Cleanup socket file at exit.

We can't unlink the file if it's outside the chroot, so we need to keep
a simple worker outside of it.
This commit is contained in:
Quentin Rameau 2017-07-09 14:36:46 +02:00 committed by Laslo Hunhold
parent 260ef0a988
commit 141bb88af1
2 changed files with 75 additions and 30 deletions

View file

@ -55,6 +55,7 @@ when dropping privileges.
Create the UNIX-domain socket file
.Ar sockfile
and listen on it for incoming connections.
The file will be cleaned up at exit.
.It Fl v
Print version information to stdout and exit.
.El

54
quark.c
View file

@ -5,6 +5,7 @@
#include <sys/time.h>
#include <sys/types.h>
#include <sys/un.h>
#include <sys/wait.h>
#include <arpa/inet.h>
#include <ctype.h>
@ -28,6 +29,8 @@
#include "arg.h"
char *argv0;
static int insock;
static char *udsname;
#include "config.h"
@ -824,7 +827,7 @@ serve(int insock)
}
}
void
static void
die(const char *errstr, ...)
{
va_list ap;
@ -917,6 +920,23 @@ getusock(char *udsname, uid_t uid, gid_t gid)
return insock;
}
static void
cleanup(void)
{
close(insock);
if (udsname) {
if (unlink(udsname) < 0)
fprintf(stderr, "unlink: %s\n", strerror(errno));
}
}
static void
sigcleanup(int sig)
{
cleanup();
_exit(1);
}
static void
usage(void)
{
@ -932,8 +952,8 @@ main(int argc, char *argv[])
struct passwd *pwd = NULL;
struct group *grp = NULL;
struct rlimit rlim;
int i, insock;
char *udsname = NULL;
pid_t cpid, wpid;
int i, status = 0;
ARGBEGIN {
case 'd':
@ -971,6 +991,13 @@ main(int argc, char *argv[])
usage();
}
atexit(cleanup);
if (signal(SIGINT, sigcleanup) == SIG_ERR) {
fprintf(stderr, "%s: signal: Failed to handle SIGINT\n",
argv0);
return 1;
}
/* compile and check the supplied vhost regexes */
if (vhosts) {
for (i = 0; i < LEN(vhost); i++) {
@ -1011,6 +1038,18 @@ main(int argc, char *argv[])
insock = udsname ? getusock(udsname, pwd->pw_uid, grp->gr_gid) :
getipsock();
switch (cpid = fork()) {
case -1:
fprintf(stderr, "%s: fork: %s\n", argv0, strerror(errno));
break;
case 0:
/* reap children automatically */
if (signal(SIGINT, SIG_IGN) == SIG_ERR) {
fprintf(stderr, "%s: signal: Failed to set SIG_IGN on"
"SIGINT\n", argv0);
return 1;
}
/* chroot */
if (chdir(servedir) < 0) {
die("%s: chdir %s: %s\n", argv0, servedir, strerror(errno));
@ -1037,9 +1076,14 @@ main(int argc, char *argv[])
}
serve(insock);
close(insock);
_exit(0);
default:
while ((wpid = wait(&status)) > 0)
;
}
return 0;
cleanup();
return status;
}
/*