summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2017-02-21 17:57:55 +0100
committerLennart Poettering <lennart@poettering.net>2017-02-21 21:55:43 +0100
commit48a601fe5de8aa0d89ba6dadde168769fa7ce992 (patch)
tree10f9b703d9dd770b6fc354735bd8ad1b6817f0b4
parent525872bfab49ce44390a29f322816ae951a4bc38 (diff)
log: never log into foreign fd #2 in PID 1 or its pre-execve() children
Fixes: #5401
-rw-r--r--src/basic/log.c7
-rw-r--r--src/basic/log.h1
-rw-r--r--src/core/main.c11
3 files changed, 16 insertions, 3 deletions
diff --git a/src/basic/log.c b/src/basic/log.c
index e6d2d61d72..36efc9ac7d 100644
--- a/src/basic/log.c
+++ b/src/basic/log.c
@@ -72,6 +72,7 @@ static bool show_color = false;
static bool show_location = false;
static bool upgrade_syslog_to_journal = false;
+static bool always_reopen_console = false;
/* Akin to glibc's __abort_msg; which is private and we hence cannot
* use here. */
@@ -95,7 +96,7 @@ static int log_open_console(void) {
if (console_fd >= 0)
return 0;
- if (getpid() == 1) {
+ if (always_reopen_console) {
console_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
if (console_fd < 0)
return console_fd;
@@ -1171,3 +1172,7 @@ int log_syntax_internal(
unit_fmt, unit,
NULL);
}
+
+void log_set_always_reopen_console(bool b) {
+ always_reopen_console = b;
+}
diff --git a/src/basic/log.h b/src/basic/log.h
index 9cacbb6b70..72714e02e5 100644
--- a/src/basic/log.h
+++ b/src/basic/log.h
@@ -220,6 +220,7 @@ LogTarget log_target_from_string(const char *s) _pure_;
void log_received_signal(int level, const struct signalfd_siginfo *si);
void log_set_upgrade_syslog_to_journal(bool b);
+void log_set_always_reopen_console(bool b);
int log_syntax_internal(
const char *unit,
diff --git a/src/core/main.c b/src/core/main.c
index 3c6b18229c..bcf9ea5f25 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -1414,10 +1414,17 @@ int main(int argc, char *argv[]) {
log_set_upgrade_syslog_to_journal(true);
- /* Disable the umask logic */
- if (getpid() == 1)
+ if (getpid() == 1) {
+ /* Disable the umask logic */
umask(0);
+ /* Always reopen /dev/console when running as PID 1 or one of its pre-execve() children. This is
+ * important so that we never end up logging to any foreign stderr, for example if we have to log in a
+ * child process right before execve()'ing the actual binary, at a point in time where socket
+ * activation stderr/stdout area already set up. */
+ log_set_always_reopen_console(true);
+ }
+
if (getpid() == 1 && detect_container() <= 0) {
/* Running outside of a container as PID 1 */