[PATCH] casperd should detach from controlling session

Pawel Jakub Dawidek pjd at FreeBSD.org
Thu Apr 3 14:36:29 UTC 2014 

On Mon, Mar 17, 2014 at 06:09:04PM -0700, Xin Li wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> 
> On 03/17/14 02:26, Pawel Jakub Dawidek wrote:
> > On Thu, Mar 13, 2014 at 02:08:36PM -0700, Xin Li wrote:
> >> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
> >> 
> >> Hi, Pawel,
> >> 
> >> I have noticed that casperd's child (zygote) would still use 
> >> controlling session from parent.  This can be observed by running
> >> ps - -ax on systems running casperd, where the child have a
> >> spurious console associated.
> >> 
> >> The attached patch would fix it.  May I commit it against -HEAD?
> > 
> > Hmm, daemon(3) does call setsid(2) already... Are you sure casperd 
> > wasn't running with -F?
> 
> Oh, sure daemon(3) indeed does setsid(2) but casperd calls it after
> zygote_init() so it has no effect to the zygote process, [...]

Sorry for dropping the ball. I see the problem now, thanks.

> [...] maybe something like this instead?

I like the first patch better.

> Index: sbin/casperd/casperd.c
> ===================================================================
> - --- sbin/casperd/casperd.c	(revision 263272)
> +++ sbin/casperd/casperd.c	(working copy)
> @@ -671,9 +671,6 @@ main(int argc, char *argv[])
>  	pjdlog_prefix_set("(casperd) ");
>  	pjdlog_debug_set(debug);
> 
> - -	if (zygote_init() < 0)
> - -		pjdlog_exit(1, "Unable to create zygote process");
> - -
>  	pfh = pidfile_open(pidfile, 0600, &otherpid);
>  	if (pfh == NULL) {
>  		if (errno == EEXIST) {
> @@ -699,6 +696,9 @@ main(int argc, char *argv[])
>  		pjdlog_debug(1, "PID stored in %s.", pidfile);
>  	}
> 
> +	if (zygote_init() < 0)
> +		pjdlog_exit(1, "Unable to create zygote process");
> +
>  	/*
>  	 * Register core services.
>  	 */

-- 
Pawel Jakub Dawidek                       http://www.wheelsystems.com
FreeBSD committer                         http://www.FreeBSD.org
Am I Evil? Yes, I Am!                     http://mobter.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-security/attachments/20140403/08869005/attachment.sig>

More information about the freebsd-security mailing list