Rearrange daemonization/syslog stuff and make it more resilient.

Rename --background to -D/--daemon, to match other programs (like smbd). You can now have --syslog even without --daemon. Avoid using atexit(); try/finally is better. Don't just close stderr; we'll end up eating error output from ssh! Instead, redirect stderr to a 'logger' subprocess that will send to syslog. Delay redirecting stderr until after we know we're daemonizing, so handy error messages can go to stderr instead of syslog. Make pidfile stuff more resilient: support already-existing files, files with strict permissions, outdated files containing an already-dead pid. Add a --pidfile option to let you specify the pidfile path. chdir("/") while daemonizing, so that the filesystem containing $PWD can later be unmounted without killing the daemon. fw.done() can't wait on the firewall subprocess on exit when daemonized; we no longer are the parent of that process.
2025-08-09 07:44:56 +02:00 · 2010-12-31 22:54:07 -08:00
parent 2ef3a301fb
commit 8a5ae1a40a
5 changed files with 132 additions and 62 deletions
--- a/main.py
+++ b/main.py
@ -1,6 +1,7 @@
 #!/usr/bin/env python
 import sys, os, re
 import helpers, options, client, server, firewall, hostwatch
+import compat.ssubprocess as ssubprocess
 from helpers import *


@ -45,11 +46,11 @@ def parse_ipport(s):


 optspec = """
-sshuttle [-b] [-l [ip:]port] [-r [username@]sshserver[:port]] <subnets...>
-sshuttle --firewall <port> <subnets...>
+sshuttle [-l [ip:]port] [-r [username@]sshserver[:port]] <subnets...>
 sshuttle --server
+sshuttle --firewall <port> <subnets...>
+sshuttle --hostwatch
 --
-b,background run in background as daemon
 l,listen=  transproxy to this ip address and port number [0.0.0.0:0]
 H,auto-hosts scan for remote hostnames and update local /etc/hosts
 N,auto-nets  automatically determine subnets to route
@ -59,6 +60,9 @@ x,exclude= exclude this subnet (can be used more than once)
 v,verbose  increase debug message verbosity
 e,ssh-cmd= the command to use to connect to the remote [ssh]
 seed-hosts= with -H, use these hostnames for initial scan (comma-separated)
+D,daemon   run in the background as a daemon
+syslog     send log messages to syslog (default if you use --daemon)
+pidfile=   pidfile name (only if using --daemon) [./sshuttle.pid]
 server     (internal use only)
 firewall   (internal use only)
 hostwatch  (internal use only)
@ -66,6 +70,8 @@ hostwatch  (internal use only)
 o = options.Options('sshuttle', optspec)
 (opt, flags, extra) = o.parse(sys.argv[1:])

+if opt.daemon:
+    opt.syslog = 1
 helpers.verbose = opt.verbose

 try:
@ -106,7 +112,7 @@ try:
                             opt.auto_nets,
                             parse_subnets(includes),
                             parse_subnets(excludes),
-                             opt.background))
+                             opt.syslog, opt.daemon, opt.pidfile))
 except Fatal, e:
    log('fatal: %s\n' % e)
    sys.exit(99)