priv: use SOCK_STREAM for monitor communication

SOCK_SEQPACKET is better but not available everywhere. We can't just
fallback to SOCK_DGRAM since we lose the ability to detect when the
monitor dies. So, we use SOCK_STREAM (now possible with commit
004b5f944539). The code (stolen from OpenBSD) was already ready for
that.

diff --git a/src/daemon/priv.c b/src/daemon/priv.c
index 263b22963c192f1f869709f6a8f2b333b1cf51c3..3714735883f5a7f6bc59062eb2b684676d651aff 100644 (file)
--- a/src/daemon/priv.c
+++ b/src/daemon/priv.c
@@ -412,6 +412,7 @@ priv_loop(int privileged, int once)
 #endif
 #endif
        while (!may_read(PRIV_PRIVILEGED, &cmd, sizeof(enum priv_cmd))) {
+               log_debug("privsep", "received command %d", cmd);
                for (a = actions; a->function != NULL; a++) {
                        if (cmd == a->msg) {
                                a->function();
@@ -589,15 +590,9 @@ priv_init(const char *chrootdir, int ctl, uid_t uid, gid_t gid)
        int pair[2];
 
        /* Create socket pair */
-       if (socketpair(AF_UNIX, SOCK_SEQPACKET, PF_UNSPEC, pair) < 0) {
-               if (errno == EAFNOSUPPORT ||
-                   errno == EOPNOTSUPP ||
-                   errno == EPROTONOSUPPORT) {
-                       if (socketpair(AF_UNIX, SOCK_DGRAM, PF_UNSPEC, pair) < 0) {
-                               fatal("privsep",
-                                   "unable to create socket pair for privilege separation");
-                       }
-               }
+       if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pair) < 0) {
+               fatal("privsep",
+                   "unable to create socket pair for privilege separation");
        }
 
        priv_unprivileged_fd(pair[0]);