Site Navigation

Date:      Thu, 3 Apr 2014 16:38:29 +0200
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        d@delphij.net
Cc:        "freebsd-security@freebsd.org" <freebsd-security@freebsd.org>
Subject:   Re: [PATCH] casperd should detach from controlling session
Message-ID:  <20140403143828.GA1703@garage.freebsd.pl>
In-Reply-To: <53279CB0.1020409@delphij.net>
References:  <53221E54.1030600@delphij.net> <20140317092635.GA1645@garage.freebsd.pl> <53279CB0.1020409@delphij.net>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

--AhhlLboLdkugWU4S
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Mar 17, 2014 at 06:09:04PM -0700, Xin Li wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>=20
> On 03/17/14 02:26, Pawel Jakub Dawidek wrote:
> > On Thu, Mar 13, 2014 at 02:08:36PM -0700, Xin Li wrote:
> >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
> >>=20
> >> Hi, Pawel,
> >>=20
> >> I have noticed that casperd's child (zygote) would still use=20
> >> controlling session from parent.  This can be observed by running
> >> ps - -ax on systems running casperd, where the child have a
> >> spurious console associated.
> >>=20
> >> The attached patch would fix it.  May I commit it against -HEAD?
> >=20
> > Hmm, daemon(3) does call setsid(2) already... Are you sure casperd=20
> > wasn't running with -F?
>=20
> Oh, sure daemon(3) indeed does setsid(2) but casperd calls it after
> zygote_init() so it has no effect to the zygote process, [...]

Sorry for dropping the ball. I see the problem now, thanks.

> [...] maybe something like this instead?

I like the first patch better.

> Index: sbin/casperd/casperd.c
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> - --- sbin/casperd/casperd.c	(revision 263272)
> +++ sbin/casperd/casperd.c	(working copy)
> @@ -671,9 +671,6 @@ main(int argc, char *argv[])
>  	pjdlog_prefix_set("(casperd) ");
>  	pjdlog_debug_set(debug);
>=20
> - -	if (zygote_init() < 0)
> - -		pjdlog_exit(1, "Unable to create zygote process");
> - -
>  	pfh =3D pidfile_open(pidfile, 0600, &otherpid);
>  	if (pfh =3D=3D NULL) {
>  		if (errno =3D=3D EEXIST) {
> @@ -699,6 +696,9 @@ main(int argc, char *argv[])
>  		pjdlog_debug(1, "PID stored in %s.", pidfile);
>  	}
>=20
> +	if (zygote_init() < 0)
> +		pjdlog_exit(1, "Unable to create zygote process");
> +
>  	/*
>  	 * Register core services.
>  	 */

--=20
Pawel Jakub Dawidek                       http://www.wheelsystems.com
FreeBSD committer                         http://www.FreeBSD.org
Am I Evil? Yes, I Am!                     http://mobter.com

--AhhlLboLdkugWU4S
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (FreeBSD)

iEYEARECAAYFAlM9cmQACgkQForvXbEpPzSu4gCgttF/AdcUIS7EDhVCkngKqlnq
7+kAoL7qFJCjvyqbPGZLZU6Seum7sLOL
=inxH
-----END PGP SIGNATURE-----

--AhhlLboLdkugWU4S--

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20140403143828.GA1703>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact