Determine system halt in c++

Question

Alright so I'm working on a program written in c++ that is running as a daemon. It is primarily aiming Linux users, but I wish to include Windows (running as service) and Mac users as well.

I want the daemon to log whenever it is manually shut down. However it should not log shutdowns made by the system because of system halt or reboot.

Currently I've masked all signals and implemented some sort of handling using sigaction(). Before logging the shutdown, a function is also checking the system's runlevel, and if it is 0, 1 0r 6 the logging is omitted. The way to check the runlevel is to run the command "runlevel" and process the output.

My problem is that the runlevel is not always what I would expect it to. I'm running Ubuntu, and when logged in as usual I'm in runlevel 2, and that's the same when rebooting. When halting I sometimes get nothing as output from "runlevel". Different Linux distros are using their own runlevels, so it's not optimal for portability.

So is there a better way to determine if the system is halting? Also, is there a better way to catch interruptions, e.g. through exception handling etc?

I'll paste a snippet of the code, if it is of any help here. Written in c++, using the Poco C++ libraries.

void MainApplication::signalHandler(int sig) {
#if defined(POCO_OS_FAMILY_UNIX)
    switch(sig) {
        case -1:
            struct sigaction act;
            act.sa_handler = signalHandler;
            sigemptyset(&act.sa_mask);
            act.sa_flags = 0;
            sigaction(SIGINT, &act, 0); //Better way to do this?
            sigaction(SIGQUIT, &act, 0);
            sigaction(SIGKILL, &act, 0);
            sigaction(SIGTERM, &act, 0);
            sigaction(SIGHUP, &act, 0);
            sigaction(SIGSTOP, &act, 0);
            sigaction(SIGTSTP, &act, 0);
            sigaction(SIGCONT, &act, 0);
            sigaction(SIGUSR1, &act, 0);
            sigaction(SIGUSR2, &act, 0);
            break;
        case SIGINT:
        case SIGQUIT:
        case SIGTSTP:
        case SIGHUP:
        case SIGKILL:
        case SIGTERM:
            //Log Shutdown!
            if (!isHalting())
                _instance->_database->logBypass(BYPASS_SHUTDOWN);
            terminateNicely(true);
            break;
        case SIGCONT:
            //Continued, means stopped
            break;
        case SIGUSR1:
            //Resetting Net Responsibility
            _instance->uninitialize();
            _instance->initialize(*_instance);
            break;
        case SIGUSR2:
            //Other action or just mask it
            break;
        default:
            //Caught signal
            break;
    }
#endif
}



bool MainApplication::isHalting() {
#if defined(POCO_OS_FAMILY_UNIX)
    string cmd("runlevel");
    vector<string> args;
    Poco::Pipe outPipe;
    ProcessHandle ph = Process::launch(cmd, args, 0, &outPipe, 0);
    ph.wait();
    Poco::PipeInputStream istr(outPipe);
    stringstream ss;
    Poco::StreamCopier::copyStream(istr, ss);
    int runlevel;
    ss.seekg(-2, ios::end);
    ss >> runlevel;
    return (runlevel == 0 || runlevel == 1 || runlevel == 6);
#else
    return false;
#endif
}

Why should you have different behavior for your service being terminated with `SIGTERM` and the entire system being shutdown? — Basile Starynkevitch, Feb 06 '12 at 11:44
It lies in the concept of the program. It is intended to always run. However if it should be shut down, this has to be reported to a specific email address. I don't want statistics over all times the computer have been booted and rebooted, but I wish to determine if the user have interrupted it manually. Hope this makes some sense :) — roggan87, Feb 06 '12 at 11:54
The sysadmin which has to e.g. upgrade your program (or stop the database you are using!) on his server may have a different view of "intended to always run". So leave him the ability to administrate his system... — Basile Starynkevitch, Feb 06 '12 at 11:58
I understand that this sounds like some sort of malware, but it is an [accountability software](http://en.wikipedia.org/wiki/Accountability_software). So if the sysadmin wouldn't want it to run, he would never install it. The concept is pretty much "I don't trust my own browsing habits, so I want to be accountable". Such a program would be useless if it wouldn't notice a SIGTERM. — roggan87, Feb 06 '12 at 12:04
AFAICS, if a user has permission to shut down the daemon with SIGTERM, he might as well shut it down with SIGKILL, which you cannot catch. — janneb, Feb 06 '12 at 12:30
Yes unfortunately I'm aware of that. I thought it would be better though to at least catch most of the signals ;) Thanks Basile and janneb for all input so far! — roggan87, Feb 06 '12 at 12:40
@roggan87: My implied point was that you need to rethink your approach. It's not like you need to be a hacker genius to try "kill -9" after a plain "kill" fails. — janneb, Feb 06 '12 at 12:49
I see. My intention is not primarily to refuse the termination of the program, but rather log when the program is interrupted and report the shutdown(s) later on. I am open for inputs on how to rethink my approach though. One thought was to delete the pidfile, or leave any other kind of track when terminated properly by the system, and on the next startup check if the last session was terminated as supposed. However, this still means I have to determine _when the system is halting or rebooting_. — roggan87, Feb 06 '12 at 12:53
You could have helper scripts in the booting sequence or the halting sequence which communicate nicely with your program. But you won't be able to forbid the sysadmin to `kill -KILL` your program. — Basile Starynkevitch, Feb 06 '12 at 13:52
Yes that's absolutely the right direction :) I have an init script that takes care of starting the daemon on boot and shutting it down on halt. The problem is that it is far too easy to run the script as sysadmin without changing runlevel. And let's say that the script determines our current runlevel, how would I pass it discretely to the daemon without being to easy to fake? For example, I couldn't use the kill -USR1 signal, since it's way too easy to fake. — roggan87, Feb 06 '12 at 14:01
The sysadmin owns the computer, or works for the computer's owner. So he can do what the owner wants with his computer. You cannot forbid him from stopping your program. — Basile Starynkevitch, Feb 06 '12 at 14:16
Of course. I was just hoping there was a good way to check if the system is halting, that's all :) — roggan87, Feb 06 '12 at 14:22

score 0 · Accepted Answer · answered Jun 28 '12 at 07:10

I ended up going another route to solve the issue. Now I'm reading the computer's boot history and compares it to the history of the software to see if the computer booted or halted without the software. That's enough and will probably be even more accurate.

The command used to determine the boot history in Linux is

$ last reboot

Determine system halt in c++

1 Answers1