Skip to content

Create fifo as RUN_AS_USER, so watchdogs can use fifos #18

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
plampix wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Create fifo as RUN_AS_USER, so watchdogs can use fifos #18

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
961b81c
Create fifo as RUN_AS_USER, so watchdogs can use fifos
Jul 7, 2016
a94be3f
Use bash instead of sh, which might be dash on Debian systems, which
Jul 7, 2016
d52482f
Fix Default-Start and Default-Stop entries
Jul 7, 2016
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions files/glbd.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,8 @@
# Provides: glbd
# Required-Start: $local_fs
# Required-Stop: $local_fs
# Default-Start: 2345
# Default-Stop: 90
# Default-Start: 2 3 4 5
# Default-Stop: 9 0
# Short-Description: run glbd daemon
# Description: GLB is a TCP load balancer similar to Pen.
### END INIT INFO
Expand Down
6 changes: 6 additions & 0 deletions src/glb_daemon.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,12 @@ void glb_daemon_start (const glb_cnf_t* cnf)
struct passwd *pw = getpwnam(RUN_AS_USER);
if ( pw ) {
glb_log_info ("Changing effective user to '%s'", RUN_AS_USER);
if (setgid(pw->pw_gid))
{
glb_log_fatal ("Failed to change group: %d (%s)",
errno, strerror(errno));
exit(EXIT_FAILURE);
}
if (setuid(pw->pw_uid))
{
glb_log_fatal ("Failed to change user: %d (%s)",
Expand Down
16 changes: 15 additions & 1 deletion src/glb_main.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,10 @@
#include <sys/stat.h> // for mkfifo()
#include <fcntl.h> // for open()
#include <errno.h>
#include <grp.h> // for getgrnam()

/* Change this to the user under which to run */
#define RUN_AS_USER "daemon"
Copy link
Contributor

@ayurchen ayurchen Jul 7, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here we have RUN_AS_USER independently defined in two different files. This does not look good.


/* this function is to allocate all possible resources before dropping
* privileges */
Expand All @@ -30,7 +34,13 @@ allocate_resources(const glb_cnf_t* conf,
int* ctrl_sock,
int* listen_sock)
{
if (mkfifo (conf->fifo_name, S_IRUSR | S_IWUSR)) {
gid_t gid = getegid();
struct group *grp = getgrnam(RUN_AS_USER);
setegid(grp->gr_gid);
mode_t um = umask(0);
if (mkfifo (conf->fifo_name, S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP)) {
setegid(gid);
umask(um);
Copy link
Contributor

@ayurchen ayurchen Jul 7, 2016
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why bother doing setegid()/umask() in this case? If it is needed regardless of mkfifo() outcome, then it should be done outside of if() block

switch (errno)
{
case EEXIST:
Expand All @@ -46,6 +56,10 @@ allocate_resources(const glb_cnf_t* conf,
}
return 1;
}
else {
setegid(gid);
umask(um);
}

*ctrl_fifo = open (conf->fifo_name, O_RDWR);
if (*ctrl_fifo < 0) {
Expand Down
2 changes: 1 addition & 1 deletion src/glb_wdog_exec.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -174,7 +174,7 @@ exec_thread (void* arg)
goto init_error;
}

char* pargv[4] = { strdup ("sh"), strdup ("-c"), strdup (cmd), NULL };
char* pargv[4] = { strdup ("bash"), strdup ("-c"), strdup (cmd), NULL };
Copy link
Contributor

@ayurchen ayurchen Jul 7, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think that solution for a bug in dash should be hardcoding shell version in a program and thus adding extra package dependency. This is OS configuration issue. The user should be able to choose his shell as he likes.


if (!pargv[0] || !pargv[1] || !pargv[2]) {
ctx->errn = ENOMEM;
Expand Down