diff options
Diffstat (limited to 'plugin')
| -rw-r--r-- | plugin/CMakeLists.txt | 4 | ||||
| -rw-r--r-- | plugin/firewall/eurephiafw.c | 3 | ||||
| -rw-r--r-- | plugin/firewall/eurephiafw_helpers.c | 1 |
3 files changed, 8 insertions, 0 deletions
diff --git a/plugin/CMakeLists.txt b/plugin/CMakeLists.txt index db8384c..0a52bd6 100644 --- a/plugin/CMakeLists.txt +++ b/plugin/CMakeLists.txt @@ -82,6 +82,10 @@ IF(ENABLE_EUREPHIADM) REMOVE_DEFINITIONS(-DENABLE_EUREPHIADM) ENDIF(ENABLE_EUREPHIADM) +# Only allow MADV_DONTFORK on Linux +IF(${CMAKE_SYSTEM_NAME} MATCHES "Linux") + SET(COMPILE_DEFINITIONS HAVE_MADVDONTFORK) +ENDIF(${CMAKE_SYSTEM_NAME} MATCHES "Linux") # Build rule for eurephia-auth.so ADD_LIBRARY(eurephia-auth MODULE diff --git a/plugin/firewall/eurephiafw.c b/plugin/firewall/eurephiafw.c index 6b2bf24..d74a383 100644 --- a/plugin/firewall/eurephiafw.c +++ b/plugin/firewall/eurephiafw.c @@ -37,6 +37,7 @@ #include <unistd.h> #include <sys/mman.h> #include <sys/wait.h> +#include <signal.h> #include <time.h> #include <errno.h> #include <assert.h> @@ -236,8 +237,10 @@ void eFW_StartFirewall(eurephiaCTX *ctx, const int daemon, const int logredir) { return; } +#if HAVE_MADVDONTFORK // Make sure that these variables are not available in the child madvise(ctx, sizeof(eurephiaCTX), MADV_DONTFORK); +#endif // Start a new process (should run with root permissions) - which will do the firewall work if( (ctx->fwcfg->fwproc_pid = fork()) < 0 ) { diff --git a/plugin/firewall/eurephiafw_helpers.c b/plugin/firewall/eurephiafw_helpers.c index 728e507..b779925 100644 --- a/plugin/firewall/eurephiafw_helpers.c +++ b/plugin/firewall/eurephiafw_helpers.c @@ -34,6 +34,7 @@ #include <string.h> #include <errno.h> #include <unistd.h> +#include <fcntl.h> #include <semaphore.h> #include <mqueue.h> |