diff options
-rw-r--r-- | proxy/src/gp_init.c | 42 | ||||
-rw-r--r-- | proxy/src/gp_proxy.h | 3 | ||||
-rw-r--r-- | proxy/src/gssproxy.c | 11 |
3 files changed, 50 insertions, 6 deletions
diff --git a/proxy/src/gp_init.c b/proxy/src/gp_init.c index 830ae16..6207a78 100644 --- a/proxy/src/gp_init.c +++ b/proxy/src/gp_init.c @@ -37,12 +37,22 @@ #include <grp.h> #include "gp_proxy.h" -void init_server(bool daemonize) +void init_server(bool daemonize, int *wait_fd) { pid_t pid, sid; int ret; + *wait_fd = -1; + if (daemonize) { + int pipefd[2]; + char buf[1]; + + /* create parent-child pipe */ + ret = pipe(pipefd); + if (ret == -1) { + exit(EXIT_FAILURE); + } pid = fork(); if (pid == -1) { @@ -50,10 +60,22 @@ void init_server(bool daemonize) exit(EXIT_FAILURE); } if (pid != 0) { - /* ok kill the parent */ - exit(EXIT_SUCCESS); + /* wait for child to signal it is ready */ + close(pipefd[1]); + ret = gp_safe_read(pipefd[0], buf, 1); + if (ret == 1) { + /* child signaled all ok */ + exit(EXIT_SUCCESS); + } else { + /* lost child, something went wrong */ + exit(EXIT_FAILURE); + } } + /* child */ + close(pipefd[0]); + *wait_fd = pipefd[1]; + sid = setsid(); if (sid == -1) { /* setsid error ? abort */ @@ -78,6 +100,20 @@ void init_server(bool daemonize) gp_logging_init(); } +void init_done(int wait_fd) +{ + char buf = 0; + int ret; + + if (wait_fd != -1) { + ret = gp_safe_write(wait_fd, &buf, 1); + if (ret != 1) { + exit(EXIT_FAILURE); + } + close(wait_fd); + } +} + void fini_server(void) { closelog(); diff --git a/proxy/src/gp_proxy.h b/proxy/src/gp_proxy.h index 733fec5..79bebb8 100644 --- a/proxy/src/gp_proxy.h +++ b/proxy/src/gp_proxy.h @@ -106,7 +106,8 @@ struct gp_creds_handle *gp_service_get_creds_handle(struct gp_service *svc); void free_config(struct gp_config **config); /* from gp_init.c */ -void init_server(bool daemonize); +void init_server(bool daemonize, int *wait_fd); +void init_done(int wait_fd); void fini_server(void); verto_ctx *init_event_loop(void); void init_proc_nfsd(struct gp_config *cfg); diff --git a/proxy/src/gssproxy.c b/proxy/src/gssproxy.c index 1bf0a0b..80430d6 100644 --- a/proxy/src/gssproxy.c +++ b/proxy/src/gssproxy.c @@ -42,6 +42,7 @@ int main(int argc, const char *argv[]) int vflags; struct gssproxy_ctx *gpctx; struct gp_sock_ctx *sock_ctx; + int wait_fd; int ret; int i; @@ -97,7 +98,7 @@ int main(int argc, const char *argv[]) exit(EXIT_FAILURE); } - init_server(gpctx->config->daemonize); + init_server(gpctx->config->daemonize, &wait_fd); write_pid(); @@ -139,9 +140,15 @@ int main(int argc, const char *argv[]) } } - /* special call to tell the Linux kernel gss-proxy is available */ + /* We need to tell nfsd that GSS-Proxy is available before it starts, + * as nfsd needs to know GSS-Proxy is in use before the first time it + * needs to call accept_sec_context. */ init_proc_nfsd(gpctx->config); + /* Now it is safe to tell the init system that we're done starting up, + * so it can continue with dependencies and start nfsd */ + init_done(wait_fd); + ret = drop_privs(gpctx->config); if (ret) { exit(EXIT_FAILURE); |