chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
execute: avoid logging to closed fds
[elogind.git]
/
src
/
execute.c
diff --git
a/src/execute.c
b/src/execute.c
index c73b0c6c04866704d3af9f750ea5143669daebfa..065101431d10fa987d81fbbb0625ce45fa0c3c36 100644
(file)
--- a/
src/execute.c
+++ b/
src/execute.c
@@
-188,9
+188,9
@@
static int connect_logger_as(const ExecContext *context, ExecOutput output, cons
zero(sa);
sa.sa.sa_family = AF_UNIX;
zero(sa);
sa.sa.sa_family = AF_UNIX;
- strncpy(sa.un.sun_path,
LOGGER
_SOCKET, sizeof(sa.un.sun_path));
+ strncpy(sa.un.sun_path,
STDOUT_SYSLOG_BRIDGE
_SOCKET, sizeof(sa.un.sun_path));
- if (connect(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + sizeof(
LOGGER
_SOCKET) - 1) < 0) {
+ if (connect(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + sizeof(
STDOUT_SYSLOG_BRIDGE
_SOCKET) - 1) < 0) {
close_nointr_nofail(fd);
return -errno;
}
close_nointr_nofail(fd);
return -errno;
}
@@
-895,12
+895,9
@@
static int do_capability_bounding_set_drop(uint64_t drop) {
}
}
}
}
- for (i = 0; i <=
MAX(63LU, (unsigned long) CAP_LAST_CAP
); i++)
+ for (i = 0; i <=
cap_last_cap(
); i++)
if (drop & ((uint64_t) 1ULL << (uint64_t) i)) {
if (prctl(PR_CAPBSET_DROP, i) < 0) {
if (drop & ((uint64_t) 1ULL << (uint64_t) i)) {
if (prctl(PR_CAPBSET_DROP, i) < 0) {
- if (errno == EINVAL)
- break;
-
r = -errno;
goto finish;
}
r = -errno;
goto finish;
}
@@
-930,6
+927,7
@@
int exec_spawn(ExecCommand *command,
bool apply_tty_stdin,
bool confirm_spawn,
CGroupBonding *cgroup_bondings,
bool apply_tty_stdin,
bool confirm_spawn,
CGroupBonding *cgroup_bondings,
+ CGroupAttribute *cgroup_attributes,
pid_t *ret) {
pid_t pid;
pid_t *ret) {
pid_t pid;
@@
-973,9
+971,11
@@
int exec_spawn(ExecCommand *command,
log_debug("About to execute: %s", line);
free(line);
log_debug("About to execute: %s", line);
free(line);
- if (cgroup_bondings)
- if ((r = cgroup_bonding_realize_list(cgroup_bondings)))
- goto fail_parent;
+ r = cgroup_bonding_realize_list(cgroup_bondings);
+ if (r < 0)
+ goto fail_parent;
+
+ cgroup_attribute_apply_list(cgroup_attributes, cgroup_bondings);
if ((pid = fork()) < 0) {
r = -errno;
if ((pid = fork()) < 0) {
r = -errno;
@@
-1016,6
+1016,7
@@
int exec_spawn(ExecCommand *command,
/* Close sockets very early to make sure we don't
* block init reexecution because it cannot bind its
* sockets */
/* Close sockets very early to make sure we don't
* block init reexecution because it cannot bind its
* sockets */
+ log_forget_fds();
if (close_all_fds(socket_fd >= 0 ? &socket_fd : fds,
socket_fd >= 0 ? 1 : n_fds) < 0) {
r = EXIT_FDS;
if (close_all_fds(socket_fd >= 0 ? &socket_fd : fds,
socket_fd >= 0 ? 1 : n_fds) < 0) {
r = EXIT_FDS;
@@
-1170,7
+1171,7
@@
int exec_spawn(ExecCommand *command,
}
if (context->utmp_id)
}
if (context->utmp_id)
- utmp_put_init_process(
0,
context->utmp_id, getpid(), getsid(0), context->tty_path);
+ utmp_put_init_process(context->utmp_id, getpid(), getsid(0), context->tty_path);
if (context->user) {
username = context->user;
if (context->user) {
username = context->user;
@@
-1717,7
+1718,7
@@
void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
unsigned long l;
fprintf(f, "%sCapabilityBoundingSet:", prefix);
unsigned long l;
fprintf(f, "%sCapabilityBoundingSet:", prefix);
- for (l = 0; l <=
(unsigned long) CAP_LAST_CAP
; l++)
+ for (l = 0; l <=
cap_last_cap()
; l++)
if (!(c->capability_bounding_set_drop & ((uint64_t) 1ULL << (uint64_t) l))) {
char *t;
if (!(c->capability_bounding_set_drop & ((uint64_t) 1ULL << (uint64_t) l))) {
char *t;