On Fri, Dec 14, 2007 at 03:09:25PM +0100, Lubomir Petrik - Sun Microsystems wrote: > Is this solvable without rewriting master daemon logic much?
Depends on your definition of "much". As others have said, if you're using system(3C) (or posix_spawn(3C)), then simply adding ctrun(1) to the mix will do. Look at: http://cvs.opensolaris.org/source/xref/onnv/onnv-gate/usr/src/cmd/ssh/sshd/sshd.c for an example of how to deal with fork(2). Here we have three utility functions used around calls to fork(2): contracts_pre_fork(), contracts_post_fork_child() and contracts_post_fork_parent(). Sprinkling calls to such utility functions around fork() is trivial. But those functions amount to ~200 lines of code, comments and whitespace. (There is a bug in sshd, however, in that contracts_post_fork_parent() clobbers errno, so when fork(2) fails the reason for it is lost.) Nico --
