/mandos/release

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/release

« back to all changes in this revision

Viewing changes to plugins.d/splashy.c

* plugins.d/mandos-client.c (main): Bug fix: Check result of setgid().
                                    Bug fix: If taking down network
                                    interface, do not drop privileges
                                    completely; save them and reassert
                                    privileges when needed.

Show diffs side-by-side

added added

removed removed

Lines of Context:
172
172
      new_action = { .sa_handler = termination_handler,
173
173
                     .sa_flags = 0 };
174
174
    sigemptyset(&new_action.sa_mask);
175
 
    ret = sigaddset(&new_action.sa_mask, SIGINT);
176
 
    if(ret == -1){
177
 
      perror("sigaddset");
178
 
      goto failure;
179
 
    }
180
 
    ret = sigaddset(&new_action.sa_mask, SIGHUP);
181
 
    if(ret == -1){
182
 
      perror("sigaddset");
183
 
      goto failure;
184
 
    }
185
 
    ret = sigaddset(&new_action.sa_mask, SIGTERM);
 
175
    sigaddset(&new_action.sa_mask, SIGINT);
 
176
    if(ret == -1){
 
177
      perror("sigaddset");
 
178
      goto failure;
 
179
    }
 
180
    sigaddset(&new_action.sa_mask, SIGHUP);
 
181
    if(ret == -1){
 
182
      perror("sigaddset");
 
183
      goto failure;
 
184
    }
 
185
    sigaddset(&new_action.sa_mask, SIGTERM);
186
186
    if(ret == -1){
187
187
      perror("sigaddset");
188
188
      goto failure;
298
298
      TEMP_FAILURE_RETRY(kill(splashy_pid, SIGKILL));
299
299
      sleep(1);
300
300
    }
301
 
    pid_t new_splashy_pid = (pid_t)TEMP_FAILURE_RETRY(fork());
 
301
    pid_t new_splashy_pid = TEMP_FAILURE_RETRY(fork());
302
302
    if(new_splashy_pid == 0){
303
303
      /* Child; will become new splashy process */
304
304
      
333
333
    struct sigaction signal_action;
334
334
    sigemptyset(&signal_action.sa_mask);
335
335
    signal_action.sa_handler = SIG_DFL;
336
 
    ret = (int)TEMP_FAILURE_RETRY(sigaction(signal_received,
337
 
                                            &signal_action, NULL));
 
336
    ret = TEMP_FAILURE_RETRY(sigaction(signal_received,
 
337
                                       &signal_action, NULL));
338
338
    if(ret == -1){
339
339
      perror("sigaction");
340
340
    }