/* SPDX-License-Identifier: LGPL-2.1+ */
-/***
- Copyright 2016 Lennart Poettering
-***/
+#include <sys/ioctl.h>
#include <sys/reboot.h>
#include <sys/wait.h>
#include <sys/prctl.h>
#include <unistd.h>
+#include "def.h"
+#include "exit-status.h"
#include "fd-util.h"
#include "log.h"
-#include "missing.h"
#include "nspawn-stub-pid1.h"
#include "process-util.h"
#include "signal-util.h"
#include "time-util.h"
-#include "def.h"
static int reset_environ(const char *new_environment, size_t length) {
unsigned long start, end;
assert_se(sigfillset(&fullmask) >= 0);
assert_se(sigprocmask(SIG_BLOCK, &fullmask, &oldmask) >= 0);
+ /* Surrender the terminal this stub may control so that child processes can have a controlling terminal
+ * without resorting to setsid hacks. */
+ r = ioctl(STDIN_FILENO, TIOCNOTTY);
+ if (r < 0 && errno != ENOTTY)
+ return log_error_errno(errno, "Failed to surrender controlling terminal: %m");
+
pid = fork();
if (pid < 0)
return log_error_errno(errno, "Failed to fork child pid: %m");
if (pid == 0) {
/* Return in the child */
assert_se(sigprocmask(SIG_SETMASK, &oldmask, NULL) >= 0);
- setsid();
+
+ if (setsid() < 0)
+ return log_error_errno(errno, "Failed to become session leader in payload process: %m");
+
return 0;
}
reset_all_signal_handlers();
log_close();
- close_all_fds(NULL, 0);
+ (void) close_all_fds(NULL, 0);
log_open();
/* Flush out /proc/self/environ, so that we don't leak the environment from the host into the container. Also,
if (si.si_pid == pid && si.si_code == CLD_EXITED)
r = si.si_status; /* pass on exit code */
else
- r = 255; /* signal, coredump, timeout, … */
+ r = EXIT_EXCEPTION; /* signal, coredump, timeout, … */
goto finish;
}