daemon - turns other processes into daemons
usage: daemon [options] [--] [cmd arg...] options:
-h, --help - Print a help message then exit -V, --version - Print a version message then exit -v, --verbose[=level] - Set the verbosity level -d, --debug[=level] - Set the debugging level
-C, --config=path - Specify the system configuration file -N, --noconfig - Bypass the system configuration file -n, --name=name - Guarantee a single named instance -X, --command=cmd - Specify the client command as an option -P, --pidfiles=/dir - Override standard pidfile location -F, --pidfile=/path - Override standard pidfile name and location
-u, --user=user[.group] - Run the client as user[.group] -R, --chroot=path - Run the client with path as root -D, --chdir=path - Run the client in directory path -m, --umask=umask - Run the client with the given umask -e, --env="var=val" - Set a client environment variable -i, --inherit - Inherit environment variables -U, --unsafe - Allow execution of unsafe executable -S, --safe - Deny execution of unsafe executable -c, --core - Allow core file generation
-r, --respawn - Respawn the client when it terminates -a, --acceptable=# - Minimum acceptable client duration -A, --attempts=# - Respawn # times on error before delay -L, --delay=# - Delay between spawn attempt bursts (seconds) -M, --limit=# - Maximum number of spawn attempt bursts
-f, --foreground - Run the client in the foreground -p, --pty[=noecho] - Allocate a pseudo terminal for the client
-l, --errlog=spec - Send daemon's error output to syslog or file -b, --dbglog=spec - Send daemon's debug output to syslog or file -o, --output=spec - Send client's output to syslog or file -O, --stdout=spec - Send client's stdout to syslog or file -E, --stderr=spec - Send client's stderr to syslog or file
--running - Check if a named daemon is running --restart - Restart a named daemon client --stop - Terminate a named daemon process
daemon(1) turns other processes into daemons. There are many tasks that need to be performed to correctly set up a daemon process. This can be tedious. daemon performs these tasks for other processes.
The preparatory tasks that daemon performs for other processes are:
--chroot
option was supplied.
Change the process uid and gid if the --user
option was supplied. Only
root can use this option. Note that the uid of daemon itself is changed,
rather than just changing the uid of the client process.
Read the system configuration file (/etc/daemon.conf
by default, or
specified by the --config
option) unless the --noconfig
option was
supplied. Then read the user's configuration file (~/.daemonrc
), if any.
Generic options are processed first, then options specific to the daemon
with the given name. Note: The root directory and the user must be set
before access to the configuration file can be attempted so neither --chroot
nor --user options may appear in the configuration file.
Disable core file generation to prevent leaking sensitive information in
daemons run by root (unless the --core
option was supplied).
Become a daemon process:
SVR4
is defined and
NO_EXTRA_SVR4_FORK
is not defined when libslack(3) is compiled. Before
doing this, ignore SIGHUP
because when the session leader terminates, all
processes in the foreground process group are sent a SIGHUP
signal
(apparently). Note that this code may not execute (e.g. when started by
init(8) or inetd(8) or when either SVR4
was not defined or
NO_EXTRA_SVR4_FORK
was defined when libslack(3) was compiled). This
means that the client can't make any assumptions about the SIGHUP
handler.
stdin
, stdout
and stderr
are left open since they are open to a
socket.
Open stdin
, stdout
and stderr
to /dev/null
in case something
requires them to be open. Of course, this is not done if daemon was
invoked by inetd(8).
If the --name
option was supplied, create and lock a file containing the
process id of the daemon process. The presence of this locked file
prevents two instances of a daemon with the same name from running at the
same time. The standard location of the pidfile is /var/run
on Linux and
/etc
on Solaris for root or /tmp
for ordinary users. If the
--pidfiles
option was supplied, its argument specifies the directory in
which the pidfile will be placed. If the --pidfile
option was supplied,
its argument specifies the name of the pidfile and the directory in which
it will be placed.
--umask
option was supplied, set the umask to its argument.
Otherwise, set the umask to 022
to prevent clients from accidentally
creating group or world writable files.
Set the current directory if the --chdir
option was supplied.
Spawn the client command and wait for it to terminate. The client command
may be specified as command line arguments or as the argument of the
--command
option. If both the --command
option and command line
arguments are present, the client command is the result of appending the
command line arguments to the argument of the --command
option.
If the --syslog
, --outlog
and/or --errlog
options were supplied,
the client's standard output and/or standard error are captured by daemon
and sent to the respective syslog destinations.
When the client terminates, daemon respawns it if the --respawn
option
was supplied. If the client ran for less than 300 seconds (or the value of
the --acceptable
option), then daemon sees this as an error. It will
attempt to restart the client up to five times (or the value of the
--attempts
option) before waiting for 300 seconds (or the value of the
--delay
option). This gives the administrator the chance to correct
whatever is preventing the client from running without overloading system
resources. If the --limit
option was supplied, daemon terminates after
the specified number of spawn attempt bursts. The default is zero which
means never give up, never surrender.
When the client terminates and the --respawn
option wasn't supplied,
daemon terminates.
SIGTERM
signal, it propagates the signal to the
client and then terminates.
If daemon receives a SIGUSR1
signal (from another invocation of
daemon supplied with the --restart
option), it sends a SIGTERM
signal to the client. If started with the --respawn
option, the client
process will be restarted after it is killed by the SIGTERM
signal.
If the --foreground
option was supplied, the client process is run as a
foreground process and is not turned into a daemon. If daemon is
connected to a terminal, so will the client process. If daemon is not
connected to a terminal but the client needs to be connected to a terminal,
use the --pty
option.
-h
, --help
-V
, --version
-v
[=level], --verbose
[=level]--running
option is supplied.
-d
[=level], --debug
[=level]daemon.debug
.
-C=
path, --config=
path/etc/daemon.conf
is
the configuration file if it exists and is not group or world writable and
does not exist in a group or world writable directory. The configuration
file lets you predefine options that apply to all clients and to
specifically named clients.
-N
, --noconfig
/etc/daemon.conf
. Only the user's
~/.daemonrc
configuration file will be read (if it exists).
-n=
name, --name=
name/var/run/
name.pid
), ensuring that only
one daemon with the given name is active at the same time.
-X=
cmd, --command=
cmddaemon --name ftumpch
Note: Specifying the client command in the configuration file means that no shell features are available (i.e. no meta characters).
-P=
/dir, --pidfiles=
/dir/var/run
on Linux and
in /etc
on Solaris. Normal users' pidfiles live in </tmp>. This option
can only be used with the --name
option. Use this option if these
locations are unacceptable but make sure you don't forget where you put your
pidfiles. This option should only be used in configuration files or in shell
scripts, not on the command line.
-F=
/path, --pidfile=
/path--name
option followed by .pid
. Use this option if the standard
pidfile name and location are unacceptable but make sure you don't forget
where you put your pidfile. This option should only be used in configuration
files or in shell scripts, not on the command line.
-u=
user[.group], --user=
user[.group].group
specifier, daemon will assume the
specified group and no other. Otherwise, daemon will assume all groups
that the specified user is in.
-R=
path, --chroot=
path-D=
path, --chdir=
path-m=
umask, --umask=
umask022
.
-e=
var=val, --env=
var=val-i
, --inherit
--env
option is used. When this option is used, the --env
option adds
to the inherited environment, rather than replacing it.
-U
, --unsafe
/usr/bin/env
(with an argument that is a
command name to be searched for in $PATH
), then that command must be
safe. By default, daemon(1) will refuse to read an unsafe configuration
file or to execute an unsafe executable when run by root. This option
overrides that behaviour and hence should never be used.
-S
, --safe
-c
, --core
-r
, --respawn
-a=
#, --acceptable=
#--respawn
option.
less than this, it is considered to have failed.
-A=
#, --attempts=
#--respawn
option.
-L=
#, --delay=
#--respawn
option.
-M=
#, ---limit=
#--respawn
option.
-f
, --foreground
-p
[=noecho], --pty
[=noecho]--foreground
option. This is the default when the --foreground
option is supplied and daemon's standard input is connected to a
terminal. This option is only necessary when the client process must be
connected to a controlling terminal but daemon itself has been run
without a controlling terminal (e.g. from cron(8) or a pipeline).
If the noecho
argument is supplied with this option, the client's side
of the pseudo terminal will be set to noecho mode. Use this only if there
really is a terminal involved and input is being echoed twice.
-l=
spec, --errlog=
spec"facility.priority"
, then
output is sent to syslog(3). Otherwise, output is appended to the file
whose path is given in spec. By default, output is sent to daemon.err
.
-b=
spec, --dbglog=
spec"facility.priority"
, then output is
sent to syslog(3). Otherwise, output is appended to the file whose path
is given in spec. By default, output is sent to daemon.debug
.
-o=
spec, --output=
spec"facility.priority"
, then output is sent to syslog(3). Otherwise,
output is appended to the file whose path is given in spec. By default,
output is discarded unless the --foreground
option is present. In this
case, the client's stdout and stderr are propagated to daemon's stdout
and stderr respectively.
-O=
spec, --stdout=
spec"facility.priority"
, then output is sent to syslog(3). Otherwise,
stdout is appended to the file whose path is given in spec. By default,
stdout is discarded unless the --foreground
option is present, in which
case, the client's stdout is propagated to daemon's stdout.
-E=
spec, --stderr=
spec"facility.priority"
, then
stderr is sent to syslog(3). Otherwise, stderr is appended to the file
whose path is given in spec. By default, stderr is discarded unless the
--foreground
option is present, in this case, the client's stderr is
propagated to daemon's stderr.
--running
EXIT_SUCCESS
if the named daemon is running or EXIT_FAILURE
if it
isn't. If the --verbose
option is supplied, print a message before
exiting. This option can only be used with the --name
option. Note that
the --chroot
, --user
, --name
, --pidfiles
and --pidfile
(and
possibly --config
) options must be the same as for the target daemon.
--restart
--name
option. Note that the
--chroot
, --user
, --name
, --pidfiles
and --pidfile
(and
possibly --config
) options must be the same as for the target daemon.
--stop
--name
option. Note that the --chroot
, --user
, --name
,
--pidfiles
and --pidfile
(and possibly --config
) options must be the
same as for the target daemon.
/etc/daemon.conf
, ~/.daemonrc
- define default options
Each line of the configuration file consists of a client name or '*'
,
followed by whitespace, followed by a comma separated list of options. Blank
lines and comments ('#'
to end of the line) are ignored. Lines may be
continued with a '\'
character at the end of the line.
For example:
* errlog=daemon.err,output=local0.err,core test1 syslog=local0.debug,debug=9,verbose=9,respawn test2 syslog=local0.debug,debug=9,verbose=9,respawn
The command line options are processed first to look for a --config
option. If no --config
option was supplied, the default file,
/etc/daemon.conf
, is used. If the user has their own configuration file,
~/.daemorc
it is also used. If the configuration files contain any
generic ('*'
) entries, their options are applied in order of appearance.
If the --name
option was supplied and the configuration files contain any
entries with the given name, their options are then applied in order of
appearance. Finally, the command line options are applied again. This
ensures that any generic options apply to all clients by default. Client
specific options override generic options. User options override system wide
options. Command line options override everything else.
Note that the configuration files are not opened and read until after any
--chroot
and/or --user
command line options are processed. This means
that the configuration file paths and the client's file path must be relative
to the --chroot
argument. It also means that the configuration files and
the client executable must be readable/executable by the user specified by
the --user
argument. It also means that the --chroot
and --user
options must not appear in the configuration file. Also note that the
--name
must not appear in the configuration file either.
If you specify (in a configuration file) that all clients allow core file generation, there is no way to countermand that for any client (without using an alternative configuration file). So don't do that. The same applies to respawning and foreground.
It is possible for the client process to obtain a controlling terminal under
BSD (and even under SVR4 if SVR4
was not defined or
NO_EXTRA_SVR4_FORK
was defined when libslack(3) is compiled). If
anything calls open(2) on a terminal device without the O_NOCTTY
flag,
the process doing so will obtain a controlling terminal and then be
susceptible to unintended termination by a SIGHUP
.
Clients run in the foreground with a pseudo terminal don't respond to job
control (i.e. suspending with Control-Z doesn't work). This is because the
client belongs to an orphaned process group (it starts in its own process
session) so the kernel won't send it SIGSTOP
signals. However, if the
client is a shell that supports job control, it's subprocesses can be
suspended.
Clients can only be restarted if they were started with the --respawn
option. Using --restart
on a non-respawning daemon client is equivalent
to using --stop
.
The following mailing lists exist for daemon related discussion:
daemon-announce@libslack.org - Announcements daemon-users@libslack.org - User forum daemon-dev@libslack.org - Development forum
To subscribe to any of these mailing lists, send a mail message to
listname-request@libslack.org
with subscribe
as the message body.
e.g.
$ echo subscribe | mail daemon-announce-request@libslack.org $ echo subscribe | mail daemon-users-request@libslack.org $ echo subscribe | mail daemon-dev-request@libslack.org
Or you can send a mail message to majordomo@libslack.org
with
subscribe
listname in the message body. This way, you can
subscribe to multiple lists at the same time.
e.g.
$ mail majordomo@libslack.org subscribe daemon-announce subscribe daemon-users subscribe daemon-dev .
A digest version of each mailing list is also available. Subscribe to
digests as above but append -digest
to the listname.
libslack(3), daemon(3), coproc(3), pseudo(3), init(8), inetd(8), fork(2), umask(2), setsid(2), chdir(2), chroot(2), setrlimit(2), setgid(2), setuid(2), setgroups(2), initgroups(3), syslog(3), kill(2)
20040806 raf <raf@raf.org>