You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
76 lines
2.9 KiB
76 lines
2.9 KiB
From 5a7f49bb38bc1d7965d497e775b7cc8053b0c465 Mon Sep 17 00:00:00 2001 |
|
From: Jan Synacek <jsynacek@redhat.com> |
|
Date: Fri, 18 Aug 2017 10:17:22 +0200 |
|
Subject: [PATCH] log: never log into foreign fd #2 in PID 1 or its |
|
pre-execve() children |
|
|
|
(cherry picked from commit 48a601fe5de8aa0d89ba6dadde168769fa7ce992) |
|
Resolves: #1420505 |
|
--- |
|
src/core/main.c | 11 +++++++++-- |
|
src/shared/log.c | 7 ++++++- |
|
src/shared/log.h | 1 + |
|
3 files changed, 16 insertions(+), 3 deletions(-) |
|
|
|
diff --git a/src/core/main.c b/src/core/main.c |
|
index 37e3ea0ced..66393ed6ad 100644 |
|
--- a/src/core/main.c |
|
+++ b/src/core/main.c |
|
@@ -1310,10 +1310,17 @@ int main(int argc, char *argv[]) { |
|
log_show_color(isatty(STDERR_FILENO) > 0); |
|
log_set_upgrade_syslog_to_journal(true); |
|
|
|
- /* Disable the umask logic */ |
|
- if (getpid() == 1) |
|
+ if (getpid() == 1) { |
|
+ /* Disable the umask logic */ |
|
umask(0); |
|
|
|
+ /* Always reopen /dev/console when running as PID 1 or one of its pre-execve() children. This is |
|
+ * important so that we never end up logging to any foreign stderr, for example if we have to log in a |
|
+ * child process right before execve()'ing the actual binary, at a point in time where socket |
|
+ * activation stderr/stdout area already set up. */ |
|
+ log_set_always_reopen_console(true); |
|
+ } |
|
+ |
|
if (getpid() == 1 && detect_container(NULL) <= 0) { |
|
|
|
/* Running outside of a container as PID 1 */ |
|
diff --git a/src/shared/log.c b/src/shared/log.c |
|
index 646a1d6389..3491420308 100644 |
|
--- a/src/shared/log.c |
|
+++ b/src/shared/log.c |
|
@@ -52,6 +52,7 @@ static bool show_color = false; |
|
static bool show_location = false; |
|
|
|
static bool upgrade_syslog_to_journal = false; |
|
+static bool always_reopen_console = false; |
|
|
|
/* Akin to glibc's __abort_msg; which is private and we hence cannot |
|
* use here. */ |
|
@@ -75,7 +76,7 @@ static int log_open_console(void) { |
|
if (console_fd >= 0) |
|
return 0; |
|
|
|
- if (getpid() == 1) { |
|
+ if (always_reopen_console) { |
|
console_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC); |
|
if (console_fd < 0) |
|
return console_fd; |
|
@@ -1061,3 +1062,7 @@ void log_received_signal(int level, const struct signalfd_siginfo *si) { |
|
void log_set_upgrade_syslog_to_journal(bool b) { |
|
upgrade_syslog_to_journal = b; |
|
} |
|
+ |
|
+void log_set_always_reopen_console(bool b) { |
|
+ always_reopen_console = b; |
|
+} |
|
diff --git a/src/shared/log.h b/src/shared/log.h |
|
index 2889e1e77f..3c9448f1a7 100644 |
|
--- a/src/shared/log.h |
|
+++ b/src/shared/log.h |
|
@@ -210,3 +210,4 @@ LogTarget log_target_from_string(const char *s) _pure_; |
|
void log_received_signal(int level, const struct signalfd_siginfo *si); |
|
|
|
void log_set_upgrade_syslog_to_journal(bool b); |
|
+void log_set_always_reopen_console(bool b);
|
|
|