1 # -*- encoding: binary -*-
2 # frozen_string_literal: false
5 # This class and its members can be considered a stable interface
6 # and will not change in a backwards-incompatible fashion between
7 # releases of unicorn. Knowledge of this class is generally not
8 # not needed for most users of unicorn.
10 # Some users may want to access it in the before_fork/after_fork hooks.
11 # See the Unicorn::Configurator RDoc for examples.
14 attr_accessor :nr, :switched
15 attr_reader :to_io # IO.select-compatible
18 PER_DROP = Raindrops::PAGE_SIZE / Raindrops::SIZE
21 def initialize(nr, pipe=nil)
22 drop_index = nr / PER_DROP
23 @raindrop = DROPS[drop_index] ||= Raindrops.new(PER_DROP)
24 @offset = nr % PER_DROP
25 @raindrop[@offset] = 0
28 @to_io, @master = pipe || Unicorn.pipe
31 def atfork_child # :nodoc:
32 # we _must_ close in child, parent just holds this open to signal
33 @master = @master.close
36 # master fakes SIGQUIT using this
38 @master = @master.close if @master
41 # parent does not read
42 def atfork_parent # :nodoc:
46 # call a signal handler immediately without triggering EINTR
47 # We do not use the more obvious Process.kill(sig, $$) here since
48 # that signal delivery may be deferred. We want to avoid signal delivery
49 # while the Rack app.call is running because some database drivers
50 # (e.g. ruby-pg) may cancel pending requests.
51 def fake_sig(sig) # :nodoc:
52 old_cb = trap(sig, "IGNORE")
58 # master sends fake signals to children
59 def soft_kill(sig) # :nodoc:
64 signum = Signal.list[sig.to_s] or
65 raise ArgumentError, "BUG: bad signal: #{sig.inspect}"
67 # writing and reading 4 bytes on a pipe is atomic on all POSIX platforms
68 # Do not care in the odd case the buffer is full, here.
69 @master.write_nonblock([signum].pack('l'), exception: false)
71 # worker will be reaped soon
74 # this only runs when the Rack app.call is not running
75 # act like Socket#accept_nonblock(exception: false)
76 def accept_nonblock(*_unused) # :nodoc:
77 case buf = @to_io.read_nonblock(4, exception: false)
79 # unpack the buffer and trigger the signal handler
80 signum = buf.unpack('l')
82 # keep looping, more signals may be queued
83 when nil # EOF: master died, but we are at a safe place to exit
85 when :wait_readable # keep waiting
87 end while true # loop, as multiple signals may be sent
90 # worker objects may be compared to just plain Integers
91 def ==(other_nr) # :nodoc:
95 # called in the worker process
96 def tick=(value) # :nodoc:
97 @raindrop[@offset] = value
100 # called in the master process
105 # called in both the master (reaping worker) and worker (SIGQUIT handler)
107 @master.close if @master
108 @to_io.close if @to_io
113 # In most cases, you should be using the Unicorn::Configurator#user
114 # directive instead. This method should only be used if you need
115 # fine-grained control of exactly when you want to change permissions
116 # in your after_fork or after_worker_ready hooks, or if you want to
117 # use the chroot support.
119 # Changes the worker process to the specified +user+ and +group+,
120 # and chroots to the current working directory if +chroot+ is set.
121 # This is only intended to be called from within the worker
122 # process from the +after_fork+ hook. This should be called in
123 # the +after_fork+ hook after any privileged functions need to be
124 # run (e.g. to set per-worker CPU affinity, niceness, etc)
126 # +group+ can be specified as a string, or as an array of two
127 # strings. If an array of two strings is given, the first string
128 # is used as the primary group of the process, and the second is
129 # used as the group of the log files.
131 # Any and all errors raised within this method will be propagated
132 # directly back to the caller (usually the +after_fork+ hook.
133 # These errors commonly include ArgumentError for specifying an
134 # invalid user/group and Errno::EPERM for insufficient privileges.
136 # chroot support is only available in unicorn 5.3.0+
137 # user and group switching appeared in unicorn 0.94.0 (2009-11-05)
138 def user(user, group = nil, chroot = false)
139 # we do not protect the caller, checking Process.euid == 0 is
140 # insufficient because modern systems have fine-grained
141 # capabilities. Let the caller handle any and all errors.
142 uid = Etc.getpwnam(user).uid
145 if group.is_a?(Array)
146 group, log_group = group
147 log_gid = Etc.getgrnam(log_group).gid
149 gid = Etc.getgrnam(group).gid
153 Unicorn::Util.chown_logs(uid, log_gid)
154 if gid && Process.egid != gid
155 Process.initgroups(user, gid)
156 Process::GID.change_privilege(gid)
159 chroot = Dir.pwd if chroot == true
163 Process.euid != uid and Process::UID.change_privilege(uid)