zed: set O_CLOEXEC on persistent fds, remove closefrom() from pre-exec
Also don't dup /dev/null over stdio if daemonised Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov> Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz> Closes #11891
This commit is contained in:
parent
d682e20ba4
commit
55cf5a255a
|
@ -425,8 +425,6 @@ zed_conf_scan_dir(struct zed_conf *zcp)
|
||||||
int
|
int
|
||||||
zed_conf_write_pid(struct zed_conf *zcp)
|
zed_conf_write_pid(struct zed_conf *zcp)
|
||||||
{
|
{
|
||||||
const mode_t dirmode = S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH;
|
|
||||||
const mode_t filemode = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH;
|
|
||||||
char buf[PATH_MAX];
|
char buf[PATH_MAX];
|
||||||
int n;
|
int n;
|
||||||
char *p;
|
char *p;
|
||||||
|
@ -454,7 +452,7 @@ zed_conf_write_pid(struct zed_conf *zcp)
|
||||||
if (p)
|
if (p)
|
||||||
*p = '\0';
|
*p = '\0';
|
||||||
|
|
||||||
if ((mkdirp(buf, dirmode) < 0) && (errno != EEXIST)) {
|
if ((mkdirp(buf, 0755) < 0) && (errno != EEXIST)) {
|
||||||
zed_log_msg(LOG_ERR, "Failed to create directory \"%s\": %s",
|
zed_log_msg(LOG_ERR, "Failed to create directory \"%s\": %s",
|
||||||
buf, strerror(errno));
|
buf, strerror(errno));
|
||||||
goto err;
|
goto err;
|
||||||
|
@ -464,7 +462,7 @@ zed_conf_write_pid(struct zed_conf *zcp)
|
||||||
*/
|
*/
|
||||||
mask = umask(0);
|
mask = umask(0);
|
||||||
umask(mask | 022);
|
umask(mask | 022);
|
||||||
zcp->pid_fd = open(zcp->pid_file, (O_RDWR | O_CREAT), filemode);
|
zcp->pid_fd = open(zcp->pid_file, O_RDWR | O_CREAT | O_CLOEXEC, 0644);
|
||||||
umask(mask);
|
umask(mask);
|
||||||
if (zcp->pid_fd < 0) {
|
if (zcp->pid_fd < 0) {
|
||||||
zed_log_msg(LOG_ERR, "Failed to open PID file \"%s\": %s",
|
zed_log_msg(LOG_ERR, "Failed to open PID file \"%s\": %s",
|
||||||
|
@ -529,7 +527,6 @@ int
|
||||||
zed_conf_open_state(struct zed_conf *zcp)
|
zed_conf_open_state(struct zed_conf *zcp)
|
||||||
{
|
{
|
||||||
char dirbuf[PATH_MAX];
|
char dirbuf[PATH_MAX];
|
||||||
mode_t dirmode = S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH;
|
|
||||||
int n;
|
int n;
|
||||||
char *p;
|
char *p;
|
||||||
int rv;
|
int rv;
|
||||||
|
@ -551,7 +548,7 @@ zed_conf_open_state(struct zed_conf *zcp)
|
||||||
if (p)
|
if (p)
|
||||||
*p = '\0';
|
*p = '\0';
|
||||||
|
|
||||||
if ((mkdirp(dirbuf, dirmode) < 0) && (errno != EEXIST)) {
|
if ((mkdirp(dirbuf, 0755) < 0) && (errno != EEXIST)) {
|
||||||
zed_log_msg(LOG_WARNING,
|
zed_log_msg(LOG_WARNING,
|
||||||
"Failed to create directory \"%s\": %s",
|
"Failed to create directory \"%s\": %s",
|
||||||
dirbuf, strerror(errno));
|
dirbuf, strerror(errno));
|
||||||
|
@ -569,7 +566,7 @@ zed_conf_open_state(struct zed_conf *zcp)
|
||||||
(void) unlink(zcp->state_file);
|
(void) unlink(zcp->state_file);
|
||||||
|
|
||||||
zcp->state_fd = open(zcp->state_file,
|
zcp->state_fd = open(zcp->state_file,
|
||||||
(O_RDWR | O_CREAT), (S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH));
|
O_RDWR | O_CREAT | O_CLOEXEC, 0644);
|
||||||
if (zcp->state_fd < 0) {
|
if (zcp->state_fd < 0) {
|
||||||
zed_log_msg(LOG_WARNING, "Failed to open state file \"%s\": %s",
|
zed_log_msg(LOG_WARNING, "Failed to open state file \"%s\": %s",
|
||||||
zcp->state_file, strerror(errno));
|
zcp->state_file, strerror(errno));
|
||||||
|
|
|
@ -54,7 +54,7 @@ zed_event_init(struct zed_conf *zcp)
|
||||||
zed_log_die("Failed to initialize libzfs");
|
zed_log_die("Failed to initialize libzfs");
|
||||||
}
|
}
|
||||||
|
|
||||||
zcp->zevent_fd = open(ZFS_DEV, O_RDWR);
|
zcp->zevent_fd = open(ZFS_DEV, O_RDWR | O_CLOEXEC);
|
||||||
if (zcp->zevent_fd < 0) {
|
if (zcp->zevent_fd < 0) {
|
||||||
if (zcp->do_idle)
|
if (zcp->do_idle)
|
||||||
return (-1);
|
return (-1);
|
||||||
|
|
|
@ -27,7 +27,6 @@
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <pthread.h>
|
#include <pthread.h>
|
||||||
#include "zed_exec.h"
|
#include "zed_exec.h"
|
||||||
#include "zed_file.h"
|
|
||||||
#include "zed_log.h"
|
#include "zed_log.h"
|
||||||
#include "zed_strings.h"
|
#include "zed_strings.h"
|
||||||
|
|
||||||
|
@ -116,7 +115,7 @@ _zed_exec_create_env(zed_strings_t *zsp)
|
||||||
*/
|
*/
|
||||||
static void
|
static void
|
||||||
_zed_exec_fork_child(uint64_t eid, const char *dir, const char *prog,
|
_zed_exec_fork_child(uint64_t eid, const char *dir, const char *prog,
|
||||||
char *env[], int zfd)
|
char *env[], int zfd, boolean_t in_foreground)
|
||||||
{
|
{
|
||||||
char path[PATH_MAX];
|
char path[PATH_MAX];
|
||||||
int n;
|
int n;
|
||||||
|
@ -154,13 +153,13 @@ _zed_exec_fork_child(uint64_t eid, const char *dir, const char *prog,
|
||||||
(void) sigprocmask(SIG_SETMASK, &mask, NULL);
|
(void) sigprocmask(SIG_SETMASK, &mask, NULL);
|
||||||
|
|
||||||
(void) umask(022);
|
(void) umask(022);
|
||||||
if ((fd = open("/dev/null", O_RDWR)) != -1) {
|
if (in_foreground && /* we're already devnulled if daemonised */
|
||||||
|
(fd = open("/dev/null", O_RDWR | O_CLOEXEC)) != -1) {
|
||||||
(void) dup2(fd, STDIN_FILENO);
|
(void) dup2(fd, STDIN_FILENO);
|
||||||
(void) dup2(fd, STDOUT_FILENO);
|
(void) dup2(fd, STDOUT_FILENO);
|
||||||
(void) dup2(fd, STDERR_FILENO);
|
(void) dup2(fd, STDERR_FILENO);
|
||||||
}
|
}
|
||||||
(void) dup2(zfd, ZEVENT_FILENO);
|
(void) dup2(zfd, ZEVENT_FILENO);
|
||||||
zed_file_close_from(ZEVENT_FILENO + 1);
|
|
||||||
execle(path, prog, NULL, env);
|
execle(path, prog, NULL, env);
|
||||||
_exit(127);
|
_exit(127);
|
||||||
}
|
}
|
||||||
|
@ -359,7 +358,7 @@ zed_exec_process(uint64_t eid, const char *class, const char *subclass,
|
||||||
n = strlen(*csp);
|
n = strlen(*csp);
|
||||||
if ((strncmp(z, *csp, n) == 0) && !isalpha(z[n]))
|
if ((strncmp(z, *csp, n) == 0) && !isalpha(z[n]))
|
||||||
_zed_exec_fork_child(eid, zcp->zedlet_dir,
|
_zed_exec_fork_child(eid, zcp->zedlet_dir,
|
||||||
z, e, zcp->zevent_fd);
|
z, e, zcp->zevent_fd, zcp->do_foreground);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
free(e);
|
free(e);
|
||||||
|
|
Loading…
Reference in New Issue