]>
Commit | Line | Data |
---|---|---|
172c1f72 MT |
1 | From 302c1b736cb656c7885a0cba270fd953a672d8a8 Mon Sep 17 00:00:00 2001 |
2 | From: Michal Sekletar <msekleta@redhat.com> | |
3 | Date: Mon, 7 Apr 2014 13:56:34 +0200 | |
4 | Subject: [PATCH 13/25] everywhere: O_CLOEXEC harder | |
5 | ||
6 | --- | |
7 | pppd/eap.c | 2 +- | |
8 | pppd/main.c | 4 ++-- | |
9 | pppd/options.c | 4 ++-- | |
10 | pppd/sys-linux.c | 22 +++++++++++----------- | |
11 | pppd/tdb.c | 4 ++-- | |
12 | pppd/tty.c | 4 ++-- | |
13 | pppd/utils.c | 6 +++--- | |
14 | 7 files changed, 23 insertions(+), 23 deletions(-) | |
15 | ||
16 | diff --git a/pppd/eap.c b/pppd/eap.c | |
17 | index 6ea6c1f..faced53 100644 | |
18 | --- a/pppd/eap.c | |
19 | +++ b/pppd/eap.c | |
20 | @@ -1226,7 +1226,7 @@ mode_t modebits; | |
21 | ||
22 | if ((path = name_of_pn_file()) == NULL) | |
23 | return (-1); | |
24 | - fd = open(path, modebits, S_IRUSR | S_IWUSR); | |
25 | + fd = open(path, modebits, S_IRUSR | S_IWUSR | O_CLOEXEC); | |
26 | err = errno; | |
27 | free(path); | |
28 | errno = err; | |
29 | diff --git a/pppd/main.c b/pppd/main.c | |
30 | index 6d50d1b..4880377 100644 | |
31 | --- a/pppd/main.c | |
32 | +++ b/pppd/main.c | |
33 | @@ -420,7 +420,7 @@ main(argc, argv) | |
34 | die(0); | |
35 | ||
36 | /* Make sure fds 0, 1, 2 are open to somewhere. */ | |
37 | - fd_devnull = open(_PATH_DEVNULL, O_RDWR); | |
38 | + fd_devnull = open(_PATH_DEVNULL, O_RDWR | O_CLOEXEC); | |
39 | if (fd_devnull < 0) | |
40 | fatal("Couldn't open %s: %m", _PATH_DEVNULL); | |
41 | while (fd_devnull <= 2) { | |
42 | @@ -1679,7 +1679,7 @@ device_script(program, in, out, dont_wait) | |
43 | if (log_to_fd >= 0) | |
44 | errfd = log_to_fd; | |
45 | else | |
46 | - errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT, 0600); | |
47 | + errfd = open(_PATH_CONNERRS, O_WRONLY | O_APPEND | O_CREAT | O_CLOEXEC, 0600); | |
48 | ||
49 | ++conn_running; | |
50 | pid = safe_fork(in, out, errfd); | |
51 | diff --git a/pppd/options.c b/pppd/options.c | |
52 | index 1d754ae..8e62635 100644 | |
53 | --- a/pppd/options.c | |
54 | +++ b/pppd/options.c | |
55 | @@ -1544,9 +1544,9 @@ setlogfile(argv) | |
56 | option_error("unable to drop permissions to open %s: %m", *argv); | |
57 | return 0; | |
58 | } | |
59 | - fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL, 0644); | |
60 | + fd = open(*argv, O_WRONLY | O_APPEND | O_CREAT | O_EXCL | O_CLOEXEC, 0644); | |
61 | if (fd < 0 && errno == EEXIST) | |
62 | - fd = open(*argv, O_WRONLY | O_APPEND); | |
63 | + fd = open(*argv, O_WRONLY | O_APPEND | O_CLOEXEC); | |
64 | err = errno; | |
65 | if (!privileged_option && seteuid(euid) == -1) | |
66 | fatal("unable to regain privileges: %m"); | |
67 | diff --git a/pppd/sys-linux.c b/pppd/sys-linux.c | |
68 | index 8a12fa0..00a2cf5 100644 | |
69 | --- a/pppd/sys-linux.c | |
70 | +++ b/pppd/sys-linux.c | |
71 | @@ -459,7 +459,7 @@ int generic_establish_ppp (int fd) | |
72 | goto err; | |
73 | } | |
74 | dbglog("using channel %d", chindex); | |
75 | - fd = open("/dev/ppp", O_RDWR); | |
76 | + fd = open("/dev/ppp", O_RDWR | O_CLOEXEC); | |
77 | if (fd < 0) { | |
78 | error("Couldn't reopen /dev/ppp: %m"); | |
79 | goto err; | |
80 | @@ -619,7 +619,7 @@ static int make_ppp_unit() | |
81 | dbglog("in make_ppp_unit, already had /dev/ppp open?"); | |
82 | close(ppp_dev_fd); | |
83 | } | |
84 | - ppp_dev_fd = open("/dev/ppp", O_RDWR); | |
85 | + ppp_dev_fd = open("/dev/ppp", O_RDWR | O_CLOEXEC); | |
86 | if (ppp_dev_fd < 0) | |
87 | fatal("Couldn't open /dev/ppp: %m"); | |
88 | flags = fcntl(ppp_dev_fd, F_GETFL); | |
89 | @@ -693,7 +693,7 @@ int bundle_attach(int ifnum) | |
90 | if (!new_style_driver) | |
91 | return -1; | |
92 | ||
93 | - master_fd = open("/dev/ppp", O_RDWR); | |
94 | + master_fd = open("/dev/ppp", O_RDWR | O_CLOEXEC); | |
95 | if (master_fd < 0) | |
96 | fatal("Couldn't open /dev/ppp: %m"); | |
97 | if (ioctl(master_fd, PPPIOCATTACH, &ifnum) < 0) { | |
98 | @@ -1715,7 +1715,7 @@ int sifproxyarp (int unit, u_int32_t his_adr) | |
99 | if (tune_kernel) { | |
100 | forw_path = path_to_procfs("/sys/net/ipv4/ip_forward"); | |
101 | if (forw_path != 0) { | |
102 | - int fd = open(forw_path, O_WRONLY); | |
103 | + int fd = open(forw_path, O_WRONLY | O_CLOEXEC); | |
104 | if (fd >= 0) { | |
105 | if (write(fd, "1", 1) != 1) | |
106 | error("Couldn't enable IP forwarding: %m"); | |
107 | @@ -2030,7 +2030,7 @@ int ppp_available(void) | |
108 | sscanf(utsname.release, "%d.%d.%d", &osmaj, &osmin, &ospatch); | |
109 | kernel_version = KVERSION(osmaj, osmin, ospatch); | |
110 | ||
111 | - fd = open("/dev/ppp", O_RDWR); | |
112 | + fd = open("/dev/ppp", O_RDWR | O_CLOEXEC); | |
113 | if (fd >= 0) { | |
114 | new_style_driver = 1; | |
115 | ||
116 | @@ -2208,7 +2208,7 @@ void logwtmp (const char *line, const char *name, const char *host) | |
117 | #if __GLIBC__ >= 2 | |
118 | updwtmp(_PATH_WTMP, &ut); | |
119 | #else | |
120 | - wtmp = open(_PATH_WTMP, O_APPEND|O_WRONLY); | |
121 | + wtmp = open(_PATH_WTMP, O_APPEND|O_WRONLY|O_CLOEXEC); | |
122 | if (wtmp >= 0) { | |
123 | flock(wtmp, LOCK_EX); | |
124 | ||
125 | @@ -2394,7 +2394,7 @@ int sifaddr (int unit, u_int32_t our_adr, u_int32_t his_adr, | |
126 | int fd; | |
127 | ||
128 | path = path_to_procfs("/sys/net/ipv4/ip_dynaddr"); | |
129 | - if (path != 0 && (fd = open(path, O_WRONLY)) >= 0) { | |
130 | + if (path != 0 && (fd = open(path, O_WRONLY | O_CLOEXEC)) >= 0) { | |
131 | if (write(fd, "1", 1) != 1) | |
132 | error("Couldn't enable dynamic IP addressing: %m"); | |
133 | close(fd); | |
134 | @@ -2570,7 +2570,7 @@ get_pty(master_fdp, slave_fdp, slave_name, uid) | |
135 | /* | |
136 | * Try the unix98 way first. | |
137 | */ | |
138 | - mfd = open("/dev/ptmx", O_RDWR); | |
139 | + mfd = open("/dev/ptmx", O_RDWR | O_CLOEXEC); | |
140 | if (mfd >= 0) { | |
141 | int ptn; | |
142 | if (ioctl(mfd, TIOCGPTN, &ptn) >= 0) { | |
143 | @@ -2581,7 +2581,7 @@ get_pty(master_fdp, slave_fdp, slave_name, uid) | |
144 | if (ioctl(mfd, TIOCSPTLCK, &ptn) < 0) | |
145 | warn("Couldn't unlock pty slave %s: %m", pty_name); | |
146 | #endif | |
147 | - if ((sfd = open(pty_name, O_RDWR | O_NOCTTY)) < 0) | |
148 | + if ((sfd = open(pty_name, O_RDWR | O_NOCTTY | O_CLOEXEC)) < 0) | |
149 | warn("Couldn't open pty slave %s: %m", pty_name); | |
150 | } | |
151 | } | |
152 | @@ -2592,10 +2592,10 @@ get_pty(master_fdp, slave_fdp, slave_name, uid) | |
153 | for (i = 0; i < 64; ++i) { | |
154 | slprintf(pty_name, sizeof(pty_name), "/dev/pty%c%x", | |
155 | 'p' + i / 16, i % 16); | |
156 | - mfd = open(pty_name, O_RDWR, 0); | |
157 | + mfd = open(pty_name, O_RDWR | O_CLOEXEC, 0); | |
158 | if (mfd >= 0) { | |
159 | pty_name[5] = 't'; | |
160 | - sfd = open(pty_name, O_RDWR | O_NOCTTY, 0); | |
161 | + sfd = open(pty_name, O_RDWR | O_NOCTTY | O_CLOEXEC, 0); | |
162 | if (sfd >= 0) { | |
163 | fchown(sfd, uid, -1); | |
164 | fchmod(sfd, S_IRUSR | S_IWUSR); | |
165 | diff --git a/pppd/tdb.c b/pppd/tdb.c | |
166 | index bdc5828..c7ab71c 100644 | |
167 | --- a/pppd/tdb.c | |
168 | +++ b/pppd/tdb.c | |
169 | @@ -1724,7 +1724,7 @@ TDB_CONTEXT *tdb_open_ex(const char *name, int hash_size, int tdb_flags, | |
170 | goto internal; | |
171 | } | |
172 | ||
173 | - if ((tdb->fd = open(name, open_flags, mode)) == -1) { | |
174 | + if ((tdb->fd = open(name, open_flags | O_CLOEXEC, mode)) == -1) { | |
175 | TDB_LOG((tdb, 5, "tdb_open_ex: could not open file %s: %s\n", | |
176 | name, strerror(errno))); | |
177 | goto fail; /* errno set by open(2) */ | |
178 | @@ -1967,7 +1967,7 @@ int tdb_reopen(TDB_CONTEXT *tdb) | |
179 | } | |
180 | if (close(tdb->fd) != 0) | |
181 | TDB_LOG((tdb, 0, "tdb_reopen: WARNING closing tdb->fd failed!\n")); | |
182 | - tdb->fd = open(tdb->name, tdb->open_flags & ~(O_CREAT|O_TRUNC), 0); | |
183 | + tdb->fd = open(tdb->name, (tdb->open_flags & ~(O_CREAT|O_TRUNC)) | O_CLOEXEC, 0); | |
184 | if (tdb->fd == -1) { | |
185 | TDB_LOG((tdb, 0, "tdb_reopen: open failed (%s)\n", strerror(errno))); | |
186 | goto fail; | |
187 | diff --git a/pppd/tty.c b/pppd/tty.c | |
188 | index d571b11..bc96695 100644 | |
189 | --- a/pppd/tty.c | |
190 | +++ b/pppd/tty.c | |
191 | @@ -569,7 +569,7 @@ int connect_tty() | |
192 | status = EXIT_OPEN_FAILED; | |
193 | goto errret; | |
194 | } | |
195 | - real_ttyfd = open(devnam, O_NONBLOCK | O_RDWR, 0); | |
196 | + real_ttyfd = open(devnam, O_NONBLOCK | O_RDWR | O_CLOEXEC, 0); | |
197 | err = errno; | |
198 | if (prio < OPRIO_ROOT && seteuid(0) == -1) | |
199 | fatal("Unable to regain privileges"); | |
200 | @@ -723,7 +723,7 @@ int connect_tty() | |
201 | if (connector == NULL && modem && devnam[0] != 0) { | |
202 | int i; | |
203 | for (;;) { | |
204 | - if ((i = open(devnam, O_RDWR)) >= 0) | |
205 | + if ((i = open(devnam, O_RDWR | O_CLOEXEC)) >= 0) | |
206 | break; | |
207 | if (errno != EINTR) { | |
208 | error("Failed to reopen %s: %m", devnam); | |
209 | diff --git a/pppd/utils.c b/pppd/utils.c | |
210 | index 29bf970..6051b9a 100644 | |
211 | --- a/pppd/utils.c | |
212 | +++ b/pppd/utils.c | |
213 | @@ -918,14 +918,14 @@ lock(dev) | |
214 | slprintf(lock_file, sizeof(lock_file), "%s/LCK..%s", LOCK_DIR, dev); | |
215 | #endif | |
216 | ||
217 | - while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR, 0644)) < 0) { | |
218 | + while ((fd = open(lock_file, O_EXCL | O_CREAT | O_RDWR | O_CLOEXEC, 0644)) < 0) { | |
219 | if (errno != EEXIST) { | |
220 | error("Can't create lock file %s: %m", lock_file); | |
221 | break; | |
222 | } | |
223 | ||
224 | /* Read the lock file to find out who has the device locked. */ | |
225 | - fd = open(lock_file, O_RDONLY, 0); | |
226 | + fd = open(lock_file, O_RDONLY | O_CLOEXEC, 0); | |
227 | if (fd < 0) { | |
228 | if (errno == ENOENT) /* This is just a timing problem. */ | |
229 | continue; | |
230 | @@ -1004,7 +1004,7 @@ relock(pid) | |
231 | ||
232 | if (lock_file[0] == 0) | |
233 | return -1; | |
234 | - fd = open(lock_file, O_WRONLY, 0); | |
235 | + fd = open(lock_file, O_WRONLY | O_CLOEXEC, 0); | |
236 | if (fd < 0) { | |
237 | error("Couldn't reopen lock file %s: %m", lock_file); | |
238 | lock_file[0] = 0; | |
239 | -- | |
240 | 1.8.3.1 | |
241 |