don't open a database connection in the parent process

[freeside.git] / FS / bin / freeside-selfservice-server

#!/usr/bin/perl -w
#
# freeside-selfservice-server

# alas, much false laziness with freeside-queued and fs_signup_server.  at
# least it is slated to replace fs_{signup,passwd,mailadmin}_server
# should probably generalize the version in here, or better yet use
# Proc::Daemon or somesuch

use strict;
use vars qw( $Debug %kids $kids $max_kids $shutdown $log_file $ssh_pid );
use subs qw( lock_write unlock_write );
use Fcntl qw(:flock);
use POSIX qw(:sys_wait_h setsid);
use IO::Handle;
use IO::Select;
use IO::File;
use Storable 2.09 qw(nstore_fd fd_retrieve);
use Net::SSH qw(sshopen2);
use FS::UID qw(adminsuidsetup forksuidsetup);
use FS::ClientAPI;

use FS::Conf;
use FS::cust_bill;
use FS::cust_pkg;

$Debug = 1; # >= 2 will log packet contents, including potentially compromising
            # information

$shutdown = 0;
$max_kids = '10'; #?
$kids = 0;

my $user = shift or die &usage;
my $machine = shift or die &usage;
my $tag = scalar(@ARGV) ? shift : '';

# $FS::UID::datasrc not posible
my $pid_file = "/var/run/freeside-selfservice-server.$user.$machine.pid";

my $lock_file = "/usr/local/etc/freeside/selfservice.$machine.writelock";
open(LOCKFILE,">$lock_file") or die "can't open $lock_file: $!";

&init($user);

my $conf = new FS::Conf;

my $clientd = "/usr/local/sbin/freeside-selfservice-clientd"; #better name?

my $warnkids=0;
while (1) {
  my($writer,$reader,$error) = (new IO::Handle, new IO::Handle, new IO::Handle);
  warn "connecting to $machine\n" if $Debug;

  $ssh_pid = sshopen2($machine,$reader,$writer,$clientd,$tag);

#  nstore_fd(\*writer, {'hi'=>'there'});

  warn "entering main loop\n" if $Debug;
  my $undisp = 0;
  my $s = IO::Select->new( $reader );
  while (1) {

    &reap_kids;

    warn "waiting for packet from client\n" if $Debug && !$undisp;
    $undisp = 1;
    my @handles = $s->can_read(5);
    unless ( @handles ) {
      &shutdown if $shutdown;
      next;
    }

    $undisp = 0;

    warn "receiving packet from client\n" if $Debug;

    my $packet = eval { fd_retrieve($reader); };
    if ( $@ ) {
      warn "Storable error receiving packet from client".
           " (assuming lost connection): $@\n"
        if $Debug;
      if ( $ssh_pid ) {
        warn "sending TERM signal to ssh process $ssh_pid\n" if $Debug;
        kill 'TERM', $ssh_pid;
        $ssh_pid = 0;
      }
      last;
    }
    warn "packet received\n".
         join('', map { " $_=>$packet->{$_}\n" } keys %$packet )
      if $Debug > 1;

    #prevent runaway forking
    my $warnkids = 0;
    while ( $kids >= $max_kids ) {
      warn "WARNING: maximum $kids children reached\n" unless $warnkids++;
      &reap_kids;
      sleep 1;
    }

    warn "forking child\n" if $Debug;
    defined( my $pid = fork ) or die "can't fork: $!";
    if ( $pid ) {
      $kids++;
      $kids{$pid} = 1;
      warn "child $pid spawned\n" if $Debug;
    } else { #kid time

      ##get new db handle
      #$FS::UID::dbh->{InactiveDestroy} = 1;
      #forksuidsetup($user);

      #get db handle
      adminsuidsetup($user);

      my $type = $packet->{_packet};
      warn "calling $type handler\n" if $Debug; 
      my $rv = eval { FS::ClientAPI->dispatch($type, $packet); };
      if ( $@ ) {
        warn my $error = "WARNING: error dispatching $type: $@";
        $rv = { _error => $error };
      }
      $rv->{_token} = $packet->{_token}; #identifier

      warn "sending response\n" if $Debug;
      lock_write;
      nstore_fd($rv, $writer) or die "FATAL: can't send response: $!";
      $writer->flush or die "FATAL: can't flush: $!";
      unlock_write;

      warn "child exiting\n" if $Debug;
      exit; #end-of-kid
    }

  }

  warn "connection lost, reconnecting\n" if $Debug;
  sleep 3;

}

###
# utility subroutines
###

sub reap_kids {
  #warn "reaping kids\n";
  foreach my $pid ( keys %kids ) {
    my $kid = waitpid($pid, WNOHANG);
    if ( $kid > 0 ) {
      $kids--;
      delete $kids{$kid};
    }
  }
  #warn "done reaping\n";
}

sub init {
  my $user = shift;

  chdir "/" or die "Can't chdir to /: $!";
  open STDIN, '/dev/null' or die "Can't read /dev/null: $!";
  defined(my $pid = fork) or die "Can't fork: $!";
  if ( $pid ) {
    print "freeside-selfservice-server to $machine started with pid $pid\n"; #logging to $log_file
    exit unless $pid_file;
    my $pidfh = new IO::File ">$pid_file" or exit;
    print $pidfh "$pid\n";
    exit;
  }

#  sub REAPER { my $pid = wait; $SIG{CHLD} = \&REAPER; $kids--; }
#  #sub REAPER { my $pid = wait; $kids--; $SIG{CHLD} = \&REAPER; }
#  $SIG{CHLD} =  \&REAPER;

  $shutdown = 0;
  $SIG{HUP} = sub { warn "SIGHUP received; shutting down\n"; $shutdown++; };
  $SIG{INT} = sub { warn "SIGINT received; shutting down\n"; $shutdown++; };
  $SIG{TERM} = sub { warn "SIGTERM received; shutting down\n"; $shutdown++; };
  $SIG{QUIT} = sub { warn "SIGQUIT received; shutting down\n"; $shutdown++; };
  $SIG{PIPE} = sub { warn "SIGPIPE received; shutting down\n"; $shutdown++; };

  #false laziness w/freeside-queued
  my $freeside_gid = scalar(getgrnam('freeside'))
    or die "can't setgid to freeside group\n";
  $) = $freeside_gid;
  $( = $freeside_gid;
  #if freebsd can't setuid(), presumably it can't setgid() either.  grr fleabsd
  ($(,$)) = ($),$();
  $) = $freeside_gid;

  $> = $FS::UID::freeside_uid;
  $< = $FS::UID::freeside_uid;
  #freebsd is sofa king broken, won't setuid()
  ($<,$>) = ($>,$<);
  $> = $FS::UID::freeside_uid;
  #eslaf

  $ENV{HOME} = (getpwuid($>))[7]; #for ssh
  #adminsuidsetup $user;

  #$log_file = "/usr/local/etc/freeside/selfservice.". $FS::UID::datasrc; #MACHINE NAME
  $log_file = "/usr/local/etc/freeside/selfservice.$machine.log";

  open STDOUT, '>/dev/null'
                            or die "Can't write to /dev/null: $!";
  setsid                  or die "Can't start a new session: $!";
  open STDERR, '>&STDOUT' or die "Can't dup stdout: $!";

  $SIG{__DIE__} = \&_die;
  $SIG{__WARN__} = \&_logmsg;

  warn "freeside-selfservice-server starting\n";

}

sub shutdown {
  my $wait = 12; #wait up to 1 minute
  while ( $kids > 0 && $wait-- ) {
    warn "waiting for $kids children to terminate";
    sleep 5;
  }
  warn "abandoning $kids children" if $kids;
  kill 'TERM', $ssh_pid if $ssh_pid;
  die "exiting";
}

sub _die {
  my $msg = shift;
  unlink $pid_file if -e $pid_file;
  _logmsg($msg);
}

sub _logmsg {
  chomp( my $msg = shift );
  _do_logmsg( "[server] [". scalar(localtime). "] [$$] $msg\n" );
}

sub _do_logmsg {
  chomp( my $msg = shift );
  my $log = new IO::File ">>$log_file";
  flock($log, LOCK_EX);
  seek($log, 0, 2);
  print $log "$msg\n";
  flock($log, LOCK_UN);
  close $log;
}

sub lock_write {
  #broken on freebsd?
  #flock($writer, LOCK_EX) or die "FATAL: can't lock write stream: $!";

  flock(LOCKFILE, LOCK_EX) or die "FATAL: can't lock $lock_file: $!";

}

sub unlock_write {
  #broken on freebsd?
  #flock($writer, LOCK_UN) or die "WARNING: can't release write lock: $!";

  flock(LOCKFILE, LOCK_UN) or die "FATAL: can't unlock $lock_file: $!";

}

sub usage {
  die "Usage:\n\n  freeside-selfservice-server user machine\n";
}