1 files changed, 29 insertions, 26 deletions
diff --git a/jaildaemon.c b/jaildaemon.c
index 1c6a86f..1c459c4 100644
--- a/jaildaemon.c
+++ b/jaildaemon.c
@@ -286,7 +286,6 @@ static int add_task_to_kqueue( int kq, daemon_task * t_in ) {
    struct kevent ke;
    daemon_task * t;
    pid_t pid;
-    size_t i;
    if( check_for_jail( t_in->m_jid ) ) {
        syslog( LOG_ERR, "Invalid jail id: %d", t_in->m_jid );
@@ -314,34 +313,38 @@ static int add_task_to_kqueue( int kq, daemon_task * t_in ) {
    /* Expect reply from fork slave */
    pid = *(pid_t*)g_ipc_packet;
-    /* Account for new pid */
+   /* Associate pid with command line to execute and add to our kqueue */
-    for( i = 0; i < g_probes_size; ++i )
+    memset( &ke, 0, sizeof ke );
-        if( !g_probes[i] ) {
+    EV_SET( &ke, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, t );
-            g_probes[i] = pid;
+    if( kevent( kq, &ke, 1, NULL, 0, NULL ) == 0 ) {
-            break;
+        size_t i;
-        }
+        /* Account for new pid */
+        for( i = 0; i < g_probes_size; ++i )
+            if( !g_probes[i] ) {
+                g_probes[i] = pid;
+                return 0;
+            }
-    /* No space for pid entry => make room */
+        /* No space for pid entry => make room */
-    if( i == g_probes_size ) {
+        if( i == g_probes_size ) {
-        size_t bytes = sizeof(pid_t) * g_probes_size;
+            size_t bytes = sizeof(pid_t) * g_probes_size;
-        pid_t *probes = realloc( g_probes, 4 * bytes );
+            pid_t *probes = realloc( g_probes, 4 * bytes );
-        /* If we can not allocate memory, just ignore. Worst case is a defunct
+            if( probes ) {
-           probe process in the jail once the daemon dies. Probably the probe
+                /* Erase new memory */
-           will be killed anyway when the kevent below fails, too. */
+                memset( probes +  g_probes_size, 0, 3 * bytes );
-        if( probes ) {
+                probes[g_probes_size] = pid;
-            /* Erase new memory */
+                g_probes_size *= 4;
-            memset( probes +  g_probes_size, 0, 3 * bytes );
+                g_probes = probes;
-            probes[g_probes_size] = pid;
+                return 0;
-            g_probes_size *= 4;
+            }
-            g_probes = probes;
        }
-    }
-    /* Associate pid with command line to execute and add to our kqueue */
+        /* If we added a kevent filter but failed to store the pid for our
-    memset( &ke, 0, sizeof ke );
+           house keeping, remove the kqueuei filter again (and kill probe) */
-    EV_SET( &ke, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, t );
+        EV_SET( &ke, pid, EVFILT_PROC, EV_DELETE, NOTE_EXIT, 0, t );
-    if( kevent( kq, &ke, 1, NULL, 0, NULL ) == 0 )
+        kevent( kq, &ke, 1, NULL, 0, NULL );
-        return 0;
+    }
    /* Avoid an unused task in the jail. Kill it. */
    warn( "Can not put pid on the kqueue. Killing task." );

diff --git a/jaildaemon.c b/jaildaemon.c index 1c6a86f..1c459c4 100644 --- a/jaildaemon.c +++ b/jaildaemon.c
@@ -286,7 +286,6 @@ static int add_task_to_kqueue( int kq, daemon_task * t_in ) {
286	struct kevent ke;	286	struct kevent ke;
287	daemon_task * t;	287	daemon_task * t;
288	pid_t pid;	288	pid_t pid;
289	size_t i;
290		289
291	if( check_for_jail( t_in->m_jid ) ) {	290	if( check_for_jail( t_in->m_jid ) ) {
292	syslog( LOG_ERR, "Invalid jail id: %d", t_in->m_jid );	291	syslog( LOG_ERR, "Invalid jail id: %d", t_in->m_jid );
@@ -314,34 +313,38 @@ static int add_task_to_kqueue( int kq, daemon_task * t_in ) {
314	/* Expect reply from fork slave */	313	/* Expect reply from fork slave */
315	pid = (pid_t)g_ipc_packet;	314	pid = (pid_t)g_ipc_packet;
316		315
317	/* Account for new pid */	316	/* Associate pid with command line to execute and add to our kqueue */
318	for( i = 0; i < g_probes_size; ++i )	317	memset( &ke, 0, sizeof ke );
319	if( !g_probes[i] ) {	318	EV_SET( &ke, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, t );
320	g_probes[i] = pid;	319	if( kevent( kq, &ke, 1, NULL, 0, NULL ) == 0 ) {
321	break;	320	size_t i;
322	}	321
		322	/* Account for new pid */
		323	for( i = 0; i < g_probes_size; ++i )
		324	if( !g_probes[i] ) {
		325	g_probes[i] = pid;
		326	return 0;
		327	}
323		328
324	/* No space for pid entry => make room */	329	/* No space for pid entry => make room */
325	if( i == g_probes_size ) {	330	if( i == g_probes_size ) {
326	size_t bytes = sizeof(pid_t) * g_probes_size;	331	size_t bytes = sizeof(pid_t) * g_probes_size;
327	pid_t probes = realloc( g_probes, 4 bytes );	332	pid_t probes = realloc( g_probes, 4 bytes );
328	/* If we can not allocate memory, just ignore. Worst case is a defunct	333	if( probes ) {
329	probe process in the jail once the daemon dies. Probably the probe	334	/* Erase new memory */
330	will be killed anyway when the kevent below fails, too. */	335	memset( probes + g_probes_size, 0, 3 * bytes );
331	if( probes ) {	336	probes[g_probes_size] = pid;
332	/* Erase new memory */	337	g_probes_size *= 4;
333	memset( probes + g_probes_size, 0, 3 * bytes );	338	g_probes = probes;
334	probes[g_probes_size] = pid;	339	return 0;
335	g_probes_size *= 4;	340	}
336	g_probes = probes;
337	}	341	}
338	}
339		342
340	/* Associate pid with command line to execute and add to our kqueue */	343	/* If we added a kevent filter but failed to store the pid for our
341	memset( &ke, 0, sizeof ke );	344	house keeping, remove the kqueuei filter again (and kill probe) */
342	EV_SET( &ke, pid, EVFILT_PROC, EV_ADD, NOTE_EXIT, 0, t );	345	EV_SET( &ke, pid, EVFILT_PROC, EV_DELETE, NOTE_EXIT, 0, t );
343	if( kevent( kq, &ke, 1, NULL, 0, NULL ) == 0 )	346	kevent( kq, &ke, 1, NULL, 0, NULL );
344	return 0;	347	}
345		348
346	/* Avoid an unused task in the jail. Kill it. */	349	/* Avoid an unused task in the jail. Kill it. */
347	warn( "Can not put pid on the kqueue. Killing task." );	350	warn( "Can not put pid on the kqueue. Killing task." );