nspawn: check return of setsid()

[thirdparty/systemd.git] / src / nspawn / nspawn-stub-pid1.c

diff --git a/src/nspawn/nspawn-stub-pid1.c b/src/nspawn/nspawn-stub-pid1.c
index ebf4f0f523c989d64724967b68996d317ce9c92c..f785a3b2483f5821ba7a94789fac4bf46419b030 100644 (file)
--- a/src/nspawn/nspawn-stub-pid1.c
+++ b/src/nspawn/nspawn-stub-pid1.c
@@ -1,5 +1,6 @@
 /* SPDX-License-Identifier: LGPL-2.1+ */
 
+#include <sys/ioctl.h>
 #include <sys/reboot.h>
 #include <sys/wait.h>
 #include <sys/prctl.h>
@@ -9,7 +10,6 @@
 #include "exit-status.h"
 #include "fd-util.h"
 #include "log.h"
-#include "missing.h"
 #include "nspawn-stub-pid1.h"
 #include "process-util.h"
 #include "signal-util.h"
@@ -53,6 +53,12 @@ int stub_pid1(sd_id128_t uuid) {
         assert_se(sigfillset(&fullmask) >= 0);
         assert_se(sigprocmask(SIG_BLOCK, &fullmask, &oldmask) >= 0);
 
+        /* Surrender the terminal this stub may control so that child processes can have a controlling terminal
+         * without resorting to setsid hacks. */
+        r = ioctl(STDIN_FILENO, TIOCNOTTY);
+        if (r < 0 && errno != ENOTTY)
+                return log_error_errno(errno, "Failed to surrender controlling terminal: %m");
+
         pid = fork();
         if (pid < 0)
                 return log_error_errno(errno, "Failed to fork child pid: %m");
@@ -60,7 +66,10 @@ int stub_pid1(sd_id128_t uuid) {
         if (pid == 0) {
                 /* Return in the child */
                 assert_se(sigprocmask(SIG_SETMASK, &oldmask, NULL) >= 0);
-                setsid();
+
+                if (setsid() < 0)
+                        return log_error_errno(errno, "Failed to become session leader in payload process: %m");
+
                 return 0;
         }