diff options
| author | Jake Freeland <jfree@FreeBSD.org> | 2023-09-01 02:51:17 +0000 |
|---|---|---|
| committer | Mark Johnston <markj@FreeBSD.org> | 2023-09-28 15:51:54 +0000 |
| commit | 7428ebfe7e25d56e2a5853d36d2c34c54a2f4db3 (patch) | |
| tree | c8b7171c028b8c22aa4fa294ed017033310652c1 | |
| parent | c3175a6e1c5a4b6337368ea140e3a3837b327ef2 (diff) | |
| download | src-7428ebfe7e25d56e2a5853d36d2c34c54a2f4db3.tar.gz src-7428ebfe7e25d56e2a5853d36d2c34c54a2f4db3.zip | |
syslogd: Pre-open null file descriptor
Open _PATH_DEVNULL before entering capability mode. Access to /dev/null
is needed for dup2() when piping commands.
Reviewed by: markj
MFC after: 3 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D41381
| -rw-r--r-- | usr.sbin/syslogd/syslogd.c | 27 |
1 files changed, 13 insertions, 14 deletions
diff --git a/usr.sbin/syslogd/syslogd.c b/usr.sbin/syslogd/syslogd.c index 9f4c21cab026..2ff39d8c3676 100644 --- a/usr.sbin/syslogd/syslogd.c +++ b/usr.sbin/syslogd/syslogd.c @@ -398,6 +398,7 @@ static const int sigcatch[] = { SIGCHLD, }; +static int nulldesc; /* /dev/null descriptor */ static bool Debug; /* debug flag */ static bool Foreground = false; /* Run in foreground, instead of daemonizing */ static bool resolve = true; /* resolve hostname */ @@ -803,6 +804,14 @@ main(int argc, char *argv[]) consfile.f_file = -1; (void)strlcpy(consfile.fu_fname, _PATH_CONSOLE + sizeof(_PATH_DEV) - 1, sizeof(consfile.fu_fname)); + + nulldesc = open(_PATH_DEVNULL, O_RDWR); + if (nulldesc == -1) { + warn("cannot open %s", _PATH_DEVNULL); + pidfile_remove(pfh); + exit(1); + } + (void)strlcpy(bootfile, getbootfile(), sizeof(bootfile)); if ((!Foreground) && (!Debug)) { @@ -3235,7 +3244,6 @@ markit(void) static int waitdaemon(int maxwait) { - int fd; int status; pid_t pid, childpid; @@ -3266,13 +3274,9 @@ waitdaemon(int maxwait) return (-1); (void)chdir("/"); - if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { - (void)dup2(fd, STDIN_FILENO); - (void)dup2(fd, STDOUT_FILENO); - (void)dup2(fd, STDERR_FILENO); - if (fd > STDERR_FILENO) - (void)close(fd); - } + (void)dup2(nulldesc, STDIN_FILENO); + (void)dup2(nulldesc, STDOUT_FILENO); + (void)dup2(nulldesc, STDERR_FILENO); return (getppid()); } @@ -3595,20 +3599,16 @@ static int p_open(const char *prog, int *rpd) { sigset_t sigset = { }; - int nulldesc, pfd[2], pd; + int pfd[2], pd; pid_t pid; char *argv[4]; /* sh -c cmd NULL */ char errmsg[200]; if (pipe(pfd) == -1) return (-1); - if ((nulldesc = open(_PATH_DEVNULL, O_RDWR)) == -1) - /* we are royally screwed anyway */ - return (-1); switch ((pid = pdfork(&pd, PD_CLOEXEC))) { case -1: - close(nulldesc); return (-1); case 0: @@ -3639,7 +3639,6 @@ p_open(const char *prog, int *rpd) (void)execvp(_PATH_BSHELL, argv); _exit(255); } - close(nulldesc); close(pfd[0]); /* * Avoid blocking on a hung pipe. With O_NONBLOCK, we are |