From 4c89ccef2904e48a0e147e17f61359ca9ab1b518 Mon Sep 17 00:00:00 2001 From: Christian Hofstaedtler Date: Sat, 24 Aug 2013 17:19:38 +0200 Subject: [PATCH] nproxy: Add missing chdir("/") after chroot() Also make sure that fd 0,1,2 are correctly replaced with /dev/null. As we (might) chroot() before daemonizing, we must open /dev/null before chroot-ing. Reported-By: Morten Stevens --- pdns/nproxy.cc | 31 +++++++++++++++---------------- 1 file changed, 15 insertions(+), 16 deletions(-) diff --git a/pdns/nproxy.cc b/pdns/nproxy.cc index 2d1b6c5d5..8ae4b6e9c 100644 --- a/pdns/nproxy.cc +++ b/pdns/nproxy.cc @@ -181,7 +181,7 @@ void expireOldNotifications() } } -void daemonize(); +void daemonize(int null_fd); int main(int argc, char** argv) try @@ -260,8 +260,12 @@ try g_fdm.addReadFD(g_pdnssocket, handleInsideUDPPacket); + int null_fd=open("/dev/null",O_RDWR); /* open stdin */ + if(null_fd < 0) + throw runtime_error("Unable to open /dev/null: "+stringerror()); + if(g_vm.count("chroot")) { - if(chroot(g_vm["chroot"].as().c_str()) < 0) + if(chroot(g_vm["chroot"].as().c_str()) < 0 || chdir("/") < 0) throw runtime_error("while chrooting to "+g_vm["chroot"].as()); syslogFmt(boost::format("Changed root to directory '%s'") % g_vm["chroot"].as()); } @@ -282,8 +286,9 @@ try if(g_vm["daemon"].as()) { syslogFmt(boost::format("Daemonizing")); - daemonize(); + daemonize(null_fd); } + close(null_fd); syslogFmt(boost::format("Program operational")); @@ -309,20 +314,14 @@ catch(PDNSException& e) syslogFmt(boost::format("Fatal: %s") % e.reason); } -void daemonize(void) +void daemonize(int null_fd) { if(fork()) exit(0); // bye bye - - setsid(); - - int i=open("/dev/null",O_RDWR); /* open stdin */ - if(i < 0) - cerr<<"Unable to open /dev/null: "<