2018-02-05 21:05:59 +00:00
|
|
|
package listeners // import "github.com/docker/docker/daemon/listeners"
|
2015-02-13 19:46:14 +00:00
|
|
|
|
|
|
|
import (
|
2015-11-03 10:03:35 +00:00
|
|
|
"crypto/tls"
|
2015-03-31 20:37:49 +00:00
|
|
|
"net"
|
2017-03-14 23:09:08 +00:00
|
|
|
"os"
|
2015-05-15 20:05:35 +00:00
|
|
|
"strconv"
|
2015-02-13 19:46:14 +00:00
|
|
|
|
2020-02-28 07:52:14 +00:00
|
|
|
"github.com/coreos/go-systemd/v22/activation"
|
2018-10-15 07:52:53 +00:00
|
|
|
"github.com/docker/docker/pkg/homedir"
|
2015-12-30 00:27:12 +00:00
|
|
|
"github.com/docker/go-connections/sockets"
|
2019-07-25 15:38:44 +00:00
|
|
|
"github.com/pkg/errors"
|
2017-07-26 21:42:13 +00:00
|
|
|
"github.com/sirupsen/logrus"
|
2015-02-13 19:46:14 +00:00
|
|
|
)
|
|
|
|
|
2016-02-11 18:30:23 +00:00
|
|
|
// Init creates new listeners for the server.
|
2016-04-09 06:49:33 +00:00
|
|
|
// TODO: Clean up the fact that socketGroup and tlsConfig aren't always used.
|
|
|
|
func Init(proto, addr, socketGroup string, tlsConfig *tls.Config) ([]net.Listener, error) {
|
|
|
|
ls := []net.Listener{}
|
|
|
|
|
2015-02-13 19:46:14 +00:00
|
|
|
switch proto {
|
|
|
|
case "fd":
|
2016-04-09 06:49:33 +00:00
|
|
|
fds, err := listenFD(addr, tlsConfig)
|
2015-03-31 20:37:49 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
2016-04-09 06:49:33 +00:00
|
|
|
ls = append(ls, fds...)
|
2015-02-13 19:46:14 +00:00
|
|
|
case "tcp":
|
2016-04-09 06:49:33 +00:00
|
|
|
l, err := sockets.NewTCPSocket(addr, tlsConfig)
|
2015-05-20 23:48:39 +00:00
|
|
|
if err != nil {
|
2015-03-31 20:37:49 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
2015-05-28 19:15:03 +00:00
|
|
|
ls = append(ls, l)
|
2015-02-13 19:46:14 +00:00
|
|
|
case "unix":
|
2017-02-09 21:34:36 +00:00
|
|
|
gid, err := lookupGID(socketGroup)
|
2017-02-07 19:32:39 +00:00
|
|
|
if err != nil {
|
2017-04-27 16:26:21 +00:00
|
|
|
if socketGroup != "" {
|
|
|
|
if socketGroup != defaultSocketGroup {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
logrus.Warnf("could not change group %s to %s: %v", addr, defaultSocketGroup, err)
|
2017-03-14 23:09:08 +00:00
|
|
|
}
|
|
|
|
gid = os.Getgid()
|
2017-02-07 19:32:39 +00:00
|
|
|
}
|
|
|
|
l, err := sockets.NewUnixSocket(addr, gid)
|
2015-05-28 19:15:03 +00:00
|
|
|
if err != nil {
|
2019-07-25 15:38:44 +00:00
|
|
|
return nil, errors.Wrapf(err, "can't create unix socket %s", addr)
|
2015-02-13 23:08:42 +00:00
|
|
|
}
|
2018-10-15 07:52:53 +00:00
|
|
|
if _, err := homedir.StickRuntimeDirContents([]string{addr}); err != nil {
|
|
|
|
// StickRuntimeDirContents returns nil error if XDG_RUNTIME_DIR is just unset
|
|
|
|
logrus.WithError(err).Warnf("cannot set sticky bit on socket %s under XDG_RUNTIME_DIR", addr)
|
|
|
|
}
|
2015-05-28 19:15:03 +00:00
|
|
|
ls = append(ls, l)
|
2015-03-31 20:37:49 +00:00
|
|
|
default:
|
2019-07-25 15:38:44 +00:00
|
|
|
return nil, errors.Errorf("invalid protocol format: %q", proto)
|
2015-02-13 23:08:42 +00:00
|
|
|
}
|
|
|
|
|
2016-04-09 06:49:33 +00:00
|
|
|
return ls, nil
|
2015-05-15 20:05:35 +00:00
|
|
|
}
|
2015-06-03 19:01:53 +00:00
|
|
|
|
2015-08-06 12:35:00 +00:00
|
|
|
// listenFD returns the specified socket activated files as a slice of
|
|
|
|
// net.Listeners or all of the activated files if "*" is given.
|
2015-11-03 10:03:35 +00:00
|
|
|
func listenFD(addr string, tlsConfig *tls.Config) ([]net.Listener, error) {
|
|
|
|
var (
|
|
|
|
err error
|
|
|
|
listeners []net.Listener
|
|
|
|
)
|
2015-08-06 12:35:00 +00:00
|
|
|
// socket activation
|
2015-11-03 10:03:35 +00:00
|
|
|
if tlsConfig != nil {
|
2018-05-23 19:57:30 +00:00
|
|
|
listeners, err = activation.TLSListeners(tlsConfig)
|
2015-11-03 10:03:35 +00:00
|
|
|
} else {
|
2018-05-23 19:57:30 +00:00
|
|
|
listeners, err = activation.Listeners()
|
2015-11-03 10:03:35 +00:00
|
|
|
}
|
2015-08-06 12:35:00 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
2015-10-07 21:23:53 +00:00
|
|
|
if len(listeners) == 0 {
|
2019-07-25 15:38:44 +00:00
|
|
|
return nil, errors.New("no sockets found via socket activation: make sure the service was started by systemd")
|
2015-08-06 12:35:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// default to all fds just like unix:// and tcp://
|
2015-10-07 21:23:53 +00:00
|
|
|
if addr == "" || addr == "*" {
|
|
|
|
return listeners, nil
|
2015-08-06 12:35:00 +00:00
|
|
|
}
|
|
|
|
|
2015-10-07 21:23:53 +00:00
|
|
|
fdNum, err := strconv.Atoi(addr)
|
|
|
|
if err != nil {
|
2019-07-25 15:38:44 +00:00
|
|
|
return nil, errors.Errorf("failed to parse systemd fd address: should be a number: %v", addr)
|
2015-10-07 21:23:53 +00:00
|
|
|
}
|
2015-08-06 12:35:00 +00:00
|
|
|
fdOffset := fdNum - 3
|
2017-08-24 17:11:44 +00:00
|
|
|
if len(listeners) < fdOffset+1 {
|
2019-07-25 15:38:44 +00:00
|
|
|
return nil, errors.New("too few socket activated files passed in by systemd")
|
2015-08-06 12:35:00 +00:00
|
|
|
}
|
2015-10-07 21:23:53 +00:00
|
|
|
if listeners[fdOffset] == nil {
|
2019-07-25 15:38:44 +00:00
|
|
|
return nil, errors.Errorf("failed to listen on systemd activated file: fd %d", fdOffset+3)
|
2015-10-07 21:23:53 +00:00
|
|
|
}
|
|
|
|
for i, ls := range listeners {
|
|
|
|
if i == fdOffset || ls == nil {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
if err := ls.Close(); err != nil {
|
2019-07-25 15:38:44 +00:00
|
|
|
return nil, errors.Wrapf(err, "failed to close systemd activated file: fd %d", fdOffset+3)
|
2015-10-07 21:23:53 +00:00
|
|
|
}
|
2015-08-06 12:35:00 +00:00
|
|
|
}
|
|
|
|
return []net.Listener{listeners[fdOffset]}, nil
|
|
|
|
}
|