nss-pam-ldapd branch master updated. 0.9.12-6-g2f6e65a

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Commits of the nss-pam-ldapd project <nss-pam-ldapd-commits [at] lists.arthurdejong.org>
To: nss-pam-ldapd-commits [at] lists.arthurdejong.org
Reply-to: nss-pam-ldapd-users [at] lists.arthurdejong.org, nss-pam-ldapd-commits [at] lists.arthurdejong.org
Subject: nss-pam-ldapd branch master updated. 0.9.12-6-g2f6e65a
Date: Mon, 10 Oct 2022 23:25:02 +0200 (CEST)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "nss-pam-ldapd".

The branch, master has been updated
       via  2f6e65ab384917a9b2ee4b25a172acc107a640b3 (commit)
       via  1c9b021e78dc67b9cdca5f9ad10cbde08418ee28 (commit)
      from  2fc652fa11b03fc5aafe353a790c103f49540831 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://arthurdejong.org/git/nss-pam-ldapd/commit/?id=2f6e65ab384917a9b2ee4b25a172acc107a640b3

commit 2f6e65ab384917a9b2ee4b25a172acc107a640b3
Author: Arthur de Jong <arthur@arthurdejong.org>
Date:   Mon Oct 10 23:16:15 2022 +0200

    Use closefrom() if available
    
    One some systems _SC_OPEN_MAX can be *very* large.
    
    Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/53

diff --git a/configure.ac b/configure.ac
index 12bf35c..27b2fda 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 #
 # Copyright (C) 2006 Luke Howard
 # Copyright (C) 2006 West Consulting
-# Copyright (C) 2006-2021 Arthur de Jong
+# Copyright (C) 2006-2022 Arthur de Jong
 #
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
@@ -23,7 +23,7 @@ AC_PREREQ(2.61)
 AC_COPYRIGHT(
 [Copyright (C) 2006 Luke Howard
 Copyright (C) 2006 West Consulting
-Copyright (C) 2006-2021 Arthur de Jong
+Copyright (C) 2006-2022 Arthur de Jong
 
 This configure script is derived from configure.ac which is free software;
 you can redistribute it and/or modify it under the terms of the GNU Lesser
@@ -722,7 +722,7 @@ then
   AC_SEARCH_LIBS(dlopen, dl)
 
   # check for availability of functions
-  AC_CHECK_FUNCS(initgroups setgroups execvp execvpe)
+  AC_CHECK_FUNCS(initgroups setgroups execvp execvpe closefrom)
   AC_CHECK_FUNCS(getpeereid)
   AC_CHECK_FUNCS(getpeerucred)
   AC_CHECK_FUNCS(__nss_configure_lookup)
diff --git a/nslcd/daemonize.c b/nslcd/daemonize.c
index be3b386..8fef11a 100644
--- a/nslcd/daemonize.c
+++ b/nslcd/daemonize.c
@@ -1,7 +1,7 @@
 /*
    daemoninze.c - functions for properly daemonising an application
 
-   Copyright (C) 2014-2015 Arthur de Jong
+   Copyright (C) 2014-2022 Arthur de Jong
 
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
@@ -43,8 +43,11 @@ static int daemonizefd = -1;
 
 void daemonize_closefds(void)
 {
-  int i;
   /* close all file descriptors (except stdin/out/err) */
+#ifdef HAVE_CLOSEFROM
+  closefrom(3);
+#else
+  int i;
   i = sysconf(_SC_OPEN_MAX) - 1;
   /* if the system does not have OPEN_MAX just close the first 32 and
      hope we closed enough */
@@ -52,6 +55,7 @@ void daemonize_closefds(void)
     i = 32;
   for (; i > 2; i--)
     close(i);
+#endif
 }
 
 void daemonize_redirect_stdio(void)
diff --git a/nslcd/invalidator.c b/nslcd/invalidator.c
index b94dc22..3e902e8 100644
--- a/nslcd/invalidator.c
+++ b/nslcd/invalidator.c
@@ -1,7 +1,7 @@
 /*
    invalidator.c - functions for invalidating external caches
 
-   Copyright (C) 2013-2014 Arthur de Jong
+   Copyright (C) 2013-2022 Arthur de Jong
 
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
@@ -97,6 +97,9 @@ static void exec_invalidate(const char *db)
   {
     case 0: /* we are the child */
       /* close all file descriptors */
+#ifdef HAVE_CLOSEFROM
+      closefrom(0);
+#else
       i = sysconf(_SC_OPEN_MAX) - 1;
       /* if the system does not have OPEN_MAX just close the first 32 and
          hope we have closed enough */
@@ -104,6 +107,7 @@ static void exec_invalidate(const char *db)
         i = 32;
       for (; i >= 0; i--)
         close(i);
+#endif
       /* execute command */
 #ifdef HAVE_EXECVPE
       execvpe(argv[0], argv, newenviron);

https://arthurdejong.org/git/nss-pam-ldapd/commit/?id=1c9b021e78dc67b9cdca5f9ad10cbde08418ee28

commit 1c9b021e78dc67b9cdca5f9ad10cbde08418ee28
Author: Arthur de Jong <arthur@arthurdejong.org>
Date:   Mon Oct 10 23:15:06 2022 +0200

    Fix off-by one error in closing file descriptors
    
    This could leave file descriptor 3 open from the parent process starting
    nslcd.

diff --git a/nslcd/daemonize.c b/nslcd/daemonize.c
index d11d358..be3b386 100644
--- a/nslcd/daemonize.c
+++ b/nslcd/daemonize.c
@@ -50,7 +50,7 @@ void daemonize_closefds(void)
      hope we closed enough */
   if (i < 0)
     i = 32;
-  for (; i > 3; i--)
+  for (; i > 2; i--)
     close(i);
 }
 

-----------------------------------------------------------------------

Summary of changes:
 configure.ac        |  6 +++---
 nslcd/daemonize.c   | 10 +++++++---
 nslcd/invalidator.c |  6 +++++-
 3 files changed, 15 insertions(+), 7 deletions(-)


hooks/post-receive
-- 
nss-pam-ldapd

nss-pam-ldapd branch master updated. 0.9.12-6-g2f6e65a, Commits of the nss-pam-ldapd project

Prev by Date: nss-pam-ldapd branch master updated. 0.9.12-4-g2fc652f
Previous by thread: nss-pam-ldapd branch master updated. 0.9.12-4-g2fc652f