ominfra 0.0.0.dev125__py3-none-any.whl → 0.0.0.dev127__py3-none-any.whl

ominfra/supervisor/setupimpl.py

@@ -0,0 +1,261 @@
+# ruff: noqa: UP006 UP007
+import os
+import re
+import resource
+import typing as ta
+import warnings
+
+from omlish.lite.cached import cached_nullary
+from omlish.lite.logs import log
+
+from .configs import ServerConfig
+from .privileges import drop_privileges
+from .setup import DaemonizeListeners
+from .setup import SupervisorSetup
+from .setup import SupervisorUser
+from .types import ServerEpoch
+from .utils import real_exit
+from .utils import try_unlink
+
+
+##
+
+
+class SupervisorSetupImpl(SupervisorSetup):
+    def __init__(
+            self,
+            *,
+            config: ServerConfig,
+            user: ta.Optional[SupervisorUser] = None,
+            epoch: ServerEpoch = ServerEpoch(0),
+            daemonize_listeners: DaemonizeListeners = DaemonizeListeners([]),
+    ) -> None:
+        super().__init__()
+
+        self._config = config
+        self._user = user
+        self._epoch = epoch
+        self._daemonize_listeners = daemonize_listeners
+
+    #
+
+    @property
+    def first(self) -> bool:
+        return not self._epoch
+
+    #
+
+    @cached_nullary
+    def setup(self) -> None:
+        if not self.first:
+            # prevent crash on libdispatch-based systems, at least for the first request
+            self._cleanup_fds()
+
+        self._set_uid_or_exit()
+
+        if self.first:
+            self._set_rlimits_or_exit()
+
+        # this sets the options.logger object delay logger instantiation until after setuid
+        if not self._config.nocleanup:
+            # clean up old automatic logs
+            self._clear_auto_child_logdir()
+
+        if not self._config.nodaemon and self.first:
+            self._daemonize()
+
+        # writing pid file needs to come *after* daemonizing or pid will be wrong
+        self._write_pidfile()
+
+    @cached_nullary
+    def cleanup(self) -> None:
+        self._cleanup_pidfile()
+
+    #
+
+    def _cleanup_fds(self) -> None:
+        # try to close any leaked file descriptors (for reload)
+        start = 5
+        os.closerange(start, self._config.minfds)
+
+    #
+
+    def _set_uid_or_exit(self) -> None:
+        """
+        Set the uid of the supervisord process.  Called during supervisord startup only.  No return value.  Exits the
+        process via usage() if privileges could not be dropped.
+        """
+
+        if self._user is None:
+            if os.getuid() == 0:
+                warnings.warn(
+                    'Supervisor is running as root.  Privileges were not dropped because no user is specified in the '
+                    'config file.  If you intend to run as root, you can set user=root in the config file to avoid '
+                    'this message.',
+                )
+        else:
+            msg = drop_privileges(self._user.uid)
+            if msg is None:
+                log.info('Set uid to user %s succeeded', self._user.uid)
+            else:  # failed to drop privileges
+                raise RuntimeError(msg)
+
+    #
+
+    def _set_rlimits_or_exit(self) -> None:
+        """
+        Set the rlimits of the supervisord process.  Called during supervisord startup only.  No return value.  Exits
+        the process via usage() if any rlimits could not be set.
+        """
+
+        limits = []
+
+        if hasattr(resource, 'RLIMIT_NOFILE'):
+            limits.append({
+                'msg': (
+                    'The minimum number of file descriptors required to run this process is %(min_limit)s as per the '
+                    '"minfds" command-line argument or config file setting. The current environment will only allow '
+                    'you to open %(hard)s file descriptors.  Either raise the number of usable file descriptors in '
+                    'your environment (see README.rst) or lower the minfds setting in the config file to allow the '
+                    'process to start.'
+                ),
+                'min': self._config.minfds,
+                'resource': resource.RLIMIT_NOFILE,
+                'name': 'RLIMIT_NOFILE',
+            })
+
+        if hasattr(resource, 'RLIMIT_NPROC'):
+            limits.append({
+                'msg': (
+                    'The minimum number of available processes required to run this program is %(min_limit)s as per '
+                    'the "minprocs" command-line argument or config file setting. The current environment will only '
+                    'allow you to open %(hard)s processes.  Either raise the number of usable processes in your '
+                    'environment (see README.rst) or lower the minprocs setting in the config file to allow the '
+                    'program to start.'
+                ),
+                'min': self._config.minprocs,
+                'resource': resource.RLIMIT_NPROC,
+                'name': 'RLIMIT_NPROC',
+            })
+
+        for limit in limits:
+            min_limit = limit['min']
+            res = limit['resource']
+            msg = limit['msg']
+            name = limit['name']
+
+            soft, hard = resource.getrlimit(res)  # type: ignore
+
+            # -1 means unlimited
+            if soft < min_limit and soft != -1:  # type: ignore
+                if hard < min_limit and hard != -1:  # type: ignore
+                    # setrlimit should increase the hard limit if we are root, if not then setrlimit raises and we print
+                    # usage
+                    hard = min_limit  # type: ignore
+
+                try:
+                    resource.setrlimit(res, (min_limit, hard))  # type: ignore
+                    log.info('Increased %s limit to %s', name, min_limit)
+                except (resource.error, ValueError):
+                    raise RuntimeError(msg % dict(  # type: ignore  # noqa
+                        min_limit=min_limit,
+                        res=res,
+                        name=name,
+                        soft=soft,
+                        hard=hard,
+                    ))
+
+    #
+
+    _unlink_pidfile = False
+
+    def _write_pidfile(self) -> None:
+        pid = os.getpid()
+        try:
+            with open(self._config.pidfile, 'w') as f:
+                f.write(f'{pid}\n')
+        except OSError:
+            log.critical('could not write pidfile %s', self._config.pidfile)
+        else:
+            self._unlink_pidfile = True
+            log.info('supervisord started with pid %s', pid)
+
+    def _cleanup_pidfile(self) -> None:
+        if self._unlink_pidfile:
+            try_unlink(self._config.pidfile)
+
+    #
+
+    def _clear_auto_child_logdir(self) -> None:
+        # must be called after realize()
+        child_logdir = self._config.child_logdir
+        if child_logdir == '/dev/null':
+            return
+
+        fnre = re.compile(rf'.+?---{self._config.identifier}-\S+\.log\.?\d{{0,4}}')
+        try:
+            filenames = os.listdir(child_logdir)
+        except OSError:
+            log.warning('Could not clear child_log dir')
+            return
+
+        for filename in filenames:
+            if fnre.match(filename):
+                pathname = os.path.join(child_logdir, filename)
+                try:
+                    os.remove(pathname)
+                except OSError:
+                    log.warning('Failed to clean up %r', pathname)
+
+    #
+
+    def _daemonize(self) -> None:
+        for dl in self._daemonize_listeners:
+            dl.before_daemonize()
+
+        self._do_daemonize()
+
+        for dl in self._daemonize_listeners:
+            dl.after_daemonize()
+
+    def _do_daemonize(self) -> None:
+        # To daemonize, we need to become the leader of our own session (process) group.  If we do not, signals sent to
+        # our parent process will also be sent to us.   This might be bad because signals such as SIGINT can be sent to
+        # our parent process during normal (uninteresting) operations such as when we press Ctrl-C in the parent
+        # terminal window to escape from a logtail command. To disassociate ourselves from our parent's session group we
+        # use os.setsid.  It means "set session id", which has the effect of disassociating a process from is current
+        # session and process group and setting itself up as a new session leader.
+        #
+        # Unfortunately we cannot call setsid if we're already a session group leader, so we use "fork" to make a copy
+        # of ourselves that is guaranteed to not be a session group leader.
+        #
+        # We also change directories, set stderr and stdout to null, and change our umask.
+        #
+        # This explanation was (gratefully) garnered from
+        # http://www.cems.uwe.ac.uk/~irjohnso/coursenotes/lrc/system/daemons/d3.htm
+
+        pid = os.fork()
+        if pid != 0:
+            # Parent
+            log.debug('supervisord forked; parent exiting')
+            real_exit(0)
+
+        # Child
+        log.info('daemonizing the supervisord process')
+        if self._config.directory:
+            try:
+                os.chdir(self._config.directory)
+            except OSError as err:
+                log.critical("can't chdir into %r: %s", self._config.directory, err)
+            else:
+                log.info('set current directory: %r', self._config.directory)
+
+        os.dup2(0, os.open('/dev/null', os.O_RDONLY))
+        os.dup2(1, os.open('/dev/null', os.O_WRONLY))
+        os.dup2(2, os.open('/dev/null', os.O_WRONLY))
+
+        # XXX Stevens, in his Advanced Unix book, section 13.3 (page 417) recommends calling umask(0) and closing unused
+        # file descriptors.  In his Network Programming book, he additionally recommends ignoring SIGHUP and forking
+        # again after the setsid() call, for obscure SVR4 reasons.
+        os.setsid()
+        os.umask(self._config.umask)

ominfra/supervisor/signals.py

@@ -6,25 +6,33 @@ import typing as ta
 ##
 
 
-_SIG_NAMES: ta.Optional[ta.Mapping[int, str]] = None
+_SIGS_BY_NUM: ta.Mapping[int, signal.Signals] = {s.value: s for s in signal.Signals}
+_SIGS_BY_NAME: ta.Mapping[str, signal.Signals] = {s.name: s for s in signal.Signals}
 
 
-def sig_name(sig: int) -> str:
-    global _SIG_NAMES
-    if _SIG_NAMES is None:
-        _SIG_NAMES = _init_sig_names()
-    return _SIG_NAMES.get(sig) or 'signal %d' % sig
+def sig_num(value: ta.Union[int, str]) -> int:
+    try:
+        num = int(value)
 
+    except (ValueError, TypeError):
+        name = value.strip().upper()  # type: ignore
+        if not name.startswith('SIG'):
+            name = f'SIG{name}'
 
-def _init_sig_names() -> ta.Dict[int, str]:
-    d = {}
-    for k, v in signal.__dict__.items():  # noqa
-        k_startswith = getattr(k, 'startswith', None)
-        if k_startswith is None:
-            continue
-        if k_startswith('SIG') and not k_startswith('SIG_'):
-            d[v] = k
-    return d
+        if (sn := _SIGS_BY_NAME.get(name)) is None:
+            raise ValueError(f'value {value!r} is not a valid signal name')  # noqa
+        num = sn
+
+    if num not in _SIGS_BY_NUM:
+        raise ValueError(f'value {value!r} is not a valid signal number')
+
+    return num
+
+
+def sig_name(num: int) -> str:
+    if (sig := _SIGS_BY_NUM.get(num)) is not None:
+        return sig.name
+    return f'signal {sig}'
 
 
 ##
@@ -36,7 +44,7 @@ class SignalReceiver:
 
         self._signals_recvd: ta.List[int] = []
 
-    def receive(self, sig: int, frame: ta.Any) -> None:
+    def receive(self, sig: int, frame: ta.Any = None) -> None:
         if sig not in self._signals_recvd:
             self._signals_recvd.append(sig)
 

ominfra/supervisor/spawning.py

@@ -0,0 +1,31 @@
+# ruff: noqa: UP006 UP007
+import abc
+import dataclasses as dc
+
+from .dispatchers import Dispatchers
+from .pipes import ProcessPipes
+from .types import Process
+
+
+@dc.dataclass(frozen=True)
+class SpawnedProcess:
+    pid: int
+    pipes: ProcessPipes
+    dispatchers: Dispatchers
+
+
+class ProcessSpawnError(RuntimeError):
+    pass
+
+
+class ProcessSpawning:
+    @property
+    @abc.abstractmethod
+    def process(self) -> Process:
+        raise NotImplementedError
+
+    #
+
+    @abc.abstractmethod
+    def spawn(self) -> SpawnedProcess:  # Raises[ProcessSpawnError]
+        raise NotImplementedError

ominfra/supervisor/spawningimpl.py

@@ -0,0 +1,347 @@
+# ruff: noqa: UP006 UP007
+import errno
+import os.path
+import shlex
+import stat
+import typing as ta
+
+from omlish.lite.check import check_isinstance
+from omlish.lite.check import check_not_none
+from omlish.lite.typing import Func3
+
+from .configs import ProcessConfig
+from .configs import ServerConfig
+from .dispatchers import Dispatchers
+from .events import ProcessCommunicationEvent
+from .events import ProcessCommunicationStderrEvent
+from .events import ProcessCommunicationStdoutEvent
+from .exceptions import BadCommandError
+from .exceptions import NoPermissionError
+from .exceptions import NotExecutableError
+from .exceptions import NotFoundError
+from .exceptions import ProcessError
+from .pipes import ProcessPipes
+from .pipes import close_child_pipes
+from .pipes import close_pipes
+from .pipes import make_process_pipes
+from .privileges import drop_privileges
+from .processes import PidHistory
+from .spawning import ProcessSpawnError
+from .spawning import ProcessSpawning
+from .spawning import SpawnedProcess
+from .types import Dispatcher
+from .types import InputDispatcher
+from .types import OutputDispatcher
+from .types import Process
+from .types import ProcessGroup
+from .utils import as_bytes
+from .utils import close_fd
+from .utils import compact_traceback
+from .utils import get_path
+from .utils import real_exit
+
+
+class OutputDispatcherFactory(Func3[Process, ta.Type[ProcessCommunicationEvent], int, OutputDispatcher]):
+    pass
+
+
+class InputDispatcherFactory(Func3[Process, str, int, InputDispatcher]):
+    pass
+
+
+InheritedFds = ta.NewType('InheritedFds', ta.FrozenSet[int])
+
+
+##
+
+
+class ProcessSpawningImpl(ProcessSpawning):
+    def __init__(
+            self,
+            process: Process,
+            *,
+            server_config: ServerConfig,
+            pid_history: PidHistory,
+
+            output_dispatcher_factory: OutputDispatcherFactory,
+            input_dispatcher_factory: InputDispatcherFactory,
+
+            inherited_fds: ta.Optional[InheritedFds] = None,
+    ) -> None:
+        super().__init__()
+
+        self._process = process
+
+        self._server_config = server_config
+        self._pid_history = pid_history
+
+        self._output_dispatcher_factory = output_dispatcher_factory
+        self._input_dispatcher_factory = input_dispatcher_factory
+
+        self._inherited_fds = InheritedFds(frozenset(inherited_fds or []))
+
+    #
+
+    @property
+    def process(self) -> Process:
+        return self._process
+
+    @property
+    def config(self) -> ProcessConfig:
+        return self._process.config
+
+    @property
+    def group(self) -> ProcessGroup:
+        return self._process.group
+
+    #
+
+    def spawn(self) -> SpawnedProcess:  # Raises[ProcessSpawnError]
+        try:
+            exe, argv = self._get_execv_args()
+        except ProcessError as exc:
+            raise ProcessSpawnError(exc.args[0]) from exc
+
+        try:
+            pipes = make_process_pipes(not self.config.redirect_stderr)
+        except OSError as exc:
+            code = exc.args[0]
+            if code == errno.EMFILE:
+                # too many file descriptors open
+                msg = f"Too many open files to spawn '{self.process.name}'"
+            else:
+                msg = f"Unknown error making pipes for '{self.process.name}': {errno.errorcode.get(code, code)}"
+            raise ProcessSpawnError(msg) from exc
+
+        try:
+            dispatchers = self._make_dispatchers(pipes)
+        except Exception as exc:  # noqa
+            close_pipes(pipes)
+            raise ProcessSpawnError(f"Unknown error making dispatchers for '{self.process.name}': {exc}") from exc
+
+        try:
+            pid = os.fork()
+        except OSError as exc:
+            code = exc.args[0]
+            if code == errno.EAGAIN:
+                # process table full
+                msg = f"Too many processes in process table to spawn '{self.process.name}'"
+            else:
+                msg = f"Unknown error during fork for '{self.process.name}': {errno.errorcode.get(code, code)}"
+            err = ProcessSpawnError(msg)
+            close_pipes(pipes)
+            raise err from exc
+
+        if pid != 0:
+            sp = SpawnedProcess(
+                pid,
+                pipes,
+                dispatchers,
+            )
+            self._spawn_as_parent(sp)
+            return sp
+
+        else:
+            self._spawn_as_child(
+                exe,
+                argv,
+                pipes,
+            )
+            raise RuntimeError('Unreachable')  # noqa
+
+    def _get_execv_args(self) -> ta.Tuple[str, ta.Sequence[str]]:
+        """
+        Internal: turn a program name into a file name, using $PATH, make sure it exists / is executable, raising a
+        ProcessError if not
+        """
+
+        try:
+            args = shlex.split(self.config.command)
+        except ValueError as e:
+            raise BadCommandError(f"Can't parse command {self.config.command!r}: {e}")  # noqa
+
+        if args:
+            program = args[0]
+        else:
+            raise BadCommandError('Command is empty')
+
+        if '/' in program:
+            exe = program
+            try:
+                st = os.stat(exe)
+            except OSError:
+                st = None
+
+        else:
+            path = get_path()
+            found = None
+            st = None
+            for dir in path:  # noqa
+                found = os.path.join(dir, program)
+                try:
+                    st = os.stat(found)
+                except OSError:
+                    pass
+                else:
+                    break
+
+            if st is None:
+                exe = program
+            else:
+                exe = found  # type: ignore
+
+        # check_execv_args will raise a ProcessError if the execv args are bogus, we break it out into a separate
+        # options method call here only to service unit tests
+        check_execv_args(exe, args, st)
+
+        return exe, args
+
+    def _make_dispatchers(self, pipes: ProcessPipes) -> Dispatchers:
+        dispatchers: ta.List[Dispatcher] = []
+
+        if pipes.stdout is not None:
+            dispatchers.append(check_isinstance(self._output_dispatcher_factory(
+                self.process,
+                ProcessCommunicationStdoutEvent,
+                pipes.stdout,
+            ), OutputDispatcher))
+
+        if pipes.stderr is not None:
+            dispatchers.append(check_isinstance(self._output_dispatcher_factory(
+                self.process,
+                ProcessCommunicationStderrEvent,
+                pipes.stderr,
+            ), OutputDispatcher))
+
+        if pipes.stdin is not None:
+            dispatchers.append(check_isinstance(self._input_dispatcher_factory(
+                self.process,
+                'stdin',
+                pipes.stdin,
+            ), InputDispatcher))
+
+        return Dispatchers(dispatchers)
+
+    #
+
+    def _spawn_as_parent(self, sp: SpawnedProcess) -> None:
+        close_child_pipes(sp.pipes)
+
+        self._pid_history[sp.pid] = self.process
+
+    #
+
+    def _spawn_as_child(
+            self,
+            exe: str,
+            argv: ta.Sequence[str],
+            pipes: ProcessPipes,
+    ) -> ta.NoReturn:
+        try:
+            # Prevent child from receiving signals sent to the parent by calling os.setpgrp to create a new process
+            # group for the child. This prevents, for instance, the case of child processes being sent a SIGINT when
+            # running supervisor in foreground mode and Ctrl-C in the terminal window running supervisord is pressed.
+            # Presumably it also prevents HUP, etc. received by supervisord from being sent to children.
+            os.setpgrp()
+
+            #
+
+            # After preparation sending to fd 2 will put this output in the stderr log.
+            self._prepare_child_fds(pipes)
+
+            #
+
+            setuid_msg = self._set_uid()
+            if setuid_msg:
+                uid = self.config.uid
+                msg = f"Couldn't setuid to {uid}: {setuid_msg}\n"
+                os.write(2, as_bytes('supervisor: ' + msg))
+                raise RuntimeError(msg)
+
+            #
+
+            env = os.environ.copy()
+            env['SUPERVISOR_ENABLED'] = '1'
+            env['SUPERVISOR_PROCESS_NAME'] = self.process.name
+            if self.group:
+                env['SUPERVISOR_GROUP_NAME'] = self.group.name
+            if self.config.environment is not None:
+                env.update(self.config.environment)
+
+            #
+
+            cwd = self.config.directory
+            try:
+                if cwd is not None:
+                    os.chdir(os.path.expanduser(cwd))
+            except OSError as exc:
+                code = errno.errorcode.get(exc.args[0], exc.args[0])
+                msg = f"Couldn't chdir to {cwd}: {code}\n"
+                os.write(2, as_bytes('supervisor: ' + msg))
+                raise RuntimeError(msg) from exc
+
+            #
+
+            try:
+                if self.config.umask is not None:
+                    os.umask(self.config.umask)
+                os.execve(exe, list(argv), env)
+
+            except OSError as exc:
+                code = errno.errorcode.get(exc.args[0], exc.args[0])
+                msg = f"Couldn't exec {argv[0]}: {code}\n"
+                os.write(2, as_bytes('supervisor: ' + msg))
+
+            except Exception:  # noqa
+                (file, fun, line), t, v, tb = compact_traceback()
+                msg = f"Couldn't exec {exe}: {t}, {v}: file: {file} line: {line}\n"
+                os.write(2, as_bytes('supervisor: ' + msg))
+
+        finally:
+            os.write(2, as_bytes('supervisor: child process was not spawned\n'))
+            real_exit(127)  # exit process with code for spawn failure
+
+        raise RuntimeError('Unreachable')
+
+    def _prepare_child_fds(self, pipes: ProcessPipes) -> None:
+        os.dup2(check_not_none(pipes.child_stdin), 0)
+
+        os.dup2(check_not_none(pipes.child_stdout), 1)
+
+        if self.config.redirect_stderr:
+            os.dup2(check_not_none(pipes.child_stdout), 2)
+        else:
+            os.dup2(check_not_none(pipes.child_stderr), 2)
+
+        for i in range(3, self._server_config.minfds):
+            if i in self._inherited_fds:
+                continue
+            close_fd(i)
+
+    def _set_uid(self) -> ta.Optional[str]:
+        if self.config.uid is None:
+            return None
+
+        msg = drop_privileges(self.config.uid)
+        return msg
+
+
+##
+
+
+def check_execv_args(
+        exe: str,
+        argv: ta.Sequence[str],
+        st: ta.Optional[os.stat_result],
+) -> None:
+    if st is None:
+        raise NotFoundError(f"Can't find command {exe!r}")
+
+    elif stat.S_ISDIR(st[stat.ST_MODE]):
+        raise NotExecutableError(f'Command at {exe!r} is a directory')
+
+    elif not (stat.S_IMODE(st[stat.ST_MODE]) & 0o111):
+        raise NotExecutableError(f'Command at {exe!r} is not executable')
+
+    elif not os.access(exe, os.X_OK):
+        raise NoPermissionError(f'No permission to run command {exe!r}')