# HG changeset patch # User Timo Sirainen # Date 1238604497 14400 # Node ID 774b0e8138bd5b755047d8e8b573f7bf2ab67f83 # Parent 709128511fd5be5416ca5a4afbeced8af1063161 Call closelog() before dup2()ing fds. diff -r 709128511fd5 -r 774b0e8138bd src/master/auth-process.c --- a/src/master/auth-process.c Wed Apr 01 11:42:56 2009 -0400 +++ b/src/master/auth-process.c Wed Apr 01 12:48:17 2009 -0400 @@ -576,6 +576,10 @@ (void)close(fd[0]); (void)close(fd[1]); + /* make sure we don't leak syslog fd. try to do it as late as possible, + but also before dup2()s in case syslog fd is one of them. */ + closelog(); + /* set stdout to /dev/null, so anything written into it gets ignored. */ if (dup2(null_fd, 1) < 0) i_fatal("dup2(stdout) failed: %m"); @@ -603,10 +607,6 @@ env_put(t_strdup_printf("AUTH_WORKER_MAX_COUNT=%u", group->set->worker_max_count)); - /* make sure we don't leak syslog fd, but do it last so that - any errors above will be logged */ - closelog(); - executable = group->set->executable; client_process_exec(executable, ""); i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", executable); @@ -649,6 +649,10 @@ process->group->set->name); log_set_prefix(log, prefix); + /* make sure we don't leak syslog fd. try to do it as late as possible, + but also before dup2()s in case syslog fd is one of them. */ + closelog(); + /* set stdin and stdout to /dev/null, so anything written into it gets ignored. */ if (dup2(null_fd, 0) < 0) @@ -669,10 +673,6 @@ child_process_init_env(); auth_set_environment(process->group->set); - /* make sure we don't leak syslog fd, but do it last so that - any errors above will be logged */ - closelog(); - executable = t_strconcat(process->group->set->executable, " -w", NULL); client_process_exec(executable, ""); i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", executable); diff -r 709128511fd5 -r 774b0e8138bd src/master/dict-process.c --- a/src/master/dict-process.c Wed Apr 01 11:42:56 2009 -0400 +++ b/src/master/dict-process.c Wed Apr 01 12:48:17 2009 -0400 @@ -78,6 +78,10 @@ } log_set_prefix(log, "master-dict: "); + /* make sure we don't leak syslog fd. try to do it as late as possible, + but also before dup2()s in case syslog fd is one of them. */ + closelog(); + /* set stdin and stdout to /dev/null, so anything written into it gets ignored. */ if (dup2(null_fd, 0) < 0) @@ -109,10 +113,6 @@ for (i = 0; i < count; i += 2) env_put(t_strdup_printf("DICT_%s=%s", dicts[i], dicts[i+1])); - /* make sure we don't leak syslog fd, but do it last so that - any errors above will be logged */ - closelog(); - executable = PKG_LIBEXECDIR"/dict"; client_process_exec(executable, ""); i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", executable); diff -r 709128511fd5 -r 774b0e8138bd src/master/login-process.c --- a/src/master/login-process.c Wed Apr 01 11:42:56 2009 -0400 +++ b/src/master/login-process.c Wed Apr 01 12:48:17 2009 -0400 @@ -707,6 +707,10 @@ dup2_append(&dups, listens[i].fd, cur_fd); } + /* make sure we don't leak syslog fd. try to do it as late as possible, + but also before dup2()s in case syslog fd is one of them. */ + closelog(); + if (dup2_array(&dups) < 0) i_fatal("Failed to dup2() fds"); @@ -724,10 +728,6 @@ restrict_process_size(group->set->login_process_size, (unsigned int)-1); - /* make sure we don't leak syslog fd, but do it last so that - any errors above will be logged */ - closelog(); - client_process_exec(group->set->login_executable, ""); i_fatal_status(FATAL_EXEC, "execv(%s) failed: %m", group->set->login_executable); diff -r 709128511fd5 -r 774b0e8138bd src/master/mail-process.c --- a/src/master/mail-process.c Wed Apr 01 11:42:56 2009 -0400 +++ b/src/master/mail-process.c Wed Apr 01 12:48:17 2009 -0400 @@ -758,17 +758,6 @@ child_process_init_env(); - /* move the client socket into stdin and stdout fds, log to stderr */ - if (dup2(dump_capability ? null_fd : request->fd, 0) < 0) - i_fatal("dup2(stdin) failed: %m"); - if (dup2(request->fd, 1) < 0) - i_fatal("dup2(stdout) failed: %m"); - if (dup2(log_fd, 2) < 0) - i_fatal("dup2(stderr) failed: %m"); - - for (i = 0; i < 3; i++) - fd_close_on_exec(i, FALSE); - /* setup environment - set the most important environment first (paranoia about filling up environment without noticing) */ restrict_access_set_env(system_groups_user, uid, gid, @@ -900,10 +889,21 @@ i_snprintf(title, sizeof(title), "[%s %s]", user, addr); } - /* make sure we don't leak syslog fd, but do it last so that - any errors above will be logged */ + /* make sure we don't leak syslog fd. try to do it as late as possible, + but also before dup2()s in case syslog fd is one of them. */ closelog(); + /* move the client socket into stdin and stdout fds, log to stderr */ + if (dup2(dump_capability ? null_fd : request->fd, 0) < 0) + i_fatal("dup2(stdin) failed: %m"); + if (dup2(request->fd, 1) < 0) + i_fatal("dup2(stdout) failed: %m"); + if (dup2(log_fd, 2) < 0) + i_fatal("dup2(stderr) failed: %m"); + + for (i = 0; i < 3; i++) + fd_close_on_exec(i, FALSE); + if (set->mail_drop_priv_before_exec) { restrict_access_by_env(TRUE); /* privileged GID is now only in saved-GID. if we want to