From ce30c8dcb41dfe9264f79f30c7f51c0e74576638 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Sun, 31 May 2015 23:55:55 +0200 Subject: tree-wide: whenever we fork off a foreign child process reset signal mask/handlers Also, when the child is potentially long-running make sure to set a death signal. Also, ignore the result of the reset operations explicitly by casting them to (void). --- src/core/execute.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'src/core/execute.c') diff --git a/src/core/execute.c b/src/core/execute.c index 4120493bda..f13c6936e0 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -823,6 +823,7 @@ static int setup_pam( /* Block SIGTERM, so that we know that it won't get lost in * the child */ + if (sigemptyset(&ss) < 0 || sigaddset(&ss, SIGTERM) < 0 || sigprocmask(SIG_BLOCK, &ss, &old_ss) < 0) @@ -857,6 +858,8 @@ static int setup_pam( if (setresuid(uid, uid, uid) < 0) log_error_errno(r, "Error: Failed to setresuid() in sd-pam: %m"); + (void) ignore_signals(SIGPIPE, -1); + /* Wait until our parent died. This will only work if * the above setresuid() succeeds, otherwise the kernel * will not allow unprivileged parents kill their privileged @@ -1324,11 +1327,11 @@ static int exec_child( * others we leave untouched because we set them to * SIG_DFL or a valid handler initially, both of which * will be demoted to SIG_DFL. */ - default_signals(SIGNALS_CRASH_HANDLER, - SIGNALS_IGNORE, -1); + (void) default_signals(SIGNALS_CRASH_HANDLER, + SIGNALS_IGNORE, -1); if (context->ignore_sigpipe) - ignore_signals(SIGPIPE, -1); + (void) ignore_signals(SIGPIPE, -1); r = reset_signal_mask(); if (r < 0) { -- cgit v1.2.3-54-g00ecf