// Some platforms using setsid() benefit from sesexec being // forked again, so the UNIX session can be created cleanly // See FreeBSD bug // ports/157282: effective login name is not set by xrdp-sesman // https://www.freebsd.org/cgi/query-pr.cgi?pr=157282
/*****************************************************************************/ /** *Addsentriestotheargslistforrunningsesexec * *@paramargsArgumentlist *@return0formemoryallocationfailure,1forsuccess
*/ staticint
create_exec_args_add_entries(struct list *args)
{ if (!list_add_strdup(args, SESEXEC_SHORTNAME))
{ return0;
}
if (g_strcmp(g_cfg->sesman_ini, DEFAULT_SESMAN_INI) != 0)
{ if (!list_add_strdup_multi(args, "-c", g_cfg->sesman_ini, NULL))
{ return0;
}
}
return1;
}
/*****************************************************************************/ /** *Createanargslistforsesexec *@returnNULLifmemorycouldnotbeallocated * *Theresultmustbefreedwithlist_delete()afteruse
*/ staticstruct list *
create_exec_args(void)
{ struct list *result = list_create(); if (result != NULL)
{
result->auto_free = 1; if (!create_exec_args_add_entries(result))
{
list_delete(result);
result = NULL;
}
}
return result;
}
/*****************************************************************************/ int
sesexec_start(struct pre_session_item *psi)
{ // Local socket pair used to set up the EICP channel for sesexec // We also use the socket pair to communicate the PID of sesexec back // to sesman. Technically we only need this if USE_BSD_SETLOGIN // is set, but removing this variable complicates the code so // much it isn't worth it. int sck[2] = {-1, -1}; int rv = -1; int size; constchar *exe = SESEXEC_LONGNAME; struct list *args = NULL;
#if USE_BSD_SETLOGIN if (g_fork() != 0)
{
g_exit(0);
} #endif // Send our pid back to sesman
pid = g_getpid();
size = g_file_write(sck[1], (constchar *)&pid, sizeof(pid));
if (size != sizeof(pid))
{
LOG(LOG_LEVEL_ERROR, "Can't write to PID socket [%s]",
g_get_strerror());
} else
{ /* Put the number of the file descriptor in EICP_FD
* in the environment */ char buff[64];
g_snprintf(buff, sizeof(buff), "%d", sck[1]);
g_setenv_log("EICP_FD", buff, 1);
/* [Development] Log all file descriptors not marked cloexec *otherthanstdin,stdout,stderr,andtheEICPfdinsck[1].
*/ if (sck[1] < 3)
{ // EICP fd has overwritten one of the standard descriptors
LOG_DEVEL_LEAKING_FDS("xrdp-sesexec", 3, -1);
} else
{
LOG_DEVEL_LEAKING_FDS("xrdp-sesexec", 3, sck[1]);
LOG_DEVEL_LEAKING_FDS("xrdp-sesexec", sck[1] + 1, -1);
}
g_execvp_list(exe, args);
// Shouldn't get here. Errors are logged if we do.
}
g_exit(1);
} else
{
g_file_close(sck[1]);
// Get the PID from the child (or the grancdchild) int size = g_file_read(sck[0], (char *)&pid, sizeof(pid));
Die Informationen auf dieser Webseite wurden
nach bestem Wissen sorgfältig zusammengestellt. Es wird jedoch weder Vollständigkeit, noch Richtigkeit,
noch Qualität der bereit gestellten Informationen zugesichert.
Bemerkung:
Die farbliche Syntaxdarstellung und die Messung sind noch experimentell.