diff options
| author | Ulrich Drepper <drepper@redhat.com> | 2004-10-03 19:33:48 +0000 |
|---|---|---|
| committer | Ulrich Drepper <drepper@redhat.com> | 2004-10-03 19:33:48 +0000 |
| commit | 4401d759051714fcc016a146685f3c13bed49442 (patch) | |
| tree | fb2a02b91616e460a2b1fcd6eb482a0b3db9d860 /nscd/nscd.c | |
| parent | fc03df7aa6d9de00d09ddaf9c27074fb4ea6d3ef (diff) | |
Update.
Implement paranoia mode.
* nscd/connections.c (nscd_init): Mark database and socket descriptors
as close on exec.
(restart): New function.
(restart_p): New function.
(nscd_run): Add missing descrement of nready in case readylist is
empty.
(main_loop_poll): Call restart_p and restart.
(main_loop_epoll): Likewise.
(begin_drop_privileges): Save original UID and GID.
* nscd/nscd.c: Define new variables paranoia, restart_time,
restart_interval, oldcwd, old_gid, old_uid.
(main): Disable paranoia mode if we are not forking.
(check_pid): When re-execing, the PID file contains the same PID as
the current process. Do not fail in this case.
* nscd/nscd.conf: Add paranoia and restart-interval entries.
* nscd/nscd.h: Define RESTART_INTERVAL. Declare new variables.
* nscd/nscd_conf.c: Parse paranoia and restart-internal configurations.
* nscd/nscd_stat.c: Print paranoia and restart-internal values.
Diffstat (limited to 'nscd/nscd.c')
| -rw-r--r-- | nscd/nscd.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/nscd/nscd.c b/nscd/nscd.c index 146f61cb25..0ef54bcf08 100644 --- a/nscd/nscd.c +++ b/nscd/nscd.c @@ -79,6 +79,13 @@ time_t start_time; uintptr_t pagesize_m1; +int paranoia; +time_t restart_time; +time_t restart_interval = RESTART_INTERVAL; +const char *oldcwd; +uid_t old_uid; +gid_t old_gid; + static int check_pid (const char *file); static int write_pid (const char *file); @@ -248,6 +255,9 @@ main (int argc, char **argv) signal (SIGTTIN, SIG_IGN); signal (SIGTSTP, SIG_IGN); } + else + /* In foreground mode we are not paranoid. */ + paranoia = 0; /* Start the SELinux AVC. */ if (selinux_enabled) @@ -414,6 +424,7 @@ nscd_open_socket (void) return sock; } + /* Cleanup. */ void termination_handler (int signum) @@ -461,7 +472,11 @@ check_pid (const char *file) n = fscanf (fp, "%d", &pid); fclose (fp); - if (n != 1 || kill (pid, 0) == 0) + /* If we cannot parse the file default to assuming nscd runs. + If the PID is alive, assume it is running. That all unless + the PID is the same as the current process' since tha latter + can mean we re-exec. */ + if ((n != 1 || kill (pid, 0) == 0) && pid != getpid ()) return 1; } |