baf9308b21
There might be file descriptors open by things like pam_systemd that we do not want to keep open for the child process. Original idea by: Jakub Jelen <jjelen@redhat.com> Upstream commit: b2c8cbcef8c97b5a175d6e71995249b288707b0f
40 lines
1.2 KiB
Diff
40 lines
1.2 KiB
Diff
diff -up cronie-1.4.11/src/do_command.c.pff cronie-1.4.11/src/do_command.c
|
|
--- cronie-1.4.11/src/do_command.c.pff 2013-07-18 14:27:08.000000000 +0200
|
|
+++ cronie-1.4.11/src/do_command.c 2014-04-30 14:42:32.761953732 +0200
|
|
@@ -238,6 +238,12 @@ static int child_process(entry * e, char
|
|
*/
|
|
{
|
|
char *shell = env_get("SHELL", jobenv);
|
|
+ int fd, fdmax = getdtablesize();
|
|
+
|
|
+ /* close all unwanted open file descriptors */
|
|
+ for(fd = STDERR + 1; fd < fdmax; fd++) {
|
|
+ close(fd);
|
|
+ }
|
|
|
|
#if DEBUGGING
|
|
if (DebugFlags & DTEST) {
|
|
diff -up cronie-1.4.11/src/popen.c.pff cronie-1.4.11/src/popen.c
|
|
--- cronie-1.4.11/src/popen.c.pff 2013-07-18 14:27:08.000000000 +0200
|
|
+++ cronie-1.4.11/src/popen.c 2014-04-30 14:43:42.177095194 +0200
|
|
@@ -69,6 +69,7 @@ FILE *cron_popen(char *program, const ch
|
|
ssize_t out;
|
|
char buf[PIPE_BUF];
|
|
struct sigaction sa;
|
|
+ int fd;
|
|
|
|
#ifdef __GNUC__
|
|
(void) &iop; /* Avoid fork clobbering */
|
|
@@ -121,6 +122,11 @@ FILE *cron_popen(char *program, const ch
|
|
sa.sa_handler = SIG_DFL;
|
|
sigaction(SIGPIPE, &sa, NULL);
|
|
|
|
+ /* close all unwanted open file descriptors */
|
|
+ for (fd = STDERR + 1; fd < fds; fd++) {
|
|
+ close(fd);
|
|
+ }
|
|
+
|
|
if (cron_change_user_permanently(pw, pw->pw_dir) != 0)
|
|
_exit(2);
|
|
|