chiark
/
gitweb
/
~ianmdlvl
/
elogind.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (from parent 1:
ab861dd
)
execute: close inherited fds earlier
author
Lennart Poettering
<lennart@poettering.net>
Mon, 12 Jul 2010 18:34:53 +0000
(20:34 +0200)
committer
Lennart Poettering
<lennart@poettering.net>
Mon, 12 Jul 2010 18:34:53 +0000
(20:34 +0200)
src/execute.c
patch
|
blob
|
history
diff --git
a/src/execute.c
b/src/execute.c
index 6363719cdeb80e10d3e1ce7480e541f24f02e2b7..5483b6949eae57814eb14236e4a5f1104d1c69a5 100644
(file)
--- a/
src/execute.c
+++ b/
src/execute.c
@@
-968,6
+968,14
@@
int exec_spawn(ExecCommand *command,
goto fail;
}
goto fail;
}
+ /* Close sockets very early to make sure we don' block
+ * init reexecution because it cannot bind its sockets
+ * or so */
+ if (close_all_fds(fds, n_fds) < 0) {
+ r = EXIT_FDS;
+ goto fail;
+ }
+
if (!context->same_pgrp)
if (setsid() < 0) {
r = EXIT_SETSID;
if (!context->same_pgrp)
if (setsid() < 0) {
r = EXIT_SETSID;
@@
-1111,16
+1119,6
@@
int exec_spawn(ExecCommand *command,
#ifdef HAVE_PAM
if (context->pam_name && username) {
#ifdef HAVE_PAM
if (context->pam_name && username) {
- /* Make sure no fds leak into the PAM
- * supervisor process. We will call this later
- * on again to make sure that any fds leaked
- * by the PAM modules get closed before our
- * exec(). */
- if (close_all_fds(fds, n_fds) < 0) {
- r = EXIT_FDS;
- goto fail;
- }
-
if (setup_pam(context->pam_name, username, context->tty_path, &pam_env, fds, n_fds) < 0) {
r = EXIT_PAM;
goto fail;
if (setup_pam(context->pam_name, username, context->tty_path, &pam_env, fds, n_fds) < 0) {
r = EXIT_PAM;
goto fail;
@@
-1180,6
+1178,8
@@
int exec_spawn(ExecCommand *command,
free(d);
}
free(d);
}
+ /* We repeat the fd closing here, to make sure that
+ * nothing is leaked from the PAM modules */
if (close_all_fds(fds, n_fds) < 0 ||
shift_fds(fds, n_fds) < 0 ||
flags_fds(fds, n_fds, context->non_blocking) < 0) {
if (close_all_fds(fds, n_fds) < 0 ||
shift_fds(fds, n_fds) < 0 ||
flags_fds(fds, n_fds, context->non_blocking) < 0) {