bin/159568: [patch] allow daemon(8) to write pid file in /var/run
without root
Aragon Gouveia
aragon at phat.za.net
Sun Aug 7 01:40:13 UTC 2011
>Number: 159568
>Category: bin
>Synopsis: [patch] allow daemon(8) to write pid file in /var/run without root
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Aug 07 01:40:12 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Aragon Gouveia
>Release: 8.2-RELEASE-p2
>Organization:
>Environment:
FreeBSD fuzz.geek.sh 8.2-RELEASE-p2 FreeBSD 8.2-RELEASE-p2 #0: Sun Jul 10 15:27:35 SAST 2011 toor at igor.geek.sh:/usr/obj/usr/src-RELENG_8_2/sys/FUZZ amd64
>Description:
daemon(8) provides the ability to write a pid file of the daemon it forks. It also provides the ability to drop root privileges of the daemon it forks, however, this feature prevents it from writing a pid file to /var/run.
Attached patch makes daemon(8) open the pid file descriptor before dropping root privileges.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
--- daemon.c.orig 2011-08-07 03:26:47.000000000 +0200
+++ daemon.c 2011-08-07 03:27:04.000000000 +0200
@@ -79,9 +79,6 @@
if (argc == 0)
usage();
- if (user != NULL)
- restrict_process(user);
-
/*
* Try to open the pidfile before calling daemon(3),
* to be able to report the error intelligently
@@ -97,6 +94,9 @@
}
}
+ if (user != NULL)
+ restrict_process(user);
+
if (daemon(nochdir, noclose) == -1)
err(1, NULL);
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list