From 0 Mon Sep 17 00:00:00 2001 From: "Dmitry V. Levin" Date: Mon, 15 Oct 2007 22:39:29 +0000 Subject: [PATCH 03] Apply dhcp-3.0.3-alt-daemonize.patch diff --git a/dhcp/relay/dhcrelay.c b/dhcp/relay/dhcrelay.c index defaced..defaced 100644 --- a/dhcp/relay/dhcrelay.c +++ b/dhcp/relay/dhcrelay.c @@ -172,6 +172,7 @@ char *progname; " [-iu interface0 [ ... -iu interfaceN]\n" \ " [-id interface0 [ ... -id interfaceN]\n" \ " [-U interface] [-g ]\n" \ +" [-Un user] [-j chroot-dir]\n" \ " server0 [ ... serverN]\n\n" \ " %s -6 [-d] [-q] [-I] [-c ]\n" \ " [-p | -rp ]\n" \ @@ -192,6 +193,7 @@ char *progname; " [-iu interface0 [ ... -iu interfaceN]\n" \ " [-id interface0 [ ... -id interfaceN]\n" \ " [-U interface] [-g ]\n" \ +" [-Un user] [-j chroot-dir]\n" \ " server0 [ ... serverN]\n\n" \ " %s -6 [-d] [-q] [-I] [-c ] [-p ]\n" \ " [-pf ] [--no-pid]\n" \ @@ -213,6 +215,7 @@ char *progname; " [-iu interface0 [ ... -iu interfaceN]\n" \ " [-id interface0 [ ... -id interfaceN]\n" \ " [-U interface] [-g ]\n" \ +" [-Un user] [-j chroot-dir]\n" \ " server0 [ ... serverN]\n\n" \ " %s {--version|--help|-h}" #else @@ -224,6 +227,7 @@ char *progname; " [-iu interface0 [ ... -iu interfaceN]\n" \ " [-id interface0 [ ... -id interfaceN]\n" \ " [-U interface] [-g ]\n" \ +" [-Un user] [-j chroot-dir]\n" \ " server0 [ ... serverN]\n\n" \ " %s {--version|--help|-h}" #endif @@ -291,6 +295,8 @@ main(int argc, char **argv) { #ifdef RELAY_PORT int port_defined = 0; #endif + char *server_user = "dhcrelay"; + char *server_jail = "/var/empty"; #ifdef DHCPv6 struct stream_list *sl = NULL; int local_family_set = 0; @@ -310,10 +316,12 @@ main(int argc, char **argv) { fd = open("/dev/null", O_RDWR); if (fd == 1) fd = open("/dev/null", O_RDWR); - if (fd == 2) + if (fd == 2) { + fd = open("/dev/null", O_RDWR); log_perror = 0; /* No sense logging to /dev/null. */ - else if (fd != -1) - close(fd); + } + if (fd < 0) + log_fatal ("Can't open %s: %m", "/dev/null"); openlog(isc_file_basename(progname), DHCP_LOG_OPTIONS, LOG_DAEMON); @@ -498,6 +506,14 @@ main(int argc, char **argv) { log_fatal("%s: packet length exceeds " "longest possible MTU\n", argv[i]); + } else if (!strcmp (argv [i], "-Un")) { + if (++i == argc) + usage(use_noarg, argv[i-1]); + server_user = argv[i]; + } else if (!strcmp (argv [i], "-j")) { + if (++i == argc) + usage(use_noarg, argv[i-1]); + server_jail = argv[i]; } else if (!strcmp(argv[i], "-m")) { #ifdef DHCPv6 if (local_family_set && (local_family == AF_INET6)) { @@ -686,9 +702,9 @@ main(int argc, char **argv) { if (!quiet) { log_info("%s %s", message, PACKAGE_VERSION); - log_info(copyright); - log_info(arr); - log_info(url); + log_info("%s", copyright); + log_info("%s", arr); + log_info("%s", url); } else log_perror = 0; @@ -784,6 +800,7 @@ main(int argc, char **argv) { /* Become a daemon... */ if (!no_daemon) { char buf = 0; + pid_t pid; FILE *pf; int pfdesc; @@ -817,10 +834,13 @@ main(int argc, char **argv) { } } - (void) close(0); - (void) close(1); - (void) close(2); - (void) setsid(); + pid = setsid(); + if (dup2 (fd, 0) != 0 || + dup2 (fd, 1) != 1 || + dup2 (fd, 2) != 2) + log_fatal("Can't daemonize: %m"); + (void) close (fd); + fd = -1; IGNORE_RET (chdir("/")); } @@ -839,6 +859,7 @@ main(int argc, char **argv) { signal(SIGINT, dhcp_signal_handler); /* control-c */ signal(SIGTERM, dhcp_signal_handler); /* kill */ #endif + dhcpd_priv_drop(server_user, server_jail); /* Start dispatching packets and timeouts... */ dispatch();