From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 13 Mar 2019 15:55:46 +0000 (+0100)
Subject: man: mention O_NOCTTY and it's importance in daemon(7)
X-Git-Tag: v242-rc1~128^2~3
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=5f4283007984b54a1003f44eed6a0e07afa41109;p=thirdparty%2Fsystemd.git

man: mention O_NOCTTY and it's importance in daemon(7)

Fixes: #9164
---

diff --git a/man/daemon.xml b/man/daemon.xml
index 7724bb4e08d..41da01943c6 100644
--- a/man/daemon.xml
+++ b/man/daemon.xml
@@ -77,9 +77,10 @@
         <function>setsid()</function> to detach from any terminal and
         create an independent session.</para></listitem>
 
-        <listitem><para>In the child, call <function>fork()</function>
-        again, to ensure that the daemon can never re-acquire a
-        terminal again.</para></listitem>
+        <listitem><para>In the child, call <function>fork()</function> again, to ensure that the daemon can
+        never re-acquire a terminal again. (This relevant if the program — and all its dependencies — does
+        not carefully specify `O_NOCTTY` on each and every single `open()` call that might potentially open a
+        TTY device node.)</para></listitem>
 
         <listitem><para>Call <function>exit()</function> in the first
         child, so that only the second child (the actual daemon
@@ -244,6 +245,10 @@
         and
         <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem>
 
+        <listitem><para>As new-style daemons are invoked without a controlling TTY (but as their own session
+        leaders) care should be taken to always specify `O_NOCTTY` on `open()` calls that possibly reference
+        a TTY device node, so that no controlling TTY is accidentally acquired.</para></listitem>
+
       </orderedlist>
 
       <para>These recommendations are similar but not identical to the