Mercurial > hg > dhcpcd

diff src/privsep-root.c @ 5526:b1a3d9055662 draft

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
privsep: Allow logfile reopening in a chroot Now that only the privileged actioneer does the actual logging we can safely reopen the file we are logging to. This also closes and re-opens the syslog connection.
author Roy Marples <roy@marples.name>
date Fri, 30 Oct 2020 14:19:16 +0000
parents 26b5d9bc2985
children 071a9ea18363
line wrap: on
line diff
--- a/src/privsep-root.c	Fri Oct 30 03:43:51 2020 +0000
+++ b/src/privsep-root.c	Fri Oct 30 14:19:16 2020 +0000
@@ -561,6 +561,10 @@
 			rlen = sizeof(mtime);
 		}
 		break;
+	case PS_LOGREOPEN:
+		logclose();
+		err = logopen(ctx->logfile);
+		break;
 #ifdef AUTH
 	case PS_AUTH_MONORDM:
 		err = ps_root_monordm(data, len);
@@ -781,11 +785,11 @@
 }
 
 static void
-ps_root_syslog(void *arg)
+ps_root_log(void *arg)
 {
 	struct dhcpcd_ctx *ctx = arg;
 
-	if (loghandlesyslogfd(ctx->ps_syslog_fd) == -1)
+	if (logreadfd(ctx->ps_log_fd) == -1)
 		logerr(__func__);
 }
 
@@ -816,9 +820,9 @@
 	    ps_root_startcb, ps_root_signalcb, 0);
 
 	if (pid == 0) {
-		ctx->ps_syslog_fd = logfd[1];
-		if (eloop_event_add(ctx->eloop, ctx->ps_syslog_fd,
-		    ps_root_syslog, ctx) == -1)
+		ctx->ps_log_fd = logfd[1];
+		if (eloop_event_add(ctx->eloop, ctx->ps_log_fd,
+		    ps_root_log, ctx) == -1)
 			return -1;
 		close(logfd[0]);
 		ctx->ps_data_fd = datafd[1];
@@ -827,7 +831,7 @@
 	} else if (pid == -1)
 		return -1;
 
-	logsetsyslogfd(logfd[0]);
+	logsetfd(logfd[0]);
 	close(logfd[1]);
 
 	ctx->ps_data_fd = datafd[0];
@@ -930,6 +934,15 @@
 	return ps_root_readerror(ctx, time, sizeof(*time));
 }
 
+ssize_t
+ps_root_logreopen(struct dhcpcd_ctx *ctx)
+{
+
+	if (ps_sendcmd(ctx, ctx->ps_root_fd, PS_LOGREOPEN, 0, NULL, 0) == -1)
+		return -1;
+	return ps_root_readerror(ctx, NULL, 0);
+}
+
 #ifdef PRIVSEP_GETIFADDRS
 int
 ps_root_getifaddrs(struct dhcpcd_ctx *ctx, struct ifaddrs **ifahead)