On reset this allows the master process to behave in a way much closer to the way that haproxy behaves when initially started. In particular the configuration file can be accessed without needing to be copied into the chroot.
Entering the chroot is unchanged when master/worker mode is not enabled to allow any errors to be recoverable from a soft-restart point of view. Soft-restart is not currently implemented for master/worker mode. Signed-off-by: Simon Horman <[email protected]> --- src/haproxy.c | 46 +++++++++++++++++++++++++++++++++------------- 1 files changed, 33 insertions(+), 13 deletions(-) diff --git a/src/haproxy.c b/src/haproxy.c index 13bb398..c7188ca 100644 --- a/src/haproxy.c +++ b/src/haproxy.c @@ -1109,6 +1109,23 @@ err: exit(1); } +static void enter_chroot(const char *name) +{ + if (global.chroot == NULL) + return; + + if (chroot(global.chroot) == -1) { + Alert("[%s.enter_chroot()] Cannot chroot(%s).\n", + name, global.chroot); + if (nb_oldpids) + tell_old_pids(SIGTTIN); + protocol_unbind_all(); + exit(1); + } + chdir("/"); + free(global.chroot); global.chroot = NULL; +} + static FILE *prepare(int argc, char **argv) { int err, retry; @@ -1191,18 +1208,13 @@ static FILE *prepare(int argc, char **argv) " might not work well.\n" "", argv[0]); - /* chroot if needed */ - if (!is_master && global.chroot != NULL) { - if (chroot(global.chroot) == -1) { - Alert("[%s.run()] Cannot chroot(%s).\n", argv[0], global.chroot); - if (nb_oldpids) - tell_old_pids(SIGTTIN); - protocol_unbind_all(); - exit(1); - } - chdir("/"); - } - free(global.chroot); global.chroot = NULL; + /* If master/worker mode is not set then enter the chroot now + * so that an error when doing so will be recoverable from + * a soft-restart point of view. Soft-restart is not implemented + * for master/worker mode. + */ + if (!(global.mode & MODE_MASTER_WORKER)) + enter_chroot(argv[0]); /* ulimits */ if (!global.rlimit_nofile) @@ -1476,8 +1488,16 @@ static void create_processes(int argc, char **argv, FILE *pidfile) static void post(const char *name) { - if (!is_master) + if (!is_master) { + /* In master/worker mode the master is kept out + * of the chroot. Thus the chroot needs to be entered + * by children after they are forked. That is, later + * thank is possible when master/worker mode is not enabled + */ + if (global.mode & MODE_MASTER_WORKER) + enter_chroot(name); setid(name); + } protocol_enable_all(); } -- 1.7.2.3
