1 |
chutzpah 14/07/07 22:08:36 |
2 |
|
3 |
Added: lldpd-0.7.9-dont-fork-after-making-pidfile.patch |
4 |
lldpd-initd-2 |
5 |
Log: |
6 |
Revision bump, add patch to make pidfile creation work properly with privilege separation. Rework init script to be much more robust. |
7 |
|
8 |
(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key 0xE3F69979BB4B8928DA78E3D17CBF44EF) |
9 |
|
10 |
Revision Changes Path |
11 |
1.1 net-misc/lldpd/files/lldpd-0.7.9-dont-fork-after-making-pidfile.patch |
12 |
|
13 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-misc/lldpd/files/lldpd-0.7.9-dont-fork-after-making-pidfile.patch?rev=1.1&view=markup |
14 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-misc/lldpd/files/lldpd-0.7.9-dont-fork-after-making-pidfile.patch?rev=1.1&content-type=text/plain |
15 |
|
16 |
Index: lldpd-0.7.9-dont-fork-after-making-pidfile.patch |
17 |
=================================================================== |
18 |
diff --git a/src/daemon/lldpd.c b/src/daemon/lldpd.c |
19 |
index 4c32f27..09bee41 100644 |
20 |
--- a/src/daemon/lldpd.c |
21 |
+++ b/src/daemon/lldpd.c |
22 |
@@ -1264,7 +1264,7 @@ lldpd_main(int argc, char *argv[], char *envp[]) |
23 |
{ |
24 |
struct lldpd *cfg; |
25 |
struct lldpd_chassis *lchassis; |
26 |
- int ch, debug = 0; |
27 |
+ int ch, debug = 0, create_pid = 0; |
28 |
#ifdef USE_SNMP |
29 |
int snmp = 0; |
30 |
char *agentx = NULL; /* AgentX socket */ |
31 |
@@ -1464,34 +1464,24 @@ lldpd_main(int argc, char *argv[], char *envp[]) |
32 |
/* Disable SIGPIPE */ |
33 |
signal(SIGPIPE, SIG_IGN); |
34 |
|
35 |
- /* Configuration with lldpcli */ |
36 |
- if (lldpcli) { |
37 |
- log_debug("main", "invoking lldpcli for configuration"); |
38 |
- if (lldpd_configure(debug, lldpcli, ctlname) == -1) |
39 |
- fatal("main", "unable to spawn lldpcli"); |
40 |
- } |
41 |
- |
42 |
/* Daemonization, unless started by upstart, systemd or launchd or debug */ |
43 |
#ifndef HOST_OS_OSX |
44 |
if (!lldpd_started_by_upstart() && !lldpd_started_by_systemd() && |
45 |
!debug) { |
46 |
- int pid; |
47 |
- char *spid; |
48 |
log_debug("main", "daemonize"); |
49 |
if (daemon(0, 0) != 0) |
50 |
fatal("main", "failed to detach daemon"); |
51 |
- if ((pid = open(LLDPD_PID_FILE, |
52 |
- O_TRUNC | O_CREAT | O_WRONLY, 0666)) == -1) |
53 |
- fatal("main", "unable to open pid file " LLDPD_PID_FILE); |
54 |
- if (asprintf(&spid, "%d\n", getpid()) == -1) |
55 |
- fatal("main", "unable to create pid file " LLDPD_PID_FILE); |
56 |
- if (write(pid, spid, strlen(spid)) == -1) |
57 |
- fatal("main", "unable to write pid file " LLDPD_PID_FILE); |
58 |
- free(spid); |
59 |
- close(pid); |
60 |
+ create_pid++; |
61 |
} |
62 |
#endif |
63 |
|
64 |
+ /* Configuration with lldpcli */ |
65 |
+ if (lldpcli) { |
66 |
+ log_debug("main", "invoking lldpcli for configuration"); |
67 |
+ if (lldpd_configure(debug, lldpcli, ctlname) == -1) |
68 |
+ fatal("main", "unable to spawn lldpcli"); |
69 |
+ } |
70 |
+ |
71 |
/* Try to read system information from /etc/os-release if possible. |
72 |
Fall back to lsb_release for compatibility. */ |
73 |
log_debug("main", "get OS/LSB release information"); |
74 |
@@ -1501,7 +1491,7 @@ lldpd_main(int argc, char *argv[], char *envp[]) |
75 |
} |
76 |
|
77 |
log_debug("main", "initialize privilege separation"); |
78 |
- priv_init(PRIVSEP_CHROOT, ctl, uid, gid); |
79 |
+ priv_init(PRIVSEP_CHROOT, ctl, uid, gid, create_pid); |
80 |
|
81 |
/* Initialization of global configuration */ |
82 |
if ((cfg = (struct lldpd *) |
83 |
diff --git a/src/daemon/lldpd.h b/src/daemon/lldpd.h |
84 |
index 797623c..887ca9a 100644 |
85 |
--- a/src/daemon/lldpd.h |
86 |
+++ b/src/daemon/lldpd.h |
87 |
@@ -220,7 +220,7 @@ client_handle_client(struct lldpd *cfg, |
88 |
int*); |
89 |
|
90 |
/* priv.c */ |
91 |
-void priv_init(const char*, int, uid_t, gid_t); |
92 |
+void priv_init(const char*, int, uid_t, gid_t, int); |
93 |
void priv_wait(void); |
94 |
void priv_ctl_cleanup(const char *ctlname); |
95 |
char *priv_gethostbyname(void); |
96 |
diff --git a/src/daemon/priv.c b/src/daemon/priv.c |
97 |
index b6341e4..9903bce 100644 |
98 |
--- a/src/daemon/priv.c |
99 |
+++ b/src/daemon/priv.c |
100 |
@@ -71,6 +71,24 @@ int res_init (void); |
101 |
static int monitored = -1; /* Child */ |
102 |
#endif |
103 |
|
104 |
+/* make pidfile on Linux systems */ |
105 |
+void write_pidfile() |
106 |
+{ |
107 |
+#ifndef HOST_OS_OSX |
108 |
+ int pid; |
109 |
+ char *spid; |
110 |
+ |
111 |
+ if ((pid = open(LLDPD_PID_FILE, O_TRUNC | O_CREAT | O_WRONLY, 0666)) == -1) |
112 |
+ fatal("main", "unable to open pid file " LLDPD_PID_FILE); |
113 |
+ if (asprintf(&spid, "%d\n", getpid()) == -1) |
114 |
+ fatal("main", "unable to create pid file " LLDPD_PID_FILE); |
115 |
+ if (write(pid, spid, strlen(spid)) == -1) |
116 |
+ fatal("main", "unable to write pid file " LLDPD_PID_FILE); |
117 |
+ free(spid); |
118 |
+ close(pid); |
119 |
+#endif |
120 |
+} |
121 |
+ |
122 |
/* Proxies */ |
123 |
static void |
124 |
priv_ping() |
125 |
@@ -569,7 +587,7 @@ priv_setup_chroot(const char *chrootdir) |
126 |
#endif |
127 |
|
128 |
void |
129 |
-priv_init(const char *chrootdir, int ctl, uid_t uid, gid_t gid) |
130 |
+priv_init(const char *chrootdir, int ctl, uid_t uid, gid_t gid, int create_pid) |
131 |
{ |
132 |
|
133 |
int pair[2]; |
134 |
@@ -587,6 +605,8 @@ priv_init(const char *chrootdir, int ctl, uid_t uid, gid_t gid) |
135 |
/* Spawn off monitor */ |
136 |
if ((monitored = fork()) < 0) |
137 |
fatal("privsep", "unable to fork monitor"); |
138 |
+ if (create_pid != 0) |
139 |
+ write_pidfile(); |
140 |
switch (monitored) { |
141 |
case 0: |
142 |
/* We are in the children, drop privileges */ |
143 |
@@ -649,6 +669,8 @@ priv_init(const char *chrootdir, int ctl, uid_t uid, gid_t gid) |
144 |
exit(0); |
145 |
} |
146 |
#else |
147 |
+ if (create_pid != 0) |
148 |
+ write_pidfile(); |
149 |
log_warnx("priv", "no privilege separation available"); |
150 |
priv_ping(); |
151 |
#endif |
152 |
|
153 |
|
154 |
|
155 |
1.1 net-misc/lldpd/files/lldpd-initd-2 |
156 |
|
157 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-misc/lldpd/files/lldpd-initd-2?rev=1.1&view=markup |
158 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-misc/lldpd/files/lldpd-initd-2?rev=1.1&content-type=text/plain |
159 |
|
160 |
Index: lldpd-initd-2 |
161 |
=================================================================== |
162 |
#!/sbin/runscript |
163 |
# Copyright 1999-2014 Gentoo Foundation |
164 |
# Distributed under the terms of the GNU General Public License v2 |
165 |
# $Header: /var/cvsroot/gentoo-x86/net-misc/lldpd/files/lldpd-initd-2,v 1.1 2014/07/07 22:08:36 chutzpah Exp $ |
166 |
|
167 |
name=lldpd |
168 |
pidfile=/run/lldpd.pid |
169 |
command=/usr/sbin/lldpd |
170 |
required_dirs="/run/lldpd" |
171 |
retry="TERM/10/KILL/5" |
172 |
|
173 |
depend() { |
174 |
use net |
175 |
} |
176 |
|
177 |
stop_post() { |
178 |
# make sure to clean up any remaining lldpcli processes |
179 |
pkill lldpcli || true |
180 |
} |
181 |
|
182 |
# vim:ft=gentoo-init-d:noet:ts=4:sts=4:sw=4: |