From: Vincent Bernat Date: Wed, 28 Sep 2016 20:43:48 +0000 (+0200) Subject: daemon: invoke lldpcli after dropping privileges X-Git-Tag: 0.9.5~6 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bc0dc45598d9051644e2d3948e66d050d3c54c37;p=thirdparty%2Flldpd.git daemon: invoke lldpcli after dropping privileges We don't need to run it as root. Moreover, it will happen after daemonization and won't clutter the screen in case lldpd dies too early. On the other hand, if we fail to spawn it, the error message may be hidden in the logs. Though choice. --- diff --git a/NEWS b/NEWS index d104d7c3..8a49828e 100644 --- a/NEWS +++ b/NEWS @@ -7,6 +7,8 @@ lldpd (0.9.5) the privileged process. + LLDP-MED capability TLV is not sent when LLDP-MED is not enabled, even if other LLDP-MED TLV are present. + + Invoke lldpcli for initial configuration later (after dropping + privileges). * Fix: + Compilation fix with older versions of GCC. + Don't use ethtool at all to get real MAC address for enslaved diff --git a/src/daemon/lldpd.c b/src/daemon/lldpd.c index 1ab76663..b3a8ada5 100644 --- a/src/daemon/lldpd.c +++ b/src/daemon/lldpd.c @@ -1694,13 +1694,6 @@ lldpd_main(int argc, char *argv[], char *envp[]) /* Disable SIGHUP, until handlers are installed */ signal(SIGHUP, SIG_IGN); - /* Configuration with lldpcli */ - if (lldpcli) { - log_debug("main", "invoking lldpcli for configuration"); - if (lldpd_configure(use_syslog, debug, lldpcli, ctlname) == -1) - fatal("main", "unable to spawn lldpcli"); - } - /* Try to read system information from /etc/os-release if possible. Fall back to lsb_release for compatibility. */ log_debug("main", "get OS/LSB release information"); @@ -1851,6 +1844,13 @@ lldpd_main(int argc, char *argv[], char *envp[]) priv_init(PRIVSEP_CHROOT, ctl, 0, 0); #endif + /* Configuration with lldpcli */ + if (lldpcli) { + log_debug("main", "invoking lldpcli for configuration"); + if (lldpd_configure(use_syslog, debug, lldpcli, ctlname) == -1) + fatal("main", "unable to spawn lldpcli"); + } + /* Main loop */ log_debug("main", "start main loop"); levent_loop(cfg);