chutzpah 14/07/07 22:08:36
Added: lldpd-0.7.9-dont-fork-after-making-pidfile.patch
lldpd-initd-2
Log:
Revision bump, add patch to make pidfile creation work properly with
privilege separation. Rework init script to be much more robust.
(Portage version: 2.2.10/cvs/Linux x86_64, signed Manifest commit with key
0xE3F69979BB4B8928DA78E3D17CBF44EF)
Revision Changes Path
1.1
net-misc/lldpd/files/lldpd-0.7.9-dont-fork-after-making-pidfile.patch
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-misc/lldpd/files/lldpd-0.7.9-dont-fork-after-making-pidfile.patch?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-misc/lldpd/files/lldpd-0.7.9-dont-fork-after-making-pidfile.patch?rev=1.1&content-type=text/plain
Index: lldpd-0.7.9-dont-fork-after-making-pidfile.patch
===================================================================
diff --git a/src/daemon/lldpd.c b/src/daemon/lldpd.c
index 4c32f27..09bee41 100644
--- a/src/daemon/lldpd.c
+++ b/src/daemon/lldpd.c
@@ -1264,7 +1264,7 @@ lldpd_main(int argc, char *argv[], char *envp[])
{
struct lldpd *cfg;
struct lldpd_chassis *lchassis;
- int ch, debug = 0;
+ int ch, debug = 0, create_pid = 0;
#ifdef USE_SNMP
int snmp = 0;
char *agentx = NULL; /* AgentX socket */
@@ -1464,34 +1464,24 @@ lldpd_main(int argc, char *argv[], char *envp[])
/* Disable SIGPIPE */
signal(SIGPIPE, SIG_IGN);
- /* Configuration with lldpcli */
- if (lldpcli) {
- log_debug("main", "invoking lldpcli for configuration");
- if (lldpd_configure(debug, lldpcli, ctlname) == -1)
- fatal("main", "unable to spawn lldpcli");
- }
-
/* Daemonization, unless started by upstart, systemd or launchd or
debug */
#ifndef HOST_OS_OSX
if (!lldpd_started_by_upstart() && !lldpd_started_by_systemd() &&
!debug) {
- int pid;
- char *spid;
log_debug("main", "daemonize");
if (daemon(0, 0) != 0)
fatal("main", "failed to detach daemon");
- if ((pid = open(LLDPD_PID_FILE,
- O_TRUNC | O_CREAT | O_WRONLY, 0666)) == -1)
- fatal("main", "unable to open pid file "
LLDPD_PID_FILE);
- if (asprintf(&spid, "%d\n", getpid()) == -1)
- fatal("main", "unable to create pid file "
LLDPD_PID_FILE);
- if (write(pid, spid, strlen(spid)) == -1)
- fatal("main", "unable to write pid file "
LLDPD_PID_FILE);
- free(spid);
- close(pid);
+ create_pid++;
}
#endif
+ /* Configuration with lldpcli */
+ if (lldpcli) {
+ log_debug("main", "invoking lldpcli for configuration");
+ if (lldpd_configure(debug, lldpcli, ctlname) == -1)
+ fatal("main", "unable to spawn lldpcli");
+ }
+
/* Try to read system information from /etc/os-release if possible.
Fall back to lsb_release for compatibility. */
log_debug("main", "get OS/LSB release information");
@@ -1501,7 +1491,7 @@ lldpd_main(int argc, char *argv[], char *envp[])
}
log_debug("main", "initialize privilege separation");
- priv_init(PRIVSEP_CHROOT, ctl, uid, gid);
+ priv_init(PRIVSEP_CHROOT, ctl, uid, gid, create_pid);
/* Initialization of global configuration */
if ((cfg = (struct lldpd *)
diff --git a/src/daemon/lldpd.h b/src/daemon/lldpd.h
index 797623c..887ca9a 100644
--- a/src/daemon/lldpd.h
+++ b/src/daemon/lldpd.h
@@ -220,7 +220,7 @@ client_handle_client(struct lldpd *cfg,
int*);
/* priv.c */
-void priv_init(const char*, int, uid_t, gid_t);
+void priv_init(const char*, int, uid_t, gid_t, int);
void priv_wait(void);
void priv_ctl_cleanup(const char *ctlname);
char *priv_gethostbyname(void);
diff --git a/src/daemon/priv.c b/src/daemon/priv.c
index b6341e4..9903bce 100644
--- a/src/daemon/priv.c
+++ b/src/daemon/priv.c
@@ -71,6 +71,24 @@ int res_init (void);
static int monitored = -1; /* Child */
#endif
+/* make pidfile on Linux systems */
+void write_pidfile()
+{
+#ifndef HOST_OS_OSX
+ int pid;
+ char *spid;
+
+ if ((pid = open(LLDPD_PID_FILE, O_TRUNC | O_CREAT | O_WRONLY, 0666)) ==
-1)
+ fatal("main", "unable to open pid file " LLDPD_PID_FILE);
+ if (asprintf(&spid, "%d\n", getpid()) == -1)
+ fatal("main", "unable to create pid file " LLDPD_PID_FILE);
+ if (write(pid, spid, strlen(spid)) == -1)
+ fatal("main", "unable to write pid file " LLDPD_PID_FILE);
+ free(spid);
+ close(pid);
+#endif
+}
+
/* Proxies */
static void
priv_ping()
@@ -569,7 +587,7 @@ priv_setup_chroot(const char *chrootdir)
#endif
void
-priv_init(const char *chrootdir, int ctl, uid_t uid, gid_t gid)
+priv_init(const char *chrootdir, int ctl, uid_t uid, gid_t gid, int create_pid)
{
int pair[2];
@@ -587,6 +605,8 @@ priv_init(const char *chrootdir, int ctl, uid_t uid, gid_t
gid)
/* Spawn off monitor */
if ((monitored = fork()) < 0)
fatal("privsep", "unable to fork monitor");
+ if (create_pid != 0)
+ write_pidfile();
switch (monitored) {
case 0:
/* We are in the children, drop privileges */
@@ -649,6 +669,8 @@ priv_init(const char *chrootdir, int ctl, uid_t uid, gid_t
gid)
exit(0);
}
#else
+ if (create_pid != 0)
+ write_pidfile();
log_warnx("priv", "no privilege separation available");
priv_ping();
#endif
1.1 net-misc/lldpd/files/lldpd-initd-2
file :
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-misc/lldpd/files/lldpd-initd-2?rev=1.1&view=markup
plain:
http://sources.gentoo.org/viewvc.cgi/gentoo-x86/net-misc/lldpd/files/lldpd-initd-2?rev=1.1&content-type=text/plain
Index: lldpd-initd-2
===================================================================
#!/sbin/runscript
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-misc/lldpd/files/lldpd-initd-2,v 1.1
2014/07/07 22:08:36 chutzpah Exp $
name=lldpd
pidfile=/run/lldpd.pid
command=/usr/sbin/lldpd
required_dirs="/run/lldpd"
retry="TERM/10/KILL/5"
depend() {
use net
}
stop_post() {
# make sure to clean up any remaining lldpcli processes
pkill lldpcli || true
}
# vim:ft=gentoo-init-d:noet:ts=4:sts=4:sw=4:
