diff options
| author | Ales Kozumplik <akozumpl@redhat.com> | 2010-05-03 18:25:20 +0200 |
|---|---|---|
| committer | Ales Kozumplik <akozumpl@redhat.com> | 2010-05-06 13:20:38 +0200 |
| commit | 5c8be71aab71654c29df8a0950372c41e8a47aad (patch) | |
| tree | 438338c73448c5f961aa4c9f36f93a98f482c0fe /isys | |
| parent | b332af6bc3f3c26ae9d87d529a3c0dd5d96ad2a9 (diff) | |
| download | anaconda-5c8be71aab71654c29df8a0950372c41e8a47aad.tar.gz anaconda-5c8be71aab71654c29df8a0950372c41e8a47aad.tar.xz anaconda-5c8be71aab71654c29df8a0950372c41e8a47aad.zip | |
memory: build auditd as a standalone binary and run it so (#549653).
Instead of just forking, we fork() anaconda and then execv our custom
audit daemon. This saves us an extra anaconda process running permanently,
taking memory.
Diffstat (limited to 'isys')
| -rw-r--r-- | isys/Makefile.am | 6 | ||||
| -rw-r--r-- | isys/auditd.c | 11 |
2 files changed, 11 insertions, 6 deletions
diff --git a/isys/Makefile.am b/isys/Makefile.am index b05330cdf..1a7ca81e8 100644 --- a/isys/Makefile.am +++ b/isys/Makefile.am @@ -47,4 +47,10 @@ libisys_la_LDFLAGS = -static libisys_la_LIBADD = $(ISYS_LIBS) libisys_la_SOURCES = $(ISYS_SRCS) +auditddir = $(libexecdir)/$(PACKAGE_NAME) +auditd_PROGRAMS = auditd +auditd_SOURCES = auditd.c +auditd_CFLAGS = -DSTANDALONE $(SELINUX_CFLAGS) +auditd_LDADD = $(SELINUX_LIBS) $(LIBNL_LIBS) + MAINTAINERCLEANFILES = Makefile.in diff --git a/isys/auditd.c b/isys/auditd.c index 8eef4f393..2ca6d04f4 100644 --- a/isys/auditd.c +++ b/isys/auditd.c @@ -94,32 +94,31 @@ static void do_auditd(int fd) { int audit_daemonize(void) { #ifdef USESELINUX int fd; -#ifndef STANDALONE - int i; pid_t child; - + int i; if ((child = fork()) > 0) return 0; +#ifndef STANDALONE for (i = 0; i < getdtablesize(); i++) close(i); - signal(SIGTTOU, SIG_IGN); signal(SIGTTIN, SIG_IGN); signal(SIGTSTP, SIG_IGN); +#endif /* !defined(STANDALONE) */ if ((fd = open("/proc/self/oom_adj", O_RDWR)) >= 0) { i = write(fd, "-17", 3); close(fd); } - -#endif /* !defined(STANDALONE) */ fd = audit_open(); do_auditd(fd); audit_close(fd); + #ifndef STANDALONE exit(0); #endif /* !defined(STANDALONE) */ + #endif /* USESELINUX */ return 0; } |