diff options
| author | Roy Marples <roy@marples.name> | 2020-10-30 14:19:16 +0000 |
|---|---|---|
| committer | Roy Marples <roy@marples.name> | 2020-10-30 14:19:16 +0000 |
| commit | c963b6033c4bf32c4c72c725f05a0374d32bd370 (patch) | |
| tree | 0ed95cc585db277566a1d3a8f7bafb4124286c75 /src/dhcpcd.c | |
| parent | c3069de559a30980fa5c72af7e483d912f010002 (diff) | |
| download | dhcpcd-c963b6033c4bf32c4c72c725f05a0374d32bd370.tar.xz | |
privsep: Allow logfile reopening in a chroot
Now that only the privileged actioneer does the actual logging
we can safely reopen the file we are logging to.
This also closes and re-opens the syslog connection.
Diffstat (limited to 'src/dhcpcd.c')
| -rw-r--r-- | src/dhcpcd.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/src/dhcpcd.c b/src/dhcpcd.c index bd4cb74f..169aeec1 100644 --- a/src/dhcpcd.c +++ b/src/dhcpcd.c @@ -1422,10 +1422,14 @@ dhcpcd_signal_cb(int sig, void *arg) return; case SIGUSR2: loginfox(sigmsg, "SIGUSR2", "reopening log"); - /* XXX This may not work that well in a chroot */ - logclose(); - if (logopen(ctx->logfile) == -1) - logerr(__func__); + if (IN_PRIVSEP(ctx)) { + if (ps_root_logreopen(ctx) == -1) + logerr("ps_root_logreopen"); + } else { + logclose(); + if (logopen(ctx->logfile) == -1) + logerr("logopen"); + } return; case SIGCHLD: while (waitpid(-1, NULL, WNOHANG) > 0) @@ -1860,7 +1864,7 @@ main(int argc, char **argv, char **envp) ctx.dhcp6_wfd = -1; #endif #ifdef PRIVSEP - ctx.ps_root_fd = ctx.ps_syslog_fd = ctx.ps_data_fd = -1; + ctx.ps_root_fd = ctx.ps_log_fd = ctx.ps_data_fd = -1; ctx.ps_inet_fd = ctx.ps_control_fd = -1; TAILQ_INIT(&ctx.ps_processes); #endif @@ -2328,6 +2332,7 @@ printpidfile: /* We have now forked, setsid, forked once more. * From this point on, we are the controlling daemon. */ ctx.options |= DHCPCD_STARTED; + logdebugx("spawned master process on PID %d", getpid()); if ((pid = pidfile_lock(ctx.pidfile)) != 0) { logerr("%s: pidfile_lock %d", __func__, pid); #ifdef PRIVSEP |