diff options
author | наб <[email protected]> | 2021-04-12 14:07:14 +0200 |
---|---|---|
committer | Brian Behlendorf <[email protected]> | 2021-04-15 13:46:02 -0700 |
commit | aa6a14c0d5c388d38720024561679ae4f7d5e67d (patch) | |
tree | 0cda61fea68026392670e6954e4880b102482421 /cmd | |
parent | 414f7249dc32a579060441a644387a58e91d300a (diff) |
zed: set O_CLOEXEC on persistent fds, remove closefrom() from pre-exec
Also don't dup /dev/null over stdio if daemonised
Reviewed-by: Brian Behlendorf <[email protected]>
Signed-off-by: Ahelenia Ziemiańska <[email protected]>
Closes #11891
Diffstat (limited to 'cmd')
-rw-r--r-- | cmd/zed/zed_conf.c | 11 | ||||
-rw-r--r-- | cmd/zed/zed_event.c | 2 | ||||
-rw-r--r-- | cmd/zed/zed_exec.c | 9 |
3 files changed, 9 insertions, 13 deletions
diff --git a/cmd/zed/zed_conf.c b/cmd/zed/zed_conf.c index b66b67b53..b95108fd2 100644 --- a/cmd/zed/zed_conf.c +++ b/cmd/zed/zed_conf.c @@ -425,8 +425,6 @@ zed_conf_scan_dir(struct zed_conf *zcp) int zed_conf_write_pid(struct zed_conf *zcp) { - const mode_t dirmode = S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH; - const mode_t filemode = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH; char buf[PATH_MAX]; int n; char *p; @@ -454,7 +452,7 @@ zed_conf_write_pid(struct zed_conf *zcp) if (p) *p = '\0'; - if ((mkdirp(buf, dirmode) < 0) && (errno != EEXIST)) { + if ((mkdirp(buf, 0755) < 0) && (errno != EEXIST)) { zed_log_msg(LOG_ERR, "Failed to create directory \"%s\": %s", buf, strerror(errno)); goto err; @@ -464,7 +462,7 @@ zed_conf_write_pid(struct zed_conf *zcp) */ mask = umask(0); umask(mask | 022); - zcp->pid_fd = open(zcp->pid_file, (O_RDWR | O_CREAT), filemode); + zcp->pid_fd = open(zcp->pid_file, O_RDWR | O_CREAT | O_CLOEXEC, 0644); umask(mask); if (zcp->pid_fd < 0) { zed_log_msg(LOG_ERR, "Failed to open PID file \"%s\": %s", @@ -529,7 +527,6 @@ int zed_conf_open_state(struct zed_conf *zcp) { char dirbuf[PATH_MAX]; - mode_t dirmode = S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH; int n; char *p; int rv; @@ -551,7 +548,7 @@ zed_conf_open_state(struct zed_conf *zcp) if (p) *p = '\0'; - if ((mkdirp(dirbuf, dirmode) < 0) && (errno != EEXIST)) { + if ((mkdirp(dirbuf, 0755) < 0) && (errno != EEXIST)) { zed_log_msg(LOG_WARNING, "Failed to create directory \"%s\": %s", dirbuf, strerror(errno)); @@ -569,7 +566,7 @@ zed_conf_open_state(struct zed_conf *zcp) (void) unlink(zcp->state_file); zcp->state_fd = open(zcp->state_file, - (O_RDWR | O_CREAT), (S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH)); + O_RDWR | O_CREAT | O_CLOEXEC, 0644); if (zcp->state_fd < 0) { zed_log_msg(LOG_WARNING, "Failed to open state file \"%s\": %s", zcp->state_file, strerror(errno)); diff --git a/cmd/zed/zed_event.c b/cmd/zed/zed_event.c index 5e28bb22c..232b88a13 100644 --- a/cmd/zed/zed_event.c +++ b/cmd/zed/zed_event.c @@ -54,7 +54,7 @@ zed_event_init(struct zed_conf *zcp) zed_log_die("Failed to initialize libzfs"); } - zcp->zevent_fd = open(ZFS_DEV, O_RDWR); + zcp->zevent_fd = open(ZFS_DEV, O_RDWR | O_CLOEXEC); if (zcp->zevent_fd < 0) { if (zcp->do_idle) return (-1); diff --git a/cmd/zed/zed_exec.c b/cmd/zed/zed_exec.c index b1756c538..8c8452ca7 100644 --- a/cmd/zed/zed_exec.c +++ b/cmd/zed/zed_exec.c @@ -27,7 +27,6 @@ #include <unistd.h> #include <pthread.h> #include "zed_exec.h" -#include "zed_file.h" #include "zed_log.h" #include "zed_strings.h" @@ -116,7 +115,7 @@ _zed_exec_create_env(zed_strings_t *zsp) */ static void _zed_exec_fork_child(uint64_t eid, const char *dir, const char *prog, - char *env[], int zfd) + char *env[], int zfd, boolean_t in_foreground) { char path[PATH_MAX]; int n; @@ -154,13 +153,13 @@ _zed_exec_fork_child(uint64_t eid, const char *dir, const char *prog, (void) sigprocmask(SIG_SETMASK, &mask, NULL); (void) umask(022); - if ((fd = open("/dev/null", O_RDWR)) != -1) { + if (in_foreground && /* we're already devnulled if daemonised */ + (fd = open("/dev/null", O_RDWR | O_CLOEXEC)) != -1) { (void) dup2(fd, STDIN_FILENO); (void) dup2(fd, STDOUT_FILENO); (void) dup2(fd, STDERR_FILENO); } (void) dup2(zfd, ZEVENT_FILENO); - zed_file_close_from(ZEVENT_FILENO + 1); execle(path, prog, NULL, env); _exit(127); } @@ -359,7 +358,7 @@ zed_exec_process(uint64_t eid, const char *class, const char *subclass, n = strlen(*csp); if ((strncmp(z, *csp, n) == 0) && !isalpha(z[n])) _zed_exec_fork_child(eid, zcp->zedlet_dir, - z, e, zcp->zevent_fd); + z, e, zcp->zevent_fd, zcp->do_foreground); } } free(e); |