diff options
| author | Renato Westphal <renato@opensourcerouting.org> | 2017-03-22 16:23:46 -0300 |
|---|---|---|
| committer | Renato Westphal <renato@opensourcerouting.org> | 2017-03-27 09:33:42 -0300 |
| commit | 83139e57e96493d00cf46c403845c45b6ef2a37c (patch) | |
| tree | 99179047af7bc7cd77bf33727258b4b24beff495 | |
| parent | ff991f6102785130fff8225c5afe7a676567771e (diff) | |
ldpd: drop privileges earlier in the parent process
This solves a bug where log files created with "log file" were being
created root-owned. So, inserting the "log file" command multiple times
with the same path would fail giving a permission denied error.
Also, rearrange the main() function to call start_child() as soon as
possible to avoid a bunch of unnecessary initializations in the forked
processes.
Signed-off-by: Renato Westphal <renato@opensourcerouting.org>
| -rw-r--r-- | ldpd/ldpd.c | 41 |
1 files changed, 19 insertions, 22 deletions
diff --git a/ldpd/ldpd.c b/ldpd/ldpd.c index 559a2474b3..f8218ec4da 100644 --- a/ldpd/ldpd.c +++ b/ldpd/ldpd.c @@ -264,31 +264,13 @@ main(int argc, char *argv[]) exit(1); } - openzlog(ldpd_di.progname, "LDP", 0, - LOG_CONS | LOG_NDELAY | LOG_PID, LOG_DAEMON); - if (lflag) lde(user, group, instance); else if (eflag) ldpe(user, group, ctl_sock_path); - master = thread_master_create(); - - cmd_init(1); - vty_config_lockless (); - vty_init(master); - vrf_init(); - access_list_init (); - ldp_vty_init(); - ldp_vty_if_init(); - - /* Get configuration file. */ - ldpd_conf = config_new_empty(); - ldp_config_reset_main(ldpd_conf, NULL); - - frr_config_fork(); - - QOBJ_REG (ldpd_conf, ldpd_conf); + openzlog(ldpd_di.progname, "LDP", 0, + LOG_CONS | LOG_NDELAY | LOG_PID, LOG_DAEMON); if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, pipe_parent2ldpe) == -1) fatal("socketpair"); @@ -329,9 +311,25 @@ main(int argc, char *argv[]) /* setup signal handler */ signal_init(master, array_size(ldp_signals), ldp_signals); + /* thread master */ + master = thread_master_create(); + /* library inits */ + cmd_init(1); + vty_config_lockless(); + vty_init(master); + vrf_init(); + access_list_init(); + ldp_vty_init(); + ldp_vty_if_init(); ldp_zebra_init(master); + /* Get configuration file. */ + ldpd_conf = config_new_empty(); + ldp_config_reset_main(ldpd_conf, NULL); + QOBJ_REG(ldpd_conf, ldpd_conf); + frr_config_fork(); + /* setup pipes to children */ if ((iev_ldpe = calloc(1, sizeof(struct imsgev))) == NULL || (iev_ldpe_sync = calloc(1, sizeof(struct imsgev))) == NULL || @@ -392,6 +390,7 @@ ldpd_shutdown(void) close(iev_lde->ibuf.fd); config_clear(ldpd_conf); + QOBJ_UNREG(ldpd_conf); log_debug("waiting for children to terminate"); do { @@ -1895,7 +1894,5 @@ config_clear(struct ldpd_conf *conf) xconf->trans_pref = conf->trans_pref; xconf->flags = conf->flags; merge_config(conf, xconf); - if (ldpd_process == PROC_MAIN) - QOBJ_UNREG (conf); free(conf); } |