[sslh] Foreground mode.

[Yves Rutschle]

Hi Seb,

On Mon, Apr 16, 2012 at 06:58:33PM +0200, Yves Rutschle wrote:
> I'll go over the daemon requirements for systemd and make
> sure you have options to satisfy them (except the "grab a
> name on the bus", I don't think sslh needs to get into
> that).

Please find patch attached.

>From systemd specification:

>We ask daemon writers not to fork or even double fork in
>their processes, but run their event loop from the initial
>process systemd starts for you. Also, don't call setsid().

Now if --foreground is specifed, setsid() isn't called
anymore: sslh can be compliant.

>Don't drop user privileges in the daemon itself, leave this
>to systemd and configure it in systemd service
>configuration files. (There are exceptions here. For
>example, for some daemons there are good reasons to drop
>privileges inside the daemon code, after an initialization
>phase that requires elevated privileges.)

Now if --user is not specified, sslh does not change uid.

>Don't write PID files

Now if --pidfile is not specified, sslh does not create a
PID file.

>Grab a name on the bus

Not doing it.

>You may rely on systemd for logging, you are welcome to log
>whatever you need to log to stderr.

Now if --foreground is specified, sslh doesn't log to syslog
(but to stderr instead).

>Let systemd create and watch sockets for you, so that
>socket activation works. Hence, interpret $LISTEN_FDS and
>$LISTEN_PID as described above.

Not interpreting $LISTEN_FDS, but inetd mode should work for
this mode.

>Use SIGTERM for requesting shut downs from your daemon.

Already doing it.

(the patch also corrects an unrelated bug).

Let me know if this works for you!

Cheers,
Y.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sslh-1.11.patch
Type: text/x-diff
Size: 3601 bytes
Desc: not available
URL: <http://rutschle.net/pipermail/sslh/attachments/20120418/877bf935/attachment.patch>