From owner-svn-src-all@FreeBSD.ORG Tue Jan 10 21:02:10 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 856F8106566C; Tue, 10 Jan 2012 21:02:10 +0000 (UTC) (envelope-from guy.helmer@palisadesystems.com) Received: from ps-1-a.compliancesafe.com (ps-1-a.compliancesafe.com [216.81.161.161]) by mx1.freebsd.org (Postfix) with ESMTP id 412BA8FC15; Tue, 10 Jan 2012 21:02:09 +0000 (UTC) Received: from mail.palisadesystems.com (localhost [127.0.0.1]) by ps-1-a.compliancesafe.com (8.14.4/8.14.3) with ESMTP id q0AL1p8k033851; Tue, 10 Jan 2012 15:01:51 -0600 (CST) (envelope-from guy.helmer@palisadesystems.com) Received: from guysmbp.dyn.palisadesys.com (GuysMBP.dyn.palisadesys.com [172.16.2.90]) (authenticated bits=0) by mail.palisadesystems.com (8.14.3/8.14.3) with ESMTP id q0AL1loY022008 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=NO); Tue, 10 Jan 2012 15:01:48 -0600 (CST) (envelope-from guy.helmer@palisadesystems.com) X-DKIM: Sendmail DKIM Filter v2.8.3 mail.palisadesystems.com q0AL1loY022008 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=palisadesystems.com; s=mail; t=1326229308; bh=ajo4+kp4np+e+ApwHz3GAzCSOst26ZNcXFEVSUiY/f8=; l=128; h=Subject:Mime-Version:Content-Type:From:In-Reply-To:Date:Cc: Content-Transfer-Encoding:Message-Id:References:To; b=nSx1VK/4V13AvyfDNEFOG4hZD9vAPbvlo5EM1kWd7E9uONg2Ppmb0zflake/y/Dvr bgvgSMTSaYGBQM/VFZIdpzSAAMNvApWYGY4HjaBKN6L6IhE4SpOQfaaqxLCnxlmXa+ 8vgMlvfqsR2zRCECvkfu8u3ahdu6YpjzeF/tb4e8= Mime-Version: 1.0 (Apple Message framework v1251.1) Content-Type: text/plain; charset=windows-1252 From: Guy Helmer In-Reply-To: Date: Tue, 10 Jan 2012 15:01:47 -0600 Content-Transfer-Encoding: quoted-printable Message-Id: References: <201201052248.q05MmaZk059871@svn.freebsd.org> <4F066340.9010507@FreeBSD.org> To: Garrett Cooper X-Mailer: Apple Mail (2.1251.1) X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.5 (mail.palisadesystems.com [172.16.1.5]); Tue, 10 Jan 2012 15:01:48 -0600 (CST) X-Palisade-MailScanner-Information: Please contact the ISP for more information X-Palisade-MailScanner-ID: q0AL1loY022008 X-Palisade-MailScanner: Found to be clean X-Palisade-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (score=-1.628, required 5, ALL_TRUSTED -1.00, BAYES_00 -1.90, RP_8BIT 1.27) X-Palisade-MailScanner-From: guy.helmer@palisadesystems.com X-Spam-Status: No X-PacketSure-Scanned: Yes Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, Doug Barton , src-committers@freebsd.org Subject: Re: svn commit: r229667 - head/usr.sbin/daemon X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jan 2012 21:02:10 -0000 On Jan 6, 2012, at 12:00 AM, Garrett Cooper wrote: > On Thu, Jan 5, 2012 at 6:58 PM, Doug Barton wrote: >> On 01/05/2012 14:48, Guy Helmer wrote: >>> Allow daemon(8) to run pidfile_open() before relenquishing = privileges >>> so pid files can be written in /var/run when started as root. >>=20 >> I'm not sure how useful this is since when daemon is exiting it won't = be >> able to remove the pid file (unless I'm missing something). >>=20 >> Isn't it better to pre-create the pid file with the proper = permissions >> for the unprivileged user? >=20 > As another aside, the file descriptor never has fcntl(, > FD_CLOEXEC) run on it, so it leaks the file descriptors across execs.. > that's not good... I just added an fcntl(=85, FD_CLOEXEC) call to pidfile_open() so this = particular problem should be resolved. Guy= -------- This message has been scanned by ComplianceSafe, powered by Palisade's PacketSure.