influxdata
diff --git a/‎cmd/influxd/main.go‎
Lines changed: 21 additions & 6 deletions b/‎cmd/influxd/main.go‎
Lines changed: 21 additions & 6 deletions
diff --git a/‎cmd/influxd/run/command.go‎
Lines changed: 35 additions & 7 deletions b/‎cmd/influxd/run/command.go‎
Lines changed: 35 additions & 7 deletions
diff --git a/‎cmd/influxd/run/server.go‎
Lines changed: 56 additions & 4 deletions b/‎cmd/influxd/run/server.go‎
Lines changed: 56 additions & 4 deletions
diff --git a/‎pkg/file/file.go‎
Lines changed: 44 additions & 0 deletions b/‎pkg/file/file.go‎
Lines changed: 44 additions & 0 deletions
@@ -82,14 +82,29 @@ func (m *Main) Run(args ...string) error {
 			return fmt.Errorf("run: %s", err)
 		}
 
-		signalCh := make(chan os.Signal, 1)
-		signal.Notify(signalCh, os.Interrupt, syscall.SIGTERM)
+		shutdownCh := make(chan os.Signal, 1)
+		signal.Notify(shutdownCh, os.Interrupt, syscall.SIGTERM)
+		reloadCh := make(chan os.Signal, 1)
+		signal.Notify(reloadCh, syscall.SIGHUP)
 		cmd.Logger.Info("Listening for signals")
 
-		// Block until one of the signals above is received
-		sig := <-signalCh
+		logQueries := false
+		shutdown := false
+		for !shutdown {
+			select {
+			case sig := <-shutdownCh:
+				if sig == syscall.SIGTERM {
+					logQueries = true
+				}
+				shutdown = true
+
+			case <-reloadCh:
+				cmd.ReloadConfig(args...)
+			}
+		}
+
 		cmd.Logger.Info("Signal received, initializing clean shutdown...")
-		if sig == syscall.SIGTERM && cmd.Server.LogQueriesOnTermination() {
+		if logQueries && cmd.Server.LogQueriesOnTermination() {
 			cmd.Server.QueryExecutor.TaskManager.LogCurrentQueries(cmd.Logger.Info)
 		}
 		go cmd.Close()
@@ -98,7 +113,7 @@ func (m *Main) Run(args ...string) error {
 		// or the Command is gracefully closed
 		cmd.Logger.Info("Waiting for clean shutdown...")
 		select {
-		case <-signalCh:
+		case <-shutdownCh:
 			cmd.Logger.Info("Second signal received, initializing hard shutdown")
 		case <-time.After(time.Second * 30):
 			cmd.Logger.Info("Time limit reached, initializing hard shutdown")
 
@@ -65,27 +65,39 @@ func NewCommand() *Command {
 	}
 }
 
-// Run parses the config from args and runs the server.
-func (cmd *Command) Run(args ...string) error {
+func (cmd *Command) LoadConfig(args ...string) (Options, *Config, error) {
+	fail := func(err error) (Options, *Config, error) { return Options{}, nil, err }
+
 	// Parse the command line flags.
 	options, err := cmd.ParseFlags(args...)
 	if err != nil {
-		return err
+		return fail(fmt.Errorf("error parsing command line: %w", err))
 	}
 
-	config, err := cmd.ParseConfig(options.GetConfigPath())
+	configPath := options.GetConfigPath()
+	config, err := cmd.ParseConfig(configPath)
 	if err != nil {
-		return fmt.Errorf("parse config: %s", err)
+		return fail(fmt.Errorf("error parsing config file (%q): %s", configPath, err))
 	}
 
 	// Apply any environment variables on top of the parsed config
 	if err := config.ApplyEnvOverrides(cmd.Getenv); err != nil {
-		return fmt.Errorf("apply env config: %v", err)
+		return fail(fmt.Errorf("error applying env config: %v", err))
 	}
 
 	// Validate the configuration.
 	if err := config.Validate(); err != nil {
-		return fmt.Errorf("%s. To generate a valid configuration file run `influxd config > influxdb.generated.conf`", err)
+		return fail(fmt.Errorf("%s. To generate a valid configuration file run `influxd config > influxdb.generated.conf`", err))
+	}
+
+	return options, config, nil
+}
+
+// Run parses the config from args and runs the server.
+func (cmd *Command) Run(args ...string) error {
+	options, config, err := cmd.LoadConfig(args...)
+	if err != nil {
+		return err
 	}
 
 	var logErr error
@@ -179,6 +191,22 @@ func (cmd *Command) Close() error {
 	return nil
 }
 
+// ReloadConfig reloads the configuration and applies select configuration values to the running server.
+func (cmd *Command) ReloadConfig(args ...string) {
+	log, logEnd := logger.NewOperation(cmd.Logger, "Reloading select configuration settings", "config_reload")
+	defer logEnd()
+
+	_, reloadedConfig, err := cmd.LoadConfig(args...)
+	if err != nil {
+		log.Error("error reloading config", zap.Error(err))
+		return
+	}
+
+	if err := cmd.Server.ApplyReloadedConfig(reloadedConfig, log); err != nil {
+		log.Error("error applying reloaded config; some config values may have been applied", zap.Error(err))
+	}
+}
+
 func (cmd *Command) monitorServerErrors() {
 	logger := log.New(cmd.Stderr, "", log.LstdFlags)
 	for {
 
@@ -3,6 +3,7 @@ package run
 import (
 	"context"
 	"crypto/tls"
+	"errors"
 	"fmt"
 	"io"
 	"log"
@@ -87,10 +88,12 @@ type Server struct {
 
 	MetaClient *meta.Client
 
-	TSDBStore     *tsdb.Store
-	QueryExecutor *query.Executor
-	PointsWriter  *coordinator.PointsWriter
-	Subscriber    *subscriber.Service
+	TSDBStore        *tsdb.Store
+	QueryExecutor    *query.Executor
+	PointsWriter     *coordinator.PointsWriter
+	Subscriber       *subscriber.Service
+	HttpdService     *httpd.Service
+	OpenTSDBServices []*opentsdb.Service
 
 	Services []Service
 
@@ -343,6 +346,7 @@ func (s *Server) appendHTTPDService(c httpd.Config) error {
 		s.Prometheus.MustRegister(srv.Handler.Controller.PrometheusCollectors()...)
 	}
 
+	s.HttpdService = srv
 	s.Services = append(s.Services, srv)
 	return nil
 }
@@ -367,6 +371,8 @@ func (s *Server) appendOpenTSDBService(c opentsdb.Config) error {
 	}
 	srv.PointsWriter = s.PointsWriter
 	srv.MetaClient = s.MetaClient
+
+	s.OpenTSDBServices = append(s.OpenTSDBServices, srv)
 	s.Services = append(s.Services, srv)
 	return nil
 }
@@ -574,6 +580,52 @@ func (s *Server) Close() error {
 	return nil
 }
 
+func (s *Server) ApplyReloadedConfig(config *Config, log *zap.Logger) error {
+	if log == nil {
+		log = s.Logger
+	}
+
+	// Verify reloading each service's config and gather the apply functions.
+	// During the verify stage, we will abort if any service's verify returns an error.
+	var applyFuncs []func() error
+
+	if s.HttpdService != nil {
+		if af, err := s.HttpdService.PrepareReloadConfig(config.HTTPD); err == nil {
+			applyFuncs = append(applyFuncs, af)
+		} else {
+			log.Error("error reloading httpd service config, no new configuration applied", zap.Error(err))
+			return err
+		}
+
+	}
+
+	// Because we don't have a way of matching OpenTSDBInput configurations with
+	// the OpenTSDB services they created, we will just reload the TLS certificate
+	// at the currently configured paths.
+	for _, srv := range s.OpenTSDBServices {
+		if af, err := srv.PrepareReloadTLSCertificates(); err == nil {
+			applyFuncs = append(applyFuncs, af)
+		} else {
+			log.Error("error reloading OpenTSDB service TLS certificate, no new configuration applied", zap.Error(err),
+				zap.String("bind-address", srv.BindAddress),
+				zap.String("database", srv.Database), zap.String("retention-policy", srv.RetentionPolicy))
+			return err
+		}
+	}
+
+	// We've verified that the configuration should load, now apply it. Keep going even if something fails to apply.
+	var applyErrs []error
+	for _, af := range applyFuncs {
+		if af != nil {
+			if err := af(); err != nil {
+				log.Error("error applying configuration reload, continuing apply", zap.Error(err))
+				applyErrs = append(applyErrs, err)
+			}
+		}
+	}
+	return errors.Join(applyErrs...)
+}
+
 // startServerReporting starts periodic server reporting.
 func (s *Server) startServerReporting() {
 	s.reportServer()
 
@@ -1,13 +1,19 @@
 package file
 
 import (
+	goerrors "errors"
 	"fmt"
 	"io"
 	"os"
 
 	"github.com/influxdata/influxdb/pkg/errors"
 )
 
+var (
+	ErrPermissionsTooOpen = goerrors.New("file permissions are too open")
+	ErrNilParam           = goerrors.New("got nil parameter")
+)
+
 func copyFile(src, dst string) (err error) {
 	in, err := os.Open(src)
 	if err != nil {
@@ -42,3 +48,41 @@ func MoveFileWithReplacement(src, dst string) error {
 
 	return os.Remove(src)
 }
+
+// VerifyFilePermissivenessF checks if permissions on f are as restrictive
+// or more restrictive than maxPerms. if not, then an error is returned.
+// For security reasons, there is no VerifyFilePermissiveness function
+// that allows passing a path. This is to prevent TOCTOU (Time-of-Check-Time-of-Use)
+// issues because of race conditions on checking file permissions versus
+// opening the file.
+func VerifyFilePermissivenessF(f *os.File, maxPerms os.FileMode) error {
+	if f == nil {
+		return fmt.Errorf("VerifyFilePermissivenessF: %w", ErrNilParam)
+	}
+
+	info, err := f.Stat()
+	if err != nil {
+		return fmt.Errorf("stat failed for %q: %w", f.Name(), err)
+	}
+	return VerifyFileInfoPermissiveness(info, maxPerms, f.Name())
+}
+
+// VerifyFileInfoPermissiveness checks if permissions on info are as restrictive
+// or more restrictive than maxPerms. If not, then an error is returned. path is
+// only used to provide better messages. If path is empty, then info.Name() is used
+// for error messages.
+func VerifyFileInfoPermissiveness(info os.FileInfo, maxPerms os.FileMode, path string) error {
+	if info == nil {
+		return fmt.Errorf("VerifyFileInfoPermissiveness: %w", ErrNilParam)
+	}
+	perms := info.Mode().Perm()
+	extraPerms := perms & ^maxPerms
+	if extraPerms != 0 {
+		if len(path) == 0 {
+			path = info.Name()
+		}
+		return fmt.Errorf("%w: for %q, maximum is %04o (%s) but found %04o (%s); extra permissions: %04o (%s)",
+			ErrPermissionsTooOpen, path, maxPerms, maxPerms, perms, perms, extraPerms, extraPerms)
+	}
+	return nil
+}