如何在 unix 中将任意脚本妖魔化？

If you're using OS X specifically, I suggest you take a look at how launchd works. It will automatically check to ensure your script is running and relaunch it if necessary. It also includes all sorts of scheduling features, etc. It should satisfy both requirement 1 and 2.

As for ensuring only one copy of your script can run, you need to use a PID file. Generally I write a file to /var/run/.pid that contains a PID of the current running instance. if the file exists when the program runs, it checks if the PID in the file is actually running (the program may have crashed or otherwise forgotten to delete the PID file). If it is, abort. If not, start running and overwrite the PID file.

First get createDaemon() from http://code.activestate.com/recipes/278731/

Then the main code:

import subprocess
import sys
import time


createDaemon()


while True:
subprocess.call(" ".join(sys.argv[1:]),shell=True)
time.sleep(10)

I think you may want to try start-stop-daemon(8). Check out scripts in /etc/init.d in any Linux distro for examples. It can find started processes by command line invoked or PID file, so it matches all your requirements except being a watchdog for your script. But you can always start another daemon watchdog script that just restarts your script if necessary.

You can daemonize any executable in Unix by using nohup and the & operator:

nohup yourScript.sh script args&

The nohup command allows you to shut down your shell session without it killing your script, while the & places your script in the background so you get a shell prompt to continue your session. The only minor problem with this is standard out and standard error both get sent to ./nohup.out, so if you start several scripts in this manor their output will be intertwined. A better command would be:

nohup yourScript.sh script args >script.out 2>script.error&

This will send standard out to the file of your choice and standard error to a different file of your choice. If you want to use just one file for both standard out and standard error you can us this:

nohup yourScript.sh script args >script.out 2>&1 &

The 2>&1 tells the shell to redirect standard error (file descriptor 2) to the same file as standard out (file descriptor 1).

To run a command only once and restart it if it dies you can use this script:

#!/bin/bash


if [[ $# < 1 ]]; then
echo "Name of pid file not given."
exit
fi


# Get the pid file's name.
PIDFILE=$1
shift


if [[ $# < 1 ]]; then
echo "No command given."
exit
fi


echo "Checking pid in file $PIDFILE."


#Check to see if process running.
PID=$(cat $PIDFILE 2>/dev/null)
if [[ $? = 0 ]]; then
ps -p $PID >/dev/null 2>&1
if [[ $? = 0 ]]; then
echo "Command $1 already running."
exit
fi
fi


# Write our pid to file.
echo $$ >$PIDFILE


# Get command.
COMMAND=$1
shift


# Run command until we're killed.
while true; do
$COMMAND "$@"
sleep 10 # if command dies immediately, don't go into un-ctrl-c-able loop
done

The first argument is the name of the pid file to use. The second argument is the command. And all other arguments are the command's arguments.

If you name this script restart.sh this is how you would call it:

nohup restart.sh pidFileName yourScript.sh script args >script.out 2>&1 &

You should have a look at daemonize. It allows to detect second copy (but it uses file locking mechanism). Also it works on different UNIX and Linux distributions.

If you need to automatically start your application as daemon, then you need to create appropriate init-script.

You can use the following template:

#!/bin/sh
#
# mydaemon     This shell script takes care of starting and stopping
#               the <mydaemon>
#


# Source function library
. /etc/rc.d/init.d/functions




# Do preliminary checks here, if any
#### START of preliminary checks #########




##### END of preliminary checks #######




# Handle manual control parameters like start, stop, status, restart, etc.


case "$1" in
start)
# Start daemons.


echo -n $"Starting <mydaemon> daemon: "
echo
daemon <mydaemon>
echo
;;


stop)
# Stop daemons.
echo -n $"Shutting down <mydaemon>: "
killproc <mydaemon>
echo


# Do clean-up works here like removing pid files from /var/run, etc.
;;
status)
status <mydaemon>


;;
restart)
$0 stop
$0 start
;;


*)
echo $"Usage: $0 {start|stop|status|restart}"
exit 1
esac


exit 0

Daemontools ( http://cr.yp.to/daemontools.html ) is a set of pretty hard-core utilities used to do this, written by dj bernstein. I have used this with some success. The annoying part about it is that none of the scripts return any visible results when you run them - just invisible return codes. But once it's running it's bulletproof.

This is a working version complete with an example which you can copy into an empty directory and try out (after installing the CPAN dependencies, which are Getopt::Long, File::Spec, File::Pid, and IPC::System::Simple -- all pretty standard and are highly recommended for any hacker: you can install them all at once with cpan <modulename> <modulename> ...).

keepAlive.pl:

#!/usr/bin/perl


# Usage:
# 1. put this in your crontab, to run every minute:
#     keepAlive.pl --pidfile=<pidfile> --command=<executable> <arguments>
# 2. put this code somewhere near the beginning of your script,
#    where $pidfile is the same value as used in the cron job above:
#     use File::Pid;
#     File::Pid->new({file => $pidfile})->write;


# if you want to stop your program from restarting, you must first disable the
# cron job, then manually stop your script. There is no need to clean up the
# pidfile; it will be cleaned up automatically when you next call
# keepAlive.pl.


use strict;
use warnings;


use Getopt::Long;
use File::Spec;
use File::Pid;
use IPC::System::Simple qw(system);


my ($pid_file, $command);
GetOptions("pidfile=s"   => \$pid_file,
"command=s"   => \$command)
or print "Usage: $0 --pidfile=<pidfile> --command=<executable> <arguments>\n", exit;


my @arguments = @ARGV;


# check if process is still running
my $pid_obj = File::Pid->new({file => $pid_file});


if ($pid_obj->running())
{
# process is still running; nothing to do!
exit 0;
}


# no? restart it
print "Pid " . $pid_obj->pid . " no longer running; restarting $command @arguments\n";


system($command, @arguments);

example.pl:

#!/usr/bin/perl


use strict;
use warnings;


use File::Pid;
File::Pid->new({file => "pidfile"})->write;


print "$0 got arguments: @ARGV\n";

Now you can invoke the example above with: ./keepAlive.pl --pidfile=pidfile --command=./example.pl 1 2 3 and the file pidfile will be created, and you will see the output:

Pid <random number here> no longer running; restarting ./example.pl 1 2 3
./example.pl got arguments: 1 2 3

I apologise for the long answer (please see comments about how my answer nails the spec). I'm trying to be comprehensive, so you have as good of a leg up as possible. :-)

If you are able to install programs (have root access), and are willing to do one-time legwork to set up your script for daemon execution (i.e., more involved than simply specifying the command-line arguments to run on the command line, but only needing to be done once per service), I have a way that's more robust.

It involves using daemontools. The rest of the post describes how to set up services using daemontools.

Initial setup

1. Follow the instructions in How to install daemontools. Some distributions (e.g., Debian, Ubuntu) already have packages for it, so just use that.
2. Make a directory called /service. The installer should have already done this, but just verify, or if installing manually. If you dislike this location, you can change it in your svscanboot script, although most daemontools users are used to using /service and will get confused if you don't use it.
3. If you're using Ubuntu or another distro that doesn't use standard init (i.e., doesn't use /etc/inittab), you will need to use the pre-installed inittab as a base for arranging svscanboot to be called by init. It's not hard, but you need to know how to configure the init that your OS uses. svscanboot is a script that calls svscan, which does the main work of looking for services; it's called from init so init will arrange to restart it if it dies for any reason.

Per-service setup

1. Each service needs a service directory, which stores housekeeping information about the service. You can also make a location to house these service directories so they're all in one place; usually I use /var/lib/svscan, but any new location will be fine.

2. I usually use a script to set up the service directory, to save lots of manual repetitive work. e.g.,

   sudo mkservice -d /var/lib/svscan/some-service-name -l -u user -L loguser "command line here"
   

   where some-service-name is the name you want to give your service, user is the user to run that service as, and loguser is the user to run the logger as. (Logging is explained in just a little bit.)

3. Your service has to run in the foreground. If your program backgrounds by default, but has an option to disable that, then do so. If your program backgrounds without a way to disable it, read up on fghack, although this comes at a trade-off: you can no longer control the program using svc.
4. Edit the run script to ensure it's doing what you want it to. You may need to place a sleep call at the top, if you expect your service to exit frequently.
5. When everything is set up right, create a symlink in /service pointing to your service directory. (Don't put service directories directly within /service; it makes it harder to remove the service from svscan's watch.)

Logging

1. The daemontools way of logging is to have the service write log messages to standard output (or standard error, if you're using scripts generated with mkservice); svscan takes care of sending log messages to the logging service.
2. The logging service takes the log messages from standard input. The logging service script generated by mkservice will create auto-rotated, timestamped log files in the log/main directory. The current log file is called current.
3. The logging service can be started and stopped independently of the main service.
4. Piping the log files through tai64nlocal will translate the timestamps into a human-readable format. (TAI64N is a 64-bit atomic timestamp with a nanosecond count.)

Controlling services

1. Use svstat to get the status of a service. Note that the logging service is independent, and has its own status.
2. You control your service (start, stop, restart, etc.) using svc. For example, to restart your service, use svc -t /service/some-service-name; -t means "send SIGTERM".
3. Other signals available include -h (SIGHUP), -a (SIGALRM), -1 (SIGUSR1), -2 (SIGUSR2), and -k (SIGKILL).
4. To down the service, use -d. You can also prevent a service from automatically starting at bootup by creating a file named down in the service directory.
5. To start the service, use -u. This is not necessary unless you've downed it previously (or set it up not to auto-start).
6. To ask the supervisor to exit, use -x; usually used with -d to terminate the service as well. This is the usual way to allow a service to be removed, but you have to unlink the service from /service first, or else svscan will restart the supervisor. Also, if you created your service with a logging service (mkservice -l), remember to also exit the logging supervisor (e.g., svc -dx /var/lib/svscan/some-service-name/log) before removing the service directory.

Summary

Pros:

1. daemontools provides a bulletproof way to create and manage services. I use it for my servers, and I highly recommend it.
2. Its logging system is very robust, as is the service auto-restart facility.
3. Because it starts services with a shell script that you write/tune, you can tailor your service however you like.
4. Powerful service control tools: you can send most any signal to a service, and can bring services up and down reliably.
5. Your services are guaranteed a clean execution environment: they will execute with the same environment, process limits, etc., as what init provides.

Cons:

1. Each service takes a bit of setup. Thankfully, this only needs doing once per service.
2. Services must be set up to run in the foreground. Also, for best results, they should be set up to log to standard output/standard error, rather than syslog or other files.
3. Steep learning curve if you're new to the daemontools way of doing things. You have to restart services using svc, and cannot run the run scripts directly (since they would then not be under the control of the supervisor).
4. Lots of housekeeping files, and lots of housekeeping processes. Each service needs its own service directory, and each service uses one supervisor process to auto-restart the service if it dies. (If you have many services, you will see lots of supervise processes in your process table.)

In balance, I think daemontools is an excellent system for your needs. I welcome any questions about how to set it up and maintain it.

As an alternative to the already mentioned daemonize and daemontools, there is the daemon command of the libslack package.

daemon is quite configurable and does care about all the tedious daemon stuff such as automatic restart, logging or pidfile handling.

I have made a series of improvements on the other answer.

1. stdout out of this script is purely made up of stdout coming from its child UNLESS it exits due to detecting that the command is already being run
2. cleans up after its pidfile when terminated
3. optional configurable timeout period (Accepts any positive numeric argument, sends to sleep)
4. usage prompt on -h
5. arbitrary command execution, rather than single command execution. The last arg OR remaining args (if more than one last arg) are sent to eval, so you can construct any sort of shell script as a string to send to this script as a last arg (or trailing args) for it to daemonize
6. argument count comparisons done with -lt instead of <

Here is the script:

#!/bin/sh


# this script builds a mini-daemon, which isn't a real daemon because it
# should die when the owning terminal dies, but what makes it useful is
# that it will restart the command given to it when it completes, with a
# configurable timeout period elapsing before doing so.


if [ "$1" = '-h' ]; then
echo "timeout defaults to 1 sec.\nUsage: $(basename "$0") sentinel-pidfile [timeout] command [command arg [more command args...]]"
exit
fi


if [ $# -lt 2 ]; then
echo "No command given."
exit
fi


PIDFILE=$1
shift


TIMEOUT=1
if [[ $1 =~ ^[0-9]+(\.[0-9]+)?$ ]]; then
TIMEOUT=$1
[ $# -lt 2 ] && echo "No command given (timeout was given)." && exit
shift
fi


echo "Checking pid in file ${PIDFILE}." >&2


#Check to see if process running.
if [ -f "$PIDFILE" ]; then
PID=$(< $PIDFILE)
if [ $? = 0 ]; then
ps -p $PID >/dev/null 2>&1
if [ $? = 0 ]; then
echo "This script is (probably) already running as PID ${PID}."
exit
fi
fi
fi


# Write our pid to file.
echo $$ >$PIDFILE


cleanup() {
rm $PIDFILE
}
trap cleanup EXIT


# Run command until we're killed.
while true; do
eval "$@"
echo "I am $$ and my child has exited; restart in ${TIMEOUT}s" >&2
sleep $TIMEOUT
done

Usage:

$ term-daemonize.sh pidfilefortesting 0.5 'echo abcd | sed s/b/zzz/'
Checking pid in file pidfilefortesting.
azzzcd
I am 79281 and my child has exited; restart in 0.5s
azzzcd
I am 79281 and my child has exited; restart in 0.5s
azzzcd
I am 79281 and my child has exited; restart in 0.5s
^C


$ term-daemonize.sh pidfilefortesting 0.5 'echo abcd | sed s/b/zzz/' 2>/dev/null
azzzcd
azzzcd
azzzcd
^C

Beware that if you run this script from different directories it may use different pidfiles and not detect any existing running instances. Since it is designed to run and restart ephemeral commands provided through an argument there is no way to know whether something's been already started, because who is to say whether it is the same command or not? To improve on this enforcement of only running a single instance of something, a solution specific to the situation is required.

Also, for it to function as a proper daemon, you must use (at the bare minimum) nohup as the other answer mentions. I have made no effort to provide any resilience to signals the process may receive.

One more point to take note of is that killing this script (if it was called from yet another script which is killed, or with a signal) may not succeed in killing the child, especially if the child is yet another script. I am uncertain of why this is, but it seems to be something related to the way eval works, which is mysterious to me. So it may be prudent to replace that line with something that accepts only a single command like in the other answer.

You might also try Monit. Monit is a service that monitors and reports on other services. While it's mainly used as a way to notify (via email and sms) about runtime problems, it can also do what most of the other suggestions here have advocated. It can auto (re)start and stop programs, send emails, initiate other scripts, and maintain a log of output that you can pick up. In addition, I've found it's easy to install and maintain since there's solid documentation.

You could give a try to immortal It is a *nix cross-platform (OS agnostic) supervisor.

For a quick try on macOS:

brew install immortal

In case you are using FreeBSD from the ports or by using pkg:

pkg install immortal

For Linux by downloading the precompiled binaries or from source: https://immortal.run/source/

You can either use it like this:

immortal -l /var/log/date.log date

Or by a configuration YAML file which gives you more options, for example:

cmd: date
log:
file: /var/log/date.log
age: 86400 # seconds
num: 7     # int
size: 1    # MegaBytes
timestamp: true # will add timesamp to log

If you would like to keep also the standard error output in a separate file you could use something like:

cmd: date
log:
file: /var/log/date.log
age: 86400 # seconds
num: 7     # int
size: 1    # MegaBytes
stderr:
file: /var/log/date-error.log
age: 86400 # seconds
num: 7     # int
size: 1    # MegaBytes
timestamp: true # will add timesamp to log

There is also a very simple double-fork + setsid approach to detach any script from its parent process

( setsid my-regular-script arg [arg ...] 1>stdout.log 2>stderr.log & )

setsid is a part of standard util-linux package which has been with linux since birth. This works when launched in any POSIX compatible shell I know.

Another double-fork based approach doesn't even require any extra exacutables or packages and relies purely on POSIX based shell

( my-regular-script arg [arg ...] 1>stdout.log 2>stderr.log & ) &

It also survives becoming an orphan when the parent process leaves the stage