chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Spelling Corrections
[elogind.git]
/
src
/
execute.c
diff --git
a/src/execute.c
b/src/execute.c
index 1e8dfaf7700fa7f62f712105b570e73062873fbb..d6f09e26fea39c9519fe5cd13a485553f44e516c 100644
(file)
--- a/
src/execute.c
+++ b/
src/execute.c
@@
-198,7
+198,10
@@
static int connect_logger_as(const ExecContext *context, ExecOutput output, cons
"%i\n"
"%s\n"
"%i\n",
"%i\n"
"%s\n"
"%i\n",
- output == EXEC_OUTPUT_KMSG ? "kmsg" : "syslog",
+ output == EXEC_OUTPUT_KMSG ? "kmsg" :
+ output == EXEC_OUTPUT_KMSG_AND_CONSOLE ? "kmsg+console" :
+ output == EXEC_OUTPUT_SYSLOG ? "syslog" :
+ "syslog+console",
context->syslog_priority,
context->syslog_identifier ? context->syslog_identifier : ident,
context->syslog_level_prefix);
context->syslog_priority,
context->syslog_identifier ? context->syslog_identifier : ident,
context->syslog_level_prefix);
@@
-338,7
+341,9
@@
static int setup_output(const ExecContext *context, int socket_fd, const char *i
return open_terminal_as(tty_path(context), O_WRONLY, STDOUT_FILENO);
case EXEC_OUTPUT_SYSLOG:
return open_terminal_as(tty_path(context), O_WRONLY, STDOUT_FILENO);
case EXEC_OUTPUT_SYSLOG:
+ case EXEC_OUTPUT_SYSLOG_AND_CONSOLE:
case EXEC_OUTPUT_KMSG:
case EXEC_OUTPUT_KMSG:
+ case EXEC_OUTPUT_KMSG_AND_CONSOLE:
return connect_logger_as(context, o, ident, STDOUT_FILENO);
case EXEC_OUTPUT_SOCKET:
return connect_logger_as(context, o, ident, STDOUT_FILENO);
case EXEC_OUTPUT_SOCKET:
@@
-389,7
+394,9
@@
static int setup_error(const ExecContext *context, int socket_fd, const char *id
return open_terminal_as(tty_path(context), O_WRONLY, STDERR_FILENO);
case EXEC_OUTPUT_SYSLOG:
return open_terminal_as(tty_path(context), O_WRONLY, STDERR_FILENO);
case EXEC_OUTPUT_SYSLOG:
+ case EXEC_OUTPUT_SYSLOG_AND_CONSOLE:
case EXEC_OUTPUT_KMSG:
case EXEC_OUTPUT_KMSG:
+ case EXEC_OUTPUT_KMSG_AND_CONSOLE:
return connect_logger_as(context, e, ident, STDERR_FILENO);
case EXEC_OUTPUT_SOCKET:
return connect_logger_as(context, e, ident, STDERR_FILENO);
case EXEC_OUTPUT_SOCKET:
@@
-585,7
+592,7
@@
static int get_user_creds(const char **username, uid_t *uid, gid_t *gid, const c
/* If there are multiple users with the same id, make
* sure to leave $USER to the configured value instead
/* If there are multiple users with the same id, make
* sure to leave $USER to the configured value instead
- * of the first occurence in the database. However if
+ * of the first occur
r
ence in the database. However if
* the uid was configured by a numeric uid, then let's
* pick the real username from /etc/passwd. */
if (*username && p)
* the uid was configured by a numeric uid, then let's
* pick the real username from /etc/passwd. */
if (*username && p)
@@
-610,7
+617,7
@@
static int enforce_groups(const ExecContext *context, const char *username, gid_
assert(context);
assert(context);
- /* Lookup and se
r
GID and supplementary group list. Here too
+ /* Lookup and se
t
GID and supplementary group list. Here too
* we avoid NSS lookups for gid=0. */
if (context->group || username) {
* we avoid NSS lookups for gid=0. */
if (context->group || username) {
@@
-693,7
+700,7
@@
static int enforce_user(const ExecContext *context, uid_t uid) {
/* First step: If we need to keep capabilities but
* drop privileges we need to make sure we keep our
/* First step: If we need to keep capabilities but
* drop privileges we need to make sure we keep our
- * caps, whiel we drop privil
i
ges. */
+ * caps, whiel we drop privil
e
ges. */
if (uid != 0) {
int sb = context->secure_bits|SECURE_KEEP_CAPS;
if (uid != 0) {
int sb = context->secure_bits|SECURE_KEEP_CAPS;
@@
-702,7
+709,7
@@
static int enforce_user(const ExecContext *context, uid_t uid) {
return -errno;
}
return -errno;
}
- /* Second step: set the capabilites. This will reduce
+ /* Second step: set the capabilit
i
es. This will reduce
* the capabilities to the minimum we need. */
if (!(d = cap_dup(context->capabilities)))
* the capabilities to the minimum we need. */
if (!(d = cap_dup(context->capabilities)))
@@
-773,7
+780,7
@@
static int setup_pam(
assert(pam_env);
/* We set up PAM in the parent process, then fork. The child
assert(pam_env);
/* We set up PAM in the parent process, then fork. The child
- * will then stay around until
l
killed via PR_GET_PDEATHSIG or
+ * will then stay around until killed via PR_GET_PDEATHSIG or
* systemd via the cgroup logic. It will then remove the PAM
* session again. The parent process will exec() the actual
* daemon. We do things this way to ensure that the main PID
* systemd via the cgroup logic. It will then remove the PAM
* session again. The parent process will exec() the actual
* daemon. We do things this way to ensure that the main PID
@@
-834,7
+841,7
@@
static int setup_pam(
/* Wait until our parent died. This will most likely
* not work since the kernel does not allow
/* Wait until our parent died. This will most likely
* not work since the kernel does not allow
- * unprivil
iged paretns kill their privili
ged children
+ * unprivil
eged parents kill their privile
ged children
* this way. We rely on the control groups kill logic
* to do the rest for us. */
if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
* this way. We rely on the control groups kill logic
* to do the rest for us. */
if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
@@
-1235,7
+1242,7
@@
int exec_spawn(ExecCommand *command,
goto fail;
}
goto fail;
}
- /* PR_GET_SECUREBITS is not privil
i
ged, while
+ /* PR_GET_SECUREBITS is not privil
e
ged, while
* PR_SET_SECUREBITS is. So to suppress
* potential EPERMs we'll try not to call
* PR_SET_SECUREBITS unless necessary. */
* PR_SET_SECUREBITS is. So to suppress
* potential EPERMs we'll try not to call
* PR_SET_SECUREBITS unless necessary. */
@@
-1349,6
+1356,7
@@
void exec_context_init(ExecContext *c) {
c->syslog_level_prefix = true;
c->mount_flags = MS_SHARED;
c->kill_signal = SIGTERM;
c->syslog_level_prefix = true;
c->mount_flags = MS_SHARED;
c->kill_signal = SIGTERM;
+ c->send_sigkill = true;
}
void exec_context_done(ExecContext *c) {
}
void exec_context_done(ExecContext *c) {
@@
-1542,7
+1550,9
@@
void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
prefix, c->tty_path);
if (c->std_output == EXEC_OUTPUT_SYSLOG || c->std_output == EXEC_OUTPUT_KMSG ||
prefix, c->tty_path);
if (c->std_output == EXEC_OUTPUT_SYSLOG || c->std_output == EXEC_OUTPUT_KMSG ||
- c->std_error == EXEC_OUTPUT_SYSLOG || c->std_error == EXEC_OUTPUT_KMSG)
+ c->std_output == EXEC_OUTPUT_SYSLOG_AND_CONSOLE || c->std_output == EXEC_OUTPUT_KMSG_AND_CONSOLE ||
+ c->std_error == EXEC_OUTPUT_SYSLOG || c->std_error == EXEC_OUTPUT_KMSG ||
+ c->std_error == EXEC_OUTPUT_SYSLOG_AND_CONSOLE || c->std_error == EXEC_OUTPUT_KMSG_AND_CONSOLE)
fprintf(f,
"%sSyslogFacility: %s\n"
"%sSyslogLevel: %s\n",
fprintf(f,
"%sSyslogFacility: %s\n"
"%sSyslogLevel: %s\n",
@@
-1618,9
+1628,11
@@
void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
fprintf(f,
"%sKillMode: %s\n"
fprintf(f,
"%sKillMode: %s\n"
- "%sKillSignal: SIG%s\n",
+ "%sKillSignal: SIG%s\n"
+ "%sSendSIGKILL: %s\n",
prefix, kill_mode_to_string(c->kill_mode),
prefix, kill_mode_to_string(c->kill_mode),
- prefix, signal_to_string(c->kill_signal));
+ prefix, signal_to_string(c->kill_signal),
+ prefix, yes_no(c->send_sigkill));
if (c->utmp_id)
fprintf(f,
if (c->utmp_id)
fprintf(f,
@@
-1767,7
+1779,7
@@
void exec_command_append_list(ExecCommand **l, ExecCommand *e) {
assert(e);
if (*l) {
assert(e);
if (*l) {
- /* It's kind
a important
that we keep the order here */
+ /* It's kind
of important,
that we keep the order here */
LIST_FIND_TAIL(ExecCommand, command, *l, end);
LIST_INSERT_AFTER(ExecCommand, command, *l, end, e);
} else
LIST_FIND_TAIL(ExecCommand, command, *l, end);
LIST_INSERT_AFTER(ExecCommand, command, *l, end, e);
} else
@@
-1817,7
+1829,9
@@
static const char* const exec_output_table[_EXEC_OUTPUT_MAX] = {
[EXEC_OUTPUT_NULL] = "null",
[EXEC_OUTPUT_TTY] = "tty",
[EXEC_OUTPUT_SYSLOG] = "syslog",
[EXEC_OUTPUT_NULL] = "null",
[EXEC_OUTPUT_TTY] = "tty",
[EXEC_OUTPUT_SYSLOG] = "syslog",
+ [EXEC_OUTPUT_SYSLOG_AND_CONSOLE] = "syslog+console",
[EXEC_OUTPUT_KMSG] = "kmsg",
[EXEC_OUTPUT_KMSG] = "kmsg",
+ [EXEC_OUTPUT_KMSG_AND_CONSOLE] = "kmsg+console",
[EXEC_OUTPUT_SOCKET] = "socket"
};
[EXEC_OUTPUT_SOCKET] = "socket"
};