snmpd: dup open ttys to /dev/null in demons mode

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

snmpd: dup open ttys to /dev/null in demons mode

Jan Klemkow
Hi,

This diff is similar to bluhm@'s fix for httpd and relayd, but for snmpd.

> During the fork+exec implementation, daemon(3) was moved after
> proc_init().  As a consequence httpd(8) and relayd(8) child processes
> do not detach from the terminal anymore.  Dup /dev/null to the stdio
> file descriptors in the children.

bye,
Jan

Index: proc.c
===================================================================
RCS file: /cvs/src/usr.sbin/snmpd/proc.c,v
retrieving revision 1.25
diff -u -p -r1.25 proc.c
--- proc.c 5 Aug 2018 09:33:13 -0000 1.25
+++ proc.c 8 Jan 2019 00:29:29 -0000
@@ -29,13 +29,14 @@
 #include <string.h>
 #include <errno.h>
 #include <signal.h>
+#include <paths.h>
 #include <pwd.h>
 #include <event.h>
 #include <imsg.h>
 
 #include "snmpd.h"
 
-void proc_exec(struct privsep *, struct privsep_proc *, unsigned int,
+void proc_exec(struct privsep *, struct privsep_proc *, unsigned int, int,
     int, char **);
 void proc_setup(struct privsep *, struct privsep_proc *, unsigned int);
 void proc_open(struct privsep *, int, int);
@@ -80,7 +81,7 @@ proc_getid(struct privsep_proc *procs, u
 
 void
 proc_exec(struct privsep *ps, struct privsep_proc *procs, unsigned int nproc,
-    int argc, char **argv)
+    int debug, int argc, char **argv)
 {
  unsigned int proc, nargc, i, proc_i;
  char **nargv;
@@ -141,6 +142,16 @@ proc_exec(struct privsep *ps, struct pri
  } else if (fcntl(fd, F_SETFD, 0) == -1)
  fatal("fcntl");
 
+ /* Daemons detach from terminal. */
+ if (!debug && (fd =
+ open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
+ (void)dup2(fd, STDIN_FILENO);
+ (void)dup2(fd, STDOUT_FILENO);
+ (void)dup2(fd, STDERR_FILENO);
+ if (fd > 2)
+ (void)close(fd);
+ }
+
  execvp(argv[0], nargv);
  fatal("%s: execvp", __func__);
  break;
@@ -191,7 +202,7 @@ proc_connect(struct privsep *ps)
 
 void
 proc_init(struct privsep *ps, struct privsep_proc *procs, unsigned int nproc,
-    int argc, char **argv, enum privsep_procid proc_id)
+    int debug, int argc, char **argv, enum privsep_procid proc_id)
 {
  struct privsep_proc *p = NULL;
  struct privsep_pipes *pa, *pb;
@@ -231,7 +242,7 @@ proc_init(struct privsep *ps, struct pri
  }
 
  /* Engage! */
- proc_exec(ps, procs, nproc, argc, argv);
+ proc_exec(ps, procs, nproc, debug, argc, argv);
  return;
  }
 
Index: snmpd.c
===================================================================
RCS file: /cvs/src/usr.sbin/snmpd/snmpd.c,v
retrieving revision 1.40
diff -u -p -r1.40 snmpd.c
--- snmpd.c 5 Nov 2018 11:59:05 -0000 1.40
+++ snmpd.c 8 Jan 2019 00:29:02 -0000
@@ -230,7 +230,7 @@ main(int argc, char *argv[])
  pf_init();
  snmpd_generate_engineid(env);
 
- proc_init(ps, procs, nitems(procs), argc0, argv0, proc_id);
+ proc_init(ps, procs, nitems(procs), debug, argc0, argv0, proc_id);
  if (!debug && daemon(0, 0) == -1)
  err(1, "failed to daemonize");
 
Index: snmpd.h
===================================================================
RCS file: /cvs/src/usr.sbin/snmpd/snmpd.h,v
retrieving revision 1.80
diff -u -p -r1.80 snmpd.h
--- snmpd.h 5 Aug 2018 09:33:13 -0000 1.80
+++ snmpd.h 8 Jan 2019 00:25:01 -0000
@@ -762,7 +762,7 @@ void usm_make_report(struct snmp_messa
 /* proc.c */
 enum privsep_procid
     proc_getid(struct privsep_proc *, unsigned int, const char *);
-void proc_init(struct privsep *, struct privsep_proc *, unsigned int,
+void proc_init(struct privsep *, struct privsep_proc *, unsigned int, int,
     int, char **, enum privsep_procid);
 void proc_kill(struct privsep *);
 void proc_connect(struct privsep *);