---
src/base/daemon.c | 30 ++++++++++++++++++------------
src/nid/agent/nid_ipc.c | 17 ++++++++++++++++-
2 files changed, 34 insertions(+), 13 deletions(-)
diff --git a/src/base/daemon.c b/src/base/daemon.c
index f8e284fa1..62b6a7311 100644
--- a/src/base/daemon.c
+++ b/src/base/daemon.c
@@ -102,7 +102,7 @@ static int __create_pidfile(const char *pidfile)
syslog(LOG_WARNING,"truncation occurred writing pid file: %s",
pidfiletmp);
/* open the file and associate a stream with it */
- if (((fd = open(pidfiletmp, O_RDWR | O_CREAT, 0644)) == -1) ||
+ if (((fd = open(pidfiletmp, O_RDWR | O_CREAT, 0640)) == -1) ||
((file = fdopen(fd, "r+")) == NULL)) {
syslog(LOG_ERR, "open failed, pidfiletmp=%s, errno=%s",
pidfiletmp, strerror(errno));
@@ -160,18 +160,20 @@ static void create_fifofile(const char *fifofile)
{
mode_t mask;
+ /* Lets Remove any such file if it already exists */
+ if (unlink(fifofile) == -1 && errno != ENOENT) {
+ syslog(LOG_ERR, "Unable To Delete FIFO Error: %s\n",
+ strerror(errno));
+ return;
+ }
+
mask = umask(0);
- if (mkfifo(fifofile, 0666) == -1) {
- if (errno == EEXIST) {
- syslog(LOG_INFO, "mkfifo already exists: %s %s",
- fifofile, strerror(errno));
- } else {
- syslog(LOG_WARNING, "mkfifo failed: %s %s", fifofile,
- strerror(errno));
- umask(mask);
- return;
- }
+ if (mkfifo(fifofile, 0660) == -1) {
+ syslog(LOG_ERR, "mkfifo failed: %s %s", fifofile,
+ strerror(errno));
+ umask(mask);
+ return;
}
do {
@@ -180,7 +182,7 @@ static void create_fifofile(const char *fifofile)
} while (fifo_fd == -1 && errno == EINTR);
if (fifo_fd == -1) {
- syslog(LOG_WARNING, "open fifo failed: %s %s", fifofile,
+ syslog(LOG_ERR, "open fifo failed: %s %s", fifofile,
strerror(errno));
}
@@ -465,6 +467,10 @@ void daemonize(int argc, char *argv[])
"getgrouplist failed, uid=%d (%s).
Continuing without supplementary groups.",
pw->pw_uid, strerror(errno));
}
+ if ((pw->pw_uid > 0) && (pw->pw_gid > 0)) {
+ assert(chown(fifo_file, pw->pw_uid, pw->pw_gid)
== 0);
+ assert(chown(__pidfile, pw->pw_uid, pw->pw_gid)
== 0);
+ }
if ((pw->pw_gid > 0) && (setgid(pw->pw_gid) < 0)) {
syslog(LOG_ERR, "setgid failed, gid=%d (%s)",
pw->pw_gid, strerror(errno));
diff --git a/src/nid/agent/nid_ipc.c b/src/nid/agent/nid_ipc.c
index 172063ae1..bbcfc0c6c 100644
--- a/src/nid/agent/nid_ipc.c
+++ b/src/nid/agent/nid_ipc.c
@@ -26,6 +26,7 @@
* library. *
************************************************************************/
+#include <pwd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include "osaf/configmake.h"
@@ -66,13 +67,27 @@ uint32_t nid_create_ipc(char *strbuf)
mask = umask(0);
/* Create nid fifo */
- if (mkfifo(NID_FIFO, 0666) < 0) {
+ if (mkfifo(NID_FIFO, 0660) < 0) {
sprintf(strbuf, " FAILURE: Unable To Create FIFO Error:%s\n",
strerror(errno));
umask(mask);
return NCSCC_RC_FAILURE;
}
+ const char *username = getenv("OPENSAF_USER");
+ long bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
+ char *buffer = (char *)malloc(bufsize >= 0 ? bufsize : 16384);
+ struct passwd pwd;
+ struct passwd *pw;
+
+ if (buffer != NULL &&
+ getpwnam_r(username, &pwd, buffer, bufsize, &pw) == 0 &&
+ pw != NULL) {
+ if ((pw->pw_uid > 0) && (pw->pw_gid > 0))
+ assert(chown(NID_FIFO, pw->pw_uid, pw->pw_gid) == 0);
+ }
+ free(buffer);
+
umask(mask);
return NCSCC_RC_SUCCESS;
}
--
2.17.1
_______________________________________________
Opensaf-devel mailing list
Opensaf-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/opensaf-devel
