fR, then stderr is sent to \fI\fIsyslog\fI\|(3)\fR. Otherwise, stderr is appended to the file whose path is given in \fIspec\fR. By default, stderr is discarded unless the \&\f(CW\*(C`\-\-foreground\*(C'\fR option is present, in this case, the client's stderr is propagated to \fIdaemon\fR's stderr. .ie n .IP "\*(C`\-\-running\*(C'" 4 .el .IP "\f(CW\*(C`\-\-running\*(C'\fR" 4 .IX Item "--running" Check whether or not a named daemon is running, then \fI\fIexit\fI\|(3)\fR with \&\f(CW\*(C`EXIT_SUCCESS\*(C'\fR if the named daemon is running or \f(CW\*(C`EXIT_FAILURE\*(C'\fR if it isn't. If the \f(CW\*(C`\-\-verbose\*(C'\fR option is supplied, print a message before exiting. This option can only be used with the \f(CW\*(C`\-\-name\*(C'\fR option. Note that the \f(CW\*(C`\-\-chroot\*(C'\fR, \f(CW\*(C`\-\-user\*(C'\fR, \f(CW\*(C`\-\-name\*(C'\fR, \f(CW\*(C`\-\-pidfiles\*(C'\fR and \f(CW\*(C`\-\-pidfile\*(C'\fR (and possibly \f(CW\*(C`\-\-config\*(C'\fR) options must be the same as for the target daemon. Note that the \f(CW\*(C`\-\-running\*(C'\fR option must appear before any \f(CW\*(C`\-\-pidfile\*(C'\fR or \&\f(CW\*(C`\-\-pidfiles\*(C'\fR option when checking if another user's daemon is running otherwise you might get an error about the pidfile directory not being writable. .ie n .IP "\*(C`\-\-restart\*(C'" 4 .el .IP "\f(CW\*(C`\-\-restart\*(C'\fR" 4 .IX Item "--restart" Instruct a named daemon to terminate and restart its client process. This option can only be used with the \f(CW\*(C`\-\-name\*(C'\fR option. Note that the \&\f(CW\*(C`\-\-chroot\*(C'\fR, \f(CW\*(C`\-\-user\*(C'\fR, \f(CW\*(C`\-\-name\*(C'\fR, \f(CW\*(C`\-\-pidfiles\*(C'\fR and \f(CW\*(C`\-\-pidfile\*(C'\fR (and possibly \f(CW\*(C`\-\-config\*(C'\fR) options must be the same as for the target daemon. .ie n .IP "\*(C`\-\-stop\*(C'" 4 .el .IP "\f(CW\*(C`\-\-stop\*(C'\fR" 4 .IX Item "--stop" Stop a named daemon then \fI\fIexit\fI\|(3)\fR. This option can only be used with the \&\f(CW\*(C`\-\-name\*(C'\fR option. Note that the \f(CW\*(C`\-\-chroot\*(C'\fR, \f(CW\*(C`\-\-user\*(C'\fR, \f(CW\*(C`\-\-name\*(C'\fR, \&\f(CW\*(C`\-\-pidfiles\*(C'\fR and \f(CW\*(C`\-\-pidfile\*(C'\fR (and possibly \f(CW\*(C`\-\-config\*(C'\fR) options must be the same as for the target daemon. .PP As with all other programs, a \f(CW\*(C`\-\-\*(C'\fR argument signifies the end of options. Any options that appear on the command line after \f(CW\*(C`\-\-\*(C'\fR are part of the client command. .SH "FILES" .IX Header "FILES" \&\f(CW\*(C`/etc/daemon.conf\*(C'\fR, \f(CW\*(C`~/.daemonrc\*(C'\fR \- define default options .PP Each line of the configuration file consists of a client name or \f(CW\*(Aq*\*(Aq\fR, followed by whitespace, followed by a comma separated list of options. Blank lines and comments (\f(CW\*(Aq#\*(Aq\fR to end of the line) are ignored. Lines may be continued with a \f(CW\*(Aq\e\*(Aq\fR character at the end of the line. .PP For example: .PP .Vb 3 \& * errlog=daemon.err,output=local0.err,core \& test1 syslog=local0.debug,debug=9,verbose=9,respawn \& test2 syslog=local0.debug,debug=9,verbose=9,respawn .Ve .PP The command line options are processed first to look for a \f(CW\*(C`\-\-config\*(C'\fR option. If no \f(CW\*(C`\-\-config\*(C'\fR option was supplied, the default file, \&\f(CW\*(C`/etc/daemon.conf\*(C'\fR, is used. If the user has their own configuration file (\f(CW\*(C`~/.daemonrc\*(C'\fR) it is also used. If the configuration files contain any generic (\f(CW\*(Aq*\*(Aq\fR) entries, their options are applied in order of appearance. If the \f(CW\*(C`\-\-name\*(C'\fR option was supplied and the configuration files contain any entries with the given name, their options are then applied in order of appearance. Finally, the command line options are applied again. This ensures that any generic options apply to all clients by default. Client specific options override generic options. User options override system wide options. Command line options override everything else. .PP Note that the configuration files are not opened and read until after any \&\f(CW\*(C`\-\-chroot\*(C'\fR and/or \f(CW\*(C`\-\-user\*(C'\fR command line options are processed. This means that the configuration file paths and the client's file path must be relative to the \f(CW\*(C`\-\-chroot\*(C'\fR argument. It also means that the configuration files and the client executable must be readable/executable by the user specified by the \f(CW\*(C`\-\-user\*(C'\fR argument. It also means that the \f(CW\*(C`\-\-chroot\*(C'\fR and \f(CW\*(C`\-\-user\*(C'\fR options must not appear in the configuration file. Also note that the \&\f(CW\*(C`\-\-name\*(C'\fR must not appear in the configuration file either. .SH "BUGS" .IX Header "BUGS" If you specify (in a configuration file) that all clients allow core file generation, there is no way to countermand that for any client (without using an alternative configuration file). So don't do that. The same applies to respawning and foreground. .PP It is possible for the client process to obtain a controlling terminal under \&\fI\s-1BSD\s0\fR. If anything calls \fI\fIopen\fI\|(2)\fR on a terminal device without the \&\f(CW\*(C`O_NOCTTY\*(C'\fR flag, the process doing so will obtain a controlling terminal and then be susceptible to unintended termination by a \f(CW\*(C`SIGHUP\*(C'\fR. .PP Clients run in the foreground with a pseudo terminal don't respond to job control (i.e. suspending with Control-Z doesn't work). This is because the client belongs to an orphaned process group (it starts in its own process session) so the kernel won't send it \f(CW\*(C`SIGSTOP\*(C'\fR signals. However, if the client is a shell that supports job control, it's subprocesses can be suspended. .PP Clients can only be restarted if they were started with the \f(CW\*(C`\-\-respawn\*(C'\fR option. Using \f(CW\*(C`\-\-restart\*(C'\fR on a non-respawning daemon client is equivalent to using \f(CW\*(C`\-\-stop\*(C'\fR. .SH "MAILING LISTS" .IX Header "MAILING LISTS" The following mailing lists exist for daemon related discussion: .PP .Vb 3 \& daemon\-announce@libslack.org \- Announcements \& daemon\-users@libslack.org \- User forum \& daemon\-dev@libslack.org \- Development forum .Ve .PP To subscribe to any of these mailing lists, send a mail message to \&\fIlistname\fR\f(CW\*(C`\-request@libslack.org\*(C'\fR with \f(CW\*(C`subscribe\*(C'\fR as the message body. e.g. .PP .Vb 3 \& $ echo subscribe | mail daemon\-announce\-request@libslack.org \& $ echo subscribe | mail daemon\-users\-request@libslack.org \& $ echo subscribe | mail daemon\-dev\-request@libslack.org .Ve .PP Or you can send a mail message to \f(CW\*(C`majordomo@libslack.org\*(C'\fR with \&\f(CW\*(C`subscribe\*(C'\fR \fIlistname\fR in the message body. This way, you can subscribe to multiple lists at the same time. e.g. .PP .Vb 5 \& $ mail majordomo@libslack.org \& subscribe daemon\-announce \& subscribe daemon\-users \& subscribe daemon\-dev \& . .Ve .PP A digest version of each mailing list is also available. Subscribe to digests as above but append \f(CW\*(C`\-digest\*(C'\fR to the listname. .SH "SEE ALSO" .IX Header "SEE ALSO" \&\fI\fIlibslack\fI\|(3)\fR, \&\fI\fIdaemon\fI\|(3)\fR, \&\fI\fIcoproc\fI\|(3)\fR, \&\fI\fIpseudo\fI\|(3)\fR, \&\fI\fIinit\fI\|(8)\fR, \&\fI\fIinetd\fI\|(8)\fR, \&\fI\fIfork\fI\|(2)\fR, \&\fI\fIumask\fI\|(2)\fR, \&\fI\fIsetsid\fI\|(2)\fR, \&\fI\fIchdir\fI\|(2)\fR, \&\fI\fIchroot\fI\|(2)\fR, \&\fI\fIsetrlimit\fI\|(2)\fR, \&\fI\fIsetgid\fI\|(2)\fR, \&\fI\fIsetuid\fI\|(2)\fR, \&\fI\fIsetgroups\fI\|(2)\fR, \&\fI\fIinitgroups\fI\|(3)\fR, \&\fI\fIsyslog\fI\|(3)\fR, \&\fI\fIkill\fI\|(2)\fR .SH "AUTHOR" .IX Header "AUTHOR" 20100612 raf