#include "securebits.h"
#include "cgroup.h"
#include "namespace.h"
+#include "tcpwrap.h"
/* This assumes there is a 'tty' group */
#define TTY_MODE 0620
/* child */
- reset_all_signal_handlers();
+ /* We reset exactly these signals, since they are the
+ * only ones we set to SIG_IGN in the main daemon. All
+ * others we leave untouched because we set them to
+ * SIG_DFL or a valid handler initially, both of which
+ * will be demoted to SIG_DFL. */
+ default_signals(SIGNALS_CRASH_HANDLER,
+ SIGNALS_IGNORE, -1);
if (sigemptyset(&ss) < 0 ||
sigprocmask(SIG_SETMASK, &ss, NULL) < 0) {
goto fail;
}
+ if (socket_fd >= 0 && context->tcpwrap_name)
+ if (!socket_tcpwrap(socket_fd, context->tcpwrap_name)) {
+ r = EXIT_TCPWRAP;
+ goto fail;
+ }
+
if (confirm_spawn) {
char response;
free(c->tty_path);
c->tty_path = NULL;
+ free(c->tcpwrap_name);
+ c->tcpwrap_name = NULL;
+
free(c->syslog_identifier);
c->syslog_identifier = NULL;
for (e = c->environment; *e; e++)
fprintf(f, "%sEnvironment: %s\n", prefix, *e);
+ if (c->tcpwrap_name)
+ fprintf(f,
+ "%sTCPWrapName: %s\n",
+ prefix, c->tcpwrap_name);
+
if (c->nice_set)
fprintf(f,
"%sNice: %i\n",
case EXIT_STDERR:
return "STDERR";
+ case EXIT_TCPWRAP:
+ return "TCPWRAP";
+
default:
return NULL;
}