Mercurial > hg > dhcpcd
comparison src/privsep-root.c @ 5526:b1a3d9055662 draft
privsep: Allow logfile reopening in a chroot
Now that only the privileged actioneer does the actual logging
we can safely reopen the file we are logging to.
This also closes and re-opens the syslog connection.
| author | Roy Marples <roy@marples.name> |
|---|---|
| date | Fri, 30 Oct 2020 14:19:16 +0000 |
| parents | 26b5d9bc2985 |
| children | 071a9ea18363 |
comparison
equal
deleted
inserted
replaced
| 5525:26b5d9bc2985 | 5526:b1a3d9055662 |
|---|---|
| 559 if (err != -1) { | 559 if (err != -1) { |
| 560 rdata = &mtime; | 560 rdata = &mtime; |
| 561 rlen = sizeof(mtime); | 561 rlen = sizeof(mtime); |
| 562 } | 562 } |
| 563 break; | 563 break; |
| 564 case PS_LOGREOPEN: | |
| 565 logclose(); | |
| 566 err = logopen(ctx->logfile); | |
| 567 break; | |
| 564 #ifdef AUTH | 568 #ifdef AUTH |
| 565 case PS_AUTH_MONORDM: | 569 case PS_AUTH_MONORDM: |
| 566 err = ps_root_monordm(data, len); | 570 err = ps_root_monordm(data, len); |
| 567 if (err != -1) { | 571 if (err != -1) { |
| 568 rdata = data; | 572 rdata = data; |
| 779 if (ps_recvpsmsg(ctx, ctx->ps_data_fd, ps_root_dispatchcb, ctx) == -1) | 783 if (ps_recvpsmsg(ctx, ctx->ps_data_fd, ps_root_dispatchcb, ctx) == -1) |
| 780 logerr(__func__); | 784 logerr(__func__); |
| 781 } | 785 } |
| 782 | 786 |
| 783 static void | 787 static void |
| 784 ps_root_syslog(void *arg) | 788 ps_root_log(void *arg) |
| 785 { | 789 { |
| 786 struct dhcpcd_ctx *ctx = arg; | 790 struct dhcpcd_ctx *ctx = arg; |
| 787 | 791 |
| 788 if (loghandlesyslogfd(ctx->ps_syslog_fd) == -1) | 792 if (logreadfd(ctx->ps_log_fd) == -1) |
| 789 logerr(__func__); | 793 logerr(__func__); |
| 790 } | 794 } |
| 791 | 795 |
| 792 pid_t | 796 pid_t |
| 793 ps_root_start(struct dhcpcd_ctx *ctx) | 797 ps_root_start(struct dhcpcd_ctx *ctx) |
| 814 pid = ps_dostart(ctx, &ctx->ps_root_pid, &ctx->ps_root_fd, | 818 pid = ps_dostart(ctx, &ctx->ps_root_pid, &ctx->ps_root_fd, |
| 815 ps_root_recvmsg, NULL, ctx, | 819 ps_root_recvmsg, NULL, ctx, |
| 816 ps_root_startcb, ps_root_signalcb, 0); | 820 ps_root_startcb, ps_root_signalcb, 0); |
| 817 | 821 |
| 818 if (pid == 0) { | 822 if (pid == 0) { |
| 819 ctx->ps_syslog_fd = logfd[1]; | 823 ctx->ps_log_fd = logfd[1]; |
| 820 if (eloop_event_add(ctx->eloop, ctx->ps_syslog_fd, | 824 if (eloop_event_add(ctx->eloop, ctx->ps_log_fd, |
| 821 ps_root_syslog, ctx) == -1) | 825 ps_root_log, ctx) == -1) |
| 822 return -1; | 826 return -1; |
| 823 close(logfd[0]); | 827 close(logfd[0]); |
| 824 ctx->ps_data_fd = datafd[1]; | 828 ctx->ps_data_fd = datafd[1]; |
| 825 close(datafd[0]); | 829 close(datafd[0]); |
| 826 return 0; | 830 return 0; |
| 827 } else if (pid == -1) | 831 } else if (pid == -1) |
| 828 return -1; | 832 return -1; |
| 829 | 833 |
| 830 logsetsyslogfd(logfd[0]); | 834 logsetfd(logfd[0]); |
| 831 close(logfd[1]); | 835 close(logfd[1]); |
| 832 | 836 |
| 833 ctx->ps_data_fd = datafd[0]; | 837 ctx->ps_data_fd = datafd[0]; |
| 834 close(datafd[1]); | 838 close(datafd[1]); |
| 835 if (eloop_event_add(ctx->eloop, ctx->ps_data_fd, | 839 if (eloop_event_add(ctx->eloop, ctx->ps_data_fd, |
| 926 | 930 |
| 927 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_FILEMTIME, 0, | 931 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_FILEMTIME, 0, |
| 928 file, strlen(file) + 1) == -1) | 932 file, strlen(file) + 1) == -1) |
| 929 return -1; | 933 return -1; |
| 930 return ps_root_readerror(ctx, time, sizeof(*time)); | 934 return ps_root_readerror(ctx, time, sizeof(*time)); |
| 935 } | |
| 936 | |
| 937 ssize_t | |
| 938 ps_root_logreopen(struct dhcpcd_ctx *ctx) | |
| 939 { | |
| 940 | |
| 941 if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_LOGREOPEN, 0, NULL, 0) == -1) | |
| 942 return -1; | |
| 943 return ps_root_readerror(ctx, NULL, 0); | |
| 931 } | 944 } |
| 932 | 945 |
| 933 #ifdef PRIVSEP_GETIFADDRS | 946 #ifdef PRIVSEP_GETIFADDRS |
| 934 int | 947 int |
| 935 ps_root_getifaddrs(struct dhcpcd_ctx *ctx, struct ifaddrs **ifahead) | 948 ps_root_getifaddrs(struct dhcpcd_ctx *ctx, struct ifaddrs **ifahead) |