POTD skeleton #47.

Signed-off-by: lns <matzeton@googlemail.com>
author: lns <matzeton@googlemail.com> 2018-05-09 18:00:57 +0200
committer: lns <matzeton@googlemail.com> 2018-05-09 18:00:57 +0200
commit: b68142ba8bfc4a9c68c0135313cbba22585399c4 (patch)
tree: 30be63f911b17029f5637545b044682780606332 /src/jail.c
parent: bc240cca7918d6e6f4f56fbe19d32eb20f07a567 (diff)
1 files changed, 9 insertions, 5 deletions
diff --git a/src/jail.c b/src/jail.c
index 195356e..cb2aac7 100644
--- a/src/jail.c
+++ b/src/jail.c
@@ -138,7 +138,7 @@ pid_t jail_daemonize(event_ctx **ev_ctx, jail_ctx *ctx[], size_t siz)
             W_STRERR("%s", "Jail daemonize");
 	        return -1;
         case 0:
-            N("%s", "Jail daemon mainloop");
+            N("Jail daemon child pid %d", getpid());
             jail_mainloop(ev_ctx, (const jail_ctx **) ctx, siz);
     }
     D2("Jail daemon pid: %d", p);
@@ -237,6 +237,8 @@ static int jail_childfn(prisoner_process *ctx)
 
     assert(ctx);
     self_pid = getpid();
+    if (set_child_sighandler())
+        FATAL("Set sighandler for pid %d", self_pid);
     if (setpgrp())
         FATAL("Jail set process group for pid %d", self_pid);
     if (prctl(PR_SET_PDEATHSIG, SIGKILL) != 0)
@@ -283,8 +285,6 @@ static int jail_childfn(prisoner_process *ctx)
                          S_IROTH|S_IXOTH);
     if (s && errno != EEXIST)
         FATAL("Create directory '%s'", path_proc);
-    if (!dir_is_mountpoint(path_proc) && mount_proc(path_proc))
-        FATAL("Mount devpts to '%s%s'", ctx->newroot, path_proc)
 
     D2("Creating device files in '%s%s'", ctx->newroot, path_dev);
     if (create_device_files(path_dev)) {
@@ -303,16 +303,20 @@ static int jail_childfn(prisoner_process *ctx)
                 self_pid);
             break;
         case 0:
+            if (mount_proc(path_proc))
+                exit(EXIT_FAILURE);
+            if (close_fds_except(0, 1, 2, -1))
+                exit(EXIT_FAILURE);
             if (execl(path_shell, path_shell, (char *) NULL))
                 exit(EXIT_FAILURE);
         default:
             if (set_fd_nonblock(master_fd))
                 FATAL("Pty master fd nonblock for prisoner pid %d",
                     child_pid);
-            N("Socket to tty I/O loop for prisoner pid %d",
+            N("Socket to tty I/O for prisoner pid %d",
                 child_pid);
             if (jail_socket_tty(ctx, master_fd))
-                FATAL("Socket to tty I/O loop for prisoner pid %d",
+                FATAL("Socket to tty I/O for prisoner pid %d",
                     child_pid);
             waitpid(child_pid, &s, 0);
     }
author	lns <matzeton@googlemail.com>	2018-05-09 18:00:57 +0200
committer	lns <matzeton@googlemail.com>	2018-05-09 18:00:57 +0200
commit	b68142ba8bfc4a9c68c0135313cbba22585399c4 (patch)
tree	30be63f911b17029f5637545b044682780606332 /src/jail.c
parent	bc240cca7918d6e6f4f56fbe19d32eb20f07a567 (diff)