progs/pixie.[c1]: Don't replace the existing pixie by default.

It's too easy to screw things up by replacing the running pixie, by
calling the pixie with no arguments.  The old behaviour is available via
the shiny new `--replace' option.

diff --git a/progs/pixie.1 b/progs/pixie.1
index ced4b48..7769e9f 100644 (file)
--- a/progs/pixie.1
+++ b/progs/pixie.1
@@ -13,7 +13,7 @@
 pixie \- Catacomb passphrase pixie
 .SH "SYNOPSIS"
 .B pixie
-.RB [ \-qvfidl ]
+.RB [ \-qvfidlr ]
 .RB [ \-c
 .IR command ]
 .RB [ \-t
@@ -97,6 +97,10 @@ the socket to which a connection is made.  If running as a server, and
 the socket already exists, the pixie currently listening on the socket
 is told to quit.
 .TP
+.B "\-r, \-\-replace"
+If there's already a pixie listening on the socket then ask it to quit.
+The default behaviour is to report an error and exit in this case.
+.TP
 .BI "\-c, \-\-command=" command
 Specifies a shell command to be run by the pixie when an unknown
 passphrase is requested by a client.
@@ -173,7 +177,9 @@ is complete.
 .PP
 If the attempt failed because a file with the required name already
 exists and is not a socket, the pixie reports an error and exits.  If
-there's already a socket with that name, the pixie connects to it, sends
+there's already a socket with that name, the pixie quits unless the
+.B \-\-replace
+option is given: in the latter case, the pixie connects to it, sends
 a
 .B QUIT
 request to the server, waits for a second and retries.  If the

diff --git a/progs/pixie.c b/progs/pixie.c
index d964c0f..1d2be67 100644 (file)
--- a/progs/pixie.c
+++ b/progs/pixie.c
@@ -83,6 +83,7 @@ static unsigned flags = 0;
 
 #define F_SYSLOG 1u
 #define F_FETCH 2u
+#define F_REPLACE 4u
 
 /*----- Event logging -----------------------------------------------------*/
 
@@ -1005,7 +1006,7 @@ static void pix_setup(struct sockaddr_un *sun, size_t sz)
          pxlog("stale socket found; removing it");
        unlink(sun->sun_path);
        close(fd);
-      } else {
+      } else if (flags & F_REPLACE) {
        if (verbose)
          pxlog("server already running; shutting it down");
        if (write(fd, "QUIT\n", 5) < 0) {
@@ -1014,7 +1015,8 @@ static void pix_setup(struct sockaddr_un *sun, size_t sz)
        }
        sleep(1);
        close(fd);
-      }
+      } else
+       die(EXIT_FAILURE, "pixie already running; not starting");
       goto again;
     }
     chmod(sun->sun_path, 0600);
@@ -1188,6 +1190,7 @@ protect important keys.  Options provided:\n\
 -q, --quiet            Emit fewer log messages.\n\
 -v, --version          Emit more log messages.\n\
 -s, --socket=FILE      Name the pixie's socket.\n\
+-r, --replace          Replace existing pixie, if one is running.\n\
 -c, --command=COMMAND  Shell command to read a passphrase.\n\
 -f, --fetch            Fetch passphrases from the terminal.\n\
 -t, --timeout=TIMEOUT  Length of time to retain a passphrase in memory.\n\
@@ -1262,6 +1265,7 @@ int main(int argc, char *argv[])
       { "passphrase",  0,              0,      'P' },
       { "verify-passphrase",   0,      0,      '+' },
       { "socket",      OPTF_ARGREQ,    0,      's' },
+      { "replace",     0,              0,      'r' },
       { "command",     OPTF_ARGREQ,    0,      'c' },
       { "fetch",       0,              0,      'f' },
       { "timeout",     OPTF_ARGREQ,    0,      't' },
@@ -1276,7 +1280,7 @@ int main(int argc, char *argv[])
       { 0,             0,              0,      0 }
     };
 
-    int i = mdwopt(argc, argv, "hVuqvCPs:c:ft:idl", opts, 0, 0, 0);
+    int i = mdwopt(argc, argv, "hVuqvCPs:rc:ft:idl", opts, 0, 0, 0);
     if (i < 0)
       break;
 
@@ -1320,6 +1324,9 @@ int main(int argc, char *argv[])
       case 's':
        path = optarg;
        break;
+      case 'r':
+       flags |= F_REPLACE;
+       break;
       case 't':
        if ((timeout = pixserv_timeout(optarg)) == 0)
          die(1, "bad timeout `%s'", optarg);