mirror of
https://github.com/systemd/systemd.git
synced 2025-01-13 17:18:18 +03:00
systemctl: make sure the tty agent does not retain a copy of stdio
https://bugzilla.redhat.com/show_bug.cgi?id=674916
This commit is contained in:
parent
cd3f8b7ddb
commit
7f6d613516
14
TODO
14
TODO
@ -14,6 +14,20 @@ Bugs:
|
|||||||
|
|
||||||
Features:
|
Features:
|
||||||
|
|
||||||
|
* make it possible to enable status msgs via RT sigs
|
||||||
|
|
||||||
|
* udisks should not use udisks-part-id, instead use blkid. also not probe /dev/loopxxx
|
||||||
|
|
||||||
|
* snd-seq muss weg
|
||||||
|
|
||||||
|
* mount.tmpfs soll weg und grep weg
|
||||||
|
|
||||||
|
* mdmon is irre
|
||||||
|
|
||||||
|
* gnome-shell python script/glxinfo/is-accelerated wech
|
||||||
|
|
||||||
|
* plymouth muss sauber exiten, wenn's schon läuft
|
||||||
|
|
||||||
* pull in by udev change event instead of only start event
|
* pull in by udev change event instead of only start event
|
||||||
|
|
||||||
* PID heuristik bei Type=forking ausmachbar machen
|
* PID heuristik bei Type=forking ausmachbar machen
|
||||||
|
@ -151,13 +151,15 @@ static void spawn_ask_password_agent(void) {
|
|||||||
|
|
||||||
if (child == 0) {
|
if (child == 0) {
|
||||||
/* In the child */
|
/* In the child */
|
||||||
|
|
||||||
const char * const args[] = {
|
const char * const args[] = {
|
||||||
SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH,
|
SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH,
|
||||||
"--watch",
|
"--watch",
|
||||||
NULL
|
NULL
|
||||||
};
|
};
|
||||||
|
|
||||||
|
int fd;
|
||||||
|
|
||||||
|
/* Make sure the agent goes away when the parent dies */
|
||||||
if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
|
if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
|
||||||
_exit(EXIT_FAILURE);
|
_exit(EXIT_FAILURE);
|
||||||
|
|
||||||
@ -166,6 +168,31 @@ static void spawn_ask_password_agent(void) {
|
|||||||
if (getppid() != parent)
|
if (getppid() != parent)
|
||||||
_exit(EXIT_SUCCESS);
|
_exit(EXIT_SUCCESS);
|
||||||
|
|
||||||
|
/* Don't leak fds to the agent */
|
||||||
|
close_all_fds(NULL, 0);
|
||||||
|
|
||||||
|
/* Detach from stdin/stdout/stderr. and reopen
|
||||||
|
* /dev/tty for them. This is important to ensure that
|
||||||
|
* when systemctl is started via popen() or a similar
|
||||||
|
* call that expects to read EOF we actually do
|
||||||
|
* generate EOF and not delay this indefinitely by
|
||||||
|
* because we keep an unused copy of stdin around. */
|
||||||
|
if ((fd = open("/dev/tty", O_RDWR|O_CLOEXEC|O_NONBLOCK)) < 0) {
|
||||||
|
log_error("Failed to open /dev/tty: %m");
|
||||||
|
_exit(EXIT_FAILURE);
|
||||||
|
}
|
||||||
|
|
||||||
|
close(STDIN_FILENO);
|
||||||
|
close(STDOUT_FILENO);
|
||||||
|
close(STDERR_FILENO);
|
||||||
|
|
||||||
|
dup2(fd, STDIN_FILENO);
|
||||||
|
dup2(fd, STDOUT_FILENO);
|
||||||
|
dup2(fd, STDERR_FILENO);
|
||||||
|
|
||||||
|
if (fd > 2)
|
||||||
|
close(fd);
|
||||||
|
|
||||||
execv(args[0], (char **) args);
|
execv(args[0], (char **) args);
|
||||||
_exit(EXIT_FAILURE);
|
_exit(EXIT_FAILURE);
|
||||||
}
|
}
|
||||||
|
@ -83,7 +83,7 @@ static int ask_password_plymouth(const char *message, usec_t until, const char *
|
|||||||
sa.sa.sa_family = AF_UNIX;
|
sa.sa.sa_family = AF_UNIX;
|
||||||
strncpy(sa.un.sun_path+1, "/org/freedesktop/plymouthd", sizeof(sa.un.sun_path)-1);
|
strncpy(sa.un.sun_path+1, "/org/freedesktop/plymouthd", sizeof(sa.un.sun_path)-1);
|
||||||
if (connect(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + 1 + strlen(sa.un.sun_path+1)) < 0) {
|
if (connect(fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + 1 + strlen(sa.un.sun_path+1)) < 0) {
|
||||||
log_error("FIALED TO CONNECT: %m");
|
log_error("FAILED TO CONNECT: %m");
|
||||||
r = -errno;
|
r = -errno;
|
||||||
goto finish;
|
goto finish;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user