Cleanup socket file at exit.
We can't unlink the file if it's outside the chroot, so we need to keep a simple worker outside of it.
This commit is contained in:
Quentin Rameau
Laslo Hunhold
parent
260ef0a988
commit
141bb88af1
2 changed files with 75 additions and 30 deletions
1
quark.1
1
quark.1
|
|
@ -55,6 +55,7 @@ when dropping privileges.
|
|||
Create the UNIX-domain socket file
|
||||
.Ar sockfile
|
||||
and listen on it for incoming connections.
|
||||
The file will be cleaned up at exit.
|
||||
.It Fl v
|
||||
Print version information to stdout and exit.
|
||||
.El
|
||||
|
|
|
|||
54
quark.c
54
quark.c
|
|
@ -5,6 +5,7 @@
|
|||
#include <sys/time.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/un.h>
|
||||
#include <sys/wait.h>
|
||||
|
||||
#include <arpa/inet.h>
|
||||
#include <ctype.h>
|
||||
|
|
@ -28,6 +29,8 @@
|
|||
#include "arg.h"
|
||||
|
||||
char *argv0;
|
||||
static int insock;
|
||||
static char *udsname;
|
||||
|
||||
#include "config.h"
|
||||
|
||||
|
|
@ -824,7 +827,7 @@ serve(int insock)
|
|||
}
|
||||
}
|
||||
|
||||
void
|
||||
static void
|
||||
die(const char *errstr, ...)
|
||||
{
|
||||
va_list ap;
|
||||
|
|
@ -917,6 +920,23 @@ getusock(char *udsname, uid_t uid, gid_t gid)
|
|||
return insock;
|
||||
}
|
||||
|
||||
static void
|
||||
cleanup(void)
|
||||
{
|
||||
close(insock);
|
||||
if (udsname) {
|
||||
if (unlink(udsname) < 0)
|
||||
fprintf(stderr, "unlink: %s\n", strerror(errno));
|
||||
}
|
||||
}
|
||||
|
||||
static void
|
||||
sigcleanup(int sig)
|
||||
{
|
||||
cleanup();
|
||||
_exit(1);
|
||||
}
|
||||
|
||||
static void
|
||||
usage(void)
|
||||
{
|
||||
|
|
@ -932,8 +952,8 @@ main(int argc, char *argv[])
|
|||
struct passwd *pwd = NULL;
|
||||
struct group *grp = NULL;
|
||||
struct rlimit rlim;
|
||||
int i, insock;
|
||||
char *udsname = NULL;
|
||||
pid_t cpid, wpid;
|
||||
int i, status = 0;
|
||||
|
||||
ARGBEGIN {
|
||||
case 'd':
|
||||
|
|
@ -971,6 +991,13 @@ main(int argc, char *argv[])
|
|||
usage();
|
||||
}
|
||||
|
||||
atexit(cleanup);
|
||||
if (signal(SIGINT, sigcleanup) == SIG_ERR) {
|
||||
fprintf(stderr, "%s: signal: Failed to handle SIGINT\n",
|
||||
argv0);
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* compile and check the supplied vhost regexes */
|
||||
if (vhosts) {
|
||||
for (i = 0; i < LEN(vhost); i++) {
|
||||
|
|
@ -1011,6 +1038,18 @@ main(int argc, char *argv[])
|
|||
insock = udsname ? getusock(udsname, pwd->pw_uid, grp->gr_gid) :
|
||||
getipsock();
|
||||
|
||||
switch (cpid = fork()) {
|
||||
case -1:
|
||||
fprintf(stderr, "%s: fork: %s\n", argv0, strerror(errno));
|
||||
break;
|
||||
case 0:
|
||||
/* reap children automatically */
|
||||
if (signal(SIGINT, SIG_IGN) == SIG_ERR) {
|
||||
fprintf(stderr, "%s: signal: Failed to set SIG_IGN on"
|
||||
"SIGINT\n", argv0);
|
||||
return 1;
|
||||
}
|
||||
|
||||
/* chroot */
|
||||
if (chdir(servedir) < 0) {
|
||||
die("%s: chdir %s: %s\n", argv0, servedir, strerror(errno));
|
||||
|
|
@ -1037,9 +1076,14 @@ main(int argc, char *argv[])
|
|||
}
|
||||
|
||||
serve(insock);
|
||||
close(insock);
|
||||
_exit(0);
|
||||
default:
|
||||
while ((wpid = wait(&status)) > 0)
|
||||
;
|
||||
}
|
||||
|
||||
return 0;
|
||||
cleanup();
|
||||
return status;
|
||||
}
|
||||
|
||||
/*
|
||||
|
|
|
|||
Loading…
Reference in a new issue