"Linux High Performance Server Programming" Learning Summary (vii)--LINUX Server program specification

Source: Internet
Author: User
Tags root access

Seventh Linux Server program specification

Server programs in addition to network communication, but also to consider a lot of other details, and these details are very miscellaneous, but the basic template-style. 1) server programs are basically run in the background, no control terminal, can not accept user input, the parent process is usually init. 2) The server program has a log system. 3) The server program runs with a specific non-root identity. 4) The server is usually configurable. 5) When the server process starts, a PID file is typically generated to record the PID of the background process. 6) server programs the same city needs to consider system resources and limitations.

The server generally uses a syslog function to communicate with the Rsyslogd daemon, whose parameters need to indicate the log level and formatted output, the Openlog function can change the default output mode, and the Setlogmask function can set the log mask if log information with a log level greater than the mask is ignored.

A process with two users id:uid and Euid,uid is typically the ID of the process creator, while Euid is the process's access to files and resources, for example:/etc/passwd files require root access, However, when a normal user wants to access the command with sudo, the principle is that sudo changes the euid so that it can access the passwd file.

We use an example that can change the running permissions of the current process to illustrate that the following program can turn a process initiated as root into running as a normal user.

1 /*************************************************************************2 > File name:7-2.cpp3 > Author:torrance_zhang4 > Mail: [email protected]5 > Created time:fri 2018 07:17:19 PM PST6  ************************************************************************/7 8#include"head.h"9 using namespacestd;Ten  One Static BOOLSwitch_to_user (uid_t user_id, gid_t gp_id) { A     //Make sure the target user is not root -     if(user_id = =0) && (gp_id = =0))return false; -gid_t gid =Getgid (); theuid_t uid =getuid (); -     //Make sure that the current user is a legitimate user, either root or already a target user -     if(GID! =0) || (UID! =0) && (gid! = gp_id) | | (uid = user_id)))return false; -     //if not the root user is already the target user +     if(UID! =0)return true; -     //Set as Target user +     if((Setgid (gp_id) <0) || (Setuid (USER_ID) <0))return false; A     return true; at } -  - intMain () { - uid_t user_id; - gid_t gp_id; -USER_ID =getuid (); ingp_id =Getgid (); -printf"uid =%d, gid =%d\n", user_id, gp_id); to     if(Switch_to_user ( +, +) ==false) { +Perror ("Switch_to_user"); -         return 1; the     } *USER_ID =getuid (); $gp_id =Getgid ();Panax Notoginsengprintf"uid =%d, gid =%d\n", user_id, gp_id); -}

 

The root user's UID and GID are all 0, and we successfully changed it to a number other than 0.

It can be said that the UID and GID of the process are the relevant information of their own users, and then we look at what the process itself has to do with the property information and the relationship between the process. Under Linux each process is subordinate to a process group, so the process in addition to the PID information and Pgid, and each process group has a leader process, its pgid and PID is the same, it is worth mentioning that a process can only set itself and its child process Pgid, And when a child process makes an EXEC function family call, it cannot change its pgid in the parent process. While multiple process groups can form a single session, the process that creates the session cannot be the leader process for a process group, or an error will result. For the rest of the process creation session, the effect is as follows: 1) The calling process becomes the leader of the session, at which point the process is the only member of the new conversation. 2) Create a new process group whose pgid is the PID of the calling process, and the calling process becomes the group leader. 3) The calling process will throw off the terminal.

Finally, I'll look at how to run the process as a daemon, with the following code:

1 /*************************************************************************2 > File name:7-3.cpp3 > Author:torrance_zhang4 > Mail: [email protected]5 > Created time:fri 2018 07:59:21 PM PST6  ************************************************************************/7 8#include"head.h"9 using namespacestd;Ten  One BOOLdaemonize () { A     //creating a new process and exiting the parent process can cause the child process to run in the background -pid_t PID =fork (); -     if(PID <0)return false; the     Else if(PID >0) Exit (0); -  -     //Empty the file mask so that the newly created file permission is mode&0777 -Umask0); +  -     //create a new session and set this process as the process group leader +pid_t sid =Setsid (); A     if(Sid <0)return false; at  -     //change the working directory -     if((ChDir ("/")) <0)return false; -  -     //turn off standard equipment - Close (Stdin_fileno); in Close (Stdout_fileno); - Close (Stderr_fileno); to  +     //REDIRECT it -Open"/dev/null", o_rdonly); theOpen"/dev/null", O_RDWR); *Open"/dev/null", O_RDWR); $ }Panax Notoginseng  - intMain () { the daemonize (); +      while(1) Sleep (1); A}

We found that the program did run as a daemon, and interestingly, the first time it was run, it was discovered that its parent process was not the init of the managed orphan process we knew, but another/sbin/upstart--user, By querying the data to discover that this process is a daemon of the Ubuntu graphical interface, which completes part of the Init process, the parent process becomes INIT after switching to the command-line interface to execute the program. In addition, the Linux system also provides a daemon function to complete this function.

"Linux High Performance Server Programming" Learning Summary (vii)--LINUX Server program specification

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.