Hi,
proc_init() is done before daemon() and for the child processes of httpd,
relayd and snmpd() this function never returns. That means that the
children inherit stdin, stdout, and stderr of the caller and never close
them.
This fix this, proc_init() should map these filedes to /dev/null for a
child. The code is simpled and copied from deamon(3), without the lintish
(void) casts.
Gerhard
Index: usr.sbin/httpd/proc.c
===================================================================
RCS file: /cvs/src/usr.sbin/httpd/proc.c,v
retrieving revision 1.37
diff -u -p -u -p -r1.37 proc.c
--- usr.sbin/httpd/proc.c 28 May 2017 10:37:26 -0000 1.37
+++ usr.sbin/httpd/proc.c 7 Mar 2018 12:31:11 -0000
@@ -27,6 +27,7 @@
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
+#include <paths.h>
#include <errno.h>
#include <signal.h>
#include <pwd.h>
@@ -198,6 +199,7 @@ proc_init(struct privsep *ps, struct pri
unsigned int proc;
unsigned int dst;
int fds[2];
+ int fd;
/* Don't initiate anything if we are not really going to run. */
if (ps->ps_noaction)
@@ -246,6 +248,13 @@ proc_init(struct privsep *ps, struct pri
fatalx("%s: process %d missing process initialization",
__func__, proc_id);
+ if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
+ dup2(fd, STDIN_FILENO);
+ dup2(fd, STDOUT_FILENO);
+ dup2(fd, STDERR_FILENO);
+ if (fd > 2)
+ close(fd);
+ }
p->p_init(ps, p);
fatalx("failed to initiate child process");
Index: usr.sbin/relayd/proc.c
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/proc.c,v
retrieving revision 1.39
diff -u -p -u -p -r1.39 proc.c
--- usr.sbin/relayd/proc.c 28 May 2017 10:39:15 -0000 1.39
+++ usr.sbin/relayd/proc.c 7 Mar 2018 12:32:28 -0000
@@ -27,6 +27,7 @@
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
+#include <paths.h>
#include <errno.h>
#include <signal.h>
#include <pwd.h>
@@ -198,6 +199,7 @@ proc_init(struct privsep *ps, struct pri
unsigned int proc;
unsigned int dst;
int fds[2];
+ int fd;
/* Don't initiate anything if we are not really going to run. */
if (ps->ps_noaction)
@@ -246,6 +248,13 @@ proc_init(struct privsep *ps, struct pri
fatalx("%s: process %d missing process initialization",
__func__, proc_id);
+ if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
+ dup2(fd, STDIN_FILENO);
+ dup2(fd, STDOUT_FILENO);
+ dup2(fd, STDERR_FILENO);
+ if (fd > 2)
+ close(fd);
+ }
p->p_init(ps, p);
fatalx("failed to initiate child process");
Index: usr.sbin/snmpd/proc.c
===================================================================
RCS file: /cvs/src/usr.sbin/snmpd/proc.c,v
retrieving revision 1.24
diff -u -p -u -p -r1.24 proc.c
--- usr.sbin/snmpd/proc.c 29 May 2017 12:56:26 -0000 1.24
+++ usr.sbin/snmpd/proc.c 7 Mar 2018 12:34:02 -0000
@@ -27,6 +27,7 @@
#include <stdlib.h>
#include <unistd.h>
#include <string.h>
+#include <paths.h>
#include <errno.h>
#include <signal.h>
#include <pwd.h>
@@ -198,6 +199,7 @@ proc_init(struct privsep *ps, struct pri
unsigned int proc;
unsigned int dst;
int fds[2];
+ int fd;
/* Don't initiate anything if we are not really going to run. */
if (ps->ps_noaction)
@@ -246,6 +248,13 @@ proc_init(struct privsep *ps, struct pri
fatalx("%s: process %d missing process initialization",
__func__, proc_id);
+ if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
+ dup2(fd, STDIN_FILENO);
+ dup2(fd, STDOUT_FILENO);
+ dup2(fd, STDERR_FILENO);
+ if (fd > 2)
+ close(fd);
+ }
p->p_init(ps, p);
fatalx("failed to initiate child process");
