dirmngr: Implement --supervised command (for systemd, etc).

* dirmngr/dirmngr.c (main): Add new --supervised command, which is a
mode designed for running under a process supervision system like
systemd or runit.
* doc/dirmngr.texi: document --supervised option.

--

"dirmngr --supervised" is a way to invoke dirmngr such that a system
supervisor like systemd can provide socket-activated startup, log
management, and scheduled shutdown.

When running in this mode, dirmngr:

 * Does not open its own listening socket; rather, it expects to be
   given a listening socket on file descriptor 3.

 * Does not detach from the invoking process, staying in the
   foreground instead.

Signed-off-by: Daniel Kahn Gillmor <[email protected]>

2 files changed, 47 insertions, 0 deletions

diff --git a/dirmngr/dirmngr.c b/dirmngr/dirmngr.c
index c9e4a058b..29036812d 100644
--- a/dirmngr/dirmngr.c
+++ b/dirmngr/dirmngr.c
@@ -88,6 +88,7 @@ enum cmd_and_opt_values {
 
   aServer,
   aDaemon,
+  aSupervised,
   aListCRLs,
   aLoadCRL,
   aFetchCRL,
@@ -149,6 +150,7 @@ static ARGPARSE_OPTS opts[] = {
 
   ARGPARSE_c (aServer,   "server",  N_("run in server mode (foreground)") ),
   ARGPARSE_c (aDaemon,   "daemon",  N_("run in daemon mode (background)") ),
+  ARGPARSE_c (aSupervised, "supervised", N_("run under supervision (e.g. systemd)")),
   ARGPARSE_c (aListCRLs, "list-crls", N_("list the contents of the CRL cache")),
   ARGPARSE_c (aLoadCRL,  "load-crl",  N_("|FILE|load CRL from FILE into cache")),
   ARGPARSE_c (aFetchCRL, "fetch-crl", N_("|URL|fetch a CRL from URL")),
@@ -814,6 +816,7 @@ main (int argc, char **argv)
         {
         case aServer:
         case aDaemon:
+        case aSupervised:
         case aShutdown:
         case aFlush:
 	case aListCRLs:
@@ -993,6 +996,43 @@ main (int argc, char **argv)
       start_command_handler (ASSUAN_INVALID_FD);
       shutdown_reaper ();
     }
+  else if (cmd == aSupervised)
+    {
+      /* In supervised mode, we expect file descriptor 3 to be an
+         already opened, listening socket.
+
+         We will also not detach from the controlling process or close
+         stderr; the supervisor should handle all of that.  */
+      struct stat statbuf;
+      if (fstat (3, &statbuf) == -1 && errno ==EBADF)
+        {
+          log_error ("file descriptor 3 must be already open in --supervised mode\n");
+          dirmngr_exit (1);
+        }
+      socket_name = gnupg_get_socket_name (3);
+
+      /* Now start with logging to a file if this is desired. */
+      if (logfile)
+        {
+          log_set_file (logfile);
+          log_set_prefix (NULL, (GPGRT_LOG_WITH_PREFIX
+                                 |GPGRT_LOG_WITH_TIME
+                                 |GPGRT_LOG_WITH_PID));
+          current_logfile = xstrdup (logfile);
+        }
+      else
+        log_set_prefix (NULL, 0);
+
+      thread_init ();
+      cert_cache_init ();
+      crl_cache_init ();
+#if USE_LDAP
+      ldap_wrapper_launch_thread ();
+#endif /*USE_LDAP*/
+      handle_connections (3);
+      assuan_sock_close (3);
+      shutdown_reaper ();
+    }
   else if (cmd == aDaemon)
     {
       assuan_fd_t fd;
diff --git a/doc/dirmngr.texi b/doc/dirmngr.texi
index bb8281d7d..69d7e5e8f 100644
--- a/doc/dirmngr.texi
+++ b/doc/dirmngr.texi
@@ -85,6 +85,13 @@ Run in background daemon mode and listen for commands on a socket.
 Note that this also changes the default home directory and enables the
 internal certificate validation code.  This mode is deprecated.
 
+@item --supervised
+@opindex supervised
+Run in the foreground, sending logs to stderr, and listening on file
+descriptor 3, which must already be bound to a listening socket.  This
+is useful when running under systemd or other similar process
+supervision schemes.
+
 @item --list-crls
 @opindex list-crls
 List the contents of the CRL cache on @code{stdout}. This is probably