3 Some daemons are able to restart themselves. I mean, a real in-place restart, not a naïve external stop+re-exec.
5 Why would you care if a daemon is able to restart in place or not? Well, it depends. For some daemons is almost a necessary feature (think of sshd, would you be happy if when you restart the daemon it would shut down every ongoing connections? I wouldn’t), in others a nice-to-have feature (httpd for instance), while in some case is an unnecessary complications.
7 Generally speaking, with a various degree of importance, for network-related daemons being able to restart in place is a good thing. It means that you (the server administrator) can adjust things while the daemon is running and this is almost invisible for the outside word: ongoing connection are preserved and new connections are subject to the new set of rules.
9 I just implemented something similar for gmid, my Gemini server, but the overall design can be used in various kind of daemons I guess.
11 => gemini://gemini.omarpolo.com/pages/gmid.gmi gmid
13 The solution I chose was to keep a parent process that on SIGHUP re-reads the configuration and forks(2) to execute the real daemon code. The other processes on SIGHUP simply stop accepting new connections and finish to process what they have.
15 Doing it this way simplifies the situation when you take into consideration that the daemon may want to chroot itself, or do any other kind of sandbox, or drop privileges and so on, since the main process remains outside the chroot/sandbox with the original privileges. It also isn’t a security concern since all it does is waiting on a signal (in other words, it cannot be influenced by the outside world.)
17 One thing to be wary are race-conditions induced by signal handlers. Consider this bit of code
20 /* 1 when SIGHUP is received, 0 otherwise.
21 * This var is shared with the children. */
22 volatile sig_atomic_t hupped;
35 /* after this point hupped is 1 */
42 (spoiler: the reload_config call is there only to trick you)
44 We set ‘hupped’ to 0 before we fork, so our child starts with hupped set to 0, then we fork and wait. But what if we receive a SIGHUP after we set the variable to 0, but before the fork? Or right before wait_sighup? The children will exit and the main process would get stuck waiting for a SIGHUP that was already delivered.
46 Oh, and guarding the wait_sighup won’t work too
50 /* what happens if SIGHUP gets delivered
51 * here, before the wait? */
56 Fortunately, we can block signals with sigprocmask and wait for specific signals with sigwait.
58 => gemini://gemini.omarpolo.com/cgi/man?sigprocmask sigprocmask(2)
59 => gemini://gemini.omarpolo.com/cgi/man?sigwait sigwait(2)
61 Frankly, I never used these “advanced” signals API before, as usually the “simplified” interface were enough, but it’s nice to learn new stuff.
63 The right order should be
66 * in the child, re-enable signals
67 * in the parent, wait for sighup
71 or, if you prefer some real code, something along the lines of
82 sigaddset(&new, SIGHUP);
83 sigprocmask(SIG_BLOCK, &new, &set);
89 sigprocmask(SIG_SETMASK, &set, NULL);
99 sigaddset(&mask, SIGHUP);
100 sigwait(&mask, &signo);
105 volatile sig_atomic_t hupped;
116 return daemon_main();
