diff options
| -rw-r--r-- | src/daemon.hpp | 18 | ||||
| -rw-r--r-- | src/linux/tunDevice.cpp | 8 | ||||
| -rw-r--r-- | src/log.cpp | 2 | ||||
| -rw-r--r-- | src/sysexec.hpp | 13 |
4 files changed, 31 insertions, 10 deletions
diff --git a/src/daemon.hpp b/src/daemon.hpp index 9f1715d..d66549b 100644 --- a/src/daemon.hpp +++ b/src/daemon.hpp @@ -26,7 +26,11 @@ void chrootAndDrop(std::string const& chrootdir, std::string const& username) exit(-1); } cLog.msg(Log::PRIO_NOTICE) << "we are in chroot jail (" << chrootdir << ") now" << std::endl; - chdir("/"); + if(chdir("/")) + { + std::cerr << "can't change to /" << std::endl; + exit(-1); + } if (initgroups(pw->pw_name, pw->pw_gid) || setgid(pw->pw_gid) || setuid(pw->pw_uid)) { std::cerr << "can't drop to user " << username << " " << pw->pw_uid << ":" << pw->pw_gid << std::endl; @@ -57,9 +61,15 @@ void daemonize() // for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors for (fd=0;fd<=2;fd++) // close all file descriptors close(fd); - fd=open("/dev/null",O_RDWR); // stdin - dup(fd); // stdout - dup(fd); // stderr + fd = open("/dev/null",O_RDWR); // stdin + if(fd == -1) + cLog.msg(Log::PRIO_WARNING) << "can't open stdin"; + else { + if(dup(fd) == -1) // stdout + cLog.msg(Log::PRIO_WARNING) << "can't open stdout"; + if(dup(fd) == -1) // stderr + cLog.msg(Log::PRIO_WARNING) << "can't open stderr"; + } umask(027); } #endif diff --git a/src/linux/tunDevice.cpp b/src/linux/tunDevice.cpp index c743229..0c51047 100644 --- a/src/linux/tunDevice.cpp +++ b/src/linux/tunDevice.cpp @@ -44,7 +44,7 @@ #include "tunDevice.h" #include "threadUtils.hpp" - +#include "log.h" TunDevice::TunDevice(std::string dev_name, std::string dev_type, std::string ifcfg_lp, std::string ifcfg_rnmp) : conf_(dev_name, dev_type, ifcfg_lp, ifcfg_rnmp, 1400) { @@ -172,5 +172,9 @@ void TunDevice::do_ifconfig() command << conf_.remote_netmask_.toString() << " mtu " << conf_.mtu_; - system(command.str().c_str()); + int result = system(command.str().c_str()); + if(result == -1) + cLog.msg(Log::PRIO_ERR) << "Execution of ifconfig failed"; + else + cLog.msg(Log::PRIO_NOTICE) << "ifconfig returned " << WEXITSTATUS(result); } diff --git a/src/log.cpp b/src/log.cpp index 72c3d3c..272fc53 100644 --- a/src/log.cpp +++ b/src/log.cpp @@ -54,7 +54,7 @@ LogStringBuilder::~LogStringBuilder() { Lock lock(log.mutex); #ifndef NOSYSLOG - syslog(prio | log.getFacility(), stream.str().c_str()); + syslog(prio | log.getFacility(), "%s", stream.str().c_str()); #endif } diff --git a/src/sysexec.hpp b/src/sysexec.hpp index 73a18bf..85efaa0 100644 --- a/src/sysexec.hpp +++ b/src/sysexec.hpp @@ -10,9 +10,16 @@ int execScript(std::string const& script, std::string const& ifname) int fd; for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors close(fd); - fd=open("/dev/null",O_RDWR); // stdin - dup(fd); // stdout - dup(fd); // stderr + + fd = open("/dev/null",O_RDWR); // stdin + if(fd == -1) + cLog.msg(Log::PRIO_WARNING) << "can't open stdin"; + else { + if(dup(fd) == -1) // stdout + cLog.msg(Log::PRIO_WARNING) << "can't open stdout"; + if(dup(fd) == -1) // stderr + cLog.msg(Log::PRIO_WARNING) << "can't open stderr"; + } return execl("/bin/sh", "/bin/sh", script.c_str(), ifname.c_str(), NULL); } int status = 0; |