_cleanup_(pidref_done_sigkill_wait) PidRef pid = PIDREF_NULL;
int r;
- r = pidref_safe_fork("(sd-mkuserns)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_NEW_USERNS, &pid);
+ r = pidref_safe_fork("(sd-mkuserns)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_NEW_USERNS|FORK_FREEZE, &pid);
if (r < 0)
return r;
- if (r == 0)
- /* Child. We do nothing here, just freeze until somebody kills us. */
- freeze();
+ assert(r > 0);
return pidref_namespace_open_by_type(&pid, NAMESPACE_USER);
}
* and then kills the process again. This way we have a userns fd that is not bound to any
* process. We can use that for file system mounts and similar. */
- r = pidref_safe_fork("(sd-mkuserns)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_NEW_USERNS, &pid);
+ r = pidref_safe_fork("(sd-mkuserns)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_NEW_USERNS|FORK_FREEZE, &pid);
if (r < 0)
return r;
- if (r == 0)
- /* Child. We do nothing here, just freeze until somebody kills us. */
- freeze();
+ assert(r > 0);
xsprintf(path, "/proc/" PID_FMT "/uid_map", pid.pid);
r = write_string_file(path, uid_map, WRITE_STRING_FILE_DISABLE_BUFFER);
/* Forks off a process in a new network namespace, acquires a network namespace fd, and then kills
* the process again. This way we have a netns fd that is not bound to any process. */
- r = pidref_safe_fork("(sd-mknetns)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_NEW_NETNS, &pid);
+ r = pidref_safe_fork("(sd-mknetns)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_NEW_NETNS|FORK_FREEZE, &pid);
if (r < 0)
return log_debug_errno(r, "Failed to fork process into new netns: %m");
- if (r == 0)
- /* Child. We do nothing here, just freeze until somebody kills us. */
- freeze();
+ assert(r > 0);
return pidref_namespace_open_by_type(&pid, NAMESPACE_NET);
}
}
}
+ if (FLAGS_SET(flags, FORK_FREEZE))
+ freeze();
+
if (ret_pid)
*ret_pid = getpid_cached();
FORK_NEW_USERNS = 1 << 19, /* Run child in its own user namespace 💣 DO NOT USE IN THREADED PROGRAMS! 💣 */
FORK_NEW_NETNS = 1 << 20, /* Run child in its own network namespace 💣 DO NOT USE IN THREADED PROGRAMS! 💣 */
FORK_NEW_PIDNS = 1 << 21, /* Run child in its own PID namespace 💣 DO NOT USE IN THREADED PROGRAMS! 💣 */
+ FORK_FREEZE = 1 << 22, /* Don't return in child, just call freeze() instead */
} ForkFlags;
int safe_fork_full(
TEST(pidref_kill) {
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
siginfo_t si;
- int r;
- r = pidref_safe_fork("(test-pidref-kill)", FORK_DEATHSIG_SIGKILL, &pidref);
- assert_se(r >= 0);
- if (r == 0)
- freeze();
+ ASSERT_OK_POSITIVE(pidref_safe_fork("(test-pidref-kill)", FORK_DEATHSIG_SIGKILL|FORK_FREEZE, &pidref));
assert_se(pidref_kill(&pidref, SIGKILL) >= 0);
assert_se(pidref_wait_for_terminate(&pidref, &si) >= 0);
TEST(pidref_kill_and_sigcont) {
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
siginfo_t si;
- int r;
- r = pidref_safe_fork("(test-pidref-kill-and-sigcont)", FORK_DEATHSIG_SIGTERM, &pidref);
- assert_se(r >= 0);
- if (r == 0)
- freeze();
+ ASSERT_OK_POSITIVE(pidref_safe_fork("(test-pidref-kill-and-sigcont)", FORK_DEATHSIG_SIGTERM|FORK_FREEZE, &pidref));
assert_se(pidref_kill_and_sigcont(&pidref, SIGTERM) >= 0);
assert_se(pidref_wait_for_terminate(&pidref, &si) >= 0);
TEST(pidref_sigqueue) {
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
siginfo_t si;
- int r;
- r = pidref_safe_fork("(test-pidref-sigqueue)", FORK_DEATHSIG_SIGTERM, &pidref);
- assert_se(r >= 0);
- if (r == 0)
- freeze();
+ ASSERT_OK_POSITIVE(pidref_safe_fork("(test-pidref-sigqueue)", FORK_DEATHSIG_SIGTERM|FORK_FREEZE, &pidref));
assert_se(pidref_sigqueue(&pidref, SIGTERM, 42) >= 0);
assert_se(pidref_wait_for_terminate(&pidref, &si) >= 0);
TEST(pidref_done_sigkill_wait) {
_cleanup_(pidref_done_sigkill_wait) PidRef pidref = PIDREF_NULL;
- int r;
- r = pidref_safe_fork("(test-pidref-done-sigkill-wait)", FORK_DEATHSIG_SIGKILL, &pidref);
- assert_se(r >= 0);
- if (r == 0)
- freeze();
+ ASSERT_OK_POSITIVE(pidref_safe_fork("(test-pidref-done-sigkill-wait)", FORK_DEATHSIG_SIGKILL|FORK_FREEZE, &pidref));
}
TEST(pidref_verify) {
projects / thirdparty / systemd.git / commitdiff
