[systemd-commits] 2 commits - src/execute.c src/util.c

Mon Jul 12 11:35:22 PDT 2010

src/execute.c |   20 ++++++++++----------
 src/util.c    |    2 +-
 2 files changed, 11 insertions(+), 11 deletions(-)

New commits:
commit 7bc0351dd8bdd5045101616d304a3f16ecb91e5a
Author: Lennart Poettering <lennart at poettering.net>
Date:   Mon Jul 12 20:35:14 2010 +0200

    util: fix error handling in acquire_terminal()

diff --git a/src/util.c b/src/util.c
index fa34137..b5513dd 100644
--- a/src/util.c
+++ b/src/util.c
@@ -2030,7 +2030,7 @@ int acquire_terminal(const char *name, bool fail, bool force, bool ignore_tiocst
                         }
 
                         if (e.wd != wd || !(e.mask & IN_CLOSE)) {
-                                r = -errno;
+                                r = -EIO;
                                 goto fail;
                         }
 
commit fc9b2a84dcf70bdd3100cbcb84f2858dd5303d76
Author: Lennart Poettering <lennart at poettering.net>
Date:   Mon Jul 12 20:34:53 2010 +0200

    execute: close inherited fds earlier

diff --git a/src/execute.c b/src/execute.c
index 6363719..5483b69 100644
--- a/src/execute.c
+++ b/src/execute.c
@@ -968,6 +968,14 @@ int exec_spawn(ExecCommand *command,
                         goto fail;
                 }
 
+                /* Close sockets very early to make sure we don' block
+                 * init reexecution because it cannot bind its sockets
+                 * or so */
+                if (close_all_fds(fds, n_fds) < 0) {
+                        r = EXIT_FDS;
+                        goto fail;
+                }
+
                 if (!context->same_pgrp)
                         if (setsid() < 0) {
                                 r = EXIT_SETSID;
@@ -1111,16 +1119,6 @@ int exec_spawn(ExecCommand *command,
 
 #ifdef HAVE_PAM
                 if (context->pam_name && username) {
-                        /* Make sure no fds leak into the PAM
-                         * supervisor process. We will call this later
-                         * on again to make sure that any fds leaked
-                         * by the PAM modules get closed before our
-                         * exec(). */
-                        if (close_all_fds(fds, n_fds) < 0) {
-                                r = EXIT_FDS;
-                                goto fail;
-                        }
-
                         if (setup_pam(context->pam_name, username, context->tty_path, &pam_env, fds, n_fds) < 0) {
                                 r = EXIT_PAM;
                                 goto fail;
@@ -1180,6 +1178,8 @@ int exec_spawn(ExecCommand *command,
                         free(d);
                 }
 
+                /* We repeat the fd closing here, to make sure that
+                 * nothing is leaked from the PAM modules */
                 if (close_all_fds(fds, n_fds) < 0 ||
                     shift_fds(fds, n_fds) < 0 ||
                     flags_fds(fds, n_fds, context->non_blocking) < 0) {
