1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-31 16:21:26 +03:00

Merge pull request #8083 from shawnl/close-ssh

sd-bus: cleanup ssh sessions (Closes: #8076)
This commit is contained in:
Lennart Poettering 2018-02-09 12:17:26 +01:00 committed by GitHub
commit af77d6f8da
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 34 additions and 2 deletions

View File

@ -806,6 +806,13 @@ void sigkill_waitp(pid_t *pid) {
sigkill_wait(*pid); sigkill_wait(*pid);
} }
void sigterm_wait(pid_t pid) {
assert(pid > 1);
if (kill_and_sigcont(pid, SIGTERM) > 0)
(void) wait_for_terminate(pid, NULL);
}
int kill_and_sigcont(pid_t pid, int sig) { int kill_and_sigcont(pid_t pid, int sig) {
int r; int r;

View File

@ -76,6 +76,7 @@ int wait_for_terminate_with_timeout(pid_t pid, usec_t timeout);
void sigkill_wait(pid_t pid); void sigkill_wait(pid_t pid);
void sigkill_waitp(pid_t *pid); void sigkill_waitp(pid_t *pid);
void sigterm_wait(pid_t pid);
int kill_and_sigcont(pid_t pid, int sig); int kill_and_sigcont(pid_t pid, int sig);

View File

@ -296,6 +296,7 @@ struct sd_bus {
unsigned n_memfd_cache; unsigned n_memfd_cache;
pid_t original_pid; pid_t original_pid;
pid_t busexec_pid;
sd_event_source *input_io_event_source; sd_event_source *input_io_event_source;
sd_event_source *output_io_event_source; sd_event_source *output_io_event_source;

View File

@ -937,18 +937,18 @@ int bus_socket_connect(sd_bus *b) {
int bus_socket_exec(sd_bus *b) { int bus_socket_exec(sd_bus *b) {
int s[2], r; int s[2], r;
pid_t pid;
assert(b); assert(b);
assert(b->input_fd < 0); assert(b->input_fd < 0);
assert(b->output_fd < 0); assert(b->output_fd < 0);
assert(b->exec_path); assert(b->exec_path);
assert(b->busexec_pid == 0);
r = socketpair(AF_UNIX, SOCK_STREAM|SOCK_NONBLOCK|SOCK_CLOEXEC, 0, s); r = socketpair(AF_UNIX, SOCK_STREAM|SOCK_NONBLOCK|SOCK_CLOEXEC, 0, s);
if (r < 0) if (r < 0)
return -errno; return -errno;
r = safe_fork_full("(sd-busexec)", s+1, 1, FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS, &pid); r = safe_fork_full("(sd-busexec)", s+1, 1, FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS, &b->busexec_pid);
if (r < 0) { if (r < 0) {
safe_close_pair(s); safe_close_pair(s);
return r; return r;

View File

@ -22,8 +22,10 @@
#include <netdb.h> #include <netdb.h>
#include <poll.h> #include <poll.h>
#include <pthread.h> #include <pthread.h>
#include <signal.h>
#include <stdlib.h> #include <stdlib.h>
#include <sys/mman.h> #include <sys/mman.h>
#include <sys/wait.h>
#include <unistd.h> #include <unistd.h>
#include "sd-bus.h" #include "sd-bus.h"
@ -1095,6 +1097,13 @@ static int bus_parse_next_address(sd_bus *b) {
return 1; return 1;
} }
static void bus_kill_exec(sd_bus *bus) {
if (pid_is_valid(bus->busexec_pid) > 0) {
sigterm_wait(bus->busexec_pid);
bus->busexec_pid = 0;
}
}
static int bus_start_address(sd_bus *b) { static int bus_start_address(sd_bus *b) {
int r; int r;
@ -1104,6 +1113,8 @@ static int bus_start_address(sd_bus *b) {
bus_close_io_fds(b); bus_close_io_fds(b);
bus_close_inotify_fd(b); bus_close_inotify_fd(b);
bus_kill_exec(b);
/* If you provide multiple different bus-addresses, we /* If you provide multiple different bus-addresses, we
* try all of them in order and use the first one that * try all of them in order and use the first one that
* succeeds. */ * succeeds. */
@ -1507,6 +1518,9 @@ _public_ void sd_bus_close(sd_bus *bus) {
if (bus_pid_changed(bus)) if (bus_pid_changed(bus))
return; return;
/* Don't leave ssh hanging around */
bus_kill_exec(bus);
bus_set_state(bus, BUS_CLOSED); bus_set_state(bus, BUS_CLOSED);
sd_bus_detach_event(bus); sd_bus_detach_event(bus);
@ -1524,6 +1538,9 @@ _public_ sd_bus* sd_bus_flush_close_unref(sd_bus *bus) {
if (!bus) if (!bus)
return NULL; return NULL;
/* Have to do this before flush() to prevent hang */
bus_kill_exec(bus);
sd_bus_flush(bus); sd_bus_flush(bus);
sd_bus_close(bus); sd_bus_close(bus);

View File

@ -1724,6 +1724,8 @@ static int rename_image(int argc, char *argv[], void *userdata) {
sd_bus *bus = userdata; sd_bus *bus = userdata;
int r; int r;
assert(bus);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password); polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = sd_bus_call_method( r = sd_bus_call_method(
@ -1749,6 +1751,8 @@ static int clone_image(int argc, char *argv[], void *userdata) {
sd_bus *bus = userdata; sd_bus *bus = userdata;
int r; int r;
assert(bus);
polkit_agent_open_if_enabled(arg_transport, arg_ask_password); polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
r = sd_bus_message_new_method_call( r = sd_bus_message_new_method_call(
@ -1778,6 +1782,8 @@ static int read_only_image(int argc, char *argv[], void *userdata) {
sd_bus *bus = userdata; sd_bus *bus = userdata;
int b = true, r; int b = true, r;
assert(bus);
if (argc > 2) { if (argc > 2) {
b = parse_boolean(argv[2]); b = parse_boolean(argv[2]);
if (b < 0) { if (b < 0) {