return fd;
}
-static void main_preinit(void)
+static void main_preinit(bool allow_core_dumps)
{
unsigned int max_fds;
anvil_fd = anvil_connect();
restrict_access_by_env(NULL, TRUE);
+ if (allow_core_dumps)
+ restrict_access_allow_coredumps(TRUE);
}
static void main_init(void)
MASTER_SERVICE_FLAG_TRACK_LOGIN_STATE;
const char *getopt_str;
pool_t set_pool;
+ bool allow_core_dumps = FALSE;
int c;
master_service = master_service_init(login_process_name, service_flags,
while ((c = getopt(argc, argv, getopt_str)) > 0) {
switch (c) {
case 'D':
- restrict_access_allow_coredumps(TRUE);
+ allow_core_dumps = TRUE;
break;
case 'S':
ssl_connections = TRUE;
/* main_preinit() needs to know the client limit, which is set by
this. so call it first. */
master_service_init_finish(master_service);
- main_preinit();
+ main_preinit(allow_core_dumps);
main_init();
master_service_run(master_service, client_connected);
return TRUE;
}
+static void service_set_login_dump_core(struct service_settings *set)
+{
+ const char *p;
+
+ if (set->parsed_type != SERVICE_TYPE_LOGIN)
+ return;
+
+ p = strstr(set->executable, " -D");
+ if (p != NULL && (p[3] == '\0' || p[3] == ' '))
+ set->login_dump_core = TRUE;
+}
+
static bool
master_settings_verify(void *_set, pool_t pool, const char **error_r)
{
return FALSE;
}
}
+ service_set_login_dump_core(service);
}
for (i = 0; i < count; i++) {
struct service_settings *service = services[i];
services = array_get(&set->services, &count);
for (i = 0; i < count; i++) {
- if (strcmp(services[i]->type, "login") == 0) {
- if (strstr(services[i]->executable, " -D") != NULL)
+ if (services[i]->parsed_type == SERVICE_TYPE_LOGIN) {
+ if (services[i]->login_dump_core)
cores = TRUE;
(void)get_uidgid(services[i]->user, &uid, gid_r, &error);
if (*services[i]->group != '\0')
ARRAY_DEFINE(inet_listeners, struct inet_listener_settings *);
enum service_type parsed_type;
+ unsigned int login_dump_core:1;
};
struct master_settings {
return;
}
-#ifdef HAVE_PR_SET_DUMPABLE
+#ifndef HAVE_PR_SET_DUMPABLE
if (!service->set->drop_priv_before_exec) {
str_append(str, " (core not dumped - set drop_priv_before_exec=yes)");
return;
str_append(str, " (core not dumped - privileged_group prevented it)");
return;
}
+#else
+ if (!service->set->login_dump_core) {
+ str_append(str, " (core not dumped - add -D parameter to service executable");
+ return;
+ }
#endif
str_append(str, " (core not dumped)");
projects / thirdparty / dovecot / core.git / commitdiff
