Lines 21-40
Link Here
|
21 |
* |
21 |
* |
22 |
* Modified for Gentoo rc-scripts by Donny Davies <woodchip@gentoo.org>: |
22 |
* Modified for Gentoo rc-scripts by Donny Davies <woodchip@gentoo.org>: |
23 |
* I removed the BSD/Hurd/OtherOS stuff, added #include <stddef.h> |
23 |
* I removed the BSD/Hurd/OtherOS stuff, added #include <stddef.h> |
24 |
* and stuck in a #define VERSION "1.9.18". Now it compiles without |
24 |
* and stuck in a #define VERSION "1.9.18". Now it compiles without |
25 |
* the whole automake/config.h dance. |
25 |
* the whole automake/config.h dance. |
26 |
* |
26 |
* |
27 |
* Updated by Aron Griffis <agriffis@gentoo.org>: |
27 |
* Updated by Aron Griffis <agriffis@gentoo.org>: |
28 |
* Fetched updates from Debian's dpkg-1.10.20, including fix for |
28 |
* Fetched updates from Debian's dpkg-1.10.20, including fix for |
29 |
* Gentoo bug 22686 (start-stop-daemon in baselayout doesn't allow |
29 |
* Gentoo bug 22686 (start-stop-daemon in baselayout doesn't allow |
30 |
* altered nicelevel). |
30 |
* altered nicelevel). |
|
|
31 |
* |
32 |
* Updated by Scott Dial <scott@scottdial.com>: |
33 |
* Provides PAM support, Gentoo bug 64700 (start-stop-daemon doesn't use pam) |
34 |
* |
31 |
*/ |
35 |
*/ |
32 |
|
36 |
|
33 |
#define VERSION "1.10.20" |
37 |
#define VERSION "1.10.20" |
34 |
#include <stddef.h> |
38 |
#include <stddef.h> |
35 |
|
39 |
|
36 |
#define NONRETURNPRINTFFORMAT(x, y) \ |
40 |
#define NONRETURNPRINTFFORMAT(x, y) \ |
37 |
__attribute__((noreturn, format(printf, x, y))) |
41 |
__attribute__((noreturn, format(printf, x, y))) |
38 |
#define NONRETURNING \ |
42 |
#define NONRETURNING \ |
39 |
__attribute__((noreturn)) |
43 |
__attribute__((noreturn)) |
40 |
|
44 |
|
Lines 95-114
Link Here
|
95 |
#include <pwd.h> |
99 |
#include <pwd.h> |
96 |
#include <grp.h> |
100 |
#include <grp.h> |
97 |
#include <sys/ioctl.h> |
101 |
#include <sys/ioctl.h> |
98 |
#include <sys/types.h> |
102 |
#include <sys/types.h> |
99 |
#include <sys/termios.h> |
103 |
#include <sys/termios.h> |
100 |
#include <fcntl.h> |
104 |
#include <fcntl.h> |
101 |
#include <limits.h> |
105 |
#include <limits.h> |
102 |
#include <assert.h> |
106 |
#include <assert.h> |
103 |
#include <ctype.h> |
107 |
#include <ctype.h> |
104 |
|
108 |
|
|
|
109 |
#ifdef USE_PAM |
110 |
# include <security/pam_appl.h> |
111 |
# include <security/pam_misc.h> |
112 |
#endif |
113 |
|
105 |
#ifdef HAVE_ERROR_H |
114 |
#ifdef HAVE_ERROR_H |
106 |
# include <error.h> |
115 |
# include <error.h> |
107 |
#endif |
116 |
#endif |
108 |
#ifdef HURD_IHASH_H |
117 |
#ifdef HURD_IHASH_H |
109 |
#include <hurd/ihash.h> |
118 |
#include <hurd/ihash.h> |
110 |
#endif |
119 |
#endif |
111 |
|
120 |
|
112 |
static int testmode = 0; |
121 |
static int testmode = 0; |
113 |
static int quietmode = 0; |
122 |
static int quietmode = 0; |
114 |
static int exitnodo = 1; |
123 |
static int exitnodo = 1; |
Lines 283-302
Link Here
|
283 |
" start-stop-daemon -K|--stop options ...\n" |
292 |
" start-stop-daemon -K|--stop options ...\n" |
284 |
" start-stop-daemon -H|--help\n" |
293 |
" start-stop-daemon -H|--help\n" |
285 |
" start-stop-daemon -V|--version\n" |
294 |
" start-stop-daemon -V|--version\n" |
286 |
"\n" |
295 |
"\n" |
287 |
"Options (at least one of --exec|--pidfile|--user is required):\n" |
296 |
"Options (at least one of --exec|--pidfile|--user is required):\n" |
288 |
" -x|--exec <executable> program to start/check if it is running\n" |
297 |
" -x|--exec <executable> program to start/check if it is running\n" |
289 |
" -p|--pidfile <pid-file> pid file to check\n" |
298 |
" -p|--pidfile <pid-file> pid file to check\n" |
290 |
" -c|--chuid <name|uid[:group|gid]>\n" |
299 |
" -c|--chuid <name|uid[:group|gid]>\n" |
291 |
" change to this user/group before starting process\n" |
300 |
" change to this user/group before starting process\n" |
292 |
" -u|--user <username>|<uid> stop processes owned by this user\n" |
301 |
" -u|--user <username>|<uid> stop processes owned by this user\n" |
|
|
302 |
" user for PAM session\n" |
293 |
" -g|--group <group|gid> run process as this group\n" |
303 |
" -g|--group <group|gid> run process as this group\n" |
294 |
" -n|--name <process-name> stop processes with this name\n" |
304 |
" -n|--name <process-name> stop processes with this name\n" |
295 |
" -s|--signal <signal> signal to send (default TERM)\n" |
305 |
" -s|--signal <signal> signal to send (default TERM)\n" |
296 |
" -a|--startas <pathname> program to start (default is <executable>)\n" |
306 |
" -a|--startas <pathname> program to start (default is <executable>)\n" |
297 |
" -C|--chdir <directory> Change to <directory>(default is /)\n" |
307 |
" -C|--chdir <directory> Change to <directory>(default is /)\n" |
298 |
" -N|--nicelevel <incr> add incr to the process's nice level\n" |
308 |
" -N|--nicelevel <incr> add incr to the process's nice level\n" |
299 |
" -b|--background force the process to detach\n" |
309 |
" -b|--background force the process to detach\n" |
300 |
" -m|--make-pidfile create the pidfile before starting\n" |
310 |
" -m|--make-pidfile create the pidfile before starting\n" |
301 |
" -R|--retry <schedule> check whether processes die, and retry\n" |
311 |
" -R|--retry <schedule> check whether processes die, and retry\n" |
302 |
" -t|--test test mode, don't do anything\n" |
312 |
" -t|--test test mode, don't do anything\n" |
Lines 1131-1155
Link Here
|
1131 |
x_finished: |
1141 |
x_finished: |
1132 |
if (!anykilled) { |
1142 |
if (!anykilled) { |
1133 |
if (quietmode <= 0) |
1143 |
if (quietmode <= 0) |
1134 |
printf("No %s found running; none killed.\n", what_stop); |
1144 |
printf("No %s found running; none killed.\n", what_stop); |
1135 |
return exitnodo; |
1145 |
return exitnodo; |
1136 |
} else { |
1146 |
} else { |
1137 |
return 0; |
1147 |
return 0; |
1138 |
} |
1148 |
} |
1139 |
} |
1149 |
} |
1140 |
|
1150 |
|
|
|
1151 |
#ifdef USE_PAM |
1152 |
// We are not supporting authentication conversations |
1153 |
static struct pam_conv conv = {NULL, NULL }; |
1154 |
#endif |
1141 |
|
1155 |
|
1142 |
int main(int argc, char **argv) NONRETURNING; |
1156 |
int main(int argc, char **argv) NONRETURNING; |
1143 |
int |
1157 |
int |
1144 |
main(int argc, char **argv) |
1158 |
main(int argc, char **argv) |
1145 |
{ |
1159 |
{ |
|
|
1160 |
#ifdef USE_PAM |
1161 |
pam_handle_t *pamh=NULL; |
1162 |
int retval; |
1163 |
#endif |
1146 |
int devnull_fd = -1; |
1164 |
int devnull_fd = -1; |
1147 |
#ifdef HAVE_TIOCNOTTY |
1165 |
#ifdef HAVE_TIOCNOTTY |
1148 |
int tty_fd = -1; |
1166 |
int tty_fd = -1; |
1149 |
#endif |
1167 |
#endif |
1150 |
progname = argv[0]; |
1168 |
progname = argv[0]; |
1151 |
|
1169 |
|
1152 |
parse_options(argc, argv); |
1170 |
parse_options(argc, argv); |
1153 |
argc -= optind; |
1171 |
argc -= optind; |
1154 |
argv += optind; |
1172 |
argv += optind; |
1155 |
|
1173 |
|
Lines 1252-1271
Link Here
|
1252 |
fclose(pidf); |
1270 |
fclose(pidf); |
1253 |
} |
1271 |
} |
1254 |
if (changeroot != NULL) { |
1272 |
if (changeroot != NULL) { |
1255 |
if (chdir(changeroot) < 0) |
1273 |
if (chdir(changeroot) < 0) |
1256 |
fatal("Unable to chdir() to %s", changeroot); |
1274 |
fatal("Unable to chdir() to %s", changeroot); |
1257 |
if (chroot(changeroot) < 0) |
1275 |
if (chroot(changeroot) < 0) |
1258 |
fatal("Unable to chroot() to %s", changeroot); |
1276 |
fatal("Unable to chroot() to %s", changeroot); |
1259 |
} |
1277 |
} |
1260 |
if (changedir != NULL && chdir(changedir) < 0) |
1278 |
if (changedir != NULL && chdir(changedir) < 0) |
1261 |
fatal("Unable to chdir() to %s", changedir); |
1279 |
fatal("Unable to chdir() to %s", changedir); |
|
|
1280 |
|
1281 |
// Before we change users, we need to do PAM |
1282 |
#ifdef USE_PAM |
1283 |
// -c takes priority because it will be what the process ends up running as |
1284 |
// -u comes in second to allow daemons to be started as root (as most require) |
1285 |
// but use the effective session for another user |
1286 |
// else we use "nobody" to avoid promoting any daemon |
1287 |
|
1288 |
if(changeuser != NULL) |
1289 |
retval = pam_start("start-stop-daemon", changeuser, &conv, &pamh); |
1290 |
else if (userspec != NULL) |
1291 |
retval = pam_start("start-stop-daemon", userspec, &conv, &pamh); |
1292 |
else |
1293 |
retval = pam_start("start-stop-daemon", "nobody", &conv, &pamh); |
1294 |
|
1295 |
if(retval == PAM_SUCCESS) |
1296 |
retval = pam_authenticate(pamh, PAM_SILENT); |
1297 |
|
1298 |
if(retval == PAM_SUCCESS) |
1299 |
retval = pam_acct_mgmt(pamh, PAM_SILENT); |
1300 |
|
1301 |
if(retval == PAM_SUCCESS) |
1302 |
retval = pam_open_session(pamh, PAM_SILENT); |
1303 |
|
1304 |
if(retval != PAM_SUCCESS) |
1305 |
printf(pam_strerror(pamh, retval)); |
1306 |
#endif |
1307 |
|
1262 |
if (changeuser != NULL) { |
1308 |
if (changeuser != NULL) { |
1263 |
if (setgid(runas_gid)) |
1309 |
if (setgid(runas_gid)) |
1264 |
fatal("Unable to set gid to %d", runas_gid); |
1310 |
fatal("Unable to set gid to %d", runas_gid); |
1265 |
if (initgroups(changeuser, runas_gid)) |
1311 |
if (initgroups(changeuser, runas_gid)) |
1266 |
fatal("Unable to set initgroups() with gid %d", runas_gid); |
1312 |
fatal("Unable to set initgroups() with gid %d", runas_gid); |
1267 |
if (setuid(runas_uid)) |
1313 |
if (setuid(runas_uid)) |
1268 |
fatal("Unable to set uid to %s", changeuser); |
1314 |
fatal("Unable to set uid to %s", changeuser); |
1269 |
} |
1315 |
} |
1270 |
if (background) { /* continue background setup */ |
1316 |
if (background) { /* continue background setup */ |
1271 |
int i; |
1317 |
int i; |
Lines 1287-1299
Link Here
|
1287 |
#endif |
1333 |
#endif |
1288 |
|
1334 |
|
1289 |
/* create a new session */ |
1335 |
/* create a new session */ |
1290 |
#ifdef HAVE_SETSID |
1336 |
#ifdef HAVE_SETSID |
1291 |
setsid(); |
1337 |
setsid(); |
1292 |
#else |
1338 |
#else |
1293 |
setpgid(0,0); |
1339 |
setpgid(0,0); |
1294 |
#endif |
1340 |
#endif |
1295 |
} |
1341 |
} |
1296 |
execv(startas, argv); |
1342 |
execv(startas, argv); |
1297 |
fatal("Unable to start %s: %s", startas, strerror(errno)); |
1343 |
#ifdef USE_PAM |
|
|
1344 |
if(retval == PAM_SUCCESS) |
1345 |
pam_close_session(pamh, PAM_SILENT); |
1346 |
|
1347 |
pam_end(pamh, retval); |
1348 |
#endif |
1349 |
fatal("Unable to start %s: %s", startas, strerror(errno)); |
1298 |
} |
1350 |
} |
1299 |
|
1351 |
|