diff options
| author | Ulrich Drepper <drepper@redhat.com> | 2004-10-03 19:33:48 +0000 |
|---|---|---|
| committer | Ulrich Drepper <drepper@redhat.com> | 2004-10-03 19:33:48 +0000 |
| commit | 4401d759051714fcc016a146685f3c13bed49442 (patch) | |
| tree | fb2a02b91616e460a2b1fcd6eb482a0b3db9d860 /nscd/nscd.c | |
| parent | fc03df7aa6d9de00d09ddaf9c27074fb4ea6d3ef (diff) | |
| download | glibc-4401d759051714fcc016a146685f3c13bed49442.tar.gz glibc-4401d759051714fcc016a146685f3c13bed49442.tar.xz glibc-4401d759051714fcc016a146685f3c13bed49442.zip | |
Update.
Implement paranoia mode. * nscd/connections.c (nscd_init): Mark database and socket descriptors as close on exec. (restart): New function. (restart_p): New function. (nscd_run): Add missing descrement of nready in case readylist is empty. (main_loop_poll): Call restart_p and restart. (main_loop_epoll): Likewise. (begin_drop_privileges): Save original UID and GID. * nscd/nscd.c: Define new variables paranoia, restart_time, restart_interval, oldcwd, old_gid, old_uid. (main): Disable paranoia mode if we are not forking. (check_pid): When re-execing, the PID file contains the same PID as the current process. Do not fail in this case. * nscd/nscd.conf: Add paranoia and restart-interval entries. * nscd/nscd.h: Define RESTART_INTERVAL. Declare new variables. * nscd/nscd_conf.c: Parse paranoia and restart-internal configurations. * nscd/nscd_stat.c: Print paranoia and restart-internal values.
Diffstat (limited to 'nscd/nscd.c')
| -rw-r--r-- | nscd/nscd.c | 17 |
1 files changed, 16 insertions, 1 deletions
diff --git a/nscd/nscd.c b/nscd/nscd.c index 146f61cb25..0ef54bcf08 100644 --- a/nscd/nscd.c +++ b/nscd/nscd.c @@ -79,6 +79,13 @@ time_t start_time; uintptr_t pagesize_m1; +int paranoia; +time_t restart_time; +time_t restart_interval = RESTART_INTERVAL; +const char *oldcwd; +uid_t old_uid; +gid_t old_gid; + static int check_pid (const char *file); static int write_pid (const char *file); @@ -248,6 +255,9 @@ main (int argc, char **argv) signal (SIGTTIN, SIG_IGN); signal (SIGTSTP, SIG_IGN); } + else + /* In foreground mode we are not paranoid. */ + paranoia = 0; /* Start the SELinux AVC. */ if (selinux_enabled) @@ -414,6 +424,7 @@ nscd_open_socket (void) return sock; } + /* Cleanup. */ void termination_handler (int signum) @@ -461,7 +472,11 @@ check_pid (const char *file) n = fscanf (fp, "%d", &pid); fclose (fp); - if (n != 1 || kill (pid, 0) == 0) + /* If we cannot parse the file default to assuming nscd runs. + If the PID is alive, assume it is running. That all unless + the PID is the same as the current process' since tha latter + can mean we re-exec. */ + if ((n != 1 || kill (pid, 0) == 0) && pid != getpid ()) return 1; } |