diff options
| author |   bluhm <bluhm@openbsd.org> | 2018-04-26 13:40:09 +0000 |
|---|---|---|
| committer | bluhm <bluhm@openbsd.org> | 2018-04-26 13:40:09 +0000 |
| commit | f22826eafd507a1e5ba6644ed214e951aebb008b (patch) | |
| tree | 0a0f8641fb15c52cfaae0508dcb15e56ff6b66e0 /usr.sbin/syslogd | |
| parent | Minimal macro cleanup. (diff) | |
| download | wireguard-openbsd-f22826eafd507a1e5ba6644ed214e951aebb008b.tar.xz wireguard-openbsd-f22826eafd507a1e5ba6644ed214e951aebb008b.zip | |
Globally remember the passwd entry for _syslogd. The user id is
used for opening the pipe process. Move the getpwnam() lookup out
of the privsep parent loop, so it does not need "getpw" pledge
anymore.
OK deraadt@
Diffstat (limited to 'usr.sbin/syslogd')
| -rw-r--r-- | usr.sbin/syslogd/privsep.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/usr.sbin/syslogd/privsep.c b/usr.sbin/syslogd/privsep.c index b27acade6bf..755b1f15b7e 100644 --- a/usr.sbin/syslogd/privsep.c +++ b/usr.sbin/syslogd/privsep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: privsep.c,v 1.67 2017/04/05 11:31:45 bluhm Exp $ */ +/* $OpenBSD: privsep.c,v 1.68 2018/04/26 13:40:09 bluhm Exp $ */ /* * Copyright (c) 2003 Anil Madhavapeddy <anil@recoil.org> @@ -93,11 +93,12 @@ static void must_read(int, void *, size_t); static void must_write(int, void *, size_t); static int may_read(int, void *, size_t); +static struct passwd *pw; + void priv_init(int lockfd, int nullfd, int argc, char *argv[]) { int i, socks[2]; - struct passwd *pw; char *execpath, childnum[11], **privargv; /* Create sockets */ @@ -178,7 +179,12 @@ priv_exec(char *conf, int numeric, int child, int argc, char *argv[]) struct sigaction sa; sigset_t sigmask; - if (pledge("stdio rpath wpath cpath dns getpw sendfd id proc exec", + /* Redo the password lookup after re-exec of the privsep parent. */ + pw = getpwnam("_syslogd"); + if (pw == NULL) + errx(1, "unknown user _syslogd"); + + if (pledge("stdio rpath wpath cpath dns sendfd id proc exec", NULL) == -1) err(1, "pledge priv"); @@ -440,7 +446,6 @@ static int open_pipe(char *cmd) { char *argp[] = {"sh", "-c", NULL, NULL}; - struct passwd *pw; int fd[2]; int bsize, flags; pid_t pid; @@ -490,13 +495,10 @@ open_pipe(char *cmd) &bsize, sizeof(bsize)) == -1) bsize /= 2; - if ((pw = getpwnam("_syslogd")) == NULL) - errx(1, "unknown user _syslogd"); if (setgroups(1, &pw->pw_gid) == -1 || setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1 || setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid) == -1) err(1, "failure dropping privs"); - endpwent(); if (dup2(fd[0], STDIN_FILENO) == -1) err(1, "dup2 failed"); |