From bc0dc45598d9051644e2d3948e66d050d3c54c37 Mon Sep 17 00:00:00 2001 From: Vincent Bernat Date: Wed, 28 Sep 2016 22:43:48 +0200 Subject: [PATCH] daemon: invoke lldpcli after dropping privileges We don't need to run it as root. Moreover, it will happen after daemonization and won't clutter the screen in case lldpd dies too early. On the other hand, if we fail to spawn it, the error message may be hidden in the logs. Though choice. --- NEWS | 2 ++ src/daemon/lldpd.c | 14 +++++++------- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/NEWS b/NEWS index d104d7c3..8a49828e 100644 --- a/NEWS +++ b/NEWS @@ -7,6 +7,8 @@ lldpd (0.9.5) the privileged process. + LLDP-MED capability TLV is not sent when LLDP-MED is not enabled, even if other LLDP-MED TLV are present. + + Invoke lldpcli for initial configuration later (after dropping + privileges). * Fix: + Compilation fix with older versions of GCC. + Don't use ethtool at all to get real MAC address for enslaved diff --git a/src/daemon/lldpd.c b/src/daemon/lldpd.c index 1ab76663..b3a8ada5 100644 --- a/src/daemon/lldpd.c +++ b/src/daemon/lldpd.c @@ -1694,13 +1694,6 @@ lldpd_main(int argc, char *argv[], char *envp[]) /* Disable SIGHUP, until handlers are installed */ signal(SIGHUP, SIG_IGN); - /* Configuration with lldpcli */ - if (lldpcli) { - log_debug("main", "invoking lldpcli for configuration"); - if (lldpd_configure(use_syslog, debug, lldpcli, ctlname) == -1) - fatal("main", "unable to spawn lldpcli"); - } - /* Try to read system information from /etc/os-release if possible. Fall back to lsb_release for compatibility. */ log_debug("main", "get OS/LSB release information"); @@ -1851,6 +1844,13 @@ lldpd_main(int argc, char *argv[], char *envp[]) priv_init(PRIVSEP_CHROOT, ctl, 0, 0); #endif + /* Configuration with lldpcli */ + if (lldpcli) { + log_debug("main", "invoking lldpcli for configuration"); + if (lldpd_configure(use_syslog, debug, lldpcli, ctlname) == -1) + fatal("main", "unable to spawn lldpcli"); + } + /* Main loop */ log_debug("main", "start main loop"); levent_loop(cfg); -- 2.39.5