4 This file is part of PulseAudio.
6 Copyright 2004-2006 Lennart Poettering
7 Copyright 2006 Pierre Ossman <ossman@cendio.se> for Cendio AB
9 PulseAudio is free software; you can redistribute it and/or modify
10 it under the terms of the GNU Lesser General Public License as published
11 by the Free Software Foundation; either version 2 of the License,
12 or (at your option) any later version.
14 PulseAudio is distributed in the hope that it will be useful, but
15 WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 General Public License for more details.
19 You should have received a copy of the GNU Lesser General Public License
20 along with PulseAudio; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
41 #include <sys/types.h>
43 #include <liboil/liboil.h>
45 #ifdef HAVE_SYS_IOCTL_H
46 #include <sys/ioctl.h>
62 #include <dbus/dbus.h>
65 #include <pulse/mainloop.h>
66 #include <pulse/mainloop-signal.h>
67 #include <pulse/timeval.h>
68 #include <pulse/xmalloc.h>
70 #include <pulsecore/winsock.h>
71 #include <pulsecore/core-error.h>
72 #include <pulsecore/core.h>
73 #include <pulsecore/memblock.h>
74 #include <pulsecore/module.h>
75 #include <pulsecore/cli-command.h>
76 #include <pulsecore/log.h>
77 #include <pulsecore/core-util.h>
78 #include <pulsecore/sioman.h>
79 #include <pulsecore/cli-text.h>
80 #include <pulsecore/pid.h>
81 #include <pulsecore/namereg.h>
82 #include <pulsecore/random.h>
83 #include <pulsecore/rtsig.h>
84 #include <pulsecore/rtclock.h>
85 #include <pulsecore/macro.h>
86 #include <pulsecore/mutex.h>
87 #include <pulsecore/thread.h>
88 #include <pulsecore/once.h>
89 #include <pulsecore/shm.h>
93 #include "daemon-conf.h"
94 #include "dumpmodules.h"
96 #include "ltdl-bind-now.h"
100 /* Only one instance of these variables */
101 int allow_severity
= LOG_INFO
;
102 int deny_severity
= LOG_WARNING
;
106 /* padsp looks for this symbol in the running process and disables
107 * itself if it finds it and it is set to 7 (which is actually a bit
108 * mask). For details see padsp. */
109 int __padsp_disabled__
= 7;
114 static void message_cb(pa_mainloop_api
*a
, pa_time_event
*e
, PA_GCC_UNUSED
const struct timeval
*tv
, void *userdata
) {
116 struct timeval tvnext
;
118 while(PeekMessage(&msg
, NULL
, 0, 0, PM_REMOVE
)) {
119 if (msg
.message
== WM_QUIT
)
122 TranslateMessage(&msg
);
123 DispatchMessage(&msg
);
127 pa_timeval_add(pa_gettimeofday(&tvnext
), 100000);
128 a
->time_restart(e
, &tvnext
);
133 static void signal_callback(pa_mainloop_api
*m
, PA_GCC_UNUSED pa_signal_event
*e
, int sig
, void *userdata
) {
134 pa_log_info("Got signal %s.", pa_sig2str(sig
));
139 pa_module_load(userdata
, "module-cli", NULL
);
145 pa_module_load(userdata
, "module-cli-protocol-unix", NULL
);
151 char *c
= pa_full_status_string(userdata
);
152 pa_log_notice("%s", c
);
161 pa_log_info("Exiting.");
167 #define set_env(key, value) putenv(pa_sprintf_malloc("%s=%s", (key), (value)))
169 #if defined(HAVE_PWD_H) && defined(HAVE_GRP_H)
171 static int change_user(void) {
176 /* This function is called only in system-wide mode. It creates a
177 * runtime dir in /var/run/ with proper UID/GID and drops privs
180 if (!(pw
= getpwnam(PA_SYSTEM_USER
))) {
181 pa_log("Failed to find user '%s'.", PA_SYSTEM_USER
);
185 if (!(gr
= getgrnam(PA_SYSTEM_GROUP
))) {
186 pa_log("Failed to find group '%s'.", PA_SYSTEM_GROUP
);
190 pa_log_info("Found user '%s' (UID %lu) and group '%s' (GID %lu).",
191 PA_SYSTEM_USER
, (unsigned long) pw
->pw_uid
,
192 PA_SYSTEM_GROUP
, (unsigned long) gr
->gr_gid
);
194 if (pw
->pw_gid
!= gr
->gr_gid
) {
195 pa_log("GID of user '%s' and of group '%s' don't match.", PA_SYSTEM_USER
, PA_SYSTEM_GROUP
);
199 if (strcmp(pw
->pw_dir
, PA_SYSTEM_RUNTIME_PATH
) != 0)
200 pa_log_warn("Warning: home directory of user '%s' is not '%s', ignoring.", PA_SYSTEM_USER
, PA_SYSTEM_RUNTIME_PATH
);
202 if (pa_make_secure_dir(PA_SYSTEM_RUNTIME_PATH
, 0755, pw
->pw_uid
, gr
->gr_gid
) < 0) {
203 pa_log("Failed to create '%s': %s", PA_SYSTEM_RUNTIME_PATH
, pa_cstrerror(errno
));
207 if (initgroups(PA_SYSTEM_USER
, gr
->gr_gid
) != 0) {
208 pa_log("Failed to change group list: %s", pa_cstrerror(errno
));
212 #if defined(HAVE_SETRESGID)
213 r
= setresgid(gr
->gr_gid
, gr
->gr_gid
, gr
->gr_gid
);
214 #elif defined(HAVE_SETEGID)
215 if ((r
= setgid(gr
->gr_gid
)) >= 0)
216 r
= setegid(gr
->gr_gid
);
217 #elif defined(HAVE_SETREGID)
218 r
= setregid(gr
->gr_gid
, gr
->gr_gid
);
220 #error "No API to drop priviliges"
224 pa_log("Failed to change GID: %s", pa_cstrerror(errno
));
228 #if defined(HAVE_SETRESUID)
229 r
= setresuid(pw
->pw_uid
, pw
->pw_uid
, pw
->pw_uid
);
230 #elif defined(HAVE_SETEUID)
231 if ((r
= setuid(pw
->pw_uid
)) >= 0)
232 r
= seteuid(pw
->pw_uid
);
233 #elif defined(HAVE_SETREUID)
234 r
= setreuid(pw
->pw_uid
, pw
->pw_uid
);
236 #error "No API to drop priviliges"
240 pa_log("Failed to change UID: %s", pa_cstrerror(errno
));
244 set_env("USER", PA_SYSTEM_USER
);
245 set_env("USERNAME", PA_SYSTEM_USER
);
246 set_env("LOGNAME", PA_SYSTEM_USER
);
247 set_env("HOME", PA_SYSTEM_RUNTIME_PATH
);
249 /* Relevant for pa_runtime_path() */
250 set_env("PULSE_RUNTIME_PATH", PA_SYSTEM_RUNTIME_PATH
);
251 set_env("PULSE_CONFIG_PATH", PA_SYSTEM_RUNTIME_PATH
);
253 pa_log_info("Successfully dropped root privileges.");
258 #else /* HAVE_PWD_H && HAVE_GRP_H */
260 static int change_user(void) {
261 pa_log("System wide mode unsupported on this platform.");
265 #endif /* HAVE_PWD_H && HAVE_GRP_H */
267 static int create_runtime_dir(void) {
270 pa_runtime_path(NULL
, fn
, sizeof(fn
));
272 /* This function is called only when the daemon is started in
273 * per-user mode. We create the runtime directory somewhere in
274 * /tmp/ with the current UID/GID */
276 if (pa_make_secure_dir(fn
, 0700, (uid_t
)-1, (gid_t
)-1) < 0) {
277 pa_log("Failed to create '%s': %s", fn
, pa_cstrerror(errno
));
284 #ifdef HAVE_SYS_RESOURCE_H
286 static int set_one_rlimit(const pa_rlimit
*r
, int resource
, const char *name
) {
293 rl
.rlim_cur
= rl
.rlim_max
= r
->value
;
295 if (setrlimit(resource
, &rl
) < 0) {
296 pa_log_warn("setrlimit(%s, (%u, %u)) failed: %s", name
, (unsigned) r
->value
, (unsigned) r
->value
, pa_cstrerror(errno
));
303 static void set_all_rlimits(const pa_daemon_conf
*conf
) {
304 set_one_rlimit(&conf
->rlimit_as
, RLIMIT_AS
, "RLIMIT_AS");
305 set_one_rlimit(&conf
->rlimit_core
, RLIMIT_CORE
, "RLIMIT_CORE");
306 set_one_rlimit(&conf
->rlimit_data
, RLIMIT_DATA
, "RLIMIT_DATA");
307 set_one_rlimit(&conf
->rlimit_fsize
, RLIMIT_FSIZE
, "RLIMIT_FSIZE");
308 set_one_rlimit(&conf
->rlimit_nofile
, RLIMIT_NOFILE
, "RLIMIT_NOFILE");
309 set_one_rlimit(&conf
->rlimit_stack
, RLIMIT_STACK
, "RLIMIT_STACK");
311 set_one_rlimit(&conf
->rlimit_nproc
, RLIMIT_NPROC
, "RLIMIT_NPROC");
313 #ifdef RLIMIT_MEMLOCK
314 set_one_rlimit(&conf
->rlimit_memlock
, RLIMIT_MEMLOCK
, "RLIMIT_MEMLOCK");
317 set_one_rlimit(&conf
->rlimit_nice
, RLIMIT_NICE
, "RLIMIT_NICE");
320 set_one_rlimit(&conf
->rlimit_rtprio
, RLIMIT_RTPRIO
, "RLIMIT_RTPRIO");
325 int main(int argc
, char *argv
[]) {
327 pa_strbuf
*buf
= NULL
;
328 pa_daemon_conf
*conf
= NULL
;
329 pa_mainloop
*mainloop
= NULL
;
331 int r
= 0, retval
= 1, d
= 0;
332 int daemon_pipe
[2] = { -1, -1 };
333 pa_bool_t suid_root
, real_root
;
334 int valid_pid_file
= 0;
335 gid_t gid
= (gid_t
) -1;
336 pa_bool_t allow_realtime
, allow_high_priority
;
337 pa_bool_t ltdl_init
= FALSE
;
340 pa_time_event
*timer
;
345 #if defined(__linux__) && defined(__OPTIMIZE__)
347 Disable lazy relocations to make usage of external libraries
348 more deterministic for our RT threads. We abuse __OPTIMIZE__ as
349 a check whether we are a debug build or not.
352 if (!getenv("LD_BIND_NOW")) {
355 /* We have to execute ourselves, because the libc caches the
356 * value of $LD_BIND_NOW on initialization. */
358 putenv(pa_xstrdup("LD_BIND_NOW=1"));
359 pa_assert_se(rp
= pa_readlink("/proc/self/exe"));
360 pa_assert_se(execv(rp
, argv
) == 0);
365 real_root
= getuid() == 0;
366 suid_root
= !real_root
&& geteuid() == 0;
373 /* Drop all capabilities except CAP_SYS_NICE */
376 /* Drop priviliges, but keep CAP_SYS_NICE */
379 /* After dropping root, the effective set is reset, hence,
380 * let's raise it again */
383 /* When capabilities are not supported we will not be able to
384 * aquire RT sched anymore. But yes, that's the way it is. It
385 * is just too risky tun let PA run as root all the time. */
388 /* At this point, we are a normal user, possibly with CAP_NICE if
389 * we were started SUID. If we are started as normal root, than we
390 * still are normal root. */
392 setlocale(LC_ALL
, "");
393 pa_log_set_maximal_level(PA_LOG_INFO
);
394 pa_log_set_ident("pulseaudio");
396 conf
= pa_daemon_conf_new();
398 if (pa_daemon_conf_load(conf
, NULL
) < 0)
401 if (pa_daemon_conf_env(conf
) < 0)
404 if (pa_cmdline_parse(conf
, argc
, argv
, &d
) < 0) {
405 pa_log("Failed to parse command line.");
409 pa_log_set_maximal_level(conf
->log_level
);
410 pa_log_set_target(conf
->auto_log_target
? PA_LOG_STDERR
: conf
->log_target
, NULL
);
413 /* Ok, we're suid root, so let's better not enable high prio
414 * or RT by default */
416 allow_high_priority
= allow_realtime
= FALSE
;
419 if (conf
->high_priority
) {
420 if (pa_polkit_check("org.pulseaudio.acquire-high-priority") > 0) {
421 pa_log_info("PolicyKit grants us acquire-high-priority privilige.");
422 allow_high_priority
= TRUE
;
424 pa_log_info("PolicyKit refuses acquire-high-priority privilige.");
427 if (conf
->realtime_scheduling
) {
428 if (pa_polkit_check("org.pulseaudio.acquire-real-time") > 0) {
429 pa_log_info("PolicyKit grants us acquire-real-time privilige.");
430 allow_realtime
= TRUE
;
432 pa_log_info("PolicyKit refuses acquire-real-time privilige.");
436 if ((conf
->high_priority
|| conf
->realtime_scheduling
) && pa_own_uid_in_group(PA_REALTIME_GROUP
, &gid
) > 0) {
437 pa_log_info("We're in the group '"PA_REALTIME_GROUP
"', allowing real-time and high-priority scheduling.");
438 allow_realtime
= conf
->realtime_scheduling
;
439 allow_high_priority
= conf
->high_priority
;
442 if (!allow_high_priority
&& !allow_realtime
) {
444 /* OK, there's no further need to keep CAP_NICE. Hence
445 * let's give it up early */
449 suid_root
= real_root
= FALSE
;
451 if (conf
->high_priority
|| conf
->realtime_scheduling
)
452 pa_log_notice("Called SUID root and real-time/high-priority scheduling was requested in the configuration. However, we lack the necessary priviliges:\n"
453 "We are not in group '"PA_REALTIME_GROUP
"' and PolicyKit refuse to grant us priviliges. Dropping SUID again.\n"
454 "For enabling real-time scheduling please acquire the appropriate PolicyKit priviliges, or become a member of '"PA_REALTIME_GROUP
"', or increase the RLIMIT_NICE/RLIMIT_RTPRIO resource limits for this user.");
459 /* OK, we're a normal user, so let's allow the user evrything
460 * he asks for, it's now the kernel's job to enforce limits,
461 * not ours anymore */
462 allow_high_priority
= allow_realtime
= TRUE
;
465 if (conf
->high_priority
&& !allow_high_priority
) {
466 pa_log_info("High-priority scheduling enabled in configuration but now allowed by policy. Disabling forcibly.");
467 conf
->high_priority
= FALSE
;
470 if (conf
->realtime_scheduling
&& !allow_realtime
) {
471 pa_log_info("Real-time scheduling enabled in configuration but now allowed by policy. Disabling forcibly.");
472 conf
->realtime_scheduling
= FALSE
;
475 if (conf
->high_priority
&& conf
->cmd
== PA_CMD_DAEMON
)
476 pa_raise_priority(conf
->nice_level
);
481 drop
= conf
->cmd
!= PA_CMD_DAEMON
|| !conf
->realtime_scheduling
;
486 /* At this point we still have CAP_NICE if we were loaded
487 * SUID root. If possible let's acquire RLIMIT_RTPRIO
488 * instead and give CAP_NICE up. */
490 const pa_rlimit rl
= { 9, TRUE
};
492 if (set_one_rlimit(&rl
, RLIMIT_RTPRIO
, "RLIMIT_RTPRIO") >= 0) {
493 pa_log_info("Successfully increased RLIMIT_RTPRIO, giving up CAP_NICE.");
496 pa_log_warn("RLIMIT_RTPRIO failed: %s", pa_cstrerror(errno
));
503 suid_root
= real_root
= FALSE
;
507 LTDL_SET_PRELOADED_SYMBOLS();
511 if (conf
->dl_search_path
)
512 lt_dlsetsearchpath(conf
->dl_search_path
);
517 WSAStartup(MAKEWORD(2, 0), &data
);
524 case PA_CMD_DUMP_MODULES
:
525 pa_dump_modules(conf
, argc
-d
, argv
+d
);
529 case PA_CMD_DUMP_CONF
: {
530 s
= pa_daemon_conf_dump(conf
);
537 case PA_CMD_DUMP_RESAMPLE_METHODS
: {
540 for (i
= 0; i
< PA_RESAMPLER_MAX
; i
++)
541 if (pa_resample_method_supported(i
))
542 printf("%s\n", pa_resample_method_to_string(i
));
548 pa_cmdline_help(argv
[0]);
552 case PA_CMD_VERSION
:
553 printf(PACKAGE_NAME
" "PACKAGE_VERSION
"\n");
560 if (pa_pid_file_check_running(&pid
, "pulseaudio") < 0)
561 pa_log_info("Daemon not running");
563 pa_log_info("Daemon running as PID %u", pid
);
572 if (pa_pid_file_kill(SIGINT
, NULL
, "pulseaudio") < 0)
573 pa_log("Failed to kill daemon.");
579 case PA_CMD_CLEANUP_SHM
:
581 if (pa_shm_cleanup() >= 0)
587 pa_assert(conf
->cmd
== PA_CMD_DAEMON
);
590 if (real_root
&& !conf
->system_instance
)
591 pa_log_warn("This program is not intended to be run as root (unless --system is specified).");
592 else if (!real_root
&& conf
->system_instance
) {
593 pa_log("Root priviliges required.");
597 if (conf
->daemonize
) {
601 if (pa_stdio_acquire() < 0) {
602 pa_log("Failed to acquire stdio.");
607 if (pipe(daemon_pipe
) < 0) {
608 pa_log("Failed to create pipe.");
612 if ((child
= fork()) < 0) {
613 pa_log("fork() failed: %s", pa_cstrerror(errno
));
620 pa_assert_se(pa_close(daemon_pipe
[1]) == 0);
623 if (pa_loop_read(daemon_pipe
[0], &retval
, sizeof(retval
), NULL
) != sizeof(retval
)) {
624 pa_log("read() failed: %s", pa_cstrerror(errno
));
629 pa_log("daemon startup failed.");
631 pa_log_info("daemon startup successful.");
636 pa_assert_se(pa_close(daemon_pipe
[0]) == 0);
640 if (conf
->auto_log_target
)
641 pa_log_set_target(PA_LOG_SYSLOG
, NULL
);
655 open("/dev/null", O_RDONLY
);
656 open("/dev/null", O_WRONLY
);
657 open("/dev/null", O_WRONLY
);
663 signal(SIGTTOU
, SIG_IGN
);
666 signal(SIGTTIN
, SIG_IGN
);
669 signal(SIGTSTP
, SIG_IGN
);
673 if ((tty_fd
= open("/dev/tty", O_RDWR
)) >= 0) {
674 ioctl(tty_fd
, TIOCNOTTY
, (char*) 0);
675 pa_assert_se(pa_close(tty_fd
) == 0);
680 pa_assert_se(chdir("/") == 0);
683 if (conf
->system_instance
) {
684 if (change_user() < 0)
686 } else if (create_runtime_dir() < 0)
689 if (conf
->use_pid_file
) {
690 if (pa_pid_file_create() < 0) {
691 pa_log("pa_pid_file_create() failed.");
694 pa_loop_write(daemon_pipe
[1], &retval
, sizeof(retval
), NULL
);
702 #ifdef HAVE_SYS_RESOURCE_H
703 set_all_rlimits(conf
);
707 signal(SIGPIPE
, SIG_IGN
);
710 pa_log_info("This is PulseAudio " PACKAGE_VERSION
);
711 pa_log_info("Page size is %lu bytes", (unsigned long) PA_PAGE_SIZE
);
713 if (pa_rtclock_hrtimer())
714 pa_log_info("Fresh high-resolution timers available! Bon appetit!");
716 pa_log_info("Dude, your kernel stinks! The chef's recommendation today is Linux with high-resolution timers enabled!");
719 /* Valgrind uses SIGRTMAX. To easy debugging we don't use it here */
720 pa_rtsig_configure(SIGRTMIN
, SIGRTMAX
-1);
723 pa_assert_se(mainloop
= pa_mainloop_new());
725 if (!(c
= pa_core_new(pa_mainloop_get_api(mainloop
), !conf
->disable_shm
))) {
726 pa_log("pa_core_new() failed.");
730 c
->is_system_instance
= !!conf
->system_instance
;
731 c
->default_sample_spec
= conf
->default_sample_spec
;
732 c
->default_n_fragments
= conf
->default_n_fragments
;
733 c
->default_fragment_size_msec
= conf
->default_fragment_size_msec
;
734 c
->exit_idle_time
= conf
->exit_idle_time
;
735 c
->module_idle_time
= conf
->module_idle_time
;
736 c
->scache_idle_time
= conf
->scache_idle_time
;
737 c
->resample_method
= conf
->resample_method
;
738 c
->realtime_priority
= conf
->realtime_priority
;
739 c
->realtime_scheduling
= !!conf
->realtime_scheduling
;
740 c
->disable_remixing
= !!conf
->disable_remixing
;
742 pa_assert_se(pa_signal_init(pa_mainloop_get_api(mainloop
)) == 0);
743 pa_signal_new(SIGINT
, signal_callback
, c
);
744 pa_signal_new(SIGTERM
, signal_callback
, c
);
747 pa_signal_new(SIGUSR1
, signal_callback
, c
);
750 pa_signal_new(SIGUSR2
, signal_callback
, c
);
753 pa_signal_new(SIGHUP
, signal_callback
, c
);
757 pa_assert_se(timer
= pa_mainloop_get_api(mainloop
)->time_new(pa_mainloop_get_api(mainloop
), pa_gettimeofday(&tv
), message_cb
, NULL
));
761 c
->running_as_daemon
= TRUE
;
765 if (!conf
->no_cpu_limit
)
766 pa_assert_se(pa_cpu_limit_init(pa_mainloop_get_api(mainloop
)) == 0);
768 buf
= pa_strbuf_new();
769 if (conf
->default_script_file
)
770 r
= pa_cli_command_execute_file(c
, conf
->default_script_file
, buf
, &conf
->fail
);
773 r
= pa_cli_command_execute(c
, conf
->script_commands
, buf
, &conf
->fail
);
774 pa_log_error("%s", s
= pa_strbuf_tostring_free(buf
));
777 /* We completed the initial module loading, so let's disable it
778 * from now on, if requested */
779 c
->disallow_module_loading
= !!conf
->disallow_module_loading
;
781 if (r
< 0 && conf
->fail
) {
782 pa_log("failed to initialize daemon.");
785 pa_loop_write(daemon_pipe
[1], &retval
, sizeof(retval
), NULL
);
787 } else if (!c
->modules
|| pa_idxset_size(c
->modules
) == 0) {
788 pa_log("daemon startup without any loaded modules, refusing to work.");
791 pa_loop_write(daemon_pipe
[1], &retval
, sizeof(retval
), NULL
);
798 pa_loop_write(daemon_pipe
[1], &retval
, sizeof(retval
), NULL
);
801 if (c
->default_sink_name
&&
802 pa_namereg_get(c
, c
->default_sink_name
, PA_NAMEREG_SINK
, 1) == NULL
) {
803 pa_log_error("%s : Fatal error. Default sink name (%s) does not exist in name register.", __FILE__
, c
->default_sink_name
);
806 pa_log_info("Daemon startup complete.");
807 if (pa_mainloop_run(mainloop
, &retval
) < 0)
809 pa_log_info("Daemon shutdown initiated.");
814 pa_mainloop_get_api(mainloop
)->time_free(timer
);
819 if (!conf
->no_cpu_limit
)
824 pa_log_info("Daemon terminated.");
829 pa_mainloop_free(mainloop
);
832 pa_daemon_conf_free(conf
);
835 pa_pid_file_remove();
837 pa_close_pipe(daemon_pipe
);