svn commit: r230869 - head/usr.sbin/daemon

Mikolaj Golub trociny at freebsd.org
Sun Feb 5 21:27:16 UTC 2012 

On Sun, 5 Feb 2012 10:39:38 +0100 Pawel Jakub Dawidek wrote:

 PJD> On Sat, Feb 04, 2012 at 08:16:42PM +0200, Mikolaj Golub wrote:
 >> ref8-amd64:/home/trociny% uname -r
 >> 8.2-STABLE
 >> ref8-amd64:/home/trociny% daemon -p /tmp/sleep.pid sleep 10
 >> ref8-amd64:/home/trociny% daemon -p /tmp/sleep.pid sleep 10
 >> daemon: process already running, pid: 19799
 >> 
 >> kopusha:~% uname -r                         
 >> 10.0-CURRENT
 >> kopusha:~% daemon -p /tmp/sleep.pid sleep 10
 >> kopusha:~% daemon -p /tmp/sleep.pid sleep 10
 >> kopusha:~% 

 PJD> Mikolaj, eventhough what we had in 8.2-STABLE looks correct, it also
 PJD> isn't correct.

 PJD> Passing open descriptor to a process that doesn't expect that is bad
 PJD> behaviour. If you pass, eg. open descriptor to a directory and the
 PJD> process is using chroot(2) or jail(2) to sandbox itself it will be able
 PJD> to escape from that sandbox. Passing descriptor to a file has smaller
 PJD> security implication, but it is still wrong. For example hastd, as you
 PJD> probably know, asserts, before sandboxing, that he knows about all open
 PJD> descriptors - if there are some unknown descriptors open it won't run.

 PJD> Also, daemon was passing open descriptor to a pidfile that the child
 PJD> process cannot clean up, because he doesn't know its name. This leaves
 PJD> pidfile with stale PID in it once the process exits, which is also bad.

 PJD> In my opinion, to make daemon(8) work with pidfiles, it cannot exit
 PJD> after executing the given command. It should stay around with pidfile
 PJD> open and just wait for the child to exit. Once the child exits, it
 PJD> should remove the pidfile and also exit.

Ok, using hastd code as a reference :-) here is my implementation.

-- 
Mikolaj Golub

-------------- next part --------------
A non-text attachment was scrubbed...
Name: daemon.c.patch
Type: text/x-patch
Size: 4571 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/svn-src-head/attachments/20120205/0786f0ce/daemon.c.bin

More information about the svn-src-head mailing list