dovecot-2.0-sslstream: Fixed login processes' core dump handling.

dovecot at dovecot.org dovecot at dovecot.org
Sat Feb 13 02:55:19 EET 2010


details:   http://hg.dovecot.org/dovecot-2.0-sslstream/rev/50db5e7bddd9
changeset: 10117:50db5e7bddd9
user:      Timo Sirainen <tss at iki.fi>
date:      Tue Oct 20 19:41:50 2009 -0400
description:
Fixed login processes' core dump handling.

diffstat:

4 files changed, 28 insertions(+), 6 deletions(-)
src/login-common/main.c      |    9 ++++++---
src/master/master-settings.c |   17 +++++++++++++++--
src/master/master-settings.h |    1 +
src/master/service-process.c |    7 ++++++-

diffs (122 lines):

diff -r 7df7b68ad503 -r 50db5e7bddd9 src/login-common/main.c
--- a/src/login-common/main.c	Tue Oct 20 19:40:52 2009 -0400
+++ b/src/login-common/main.c	Tue Oct 20 19:41:50 2009 -0400
@@ -93,7 +93,7 @@ static int anvil_connect(void)
 	return fd;
 }
 
-static void main_preinit(void)
+static void main_preinit(bool allow_core_dumps)
 {
 	unsigned int max_fds;
 
@@ -125,6 +125,8 @@ static void main_preinit(void)
 		anvil_fd = anvil_connect();
 
 	restrict_access_by_env(NULL, TRUE);
+	if (allow_core_dumps)
+		restrict_access_allow_coredumps(TRUE);
 }
 
 static void main_init(void)
@@ -171,6 +173,7 @@ int main(int argc, char *argv[], char *e
 		MASTER_SERVICE_FLAG_TRACK_LOGIN_STATE;
 	const char *getopt_str;
 	pool_t set_pool;
+	bool allow_core_dumps = FALSE;
 	int c;
 
 	master_service = master_service_init(login_process_name, service_flags,
@@ -182,7 +185,7 @@ int main(int argc, char *argv[], char *e
 	while ((c = getopt(argc, argv, getopt_str)) > 0) {
 		switch (c) {
 		case 'D':
-			restrict_access_allow_coredumps(TRUE);
+			allow_core_dumps = TRUE;
 			break;
 		case 'S':
 			ssl_connections = TRUE;
@@ -206,7 +209,7 @@ int main(int argc, char *argv[], char *e
 	/* main_preinit() needs to know the client limit, which is set by
 	   this. so call it first. */
 	master_service_init_finish(master_service);
-	main_preinit();
+	main_preinit(allow_core_dumps);
 	main_init();
 
 	master_service_run(master_service, client_connected);
diff -r 7df7b68ad503 -r 50db5e7bddd9 src/master/master-settings.c
--- a/src/master/master-settings.c	Tue Oct 20 19:40:52 2009 -0400
+++ b/src/master/master-settings.c	Tue Oct 20 19:41:50 2009 -0400
@@ -267,6 +267,18 @@ static bool master_settings_parse_type(s
 	return TRUE;
 }
 
+static void service_set_login_dump_core(struct service_settings *set)
+{
+	const char *p;
+
+	if (set->parsed_type != SERVICE_TYPE_LOGIN)
+		return;
+
+	p = strstr(set->executable, " -D");
+	if (p != NULL && (p[3] == '\0' || p[3] == ' '))
+		set->login_dump_core = TRUE;
+}
+
 static bool
 master_settings_verify(void *_set, pool_t pool, const char **error_r)
 {
@@ -311,6 +323,7 @@ master_settings_verify(void *_set, pool_
 				return FALSE;
 			}
 		}
+		service_set_login_dump_core(service);
 	}
 	for (i = 0; i < count; i++) {
 		struct service_settings *service = services[i];
@@ -361,8 +374,8 @@ login_want_core_dumps(const struct maste
 
 	services = array_get(&set->services, &count);
 	for (i = 0; i < count; i++) {
-		if (strcmp(services[i]->type, "login") == 0) {
-			if (strstr(services[i]->executable, " -D") != NULL)
+		if (services[i]->parsed_type == SERVICE_TYPE_LOGIN) {
+			if (services[i]->login_dump_core)
 				cores = TRUE;
 			(void)get_uidgid(services[i]->user, &uid, gid_r, &error);
 			if (*services[i]->group != '\0')
diff -r 7df7b68ad503 -r 50db5e7bddd9 src/master/master-settings.h
--- a/src/master/master-settings.h	Tue Oct 20 19:40:52 2009 -0400
+++ b/src/master/master-settings.h	Tue Oct 20 19:41:50 2009 -0400
@@ -51,6 +51,7 @@ struct service_settings {
 	ARRAY_DEFINE(inet_listeners, struct inet_listener_settings *);
 
 	enum service_type parsed_type;
+	unsigned int login_dump_core:1;
 };
 
 struct master_settings {
diff -r 7df7b68ad503 -r 50db5e7bddd9 src/master/service-process.c
--- a/src/master/service-process.c	Tue Oct 20 19:40:52 2009 -0400
+++ b/src/master/service-process.c	Tue Oct 20 19:41:50 2009 -0400
@@ -382,13 +382,18 @@ static void log_coredump(struct service 
 		return;
 	}
 
-#ifdef HAVE_PR_SET_DUMPABLE
+#ifndef HAVE_PR_SET_DUMPABLE
 	if (!service->set->drop_priv_before_exec) {
 		str_append(str, " (core not dumped - set drop_priv_before_exec=yes)");
 		return;
 	}
 	if (*service->set->privileged_group != '\0') {
 		str_append(str, " (core not dumped - privileged_group prevented it)");
+		return;
+	}
+#else
+	if (!service->set->login_dump_core) {
+		str_append(str, " (core not dumped - add -D parameter to service executable");
 		return;
 	}
 #endif


More information about the dovecot-cvs mailing list