summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorRainer Gerhards <rgerhards@adiscon.com>2009-04-02 15:12:57 +0200
committerRainer Gerhards <rgerhards@adiscon.com>2009-04-02 15:12:57 +0200
commiteb807027af9e126a212b0630c5873dddae48963b (patch)
tree36aab3c366d32f97eeb2f98e4040565d380f7317
parent85c09e0c44c00be1cd91955b39fc6d0a17c72a98 (diff)
downloadrsyslog-eb807027af9e126a212b0630c5873dddae48963b.tar.gz
rsyslog-eb807027af9e126a212b0630c5873dddae48963b.tar.xz
rsyslog-eb807027af9e126a212b0630c5873dddae48963b.zip
added O_CLOEXEC to open() calls
to make sure only the minimum number of file handles is left open during a exec call. This is not a 100% solution, as there are also some fopen() calls and, more importantly, file descriptors opened by libraries. But it is better than nothing (and it was quick, at least until we run into platform hell, what we will for sure ;)).
-rw-r--r--plugins/imklog/linux.c2
-rw-r--r--runtime/debug.c2
-rw-r--r--tools/omfile.c12
-rw-r--r--tools/pidfile.c2
-rw-r--r--tools/syslogd.c2
5 files changed, 10 insertions, 10 deletions
diff --git a/plugins/imklog/linux.c b/plugins/imklog/linux.c
index 198b7c0e..0dd4320d 100644
--- a/plugins/imklog/linux.c
+++ b/plugins/imklog/linux.c
@@ -144,7 +144,7 @@ static enum LOGSRC GetKernelLogSrc(void)
return(kernel);
}
- if ( (kmsg = open(_PATH_KLOG, O_RDONLY)) < 0 )
+ if ( (kmsg = open(_PATH_KLOG, O_RDONLY|O_CLOEXEC)) < 0 )
{
imklogLogIntMsg(LOG_ERR, "imklog: Cannot open proc file system, %d.\n", errno);
ksyslog(7, NULL, 0); /* TODO: check this, implement more */
diff --git a/runtime/debug.c b/runtime/debug.c
index 96004e47..4ee90226 100644
--- a/runtime/debug.c
+++ b/runtime/debug.c
@@ -1343,7 +1343,7 @@ rsRetVal dbgClassInit(void)
if(pszAltDbgFileName != NULL) {
/* we have a secondary file, so let's open it) */
- if((altdbg = open(pszAltDbgFileName, O_WRONLY|O_CREAT|O_TRUNC|O_NOCTTY, S_IRUSR|S_IWUSR)) == -1) {
+ if((altdbg = open(pszAltDbgFileName, O_WRONLY|O_CREAT|O_TRUNC|O_NOCTTY|O_CLOEXEC, S_IRUSR|S_IWUSR)) == -1) {
fprintf(stderr, "alternate debug file could not be opened, ignoring. Error: %s\n", strerror(errno));
}
}
diff --git a/tools/omfile.c b/tools/omfile.c
index 5141b4da..36f160d1 100644
--- a/tools/omfile.c
+++ b/tools/omfile.c
@@ -301,7 +301,7 @@ int resolveFileSizeLimit(instanceData *pData)
free(pCmd);
- pData->fd = open((char*) pData->f_fname, O_WRONLY|O_APPEND|O_CREAT|O_NOCTTY,
+ pData->fd = open((char*) pData->f_fname, O_WRONLY|O_APPEND|O_CREAT|O_NOCTTY|O_CLOEXEC,
pData->fCreateMode);
actualFileSize = lseek(pData->fd, 0, SEEK_END);
@@ -394,13 +394,13 @@ prepareFile(instanceData *pData, uchar *newFileName)
{
DEFiRet;
if(pData->fileType == eTypePIPE) {
- pData->fd = open((char*) pData->f_fname, O_RDWR|O_NONBLOCK);
+ pData->fd = open((char*) pData->f_fname, O_RDWR|O_NONBLOCK|O_CLOEXEC);
FINALIZE; /* we are done in this case */
}
if(access((char*)newFileName, F_OK) == 0) {
/* file already exists */
- pData->fd = open((char*) newFileName, O_WRONLY|O_APPEND|O_CREAT|O_NOCTTY,
+ pData->fd = open((char*) newFileName, O_WRONLY|O_APPEND|O_CREAT|O_NOCTTY|O_CLOEXEC,
pData->fCreateMode);
} else {
pData->fd = -1;
@@ -419,7 +419,7 @@ prepareFile(instanceData *pData, uchar *newFileName)
/* no matter if we needed to create directories or not, we now try to create
* the file. -- rgerhards, 2008-12-18 (based on patch from William Tisater)
*/
- pData->fd = open((char*) newFileName, O_WRONLY|O_APPEND|O_CREAT|O_NOCTTY,
+ pData->fd = open((char*) newFileName, O_WRONLY|O_APPEND|O_CREAT|O_NOCTTY|O_CLOEXEC,
pData->fCreateMode);
if(pData->fd != -1) {
/* check and set uid/gid */
@@ -653,7 +653,7 @@ again:
&& e == EBADF
#endif
) {
- pData->fd = open((char*) pData->f_fname, O_WRONLY|O_APPEND|O_NOCTTY);
+ pData->fd = open((char*) pData->f_fname, O_WRONLY|O_APPEND|O_NOCTTY|O_CLOEXEC);
if (pData->fd < 0) {
iRet = RS_RET_SUSPENDED;
errmsg.LogError(0, NO_ERRCODE, "%s", pData->f_fname);
@@ -742,7 +742,7 @@ CODESTARTparseSelectorAct
pData->bDynamicName = 0;
pData->fCreateMode = fCreateMode; /* preserve current setting */
pData->fDirCreateMode = fDirCreateMode; /* preserve current setting */
- pData->fd = open((char*) pData->f_fname, O_WRONLY|O_APPEND|O_CREAT|O_NOCTTY,
+ pData->fd = open((char*) pData->f_fname, O_WRONLY|O_APPEND|O_CREAT|O_NOCTTY|O_CLOEXEC,
pData->fCreateMode);
}
break;
diff --git a/tools/pidfile.c b/tools/pidfile.c
index 2be13da6..e7744513 100644
--- a/tools/pidfile.c
+++ b/tools/pidfile.c
@@ -97,7 +97,7 @@ int write_pid (char *pidfile)
int fd;
int pid;
- if ( ((fd = open(pidfile, O_RDWR|O_CREAT, 0644)) == -1)
+ if ( ((fd = open(pidfile, O_RDWR|O_CREAT|O_CLOEXEC, 0644)) == -1)
|| ((f = fdopen(fd, "r+")) == NULL) ) {
fprintf(stderr, "Can't open or create %s.\n", pidfile);
return 0;
diff --git a/tools/syslogd.c b/tools/syslogd.c
index c72160fb..16f255ea 100644
--- a/tools/syslogd.c
+++ b/tools/syslogd.c
@@ -549,7 +549,7 @@ void untty(void)
int i;
if ( !Debug ) {
- i = open(_PATH_TTY, O_RDWR);
+ i = open(_PATH_TTY, O_RDWR|O_CLOEXEC);
if (i >= 0) {
# if !defined(__hpux)
(void) ioctl(i, (int) TIOCNOTTY, (char *)0);