Date: Tue, 10 Jan 2012 15:01:47 -0600 From: Guy Helmer <guy.helmer@palisadesystems.com> To: Garrett Cooper <yanegomi@gmail.com> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, Doug Barton <dougb@freebsd.org>, src-committers@freebsd.org Subject: Re: svn commit: r229667 - head/usr.sbin/daemon Message-ID: <A08A0A4F-1002-4441-858F-3DD3C699B9E9@palisadesystems.com> In-Reply-To: <CAGH67wQueBvWCHoabO8m79jAzds%2ButaZDPLjX4VAO1iYBaiy-Q@mail.gmail.com> References: <201201052248.q05MmaZk059871@svn.freebsd.org> <4F066340.9010507@FreeBSD.org> <CAGH67wQueBvWCHoabO8m79jAzds%2ButaZDPLjX4VAO1iYBaiy-Q@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Jan 6, 2012, at 12:00 AM, Garrett Cooper wrote: > On Thu, Jan 5, 2012 at 6:58 PM, Doug Barton <dougb@freebsd.org> wrote: >> On 01/05/2012 14:48, Guy Helmer wrote: >>> Allow daemon(8) to run pidfile_open() before relenquishing = privileges >>> so pid files can be written in /var/run when started as root. >>=20 >> I'm not sure how useful this is since when daemon is exiting it won't = be >> able to remove the pid file (unless I'm missing something). >>=20 >> Isn't it better to pre-create the pid file with the proper = permissions >> for the unprivileged user? >=20 > As another aside, the file descriptor never has fcntl(, > FD_CLOEXEC) run on it, so it leaks the file descriptors across execs.. > that's not good... I just added an fcntl(=85, FD_CLOEXEC) call to pidfile_open() so this = particular problem should be resolved. Guy= -------- This message has been scanned by ComplianceSafe, powered by Palisade's PacketSure.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?A08A0A4F-1002-4441-858F-3DD3C699B9E9>