startup: open /dev/null before chroot
before people had to create a /dev/null inside the chroot to make redirection work.
This commit is contained in:
parent
01e40f4b55
commit
a02bc9cc6f
|
@ -67,7 +67,7 @@ static void Pidfile_Delete PARAMS(( void ));
|
|||
|
||||
static void Fill_Version PARAMS(( void ));
|
||||
|
||||
static void Setup_FDStreams PARAMS(( void ));
|
||||
static void Setup_FDStreams PARAMS(( int fd ));
|
||||
|
||||
static bool NGIRCd_Init PARAMS(( bool ));
|
||||
|
||||
|
@ -646,27 +646,16 @@ Pidfile_Create(pid_t pid)
|
|||
* Redirect stdin, stdout and stderr to apropriate file handles.
|
||||
*/
|
||||
static void
|
||||
Setup_FDStreams( void )
|
||||
Setup_FDStreams(int fd)
|
||||
{
|
||||
int fd;
|
||||
|
||||
/* Test if we can open /dev/null for reading and writing. If not
|
||||
* we are most probably chrooted already and the server has been
|
||||
* restarted. So we simply don't try to redirect stdXXX ... */
|
||||
fd = open( "/dev/null", O_RDWR );
|
||||
if ( fd < 0 ) {
|
||||
Log(LOG_WARNING, "Could not open /dev/null: %s", strerror(errno));
|
||||
if (fd < 0)
|
||||
return;
|
||||
}
|
||||
|
||||
fflush(stdout);
|
||||
fflush(stderr);
|
||||
|
||||
/* Create new stdin(0), stdout(1) and stderr(2) descriptors */
|
||||
dup2( fd, 0 ); dup2( fd, 1 ); dup2( fd, 2 );
|
||||
|
||||
/* Close newly opened file descriptor if not stdin/out/err */
|
||||
if( fd > 2 ) close( fd );
|
||||
} /* Setup_FDStreams */
|
||||
|
||||
|
||||
|
@ -709,12 +698,19 @@ NGIRCd_Init( bool NGIRCd_NoDaemon )
|
|||
bool chrooted = false;
|
||||
struct passwd *pwd;
|
||||
struct group *grp;
|
||||
int real_errno;
|
||||
int real_errno, fd = -1;
|
||||
pid_t pid;
|
||||
|
||||
if (initialized)
|
||||
return true;
|
||||
|
||||
if (!NGIRCd_NoDaemon) {
|
||||
/* open /dev/null before chroot() */
|
||||
fd = open( "/dev/null", O_RDWR);
|
||||
if (fd < 0)
|
||||
Log(LOG_WARNING, "Could not open /dev/null: %s", strerror(errno));
|
||||
}
|
||||
|
||||
if (!ConnSSL_InitLibrary())
|
||||
Log(LOG_WARNING,
|
||||
"Warning: Error during SSL initialization, continuing ...");
|
||||
|
@ -722,15 +718,14 @@ NGIRCd_Init( bool NGIRCd_NoDaemon )
|
|||
if( Conf_Chroot[0] ) {
|
||||
if( chdir( Conf_Chroot ) != 0 ) {
|
||||
Log( LOG_ERR, "Can't chdir() in ChrootDir (%s): %s", Conf_Chroot, strerror( errno ));
|
||||
return false;
|
||||
goto out;
|
||||
}
|
||||
|
||||
if( chroot( Conf_Chroot ) != 0 ) {
|
||||
if (errno != EPERM) {
|
||||
Log( LOG_ERR, "Can't change root directory to \"%s\": %s",
|
||||
Conf_Chroot, strerror( errno ));
|
||||
|
||||
return false;
|
||||
goto out;
|
||||
}
|
||||
} else {
|
||||
chrooted = true;
|
||||
|
@ -744,7 +739,7 @@ NGIRCd_Init( bool NGIRCd_NoDaemon )
|
|||
if (! NGIRCd_getNobodyID(&Conf_UID, &Conf_GID)) {
|
||||
Log(LOG_WARNING, "Could not get user/group ID of user \"nobody\": %s",
|
||||
errno ? strerror(errno) : "not found" );
|
||||
return false;
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -754,7 +749,7 @@ NGIRCd_Init( bool NGIRCd_NoDaemon )
|
|||
real_errno = errno;
|
||||
Log( LOG_ERR, "Can't change group ID to %u: %s", Conf_GID, strerror( errno ));
|
||||
if (real_errno != EPERM)
|
||||
return false;
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -764,7 +759,7 @@ NGIRCd_Init( bool NGIRCd_NoDaemon )
|
|||
real_errno = errno;
|
||||
Log(LOG_ERR, "Can't change user ID to %u: %s", Conf_UID, strerror(errno));
|
||||
if (real_errno != EPERM)
|
||||
return false;
|
||||
goto out;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -797,7 +792,11 @@ NGIRCd_Init( bool NGIRCd_NoDaemon )
|
|||
strerror(errno));
|
||||
|
||||
/* Detach stdin, stdout and stderr */
|
||||
Setup_FDStreams( );
|
||||
Setup_FDStreams(fd);
|
||||
if (fd > 2) {
|
||||
close(fd);
|
||||
fd = -1;
|
||||
}
|
||||
}
|
||||
pid = getpid();
|
||||
|
||||
|
@ -838,6 +837,10 @@ NGIRCd_Init( bool NGIRCd_NoDaemon )
|
|||
}
|
||||
|
||||
return true;
|
||||
out:
|
||||
if (fd > 2)
|
||||
close(fd);
|
||||
return false;
|
||||
}
|
||||
|
||||
/* -eof- */
|
||||
|
|
Loading…
Reference in New Issue