4 This file is part of PulseAudio.
6 Copyright 2004-2006 Lennart Poettering
7 Copyright 2006 Pierre Ossman <ossman@cendio.se> for Cendio AB
9 PulseAudio is free software; you can redistribute it and/or modify
10 it under the terms of the GNU Lesser General Public License as published
11 by the Free Software Foundation; either version 2 of the License,
12 or (at your option) any later version.
14 PulseAudio is distributed in the hope that it will be useful, but
15 WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 General Public License for more details.
19 You should have received a copy of the GNU Lesser General Public License
20 along with PulseAudio; if not, write to the Free Software
21 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
41 #include <sys/types.h>
43 #include <liboil/liboil.h>
45 #ifdef HAVE_SYS_IOCTL_H
46 #include <sys/ioctl.h>
62 #include <dbus/dbus.h>
65 #include <pulse/mainloop.h>
66 #include <pulse/mainloop-signal.h>
67 #include <pulse/timeval.h>
68 #include <pulse/xmalloc.h>
70 #include <pulsecore/winsock.h>
71 #include <pulsecore/core-error.h>
72 #include <pulsecore/core.h>
73 #include <pulsecore/memblock.h>
74 #include <pulsecore/module.h>
75 #include <pulsecore/cli-command.h>
76 #include <pulsecore/log.h>
77 #include <pulsecore/core-util.h>
78 #include <pulsecore/sioman.h>
79 #include <pulsecore/cli-text.h>
80 #include <pulsecore/pid.h>
81 #include <pulsecore/namereg.h>
82 #include <pulsecore/random.h>
83 #include <pulsecore/rtsig.h>
84 #include <pulsecore/rtclock.h>
85 #include <pulsecore/macro.h>
86 #include <pulsecore/mutex.h>
87 #include <pulsecore/thread.h>
88 #include <pulsecore/once.h>
89 #include <pulsecore/shm.h>
93 #include "daemon-conf.h"
94 #include "dumpmodules.h"
96 #include "ltdl-bind-now.h"
100 /* Only one instance of these variables */
101 int allow_severity
= LOG_INFO
;
102 int deny_severity
= LOG_WARNING
;
106 /* padsp looks for this symbol in the running process and disables
107 * itself if it finds it and it is set to 7 (which is actually a bit
108 * mask). For details see padsp. */
109 int __padsp_disabled__
= 7;
114 static void message_cb(pa_mainloop_api
*a
, pa_time_event
*e
, PA_GCC_UNUSED
const struct timeval
*tv
, void *userdata
) {
116 struct timeval tvnext
;
118 while (PeekMessage(&msg
, NULL
, 0, 0, PM_REMOVE
)) {
119 if (msg
.message
== WM_QUIT
)
122 TranslateMessage(&msg
);
123 DispatchMessage(&msg
);
127 pa_timeval_add(pa_gettimeofday(&tvnext
), 100000);
128 a
->time_restart(e
, &tvnext
);
133 static void signal_callback(pa_mainloop_api
*m
, PA_GCC_UNUSED pa_signal_event
*e
, int sig
, void *userdata
) {
134 pa_log_info("Got signal %s.", pa_sig2str(sig
));
139 pa_module_load(userdata
, "module-cli", NULL
);
145 pa_module_load(userdata
, "module-cli-protocol-unix", NULL
);
151 char *c
= pa_full_status_string(userdata
);
152 pa_log_notice("%s", c
);
161 pa_log_info("Exiting.");
167 #if defined(HAVE_PWD_H) && defined(HAVE_GRP_H)
169 static int change_user(void) {
174 /* This function is called only in system-wide mode. It creates a
175 * runtime dir in /var/run/ with proper UID/GID and drops privs
178 if (!(pw
= getpwnam(PA_SYSTEM_USER
))) {
179 pa_log("Failed to find user '%s'.", PA_SYSTEM_USER
);
183 if (!(gr
= getgrnam(PA_SYSTEM_GROUP
))) {
184 pa_log("Failed to find group '%s'.", PA_SYSTEM_GROUP
);
188 pa_log_info("Found user '%s' (UID %lu) and group '%s' (GID %lu).",
189 PA_SYSTEM_USER
, (unsigned long) pw
->pw_uid
,
190 PA_SYSTEM_GROUP
, (unsigned long) gr
->gr_gid
);
192 if (pw
->pw_gid
!= gr
->gr_gid
) {
193 pa_log("GID of user '%s' and of group '%s' don't match.", PA_SYSTEM_USER
, PA_SYSTEM_GROUP
);
197 if (strcmp(pw
->pw_dir
, PA_SYSTEM_RUNTIME_PATH
) != 0)
198 pa_log_warn("Warning: home directory of user '%s' is not '%s', ignoring.", PA_SYSTEM_USER
, PA_SYSTEM_RUNTIME_PATH
);
200 if (pa_make_secure_dir(PA_SYSTEM_RUNTIME_PATH
, 0755, pw
->pw_uid
, gr
->gr_gid
) < 0) {
201 pa_log("Failed to create '%s': %s", PA_SYSTEM_RUNTIME_PATH
, pa_cstrerror(errno
));
205 if (initgroups(PA_SYSTEM_USER
, gr
->gr_gid
) != 0) {
206 pa_log("Failed to change group list: %s", pa_cstrerror(errno
));
210 #if defined(HAVE_SETRESGID)
211 r
= setresgid(gr
->gr_gid
, gr
->gr_gid
, gr
->gr_gid
);
212 #elif defined(HAVE_SETEGID)
213 if ((r
= setgid(gr
->gr_gid
)) >= 0)
214 r
= setegid(gr
->gr_gid
);
215 #elif defined(HAVE_SETREGID)
216 r
= setregid(gr
->gr_gid
, gr
->gr_gid
);
218 #error "No API to drop priviliges"
222 pa_log("Failed to change GID: %s", pa_cstrerror(errno
));
226 #if defined(HAVE_SETRESUID)
227 r
= setresuid(pw
->pw_uid
, pw
->pw_uid
, pw
->pw_uid
);
228 #elif defined(HAVE_SETEUID)
229 if ((r
= setuid(pw
->pw_uid
)) >= 0)
230 r
= seteuid(pw
->pw_uid
);
231 #elif defined(HAVE_SETREUID)
232 r
= setreuid(pw
->pw_uid
, pw
->pw_uid
);
234 #error "No API to drop priviliges"
238 pa_log("Failed to change UID: %s", pa_cstrerror(errno
));
242 pa_set_env("USER", PA_SYSTEM_USER
);
243 pa_set_env("USERNAME", PA_SYSTEM_USER
);
244 pa_set_env("LOGNAME", PA_SYSTEM_USER
);
245 pa_set_env("HOME", PA_SYSTEM_RUNTIME_PATH
);
247 /* Relevant for pa_runtime_path() */
248 pa_set_env("PULSE_RUNTIME_PATH", PA_SYSTEM_RUNTIME_PATH
);
249 pa_set_env("PULSE_CONFIG_PATH", PA_SYSTEM_RUNTIME_PATH
);
251 pa_log_info("Successfully dropped root privileges.");
256 #else /* HAVE_PWD_H && HAVE_GRP_H */
258 static int change_user(void) {
259 pa_log("System wide mode unsupported on this platform.");
263 #endif /* HAVE_PWD_H && HAVE_GRP_H */
265 #ifdef HAVE_SYS_RESOURCE_H
267 static int set_one_rlimit(const pa_rlimit
*r
, int resource
, const char *name
) {
274 rl
.rlim_cur
= rl
.rlim_max
= r
->value
;
276 if (setrlimit(resource
, &rl
) < 0) {
277 pa_log_info("setrlimit(%s, (%u, %u)) failed: %s", name
, (unsigned) r
->value
, (unsigned) r
->value
, pa_cstrerror(errno
));
284 static void set_all_rlimits(const pa_daemon_conf
*conf
) {
285 set_one_rlimit(&conf
->rlimit_fsize
, RLIMIT_FSIZE
, "RLIMIT_FSIZE");
286 set_one_rlimit(&conf
->rlimit_data
, RLIMIT_DATA
, "RLIMIT_DATA");
287 set_one_rlimit(&conf
->rlimit_stack
, RLIMIT_STACK
, "RLIMIT_STACK");
288 set_one_rlimit(&conf
->rlimit_core
, RLIMIT_CORE
, "RLIMIT_CORE");
289 set_one_rlimit(&conf
->rlimit_rss
, RLIMIT_RSS
, "RLIMIT_RSS");
291 set_one_rlimit(&conf
->rlimit_nproc
, RLIMIT_NPROC
, "RLIMIT_NPROC");
293 set_one_rlimit(&conf
->rlimit_nofile
, RLIMIT_NOFILE
, "RLIMIT_NOFILE");
294 #ifdef RLIMIT_MEMLOCK
295 set_one_rlimit(&conf
->rlimit_memlock
, RLIMIT_MEMLOCK
, "RLIMIT_MEMLOCK");
297 set_one_rlimit(&conf
->rlimit_as
, RLIMIT_AS
, "RLIMIT_AS");
299 set_one_rlimit(&conf
->rlimit_locks
, RLIMIT_LOCKS
, "RLIMIT_LOCKS");
301 #ifdef RLIMIT_SIGPENDING
302 set_one_rlimit(&conf
->rlimit_sigpending
, RLIMIT_SIGPENDING
, "RLIMIT_SIGPENDING");
304 #ifdef RLIMIT_MSGQUEUE
305 set_one_rlimit(&conf
->rlimit_msgqueue
, RLIMIT_MSGQUEUE
, "RLIMIT_MSGQUEUE");
308 set_one_rlimit(&conf
->rlimit_nice
, RLIMIT_NICE
, "RLIMIT_NICE");
311 set_one_rlimit(&conf
->rlimit_rtprio
, RLIMIT_RTPRIO
, "RLIMIT_RTPRIO");
314 set_one_rlimit(&conf
->rlimit_rttime
, RLIMIT_RTTIME
, "RLIMIT_RTTIME");
319 int main(int argc
, char *argv
[]) {
321 pa_strbuf
*buf
= NULL
;
322 pa_daemon_conf
*conf
= NULL
;
323 pa_mainloop
*mainloop
= NULL
;
325 int r
= 0, retval
= 1, d
= 0;
326 pa_bool_t suid_root
, real_root
;
327 pa_bool_t valid_pid_file
= FALSE
;
328 gid_t gid
= (gid_t
) -1;
329 pa_bool_t ltdl_init
= FALSE
;
333 int daemon_pipe
[2] = { -1, -1 };
336 pa_time_event
*win32_timer
;
337 struct timeval win32_tv
;
340 #if defined(__linux__) && defined(__OPTIMIZE__)
342 Disable lazy relocations to make usage of external libraries
343 more deterministic for our RT threads. We abuse __OPTIMIZE__ as
344 a check whether we are a debug build or not.
347 if (!getenv("LD_BIND_NOW")) {
350 /* We have to execute ourselves, because the libc caches the
351 * value of $LD_BIND_NOW on initialization. */
353 pa_set_env("LD_BIND_NOW", "1");
354 pa_assert_se(rp
= pa_readlink("/proc/self/exe"));
355 pa_assert_se(execv(rp
, argv
) == 0);
360 real_root
= getuid() == 0;
361 suid_root
= !real_root
&& geteuid() == 0;
368 /* Drop all capabilities except CAP_SYS_NICE */
371 /* Drop priviliges, but keep CAP_SYS_NICE */
374 /* After dropping root, the effective set is reset, hence,
375 * let's raise it again */
378 /* When capabilities are not supported we will not be able to
379 * aquire RT sched anymore. But yes, that's the way it is. It
380 * is just too risky tun let PA run as root all the time. */
383 if ((e
= getenv("PULSE_PASSED_FD"))) {
390 pa_close_all(passed_fd
, -1);
395 /* At this point, we are a normal user, possibly with CAP_NICE if
396 * we were started SUID. If we are started as normal root, than we
397 * still are normal root. */
399 setlocale(LC_ALL
, "");
400 pa_log_set_maximal_level(PA_LOG_INFO
);
401 pa_log_set_ident("pulseaudio");
403 conf
= pa_daemon_conf_new();
405 if (pa_daemon_conf_load(conf
, NULL
) < 0)
408 if (pa_daemon_conf_env(conf
) < 0)
411 if (pa_cmdline_parse(conf
, argc
, argv
, &d
) < 0) {
412 pa_log("Failed to parse command line.");
416 pa_log_set_maximal_level(conf
->log_level
);
417 pa_log_set_target(conf
->auto_log_target
? PA_LOG_STDERR
: conf
->log_target
, NULL
);
420 pa_bool_t allow_realtime
, allow_high_priority
;
422 /* Ok, we're suid root, so let's better not enable high prio
423 * or RT by default */
425 allow_high_priority
= allow_realtime
= FALSE
;
427 if (conf
->high_priority
|| conf
->realtime_scheduling
)
428 if (pa_own_uid_in_group(PA_REALTIME_GROUP
, &gid
) > 0) {
429 pa_log_info("We're in the group '"PA_REALTIME_GROUP
"', allowing real-time and high-priority scheduling.");
430 allow_realtime
= conf
->realtime_scheduling
;
431 allow_high_priority
= conf
->high_priority
;
435 if (conf
->high_priority
&& !allow_high_priority
) {
436 if (pa_polkit_check("org.pulseaudio.acquire-high-priority") > 0) {
437 pa_log_info("PolicyKit grants us acquire-high-priority privilege.");
438 allow_high_priority
= TRUE
;
440 pa_log_info("PolicyKit refuses acquire-high-priority privilege.");
443 if (conf
->realtime_scheduling
&& !allow_realtime
) {
444 if (pa_polkit_check("org.pulseaudio.acquire-real-time") > 0) {
445 pa_log_info("PolicyKit grants us acquire-real-time privilege.");
446 allow_realtime
= TRUE
;
448 pa_log_info("PolicyKit refuses acquire-real-time privilege.");
452 if (!allow_high_priority
&& !allow_realtime
) {
454 /* OK, there's no further need to keep CAP_NICE. Hence
455 * let's give it up early */
460 if (conf
->high_priority
|| conf
->realtime_scheduling
)
461 pa_log_notice("Called SUID root and real-time/high-priority scheduling was requested in the configuration. However, we lack the necessary priviliges:\n"
462 "We are not in group '"PA_REALTIME_GROUP
"' and PolicyKit refuse to grant us priviliges. Dropping SUID again.\n"
463 "For enabling real-time scheduling please acquire the appropriate PolicyKit priviliges, or become a member of '"PA_REALTIME_GROUP
"', or increase the RLIMIT_NICE/RLIMIT_RTPRIO resource limits for this user.");
467 #ifdef HAVE_SYS_RESOURCE_H
468 set_all_rlimits(conf
);
471 if (conf
->high_priority
&& !pa_can_high_priority())
472 pa_log_warn("High-priority scheduling enabled in configuration but not allowed by policy.");
474 if (conf
->high_priority
&& conf
->cmd
== PA_CMD_DAEMON
)
475 pa_raise_priority(conf
->nice_level
);
480 drop
= conf
->cmd
!= PA_CMD_DAEMON
|| !conf
->realtime_scheduling
;
485 /* At this point we still have CAP_NICE if we were loaded
486 * SUID root. If possible let's acquire RLIMIT_RTPRIO
487 * instead and give CAP_NICE up. */
489 if (getrlimit(RLIMIT_RTPRIO
, &rl
) >= 0) {
491 if (rl
.rlim_cur
>= 9)
494 rl
.rlim_max
= rl
.rlim_cur
= 9;
496 if (setrlimit(RLIMIT_RTPRIO
, &rl
) >= 0) {
497 pa_log_info("Successfully increased RLIMIT_RTPRIO");
500 pa_log_warn("RLIMIT_RTPRIO failed: %s", pa_cstrerror(errno
));
507 pa_log_info("Giving up CAP_NICE");
513 if (conf
->realtime_scheduling
&& !pa_can_realtime())
514 pa_log_warn("Real-time scheduling enabled in configuration but not allowed by policy.");
516 LTDL_SET_PRELOADED_SYMBOLS();
520 if (conf
->dl_search_path
)
521 lt_dlsetsearchpath(conf
->dl_search_path
);
526 WSAStartup(MAKEWORD(2, 0), &data
);
533 case PA_CMD_DUMP_MODULES
:
534 pa_dump_modules(conf
, argc
-d
, argv
+d
);
538 case PA_CMD_DUMP_CONF
: {
539 s
= pa_daemon_conf_dump(conf
);
546 case PA_CMD_DUMP_RESAMPLE_METHODS
: {
549 for (i
= 0; i
< PA_RESAMPLER_MAX
; i
++)
550 if (pa_resample_method_supported(i
))
551 printf("%s\n", pa_resample_method_to_string(i
));
557 pa_cmdline_help(argv
[0]);
561 case PA_CMD_VERSION
:
562 printf(PACKAGE_NAME
" "PACKAGE_VERSION
"\n");
569 if (pa_pid_file_check_running(&pid
, "pulseaudio") < 0)
570 pa_log_info("Daemon not running");
572 pa_log_info("Daemon running as PID %u", pid
);
581 if (pa_pid_file_kill(SIGINT
, NULL
, "pulseaudio") < 0)
582 pa_log("Failed to kill daemon.");
588 case PA_CMD_CLEANUP_SHM
:
590 if (pa_shm_cleanup() >= 0)
596 pa_assert(conf
->cmd
== PA_CMD_DAEMON
);
599 if (real_root
&& !conf
->system_instance
)
600 pa_log_warn("This program is not intended to be run as root (unless --system is specified).");
601 else if (!real_root
&& conf
->system_instance
) {
602 pa_log("Root priviliges required.");
606 if (conf
->daemonize
) {
610 if (pa_stdio_acquire() < 0) {
611 pa_log("Failed to acquire stdio.");
616 if (pipe(daemon_pipe
) < 0) {
617 pa_log("pipe failed: %s", pa_cstrerror(errno
));
621 if ((child
= fork()) < 0) {
622 pa_log("fork() failed: %s", pa_cstrerror(errno
));
630 pa_assert_se(pa_close(daemon_pipe
[1]) == 0);
633 if ((n
= pa_loop_read(daemon_pipe
[0], &retval
, sizeof(retval
), NULL
)) != sizeof(retval
)) {
636 pa_log("read() failed: %s", pa_cstrerror(errno
));
642 pa_log("Daemon startup failed.");
644 pa_log_info("Daemon startup successful.");
649 pa_assert_se(pa_close(daemon_pipe
[0]) == 0);
653 if (conf
->auto_log_target
)
654 pa_log_set_target(PA_LOG_SYSLOG
, NULL
);
668 pa_assert_se(open("/dev/null", O_RDONLY
) == 0);
669 pa_assert_se(open("/dev/null", O_WRONLY
) == 1);
670 pa_assert_se(open("/dev/null", O_WRONLY
) == 2);
676 signal(SIGTTOU
, SIG_IGN
);
679 signal(SIGTTIN
, SIG_IGN
);
682 signal(SIGTSTP
, SIG_IGN
);
686 if ((tty_fd
= open("/dev/tty", O_RDWR
)) >= 0) {
687 ioctl(tty_fd
, TIOCNOTTY
, (char*) 0);
688 pa_assert_se(pa_close(tty_fd
) == 0);
693 pa_set_env("PULSE_INTERNAL", "1");
694 pa_assert_se(chdir("/") == 0);
697 if (conf
->system_instance
)
698 if (change_user() < 0)
701 pa_log_info("This is PulseAudio " PACKAGE_VERSION
);
702 pa_log_info("Page size is %lu bytes", (unsigned long) PA_PAGE_SIZE
);
703 pa_log_info("Using runtime directory %s.", s
= pa_get_runtime_dir());
706 if (conf
->use_pid_file
) {
707 if (pa_pid_file_create() < 0) {
708 pa_log("pa_pid_file_create() failed.");
712 valid_pid_file
= TRUE
;
716 signal(SIGPIPE
, SIG_IGN
);
719 if (pa_rtclock_hrtimer())
720 pa_log_info("Fresh high-resolution timers available! Bon appetit!");
722 pa_log_info("Dude, your kernel stinks! The chef's recommendation today is Linux with high-resolution timers enabled!");
725 /* Valgrind uses SIGRTMAX. To easy debugging we don't use it here */
726 pa_rtsig_configure(SIGRTMIN
, SIGRTMAX
-1);
729 pa_assert_se(mainloop
= pa_mainloop_new());
731 if (!(c
= pa_core_new(pa_mainloop_get_api(mainloop
), !conf
->disable_shm
))) {
732 pa_log("pa_core_new() failed.");
736 c
->is_system_instance
= !!conf
->system_instance
;
737 c
->default_sample_spec
= conf
->default_sample_spec
;
738 c
->default_n_fragments
= conf
->default_n_fragments
;
739 c
->default_fragment_size_msec
= conf
->default_fragment_size_msec
;
740 c
->exit_idle_time
= conf
->exit_idle_time
;
741 c
->module_idle_time
= conf
->module_idle_time
;
742 c
->scache_idle_time
= conf
->scache_idle_time
;
743 c
->resample_method
= conf
->resample_method
;
744 c
->realtime_priority
= conf
->realtime_priority
;
745 c
->realtime_scheduling
= !!conf
->realtime_scheduling
;
746 c
->disable_remixing
= !!conf
->disable_remixing
;
747 c
->running_as_daemon
= !!conf
->daemonize
;
749 pa_assert_se(pa_signal_init(pa_mainloop_get_api(mainloop
)) == 0);
750 pa_signal_new(SIGINT
, signal_callback
, c
);
751 pa_signal_new(SIGTERM
, signal_callback
, c
);
753 pa_signal_new(SIGUSR1
, signal_callback
, c
);
756 pa_signal_new(SIGUSR2
, signal_callback
, c
);
759 pa_signal_new(SIGHUP
, signal_callback
, c
);
763 win32_timer
= pa_mainloop_get_api(mainloop
)->time_new(pa_mainloop_get_api(mainloop
), pa_gettimeofday(&win32_tv
), message_cb
, NULL
);
768 if (!conf
->no_cpu_limit
)
769 pa_assert_se(pa_cpu_limit_init(pa_mainloop_get_api(mainloop
)) == 0);
771 buf
= pa_strbuf_new();
772 if (conf
->load_default_script_file
) {
775 if ((f
= pa_daemon_conf_open_default_script_file(conf
))) {
776 r
= pa_cli_command_execute_file_stream(c
, f
, buf
, &conf
->fail
);
782 r
= pa_cli_command_execute(c
, conf
->script_commands
, buf
, &conf
->fail
);
784 pa_log_error("%s", s
= pa_strbuf_tostring_free(buf
));
787 /* We completed the initial module loading, so let's disable it
788 * from now on, if requested */
789 c
->disallow_module_loading
= !!conf
->disallow_module_loading
;
791 if (r
< 0 && conf
->fail
) {
792 pa_log("Failed to initialize daemon.");
796 if (!c
->modules
|| pa_idxset_size(c
->modules
) == 0) {
797 pa_log("Daemon startup without any loaded modules, refusing to work.");
801 if (c
->default_sink_name
&& !pa_namereg_get(c
, c
->default_sink_name
, PA_NAMEREG_SINK
, TRUE
) && conf
->fail
) {
802 pa_log_error("Default sink name (%s) does not exist in name register.", c
->default_sink_name
);
808 if (conf
->daemonize
) {
810 pa_loop_write(daemon_pipe
[1], &ok
, sizeof(ok
), NULL
);
814 pa_log_info("Daemon startup complete.");
817 if (pa_mainloop_run(mainloop
, &retval
) < 0)
820 pa_log_info("Daemon shutdown initiated.");
826 pa_mainloop_get_api(mainloop
)->time_free(win32_timer
);
831 pa_log_info("Daemon terminated.");
834 if (!conf
->no_cpu_limit
)
840 pa_close_pipe(daemon_pipe
);
844 pa_mainloop_free(mainloop
);
847 pa_daemon_conf_free(conf
);
850 pa_pid_file_remove();