From: Timo Sirainen Date: Wed, 1 Apr 2009 16:48:17 +0000 (-0400) Subject: Call closelog() before dup2()ing fds. X-Git-Tag: 1.2.rc1~27 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3e636a4b4d2f120b6ae864679ce19f1f0a753b76;p=thirdparty%2Fdovecot%2Fcore.git Call closelog() before dup2()ing fds. --HG-- branch : HEAD --- diff --git a/src/master/auth-process.c b/src/master/auth-process.c index 894ce19976..a2d47b1dbd 100644 --- a/src/master/auth-process.c +++ b/src/master/auth-process.c @@ -576,6 +576,10 @@ static int create_auth_process(struct auth_process_group *group) (void)close(fd[0]); (void)close(fd[1]); + /* make sure we don't leak syslog fd. try to do it as late as possible, + but also before dup2()s in case syslog fd is one of them. */ + closelog(); + /* set stdout to /dev/null, so anything written into it gets ignored. */ if (dup2(null_fd, 1) < 0) i_fatal("dup2(stdout) failed: %m"); @@ -603,10 +607,6 @@ static int create_auth_process(struct auth_process_group *group) env_put(t_strdup_printf("AUTH_WORKER_MAX_COUNT=%u", group->set->worker_max_count)); - /* make sure we don't leak syslog fd, but do it last so that - any errors above will be logged */ - closelog(); - executable = group->set->executable; client_process_exec(executable, ""); i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", executable); @@ -649,6 +649,10 @@ static int create_auth_worker(struct auth_process *process, int fd) process->group->set->name); log_set_prefix(log, prefix); + /* make sure we don't leak syslog fd. try to do it as late as possible, + but also before dup2()s in case syslog fd is one of them. */ + closelog(); + /* set stdin and stdout to /dev/null, so anything written into it gets ignored. */ if (dup2(null_fd, 0) < 0) @@ -669,10 +673,6 @@ static int create_auth_worker(struct auth_process *process, int fd) child_process_init_env(); auth_set_environment(process->group->set); - /* make sure we don't leak syslog fd, but do it last so that - any errors above will be logged */ - closelog(); - executable = t_strconcat(process->group->set->executable, " -w", NULL); client_process_exec(executable, ""); i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", executable); diff --git a/src/master/dict-process.c b/src/master/dict-process.c index 3aa6b2f5f9..4b6c28d8d1 100644 --- a/src/master/dict-process.c +++ b/src/master/dict-process.c @@ -78,6 +78,10 @@ static int dict_process_create(struct dict_listener *listener) } log_set_prefix(log, "master-dict: "); + /* make sure we don't leak syslog fd. try to do it as late as possible, + but also before dup2()s in case syslog fd is one of them. */ + closelog(); + /* set stdin and stdout to /dev/null, so anything written into it gets ignored. */ if (dup2(null_fd, 0) < 0) @@ -109,10 +113,6 @@ static int dict_process_create(struct dict_listener *listener) for (i = 0; i < count; i += 2) env_put(t_strdup_printf("DICT_%s=%s", dicts[i], dicts[i+1])); - /* make sure we don't leak syslog fd, but do it last so that - any errors above will be logged */ - closelog(); - executable = PKG_LIBEXECDIR"/dict"; client_process_exec(executable, ""); i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", executable); diff --git a/src/master/login-process.c b/src/master/login-process.c index 660d91eb5f..971a97a5c2 100644 --- a/src/master/login-process.c +++ b/src/master/login-process.c @@ -707,6 +707,10 @@ static pid_t create_login_process(struct login_group *group) dup2_append(&dups, listens[i].fd, cur_fd); } + /* make sure we don't leak syslog fd. try to do it as late as possible, + but also before dup2()s in case syslog fd is one of them. */ + closelog(); + if (dup2_array(&dups) < 0) i_fatal("Failed to dup2() fds"); @@ -724,10 +728,6 @@ static pid_t create_login_process(struct login_group *group) restrict_process_size(group->set->login_process_size, (unsigned int)-1); - /* make sure we don't leak syslog fd, but do it last so that - any errors above will be logged */ - closelog(); - client_process_exec(group->set->login_executable, ""); i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", group->set->login_executable); diff --git a/src/master/mail-process.c b/src/master/mail-process.c index 0ae2cdbf67..71523642a3 100644 --- a/src/master/mail-process.c +++ b/src/master/mail-process.c @@ -758,17 +758,6 @@ create_mail_process(enum process_type process_type, struct settings *set, child_process_init_env(); - /* move the client socket into stdin and stdout fds, log to stderr */ - if (dup2(dump_capability ? null_fd : request->fd, 0) < 0) - i_fatal("dup2(stdin) failed: %m"); - if (dup2(request->fd, 1) < 0) - i_fatal("dup2(stdout) failed: %m"); - if (dup2(log_fd, 2) < 0) - i_fatal("dup2(stderr) failed: %m"); - - for (i = 0; i < 3; i++) - fd_close_on_exec(i, FALSE); - /* setup environment - set the most important environment first (paranoia about filling up environment without noticing) */ restrict_access_set_env(system_groups_user, uid, gid, @@ -900,10 +889,21 @@ create_mail_process(enum process_type process_type, struct settings *set, i_snprintf(title, sizeof(title), "[%s %s]", user, addr); } - /* make sure we don't leak syslog fd, but do it last so that - any errors above will be logged */ + /* make sure we don't leak syslog fd. try to do it as late as possible, + but also before dup2()s in case syslog fd is one of them. */ closelog(); + /* move the client socket into stdin and stdout fds, log to stderr */ + if (dup2(dump_capability ? null_fd : request->fd, 0) < 0) + i_fatal("dup2(stdin) failed: %m"); + if (dup2(request->fd, 1) < 0) + i_fatal("dup2(stdout) failed: %m"); + if (dup2(log_fd, 2) < 0) + i_fatal("dup2(stderr) failed: %m"); + + for (i = 0; i < 3; i++) + fd_close_on_exec(i, FALSE); + if (set->mail_drop_priv_before_exec) { restrict_access_by_env(TRUE); /* privileged GID is now only in saved-GID. if we want to