summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2015-08-12 16:25:27 +0200
committerJeroen van Meeuwen (Kolab Systems) <vanmeeuwen@kolabsys.com>2015-08-12 16:25:27 +0200
commit200ba8fe4dab5884ab0b3818c6678ad9745bdd7e (patch)
treec5736884b452e8f248d6f76d2363ae424dc40f52
parentddb224b70ac44383ba5bf42f907c450e1baa3a0c (diff)
downloadpykolab-200ba8fe4dab5884ab0b3818c6678ad9745bdd7e.tar.gz
Close stdin, stdout and stderr, when the process is told to fork(). Also, fork twice to eliminate session control.
-rw-r--r--kolabd/__init__.py33
-rw-r--r--saslauthd/__init__.py31
-rw-r--r--wallace/__init__.py33
3 files changed, 83 insertions, 14 deletions
diff --git a/kolabd/__init__.py b/kolabd/__init__.py
index 6a0fd32..df92138 100644
--- a/kolabd/__init__.py
+++ b/kolabd/__init__.py
@@ -172,16 +172,39 @@ class KolabDaemon(object):
log.error(_("Could not change real and effective uid and/or gid"))
try:
- pid = 1
+ pid = os.getpid()
+
if conf.fork_mode:
pid = os.fork()
- if pid == 0:
+ if pid > 0 and not conf.fork_mode:
+ self.do_sync()
+
+ elif pid > 0:
+ sys.exit(0)
+
+ else:
+ # Give up the session, all control,
+ # all open file descriptors, see #5151
+ os.chdir("/")
+ os.umask(0)
+ os.setsid()
+
+ pid = os.fork()
+
+ if pid > 0:
+ sys.exit(0)
+
+ sys.stderr.flush()
+ sys.stdout.flush()
+
+ os.close(0)
+ os.close(1)
+ os.close(2)
+
log.remove_stdout_handler()
- self.write_pid()
self.set_signal_handlers()
- self.do_sync()
- elif not conf.fork_mode:
+ self.write_pid()
self.do_sync()
except SystemExit, errcode:
diff --git a/saslauthd/__init__.py b/saslauthd/__init__.py
index 1ae09dd..18f282f 100644
--- a/saslauthd/__init__.py
+++ b/saslauthd/__init__.py
@@ -122,18 +122,41 @@ class SASLAuthDaemon(object):
self._drop_privileges()
try:
- pid = 1
+ pid = os.getpid()
+
if conf.fork_mode:
pid = os.fork()
- if pid == 0:
+ if pid > 0 and not conf.fork_mode:
+ self.do_saslauthd()
+
+ elif pid > 0:
+ sys.exit(0)
+
+ else:
+ # Give up the session, all control,
+ # all open file descriptors, see #5151
+ os.chdir("/")
+ os.umask(0)
+ os.setsid()
+
+ pid = os.fork()
+
+ if pid > 0:
+ sys.exit(0)
+
+ sys.stderr.flush()
+ sys.stdout.flush()
+
+ os.close(0)
+ os.close(1)
+ os.close(2)
+
self.thread_count += 1
log.remove_stdout_handler()
self.set_signal_handlers()
self.write_pid()
self.do_saslauthd()
- elif not conf.fork_mode:
- self.do_saslauthd()
except SystemExit, e:
exitcode = e
diff --git a/wallace/__init__.py b/wallace/__init__.py
index 9992488..f82015d 100644
--- a/wallace/__init__.py
+++ b/wallace/__init__.py
@@ -416,17 +416,40 @@ class WallaceDaemon(object):
log.error(_("Could not change real and effective uid and/or gid"))
try:
- pid = 1
+ pid = os.getpid()
if conf.fork_mode:
pid = os.fork()
- if pid == 0:
+ if pid > 0 and not conf.fork_mode:
+ self.do_wallace()
+
+ elif pid > 0:
+ sys.exit(0)
+
+ else:
+ # Give up the session, all control,
+ # all open file descriptors, see #5151
+ os.chdir("/")
+ os.umask(0)
+ os.setsid()
+
+ pid = os.fork()
+
+ if pid > 0:
+ sys.exit(0)
+
+ sys.stderr.flush()
+ sys.stdout.flush()
+
+ os.close(0)
+ os.close(1)
+ os.close(2)
+
+ self.thread_count += 1
log.remove_stdout_handler()
- self.write_pid()
self.set_signal_handlers()
- self.do_wallace()
- elif not conf.fork_mode:
+ self.write_pid()
self.do_wallace()
except SystemExit, e: