diff options
-rw-r--r-- | jaildaemon.c | 33 |
1 files changed, 12 insertions, 21 deletions
diff --git a/jaildaemon.c b/jaildaemon.c index 3ae8612..7dad058 100644 --- a/jaildaemon.c +++ b/jaildaemon.c | |||
@@ -36,7 +36,6 @@ typedef struct { | |||
36 | } daemon_task; | 36 | } daemon_task; |
37 | 37 | ||
38 | /* Forward declarations */ | 38 | /* Forward declarations */ |
39 | static void signal_handler( int signal ); | ||
40 | static void term_handler( int signal ); | 39 | static void term_handler( int signal ); |
41 | static void kill_all_probes( void ); | 40 | static void kill_all_probes( void ); |
42 | static int check_for_jail( int jid ); | 41 | static int check_for_jail( int jid ); |
@@ -49,14 +48,8 @@ static void exerr( char * message ); | |||
49 | static void warn( char * message ); | 48 | static void warn( char * message ); |
50 | static void usage( char * command ); | 49 | static void usage( char * command ); |
51 | 50 | ||
52 | /* This is the handler installed in the jailed process. It will exit with the | 51 | /* This handler ensures that we clean up our probes if asked to terminate |
53 | proper exit code to make the host system daemon recognize the process has | 52 | gracefully */ |
54 | deliberately killed itself and was not just shutdown with the jail */ | ||
55 | static void signal_handler( int signal ) { | ||
56 | if( signal == SIGHUP ) | ||
57 | _exit( MAGIC_EXIT_CODE ); | ||
58 | } | ||
59 | |||
60 | static void term_handler( int signal ) { | 53 | static void term_handler( int signal ) { |
61 | if( signal == SIGTERM ) | 54 | if( signal == SIGTERM ) |
62 | exit(0); | 55 | exit(0); |
@@ -174,28 +167,27 @@ static int check_for_jail( int jid ) { | |||
174 | } | 167 | } |
175 | 168 | ||
176 | static pid_t fork_and_jail( int jid, char * proctitle ) { | 169 | static pid_t fork_and_jail( int jid, char * proctitle ) { |
170 | int sig; | ||
177 | pid_t pid = fork(); | 171 | pid_t pid = fork(); |
178 | if( !pid ) { | 172 | if( !pid ) { |
179 | struct sigaction sa; | 173 | sigset_t sigset; |
180 | 174 | ||
181 | /* Set proctitle so that jail's pgrep -f can identify the process */ | 175 | /* Set proctitle so that jail's pgrep -f can identify the process */ |
182 | if( proctitle && *proctitle ) | 176 | if( proctitle && *proctitle ) |
183 | setproctitle( "%s", proctitle ); | 177 | setproctitle( "%s", proctitle ); |
184 | 178 | ||
185 | /* Setup signal handler for SIGHUP */ | ||
186 | sa.sa_handler = signal_handler; | ||
187 | sigemptyset(&sa.sa_mask); | ||
188 | sa.sa_flags = SA_RESTART; | ||
189 | if( sigaction(SIGHUP, &sa, NULL) == -1 ) | ||
190 | exerr( "when install signal handler" ); | ||
191 | |||
192 | /* Throw ourself into the jail */ | 179 | /* Throw ourself into the jail */ |
193 | if( jail_attach( jid ) ) | 180 | if( jail_attach( jid ) ) |
194 | exerr( "when attaching to jail" ); | 181 | exerr( "when attaching to jail" ); |
195 | 182 | ||
196 | /* Spin and wait for SIGHUP */ | 183 | /* wait for SIGHUP */ |
197 | while( 1 ) | 184 | sigemptyset(&sigset); |
198 | sleep(32); | 185 | sigaddset(&sigset, SIGHUP); |
186 | sigprocmask(SIG_BLOCK, &sigset, NULL); | ||
187 | while( !sigwait( &sigset, &sig ) ) | ||
188 | if( sig == SIGHUP ) | ||
189 | exit( MAGIC_EXIT_CODE ); | ||
190 | exit(0); | ||
199 | } | 191 | } |
200 | return pid; | 192 | return pid; |
201 | } | 193 | } |
@@ -281,7 +273,6 @@ static void fork_and_execve( int kq, daemon_task * t_in ) { | |||
281 | 273 | ||
282 | static void kill_all_probes( void ) { | 274 | static void kill_all_probes( void ) { |
283 | size_t i; | 275 | size_t i; |
284 | syslog( LOG_ERR, "KILLING PROBES" ); | ||
285 | if( g_probes ) | 276 | if( g_probes ) |
286 | for( i = 0; i < g_probes_size; ++i ) | 277 | for( i = 0; i < g_probes_size; ++i ) |
287 | if( g_probes[i] ) | 278 | if( g_probes[i] ) |