nspawn: check return of setsid()

[thirdparty/systemd.git] / src / nspawn / nspawn-stub-pid1.c
diff --git a/src/nspawn/nspawn-stub-pid1.c b/src/nspawn/nspawn-stub-pid1.c

index 7f2f8f1f136a609f9ef93cd9142fe8f9f8666844..f785a3b2483f5821ba7a94789fac4bf46419b030 100644 (file)
--- a/src/nspawn/nspawn-stub-pid1.c
+++ b/src/nspawn/nspawn-stub-pid1.c
@@ -1,35 +1,19 @@
  /* SPDX-License-Identifier: LGPL-2.1+ */
-/***
-  This file is part of systemd.
-
-  Copyright 2016 Lennart Poettering
-
-  systemd is free software; you can redistribute it and/or modify it
-  under the terms of the GNU Lesser General Public License as published by
-  the Free Software Foundation; either version 2.1 of the License, or
-  (at your option) any later version.
-
-  systemd is distributed in the hope that it will be useful, but
-  WITHOUT ANY WARRANTY; without even the implied warranty of
-  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-  Lesser General Public License for more details.
-
-  You should have received a copy of the GNU Lesser General Public License
-  along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
  
+#include <sys/ioctl.h>
  #include <sys/reboot.h>
  #include <sys/wait.h>
  #include <sys/prctl.h>
  #include <unistd.h>
  
+#include "def.h"
+#include "exit-status.h"
  #include "fd-util.h"
  #include "log.h"
  #include "nspawn-stub-pid1.h"
  #include "process-util.h"
  #include "signal-util.h"
  #include "time-util.h"
-#include "def.h"
  
  static int reset_environ(const char *new_environment, size_t length) {
          unsigned long start, end;
@@ -69,6 +53,12 @@ int stub_pid1(sd_id128_t uuid) {
          assert_se(sigfillset(&fullmask) >= 0);
          assert_se(sigprocmask(SIG_BLOCK, &fullmask, &oldmask) >= 0);
  
+        /* Surrender the terminal this stub may control so that child processes can have a controlling terminal
+         * without resorting to setsid hacks. */
+        r = ioctl(STDIN_FILENO, TIOCNOTTY);
+        if (r < 0 && errno != ENOTTY)
+                return log_error_errno(errno, "Failed to surrender controlling terminal: %m");
+
          pid = fork();
          if (pid < 0)
                  return log_error_errno(errno, "Failed to fork child pid: %m");
@@ -76,14 +66,17 @@ int stub_pid1(sd_id128_t uuid) {
          if (pid == 0) {
                  /* Return in the child */
                  assert_se(sigprocmask(SIG_SETMASK, &oldmask, NULL) >= 0);
-                setsid();
+
+                if (setsid() < 0)
+                        return log_error_errno(errno, "Failed to become session leader in payload process: %m");
+
                  return 0;
          }
  
          reset_all_signal_handlers();
  
          log_close();
-        close_all_fds(NULL, 0);
+        (void) close_all_fds(NULL, 0);
          log_open();
  
          /* Flush out /proc/self/environ, so that we don't leak the environment from the host into the container. Also,
@@ -92,7 +85,7 @@ int stub_pid1(sd_id128_t uuid) {
          sd_id128_to_string(uuid, new_environment + sizeof(new_environment) - SD_ID128_STRING_MAX);
          reset_environ(new_environment, sizeof(new_environment));
  
-        rename_process("STUBINIT");
+        (void) rename_process("(sd-stubinit)");
  
          assert_se(sigemptyset(&waitmask) >= 0);
          assert_se(sigset_add_many(&waitmask,
@@ -139,7 +132,7 @@ int stub_pid1(sd_id128_t uuid) {
                          if (si.si_pid == pid && si.si_code == CLD_EXITED)
                                  r = si.si_status; /* pass on exit code */
                          else
-                                r = 255; /* signal, coredump, timeout, … */
+                                r = EXIT_EXCEPTION; /* signal, coredump, timeout, … */
  
                          goto finish;
                  }