#include "exit-status.h"
#include "missing.h"
#include "utmp-wtmp.h"
+#include "def.h"
/* This assumes there is a 'tty' group */
#define TTY_MODE 0620
zero(sa);
sa.sa.sa_family = AF_UNIX;
- strncpy(sa.un.sun_path+1, LOGGER_SOCKET, sizeof(sa.un.sun_path)-1);
+ strncpy(sa.un.sun_path, LOGGER_SOCKET, sizeof(sa.un.sun_path));
- if (connect(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + 1 + sizeof(LOGGER_SOCKET) - 1) < 0) {
+ if (connect(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + sizeof(LOGGER_SOCKET) - 1) < 0) {
close_nointr_nofail(fd);
return -errno;
}
char **i;
/* Final step, initialize any manually set supplementary groups */
- ngroups_max = (int) sysconf(_SC_NGROUPS_MAX);
+ assert_se((ngroups_max = (int) sysconf(_SC_NGROUPS_MAX)) > 0);
if (!(gids = new(gid_t, ngroups_max)))
return -ENOMEM;
}
#endif
+static int do_capability_bounding_set_drop(uint64_t drop) {
+ unsigned long i;
+ cap_t old_cap = NULL, new_cap = NULL;
+ cap_flag_value_t fv;
+ int r;
+
+ /* If we are run as PID 1 we will lack CAP_SETPCAP by default
+ * in the effective set (yes, the kernel drops that when
+ * executing init!), so get it back temporarily so that we can
+ * call PR_CAPBSET_DROP. */
+
+ old_cap = cap_get_proc();
+ if (!old_cap)
+ return -errno;
+
+ if (cap_get_flag(old_cap, CAP_SETPCAP, CAP_EFFECTIVE, &fv) < 0) {
+ r = -errno;
+ goto finish;
+ }
+
+ if (fv != CAP_SET) {
+ static const cap_value_t v = CAP_SETPCAP;
+
+ new_cap = cap_dup(old_cap);
+ if (!new_cap) {
+ r = -errno;
+ goto finish;
+ }
+
+ if (cap_set_flag(new_cap, CAP_EFFECTIVE, 1, &v, CAP_SET) < 0) {
+ r = -errno;
+ goto finish;
+ }
+
+ if (cap_set_proc(new_cap) < 0) {
+ r = -errno;
+ goto finish;
+ }
+ }
+
+ for (i = 0; i <= CAP_LAST_CAP; i++)
+ if (drop & ((uint64_t) 1ULL << (uint64_t) i)) {
+ if (prctl(PR_CAPBSET_DROP, i) < 0) {
+ r = -errno;
+ goto finish;
+ }
+ }
+
+ r = 0;
+
+finish:
+ if (new_cap)
+ cap_free(new_cap);
+
+ if (old_cap) {
+ cap_set_proc(old_cap);
+ cap_free(old_cap);
+ }
+
+ return r;
+}
+
int exec_spawn(ExecCommand *command,
char **argv,
const ExecContext *context,
/* This string must fit in 10 chars (i.e. the length
* of "/sbin/init") */
- rename_process("sd:exec");
+ rename_process("sd.exec");
/* We reset exactly these signals, since they are the
* only ones we set to SIG_IGN in the main daemon. All
snprintf(t, sizeof(t), "%i", adj);
char_array_0(t);
- if (write_one_line_file("/proc/self/oom_adj", t) < 0) {
+ if (write_one_line_file("/proc/self/oom_adj", t) < 0
+ && errno != EACCES) {
r = EXIT_OOM_ADJUST;
goto fail_child;
}
}
}
+ if (context->capability_bounding_set_drop)
+ if (do_capability_bounding_set_drop(context->capability_bounding_set_drop) < 0) {
+ r = EXIT_CAPABILITIES;
+ goto fail_child;
+ }
+
if (context->user)
if (enforce_user(context, uid) < 0) {
r = EXIT_USER;
fprintf(f,
"%sSyslogFacility: %s\n"
"%sSyslogLevel: %s\n",
- prefix, log_facility_to_string(LOG_FAC(c->syslog_priority)),
+ prefix, log_facility_unshifted_to_string(c->syslog_priority >> 3),
prefix, log_level_to_string(LOG_PRI(c->syslog_priority)));
if (c->capabilities) {
(c->secure_bits & SECURE_NOROOT_LOCKED) ? "noroot-locked" : "");
if (c->capability_bounding_set_drop) {
- fprintf(f, "%sCapabilityBoundingSetDrop:", prefix);
+ fprintf(f, "%sCapabilityBoundingSet:", prefix);
for (i = 0; i <= CAP_LAST_CAP; i++)
- if (c->capability_bounding_set_drop & (1 << i)) {
+ if (!(c->capability_bounding_set_drop & ((uint64_t) 1ULL << (uint64_t) i))) {
char *t;
if ((t = cap_to_name(i))) {
fprintf(f, " %s", t);
- free(t);
+ cap_free(t);
}
}
static const char* const kill_mode_table[_KILL_MODE_MAX] = {
[KILL_CONTROL_GROUP] = "control-group",
- [KILL_PROCESS_GROUP] = "process-group",
[KILL_PROCESS] = "process",
[KILL_NONE] = "none"
};
~ianmdlvl / elogind.git / blobdiff