/mandos/trunk

To get this branch, use:
bzr branch http://bzr.recompile.se/loggerhead/mandos/trunk

« back to all changes in this revision

Viewing changes to plugins.d/mandos-client.c

  • Committer: Teddy Hogeborn
  • Date: 2019-07-26 00:44:35 UTC
  • Revision ID: teddy@recompile.se-20190726004435-rjfm7bfnylqteesf
Remove unused lintian override for Debian package

* debian/mandos.lintian-overrides
  (init.d-script-needs-depends-on-lsb-base): Remove.

Show diffs side-by-side

added added

removed removed

Lines of Context:
9
9
 * "browse_callback", and parts of "main".
10
10
 * 
11
11
 * Everything else is
12
 
 * Copyright © 2008-2020 Teddy Hogeborn
13
 
 * Copyright © 2008-2020 Björn Påhlsson
 
12
 * Copyright © 2008-2019 Teddy Hogeborn
 
13
 * Copyright © 2008-2019 Björn Påhlsson
14
14
 * 
15
15
 * This file is part of Mandos.
16
16
 * 
80
80
#include <unistd.h>             /* close(), SEEK_SET, off_t, write(),
81
81
                                   getuid(), getgid(), seteuid(),
82
82
                                   setgid(), pause(), _exit(),
83
 
                                   unlinkat(), lstat(), symlink() */
 
83
                                   unlinkat() */
84
84
#include <arpa/inet.h>          /* inet_pton(), htons() */
85
85
#include <iso646.h>             /* not, or, and */
86
86
#include <argp.h>               /* struct argp_option, error_t, struct
396
396
        fprintf_plus(stderr,
397
397
                     "Setting system clock to key file mtime");
398
398
      }
399
 
      if(clock_settime(CLOCK_REALTIME, &keystat.st_mtim) != 0){
400
 
        perror_plus("clock_settime");
 
399
      time_t keytime = keystat.st_mtim.tv_sec;
 
400
      if(stime(&keytime) != 0){
 
401
        perror_plus("stime");
401
402
      }
402
403
      ret = lower_privileges();
403
404
      if(ret != 0){
1073
1074
      ret = setgid(0);
1074
1075
      if(ret == -1){
1075
1076
        perror_plus("setgid");
1076
 
        close(devnull);
1077
1077
        _exit(EX_NOPERM);
1078
1078
      }
1079
1079
      /* Reset supplementary groups */
1081
1081
      ret = setgroups(0, NULL);
1082
1082
      if(ret == -1){
1083
1083
        perror_plus("setgroups");
1084
 
        close(devnull);
1085
1084
        _exit(EX_NOPERM);
1086
1085
      }
1087
1086
    }
1088
1087
    ret = dup2(devnull, STDIN_FILENO);
1089
1088
    if(ret == -1){
1090
1089
      perror_plus("dup2(devnull, STDIN_FILENO)");
1091
 
      close(devnull);
1092
1090
      _exit(EX_OSERR);
1093
1091
    }
1094
1092
    ret = close(devnull);
1095
1093
    if(ret == -1){
1096
1094
      perror_plus("close");
 
1095
      _exit(EX_OSERR);
1097
1096
    }
1098
1097
    ret = dup2(STDERR_FILENO, STDOUT_FILENO);
1099
1098
    if(ret == -1){
1134
1133
  }
1135
1134
  if(pid == -1){
1136
1135
    perror_plus("fork");
1137
 
    close(devnull);
1138
1136
    return false;
1139
1137
  }
1140
 
  ret = close(devnull);
1141
 
  if(ret == -1){
1142
 
    perror_plus("close");
1143
 
  }
1144
1138
  int status;
1145
1139
  pid_t pret = -1;
1146
1140
  errno = 0;
2715
2709
  }
2716
2710
  
2717
2711
  {
 
2712
    /* Work around Debian bug #633582:
 
2713
       <https://bugs.debian.org/633582> */
 
2714
    
2718
2715
    /* Re-raise privileges */
2719
2716
    ret = raise_privileges();
2720
2717
    if(ret != 0){
2723
2720
    } else {
2724
2721
      struct stat st;
2725
2722
      
2726
 
      /* Work around Debian bug #633582:
2727
 
         <https://bugs.debian.org/633582> */
2728
 
 
2729
2723
      if(strcmp(seckey, PATHDIR "/" SECKEY) == 0){
2730
2724
        int seckey_fd = open(seckey, O_RDONLY);
2731
2725
        if(seckey_fd == -1){
2790
2784
        }
2791
2785
      }
2792
2786
      
2793
 
      /* Work around Debian bug #981302
2794
 
         <https://bugs.debian.org/981302> */
2795
 
      if(lstat("/dev/fd", &st) != 0 and errno == ENOENT){
2796
 
        ret = symlink("/proc/self/fd", "/dev/fd");
2797
 
        if(ret == -1){
2798
 
          perror_plus("Failed to create /dev/fd symlink");
2799
 
        }
2800
 
      }
2801
 
 
2802
2787
      /* Lower privileges */
2803
2788
      ret = lower_privileges();
2804
2789
      if(ret != 0){