package daemon
import "gopkg.in/hlandau/service.v2/daemon"
Package daemon provides functions to assist with the writing of UNIX-style daemons in go.
Index ¶
- Variables
- func Daemonize(keepStderr bool) error
- func DropPrivileges(UID, GID int, chrootDir string) (chrootErr error, err error)
- func Fork() (isParent bool, err error)
- func HaveStderr() bool
- func Init() error
- func IsRoot() bool
Variables ¶
var EmptyChrootPath = "/var/empty"
This is set to a path which should be empty on the target platform.
On Linux, the FHS provides that "/var/empty" should always be empty.
Functions ¶
func Daemonize ¶
Daemonizes but doesn't fork.
The stdin, stdout and, unless keepStderr is specified, stderr fds are remapped to /dev/null. setsid is called.
The process changes its current directory to /.
If you intend to call DropPrivileges, call it after calling this function, as /dev/null will no longer be available after privileges are dropped.
func DropPrivileges ¶
Drops privileges to the specified UID and GID. This function does nothing and returns no error if all E?[UG]IDs are nonzero.
If chrootDir is not empty, the process is chrooted into it. The directory must exist. The function tests that privilege dropping has been successful by attempting to setuid(0), which must fail.
The current directory is set to / inside the chroot.
The function ensures that /etc/hosts and /etc/resolv.conf are loaded before chrooting, so name service should continue to be available.
func Fork ¶
Psuedo-forks by re-executing the current binary with a special command line argument telling it not to re-execute itself again. Returns true in the parent process and false in the child.
func HaveStderr ¶
func HaveStderr() bool
Returns true unless stderr has been closed (remapped to /dev/null) as part of daemonization. Can be used to determine whether logging to stderr is useful.
func Init ¶
func Init() error
Initialises a daemon with recommended values. Called by Daemonize.
Currently, this only calls umask(0) and chdir("/").
func IsRoot ¶
func IsRoot() bool
Returns true if either or both of the following are true:
Any of the UID, EUID, GID or EGID are zero.
On supported platforms which support capabilities (currently Linux), any capabilities are present.
Source Files ¶
daemon.go droppriv.go
Directories ¶
| Path | Synopsis |
|---|---|
| daemon/bansuid | Package bansuid provides a function to prevent processes from reacquiring privileges. |
- Version
- v2.0.17 (latest)
- Published
- Mar 2, 2021
- Platform
- linux/amd64
- Imports
- 13 packages
- Last checked
- 12 hours ago –
Tools for package owners.