dovecot-2.0-sslstream: Fixed login processes' core dump handling.
dovecot at dovecot.org
dovecot at dovecot.org
Sat Feb 13 02:55:19 EET 2010
details: http://hg.dovecot.org/dovecot-2.0-sslstream/rev/50db5e7bddd9
changeset: 10117:50db5e7bddd9
user: Timo Sirainen <tss at iki.fi>
date: Tue Oct 20 19:41:50 2009 -0400
description:
Fixed login processes' core dump handling.
diffstat:
4 files changed, 28 insertions(+), 6 deletions(-)
src/login-common/main.c | 9 ++++++---
src/master/master-settings.c | 17 +++++++++++++++--
src/master/master-settings.h | 1 +
src/master/service-process.c | 7 ++++++-
diffs (122 lines):
diff -r 7df7b68ad503 -r 50db5e7bddd9 src/login-common/main.c
--- a/src/login-common/main.c Tue Oct 20 19:40:52 2009 -0400
+++ b/src/login-common/main.c Tue Oct 20 19:41:50 2009 -0400
@@ -93,7 +93,7 @@ static int anvil_connect(void)
return fd;
}
-static void main_preinit(void)
+static void main_preinit(bool allow_core_dumps)
{
unsigned int max_fds;
@@ -125,6 +125,8 @@ static void main_preinit(void)
anvil_fd = anvil_connect();
restrict_access_by_env(NULL, TRUE);
+ if (allow_core_dumps)
+ restrict_access_allow_coredumps(TRUE);
}
static void main_init(void)
@@ -171,6 +173,7 @@ int main(int argc, char *argv[], char *e
MASTER_SERVICE_FLAG_TRACK_LOGIN_STATE;
const char *getopt_str;
pool_t set_pool;
+ bool allow_core_dumps = FALSE;
int c;
master_service = master_service_init(login_process_name, service_flags,
@@ -182,7 +185,7 @@ int main(int argc, char *argv[], char *e
while ((c = getopt(argc, argv, getopt_str)) > 0) {
switch (c) {
case 'D':
- restrict_access_allow_coredumps(TRUE);
+ allow_core_dumps = TRUE;
break;
case 'S':
ssl_connections = TRUE;
@@ -206,7 +209,7 @@ int main(int argc, char *argv[], char *e
/* main_preinit() needs to know the client limit, which is set by
this. so call it first. */
master_service_init_finish(master_service);
- main_preinit();
+ main_preinit(allow_core_dumps);
main_init();
master_service_run(master_service, client_connected);
diff -r 7df7b68ad503 -r 50db5e7bddd9 src/master/master-settings.c
--- a/src/master/master-settings.c Tue Oct 20 19:40:52 2009 -0400
+++ b/src/master/master-settings.c Tue Oct 20 19:41:50 2009 -0400
@@ -267,6 +267,18 @@ static bool master_settings_parse_type(s
return TRUE;
}
+static void service_set_login_dump_core(struct service_settings *set)
+{
+ const char *p;
+
+ if (set->parsed_type != SERVICE_TYPE_LOGIN)
+ return;
+
+ p = strstr(set->executable, " -D");
+ if (p != NULL && (p[3] == '\0' || p[3] == ' '))
+ set->login_dump_core = TRUE;
+}
+
static bool
master_settings_verify(void *_set, pool_t pool, const char **error_r)
{
@@ -311,6 +323,7 @@ master_settings_verify(void *_set, pool_
return FALSE;
}
}
+ service_set_login_dump_core(service);
}
for (i = 0; i < count; i++) {
struct service_settings *service = services[i];
@@ -361,8 +374,8 @@ login_want_core_dumps(const struct maste
services = array_get(&set->services, &count);
for (i = 0; i < count; i++) {
- if (strcmp(services[i]->type, "login") == 0) {
- if (strstr(services[i]->executable, " -D") != NULL)
+ if (services[i]->parsed_type == SERVICE_TYPE_LOGIN) {
+ if (services[i]->login_dump_core)
cores = TRUE;
(void)get_uidgid(services[i]->user, &uid, gid_r, &error);
if (*services[i]->group != '\0')
diff -r 7df7b68ad503 -r 50db5e7bddd9 src/master/master-settings.h
--- a/src/master/master-settings.h Tue Oct 20 19:40:52 2009 -0400
+++ b/src/master/master-settings.h Tue Oct 20 19:41:50 2009 -0400
@@ -51,6 +51,7 @@ struct service_settings {
ARRAY_DEFINE(inet_listeners, struct inet_listener_settings *);
enum service_type parsed_type;
+ unsigned int login_dump_core:1;
};
struct master_settings {
diff -r 7df7b68ad503 -r 50db5e7bddd9 src/master/service-process.c
--- a/src/master/service-process.c Tue Oct 20 19:40:52 2009 -0400
+++ b/src/master/service-process.c Tue Oct 20 19:41:50 2009 -0400
@@ -382,13 +382,18 @@ static void log_coredump(struct service
return;
}
-#ifdef HAVE_PR_SET_DUMPABLE
+#ifndef HAVE_PR_SET_DUMPABLE
if (!service->set->drop_priv_before_exec) {
str_append(str, " (core not dumped - set drop_priv_before_exec=yes)");
return;
}
if (*service->set->privileged_group != '\0') {
str_append(str, " (core not dumped - privileged_group prevented it)");
+ return;
+ }
+#else
+ if (!service->set->login_dump_core) {
+ str_append(str, " (core not dumped - add -D parameter to service executable");
return;
}
#endif
More information about the dovecot-cvs
mailing list