(void)close(fd[0]);
(void)close(fd[1]);
+ /* make sure we don't leak syslog fd. try to do it as late as possible,
+ but also before dup2()s in case syslog fd is one of them. */
+ closelog();
+
/* set stdout to /dev/null, so anything written into it gets ignored. */
if (dup2(null_fd, 1) < 0)
i_fatal("dup2(stdout) failed: %m");
env_put(t_strdup_printf("AUTH_WORKER_MAX_COUNT=%u",
group->set->worker_max_count));
- /* make sure we don't leak syslog fd, but do it last so that
- any errors above will be logged */
- closelog();
-
executable = group->set->executable;
client_process_exec(executable, "");
i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", executable);
process->group->set->name);
log_set_prefix(log, prefix);
+ /* make sure we don't leak syslog fd. try to do it as late as possible,
+ but also before dup2()s in case syslog fd is one of them. */
+ closelog();
+
/* set stdin and stdout to /dev/null, so anything written into it
gets ignored. */
if (dup2(null_fd, 0) < 0)
child_process_init_env();
auth_set_environment(process->group->set);
- /* make sure we don't leak syslog fd, but do it last so that
- any errors above will be logged */
- closelog();
-
executable = t_strconcat(process->group->set->executable, " -w", NULL);
client_process_exec(executable, "");
i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", executable);
}
log_set_prefix(log, "master-dict: ");
+ /* make sure we don't leak syslog fd. try to do it as late as possible,
+ but also before dup2()s in case syslog fd is one of them. */
+ closelog();
+
/* set stdin and stdout to /dev/null, so anything written into it
gets ignored. */
if (dup2(null_fd, 0) < 0)
for (i = 0; i < count; i += 2)
env_put(t_strdup_printf("DICT_%s=%s", dicts[i], dicts[i+1]));
- /* make sure we don't leak syslog fd, but do it last so that
- any errors above will be logged */
- closelog();
-
executable = PKG_LIBEXECDIR"/dict";
client_process_exec(executable, "");
i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", executable);
dup2_append(&dups, listens[i].fd, cur_fd);
}
+ /* make sure we don't leak syslog fd. try to do it as late as possible,
+ but also before dup2()s in case syslog fd is one of them. */
+ closelog();
+
if (dup2_array(&dups) < 0)
i_fatal("Failed to dup2() fds");
restrict_process_size(group->set->login_process_size, (unsigned int)-1);
- /* make sure we don't leak syslog fd, but do it last so that
- any errors above will be logged */
- closelog();
-
client_process_exec(group->set->login_executable, "");
i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m",
group->set->login_executable);
child_process_init_env();
- /* move the client socket into stdin and stdout fds, log to stderr */
- if (dup2(dump_capability ? null_fd : request->fd, 0) < 0)
- i_fatal("dup2(stdin) failed: %m");
- if (dup2(request->fd, 1) < 0)
- i_fatal("dup2(stdout) failed: %m");
- if (dup2(log_fd, 2) < 0)
- i_fatal("dup2(stderr) failed: %m");
-
- for (i = 0; i < 3; i++)
- fd_close_on_exec(i, FALSE);
-
/* setup environment - set the most important environment first
(paranoia about filling up environment without noticing) */
restrict_access_set_env(system_groups_user, uid, gid,
i_snprintf(title, sizeof(title), "[%s %s]", user, addr);
}
- /* make sure we don't leak syslog fd, but do it last so that
- any errors above will be logged */
+ /* make sure we don't leak syslog fd. try to do it as late as possible,
+ but also before dup2()s in case syslog fd is one of them. */
closelog();
+ /* move the client socket into stdin and stdout fds, log to stderr */
+ if (dup2(dump_capability ? null_fd : request->fd, 0) < 0)
+ i_fatal("dup2(stdin) failed: %m");
+ if (dup2(request->fd, 1) < 0)
+ i_fatal("dup2(stdout) failed: %m");
+ if (dup2(log_fd, 2) < 0)
+ i_fatal("dup2(stderr) failed: %m");
+
+ for (i = 0; i < 3; i++)
+ fd_close_on_exec(i, FALSE);
+
if (set->mail_drop_priv_before_exec) {
restrict_access_by_env(TRUE);
/* privileged GID is now only in saved-GID. if we want to
projects / thirdparty / dovecot / core.git / commitdiff
