diff options
| author | Lennart Poettering <lennart@poettering.net> | 2023-11-02 11:04:36 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2023-11-02 14:09:23 +0100 |
| commit | e9ccae31355b8d4fd7496b0548470c8c977897d8 (patch) | |
| tree | 13c5f4246df81fa08c396303b14acf15ccdcc2a5 | |
| parent | fd-util: add new FORMAT_PROC_PID_FD_PATH() helper (diff) | |
| download | systemd-e9ccae31355b8d4fd7496b0548470c8c977897d8.tar.xz systemd-e9ccae31355b8d4fd7496b0548470c8c977897d8.zip | |
process-util: add new FORK_DEATHSIG_SIGKILL flag, rename FORK_DEATHSIG → FORK_DEATHSIG_SIGTERM
Sometimes it makes sense to hard kill a client if we die. Let's hence
add a third FORK_DEATHSIG flag for this purpose: FORK_DEATHSIG_SIGKILL.
To make things less confusing this also renames FORK_DEATHSIG to
FORK_DEATHSIG_SIGTERM to make clear it sends SIGTERM. We already had
FORK_DEATHSIG_SIGINT, hence this makes things nicely symmetric.
A bunch of users are switched over for FORK_DEATHSIG_SIGKILL where we
know it's safe to abort things abruptly. This should make some kernel
cases more robust, since we cannot get confused by signal masks or such.
While we are at it, also fix a bunch of bugs where we didn't take
FORK_DEATHSIG_SIGINT into account in safe_fork()
65 files changed, 125 insertions, 116 deletions
diff --git a/src/basic/namespace-util.c b/src/basic/namespace-util.c index 0a0de85aad..2101f617ad 100644 --- a/src/basic/namespace-util.c +++ b/src/basic/namespace-util.c @@ -219,7 +219,7 @@ int userns_acquire(const char *uid_map, const char *gid_map) { * and then kills the process again. This way we have a userns fd that is not bound to any * process. We can use that for file system mounts and similar. */ - r = safe_fork("(sd-mkuserns)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_NEW_USERNS, &pid); + r = safe_fork("(sd-mkuserns)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_NEW_USERNS, &pid); if (r < 0) return r; if (r == 0) diff --git a/src/basic/process-util.c b/src/basic/process-util.c index c5883b05d1..201c5596ae 100644 --- a/src/basic/process-util.c +++ b/src/basic/process-util.c @@ -1380,6 +1380,12 @@ pid_t clone_with_nested_stack(int (*fn)(void *), int flags, void *userdata) { return pid; } +static int fork_flags_to_signal(ForkFlags flags) { + return (flags & FORK_DEATHSIG_SIGTERM) ? SIGTERM : + (flags & FORK_DEATHSIG_SIGINT) ? SIGINT : + SIGKILL; +} + int safe_fork_full( const char *name, const int stdio_fds[3], @@ -1409,9 +1415,10 @@ int safe_fork_full( fflush(stderr); /* This one shouldn't be necessary, stderr should be unbuffered anyway, but let's better be safe than sorry */ } - if (flags & (FORK_RESET_SIGNALS|FORK_DEATHSIG)) { - /* We temporarily block all signals, so that the new child has them blocked initially. This way, we can - * be sure that SIGTERMs are not lost we might send to the child. */ + if (flags & (FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_DEATHSIG_SIGINT)) { + /* We temporarily block all signals, so that the new child has them blocked initially. This + * way, we can be sure that SIGTERMs are not lost we might send to the child. (Note that for + * FORK_DEATHSIG_SIGKILL we don't bother, since it cannot be blocked anyway.) */ assert_se(sigfillset(&ss) >= 0); block_signals = block_all = true; @@ -1512,8 +1519,8 @@ int safe_fork_full( r, "Failed to rename process, ignoring: %m"); } - if (flags & (FORK_DEATHSIG|FORK_DEATHSIG_SIGINT)) - if (prctl(PR_SET_PDEATHSIG, (flags & FORK_DEATHSIG_SIGINT) ? SIGINT : SIGTERM) < 0) { + if (flags & (FORK_DEATHSIG_SIGTERM|FORK_DEATHSIG_SIGINT|FORK_DEATHSIG_SIGKILL)) + if (prctl(PR_SET_PDEATHSIG, fork_flags_to_signal(flags)) < 0) { log_full_errno(prio, errno, "Failed to set death signal: %m"); _exit(EXIT_FAILURE); } @@ -1538,7 +1545,7 @@ int safe_fork_full( } } - if (flags & FORK_DEATHSIG) { + if (flags & (FORK_DEATHSIG_SIGTERM|FORK_DEATHSIG_SIGKILL|FORK_DEATHSIG_SIGINT)) { pid_t ppid; /* Let's see if the parent PID is still the one we started from? If not, then the parent * already died by the time we set PR_SET_PDEATHSIG, hence let's emulate the effect */ @@ -1547,8 +1554,9 @@ int safe_fork_full( if (ppid == 0) /* Parent is in a different PID namespace. */; else if (ppid != original_pid) { - log_debug("Parent died early, raising SIGTERM."); - (void) raise(SIGTERM); + int sig = fork_flags_to_signal(flags); + log_debug("Parent died early, raising %s.", signal_to_string(sig)); + (void) raise(sig); _exit(EXIT_FAILURE); } } @@ -1664,7 +1672,7 @@ int namespace_fork( r = safe_fork_full(outer_name, NULL, except_fds, n_except_fds, - (flags|FORK_DEATHSIG) & ~(FORK_REOPEN_LOG|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE), ret_pid); + (flags|FORK_DEATHSIG_SIGINT|FORK_DEATHSIG_SIGTERM|FORK_DEATHSIG_SIGKILL) & ~(FORK_REOPEN_LOG|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE), ret_pid); if (r < 0) return r; if (r == 0) { diff --git a/src/basic/process-util.h b/src/basic/process-util.h index a18a730936..af6cba13eb 100644 --- a/src/basic/process-util.h +++ b/src/basic/process-util.h @@ -160,22 +160,23 @@ pid_t clone_with_nested_stack(int (*fn)(void *), int flags, void *userdata); typedef enum ForkFlags { FORK_RESET_SIGNALS = 1 << 0, /* Reset all signal handlers and signal mask */ FORK_CLOSE_ALL_FDS = 1 << 1, /* Close all open file descriptors in the child, except for 0,1,2 */ - FORK_DEATHSIG = 1 << 2, /* Set PR_DEATHSIG in the child to SIGTERM */ + FORK_DEATHSIG_SIGTERM = 1 << 2, /* Set PR_DEATHSIG in the child to SIGTERM */ FORK_DEATHSIG_SIGINT = 1 << 3, /* Set PR_DEATHSIG in the child to SIGINT */ - FORK_REARRANGE_STDIO = 1 << 4, /* Connect 0,1,2 to specified fds or /dev/null */ - FORK_REOPEN_LOG = 1 << 5, /* Reopen log connection */ - FORK_LOG = 1 << 6, /* Log above LOG_DEBUG log level about failures */ - FORK_WAIT = 1 << 7, /* Wait until child exited */ - FORK_NEW_MOUNTNS = 1 << 8, /* Run child in its own mount namespace 💣 DO NOT USE IN THREADED PROGRAMS! 💣 */ - FORK_MOUNTNS_SLAVE = 1 << 9, /* Make child's mount namespace MS_SLAVE */ - FORK_PRIVATE_TMP = 1 << 10, /* Mount new /tmp/ in the child (combine with FORK_NEW_MOUNTNS!) */ - FORK_RLIMIT_NOFILE_SAFE = 1 << 11, /* Set RLIMIT_NOFILE soft limit to 1K for select() compat */ - FORK_STDOUT_TO_STDERR = 1 << 12, /* Make stdout a copy of stderr */ - FORK_FLUSH_STDIO = 1 << 13, /* fflush() stdout (and stderr) before forking */ - FORK_NEW_USERNS = 1 << 14, /* Run child in its own user namespace 💣 DO NOT USE IN THREADED PROGRAMS! 💣 */ - FORK_CLOEXEC_OFF = 1 << 15, /* In the child: turn off O_CLOEXEC on all fds in except_fds[] */ - FORK_KEEP_NOTIFY_SOCKET = 1 << 16, /* Unless this specified, $NOTIFY_SOCKET will be unset. */ - FORK_DETACH = 1 << 17, /* Double fork if needed to ensure PID1/subreaper is parent */ + FORK_DEATHSIG_SIGKILL = 1 << 4, /* Set PR_DEATHSIG in the child to SIGKILL */ + FORK_REARRANGE_STDIO = 1 << 5, /* Connect 0,1,2 to specified fds or /dev/null */ + FORK_REOPEN_LOG = 1 << 6, /* Reopen log connection */ + FORK_LOG = 1 << 7, /* Log above LOG_DEBUG log level about failures */ + FORK_WAIT = 1 << 8, /* Wait until child exited */ + FORK_NEW_MOUNTNS = 1 << 9, /* Run child in its own mount namespace 💣 DO NOT USE IN THREADED PROGRAMS! 💣 */ + FORK_MOUNTNS_SLAVE = 1 << 10, /* Make child's mount namespace MS_SLAVE */ + FORK_PRIVATE_TMP = 1 << 11, /* Mount new /tmp/ in the child (combine with FORK_NEW_MOUNTNS!) */ + FORK_RLIMIT_NOFILE_SAFE = 1 << 12, /* Set RLIMIT_NOFILE soft limit to 1K for select() compat */ + FORK_STDOUT_TO_STDERR = 1 << 13, /* Make stdout a copy of stderr */ + FORK_FLUSH_STDIO = 1 << 14, /* fflush() stdout (and stderr) before forking */ + FORK_NEW_USERNS = 1 << 15, /* Run child in its own user namespace 💣 DO NOT USE IN THREADED PROGRAMS! 💣 */ + FORK_CLOEXEC_OFF = 1 << 16, /* In the child: turn off O_CLOEXEC on all fds in except_fds[] */ + FORK_KEEP_NOTIFY_SOCKET = 1 << 17, /* Unless this specified, $NOTIFY_SOCKET will be unset. */ + FORK_DETACH = 1 << 18, /* Double fork if needed to ensure PID1/subreaper is parent */ } ForkFlags; int safe_fork_full( diff --git a/src/basic/terminal-util.c b/src/basic/terminal-util.c index 6cc6ff424a..b505a3ad0e 100644 --- a/src/basic/terminal-util.c +++ b/src/basic/terminal-util.c @@ -1204,7 +1204,7 @@ int openpt_allocate_in_namespace(pid_t pid, int flags, char **ret_slave) { if (socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) < 0) return -errno; - r = namespace_fork("(sd-openptns)", "(sd-openpt)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG, + r = namespace_fork("(sd-openptns)", "(sd-openpt)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL, pidnsfd, mntnsfd, -1, usernsfd, rootfd, &child); if (r < 0) return r; @@ -1255,7 +1255,7 @@ int open_terminal_in_namespace(pid_t pid, const char *name, int mode) { if (socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) < 0) return -errno; - r = namespace_fork("(sd-terminalns)", "(sd-terminal)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG, + r = namespace_fork("(sd-terminalns)", "(sd-terminal)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL, pidnsfd, mntnsfd, -1, usernsfd, rootfd, &child); if (r < 0) return r; diff --git a/src/basic/time-util.c b/src/basic/time-util.c index 19d8602faf..695b998b57 100644 --- a/src/basic/time-util.c +++ b/src/basic/time-util.c @@ -1044,7 +1044,7 @@ int parse_timestamp(const char *t, usec_t *ret) { if (shared == MAP_FAILED) return negative_errno(); - r = safe_fork("(sd-timestamp)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_WAIT, NULL); + r = safe_fork("(sd-timestamp)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_WAIT, NULL); if (r < 0) { (void) munmap(shared, sizeof *shared); return r; diff --git a/src/core/exec-credential.c b/src/core/exec-credential.c index ff2d795c7d..6bcfb68d8f 100644 --- a/src/core/exec-credential.c +++ b/src/core/exec-credential.c @@ -930,7 +930,7 @@ int exec_setup_credentials( if (r < 0 && r != -EEXIST) return r; - r = safe_fork("(sd-mkdcreds)", FORK_DEATHSIG|FORK_WAIT|FORK_NEW_MOUNTNS, NULL); + r = safe_fork("(sd-mkdcreds)", FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_NEW_MOUNTNS, NULL); if (r < 0) { _cleanup_(rmdir_and_freep) char *u = NULL; /* remove the temporary workspace if we can */ _cleanup_free_ char *t = NULL; diff --git a/src/core/exec-invoke.c b/src/core/exec-invoke.c index 4cc303737e..b1467947e5 100644 --- a/src/core/exec-invoke.c +++ b/src/core/exec-invoke.c @@ -2136,7 +2136,7 @@ static int setup_private_users(uid_t ouid, gid_t ogid, uid_t uid, gid_t gid) { if (pipe2(errno_pipe, O_CLOEXEC) < 0) return -errno; - r = safe_fork("(sd-userns)", FORK_RESET_SIGNALS|FORK_DEATHSIG, &pid); + r = safe_fork("(sd-userns)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL, &pid); if (r < 0) return r; if (r == 0) { diff --git a/src/core/unit.c b/src/core/unit.c index d12829c31f..c3613ca8fb 100644 --- a/src/core/unit.c +++ b/src/core/unit.c @@ -5426,7 +5426,7 @@ int unit_fork_helper_process(Unit *u, const char *name, PidRef *ret) { (void) unit_realize_cgroup(u); - r = safe_fork(name, FORK_REOPEN_LOG|FORK_DEATHSIG, &pid); + r = safe_fork(name, FORK_REOPEN_LOG|FORK_DEATHSIG_SIGTERM, &pid); if (r < 0) return r; if (r > 0) { diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c index 4340d07df4..32c17664fd 100644 --- a/src/coredump/coredump.c +++ b/src/coredump/coredump.c @@ -1443,7 +1443,7 @@ static int forward_coredump_to_container(Context *context) { return log_debug_errno(r, "Failed to join namespaces of PID " PID_FMT ": %m", pid); r = namespace_fork("(sd-coredumpns)", "(sd-coredump)", NULL, 0, - FORK_RESET_SIGNALS|FORK_DEATHSIG, + FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM, pidnsfd, mntnsfd, netnsfd, usernsfd, rootfd, &child); if (r < 0) return log_debug_errno(r, "Failed to fork into namespaces of PID " PID_FMT ": %m", pid); diff --git a/src/coredump/coredumpctl.c b/src/coredump/coredumpctl.c index 16abb8f62a..2245b350e4 100644 --- a/src/coredump/coredumpctl.c +++ b/src/coredump/coredumpctl.c @@ -1253,7 +1253,7 @@ static int run_debug(int argc, char **argv, void *userdata) { fork_name = strjoina("(", debugger_call[0], ")"); - r = safe_fork(fork_name, FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_CLOSE_ALL_FDS|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG|FORK_FLUSH_STDIO, &pid); + r = safe_fork(fork_name, FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_CLOSE_ALL_FDS|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG|FORK_FLUSH_STDIO, &pid); if (r < 0) goto finish; if (r == 0) { diff --git a/src/delta/delta.c b/src/delta/delta.c index d830c5e162..3337b7f081 100644 --- a/src/delta/delta.c +++ b/src/delta/delta.c @@ -168,7 +168,7 @@ static int found_override(const char *top, const char *bottom) { fflush(stdout); - r = safe_fork("(diff)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_CLOSE_ALL_FDS|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); + r = safe_fork("(diff)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_CLOSE_ALL_FDS|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); if (r < 0) return r; if (r == 0) { diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c index a09e7950cf..000ed69667 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c @@ -339,7 +339,7 @@ static int run(int argc, char *argv[]) { pipe(progress_pipe) < 0) return log_error_errno(errno, "pipe(): %m"); - r = safe_fork("(fsck)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &pid); + r = safe_fork("(fsck)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &pid); if (r < 0) return r; if (r == 0) { diff --git a/src/home/homectl.c b/src/home/homectl.c index 56b3de4a95..a6951c8562 100644 --- a/src/home/homectl.c +++ b/src/home/homectl.c @@ -2025,7 +2025,7 @@ static int with_home(int argc, char *argv[], void *userdata) { if (r < 0) return bus_log_parse_error(r); - r = safe_fork("(with)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE|FORK_REOPEN_LOG, &pid); + r = safe_fork("(with)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE|FORK_REOPEN_LOG, &pid); if (r < 0) return r; if (r == 0) { diff --git a/src/home/homed-home.c b/src/home/homed-home.c index 749670f94b..4ff35400c4 100644 --- a/src/home/homed-home.c +++ b/src/home/homed-home.c @@ -1184,7 +1184,7 @@ static int home_start_work(Home *h, const char *verb, UserRecord *hr, UserRecord r = safe_fork_full("(sd-homework)", (int[]) { stdin_fd, stdout_fd, STDERR_FILENO }, NULL, 0, - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_LOG|FORK_REOPEN_LOG, &pid); + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG|FORK_REOPEN_LOG, &pid); if (r < 0) return r; if (r == 0) { @@ -2080,7 +2080,7 @@ int home_killall(Home *h) { /* Let's kill everything matching the specified UID */ r = safe_fork("(sd-killer)", - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_WAIT|FORK_LOG|FORK_REOPEN_LOG, + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_WAIT|FORK_LOG|FORK_REOPEN_LOG, NULL); if (r < 0) return r; diff --git a/src/home/homework-cifs.c b/src/home/homework-cifs.c index dff99e5a86..19f1cd5b85 100644 --- a/src/home/homework-cifs.c +++ b/src/home/homework-cifs.c @@ -91,7 +91,7 @@ int home_setup_cifs( if (!strextend_with_separator(&options, ",", h->cifs_extra_mount_options)) return log_oom(); - r = safe_fork("(mount)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_STDOUT_TO_STDERR, &mount_pid); + r = safe_fork("(mount)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_STDOUT_TO_STDERR, &mount_pid); if (r < 0) return r; if (r == 0) { diff --git a/src/home/homework-fscrypt.c b/src/home/homework-fscrypt.c index 1b695309c0..6aae1d2626 100644 --- a/src/home/homework-fscrypt.c +++ b/src/home/homework-fscrypt.c @@ -314,7 +314,7 @@ int home_setup_fscrypt( if (uid_is_valid(h->uid)) { r = safe_fork("(sd-addkey)", - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_REOPEN_LOG, + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_REOPEN_LOG, NULL); if (r < 0) return log_error_errno(r, "Failed install encryption key in user's keyring: %m"); diff --git a/src/home/homework-luks.c b/src/home/homework-luks.c index 63d6c47ac1..5bd78a03ed 100644 --- a/src/home/homework-luks.c +++ b/src/home/homework-luks.c @@ -228,7 +228,7 @@ static int run_fsck(const char *node, const char *fstype) { } r = safe_fork("(fsck)", - FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS, + FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS, &fsck_pid); if (r < 0) return r; @@ -2596,7 +2596,7 @@ static int ext4_offline_resize_fs( /* resize2fs requires that the file system is force checked first, do so. */ r = safe_fork("(e2fsck)", - FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS, + FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS, &fsck_pid); if (r < 0) return r; @@ -2628,7 +2628,7 @@ static int ext4_offline_resize_fs( /* Resize the thing */ r = safe_fork("(e2resize)", - FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS, + FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS, &resize_pid); if (r < 0) return r; diff --git a/src/import/import-common.c b/src/import/import-common.c index 3a7a42c6b3..319aa078a7 100644 --- a/src/import/import-common.c +++ b/src/import/import-common.c @@ -39,7 +39,7 @@ int import_fork_tar_x(const char *path, pid_t *ret) { r = safe_fork_full("(tar)", (int[]) { pipefd[0], -EBADF, STDERR_FILENO }, NULL, 0, - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_LOG, &pid); + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG, &pid); if (r < 0) return r; if (r == 0) { @@ -108,7 +108,7 @@ int import_fork_tar_c(const char *path, pid_t *ret) { r = safe_fork_full("(tar)", (int[]) { -EBADF, pipefd[1], STDERR_FILENO }, NULL, 0, - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_LOG, &pid); + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG, &pid); if (r < 0) return r; if (r == 0) { diff --git a/src/import/importd.c b/src/import/importd.c index c5b60c2604..cb5156bf06 100644 --- a/src/import/importd.c +++ b/src/import/importd.c @@ -369,7 +369,7 @@ static int transfer_start(Transfer *t) { r = safe_fork_full("(sd-transfer)", (int[]) { t->stdin_fd, t->stdout_fd < 0 ? pipefd[1] : t->stdout_fd, pipefd[1] }, NULL, 0, - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REARRANGE_STDIO, &t->pid); + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO, &t->pid); if (r < 0) return r; if (r == 0) { diff --git a/src/import/pull-common.c b/src/import/pull-common.c index 44919a19c5..5e1ea20a03 100644 --- a/src/import/pull-common.c +++ b/src/import/pull-common.c @@ -417,7 +417,7 @@ static int verify_gpg( r = safe_fork_full("(gpg)", (int[]) { gpg_pipe[0], -EBADF, STDERR_FILENO }, NULL, 0, - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &pid); if (r < 0) return r; diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c index 3ffac96d7a..da0f20d3ce 100644 --- a/src/journal-remote/journal-remote-main.c +++ b/src/journal-remote/journal-remote-main.c @@ -91,7 +91,7 @@ static int spawn_child(const char* child, char** argv) { r = safe_fork_full("(remote)", (int[]) {STDIN_FILENO, fd[1], STDERR_FILENO }, NULL, 0, - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &child_pid); + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &child_pid); if (r < 0) { safe_close_pair(fd); return r; diff --git a/src/libsystemd/sd-bus/bus-container.c b/src/libsystemd/sd-bus/bus-container.c index 71581d718c..4146a6efd3 100644 --- a/src/libsystemd/sd-bus/bus-container.c +++ b/src/libsystemd/sd-bus/bus-container.c @@ -51,7 +51,7 @@ int bus_container_connect_socket(sd_bus *b) { if (socketpair(AF_UNIX, SOCK_SEQPACKET|SOCK_CLOEXEC, 0, pair) < 0) return log_debug_errno(errno, "Failed to create a socket pair: %m"); - r = namespace_fork("(sd-buscntrns)", "(sd-buscntr)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG, + r = namespace_fork("(sd-buscntrns)", "(sd-buscntr)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL, pidnsfd, mntnsfd, -1, usernsfd, rootfd, &child); if (r < 0) return log_debug_errno(r, "Failed to create namespace for (sd-buscntr): %m"); diff --git a/src/login/inhibit.c b/src/login/inhibit.c index 61fbd5df14..ad73c4bde3 100644 --- a/src/login/inhibit.c +++ b/src/login/inhibit.c @@ -300,7 +300,7 @@ static int run(int argc, char *argv[]) { if (!arguments) return log_oom(); - r = safe_fork("(inhibit)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_CLOSE_ALL_FDS|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); + r = safe_fork("(inhibit)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_CLOSE_ALL_FDS|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); if (r < 0) return r; if (r == 0) { diff --git a/src/login/logind-brightness.c b/src/login/logind-brightness.c index d238cb74c9..40bcb39ce0 100644 --- a/src/login/logind-brightness.c +++ b/src/login/logind-brightness.c @@ -136,7 +136,7 @@ static int brightness_writer_fork(BrightnessWriter *w) { assert(w->child == 0); assert(!w->child_event_source); - r = safe_fork("(sd-bright)", FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_REOPEN_LOG, &w->child); + r = safe_fork("(sd-bright)", FORK_DEATHSIG_SIGKILL|FORK_REARRANGE_STDIO|FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_REOPEN_LOG, &w->child); if (r < 0) return r; if (r == 0) { diff --git a/src/machine/machine-dbus.c b/src/machine/machine-dbus.c index b9ac931cd4..4620f32d62 100644 --- a/src/machine/machine-dbus.c +++ b/src/machine/machine-dbus.c @@ -248,7 +248,7 @@ int bus_machine_method_get_addresses(sd_bus_message *message, void *userdata, sd if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, pair) < 0) return -errno; - r = namespace_fork("(sd-addrns)", "(sd-addr)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG, + r = namespace_fork("(sd-addrns)", "(sd-addr)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL, -1, -1, netns_fd, -1, -1, &child); if (r < 0) return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m"); @@ -382,7 +382,7 @@ int bus_machine_method_get_os_release(sd_bus_message *message, void *userdata, s if (socketpair(AF_UNIX, SOCK_SEQPACKET, 0, pair) < 0) return -errno; - r = namespace_fork("(sd-osrelns)", "(sd-osrel)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG, + r = namespace_fork("(sd-osrelns)", "(sd-osrel)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL, pidns_fd, mntns_fd, -1, -1, root_fd, &child); if (r < 0) @@ -1103,7 +1103,7 @@ int bus_machine_method_open_root_directory(sd_bus_message *message, void *userda if (socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) < 0) return -errno; - r = namespace_fork("(sd-openrootns)", "(sd-openroot)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG, + r = namespace_fork("(sd-openrootns)", "(sd-openroot)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL, -1, mntns_fd, -1, -1, root_fd, &child); if (r < 0) return sd_bus_error_set_errnof(error, r, "Failed to fork(): %m"); diff --git a/src/nspawn/nspawn-setuid.c b/src/nspawn/nspawn-setuid.c index 3c12648b9d..2d67c3d9de 100644 --- a/src/nspawn/nspawn-setuid.c +++ b/src/nspawn/nspawn-setuid.c @@ -30,7 +30,7 @@ static int spawn_getent(const char *database, const char *key, pid_t *rpid) { r = safe_fork_full("(getent)", (int[]) { -EBADF, pipe_fds[1], -EBADF }, NULL, 0, - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &pid); if (r < 0) { safe_close_pair(pipe_fds); diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index ca97453283..51791d9729 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -5276,7 +5276,7 @@ static int run_container( if (arg_private_network) { /* Move network interfaces back to the parent network namespace. We use `safe_fork` * to avoid having to move the parent to the child network namespace. */ - r = safe_fork(NULL, FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_WAIT|FORK_LOG, NULL); + r = safe_fork(NULL, FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_LOG, NULL); if (r < 0) return r; diff --git a/src/partition/repart.c b/src/partition/repart.c index 94c6d8e42c..c99168b08f 100644 --- a/src/partition/repart.c +++ b/src/partition/repart.c @@ -4673,7 +4673,7 @@ static int partition_populate_filesystem(Context *context, Partition *p, const c * appear in the host namespace. Hence we fork a child that has its own file system namespace and * detached mount propagation. */ - r = safe_fork("(sd-copy)", FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, NULL); + r = safe_fork("(sd-copy)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, NULL); if (r < 0) return r; if (r == 0) { diff --git a/src/portable/portable.c b/src/portable/portable.c index f283530dd9..d72f3a02db 100644 --- a/src/portable/portable.c +++ b/src/portable/portable.c @@ -411,7 +411,7 @@ static int portable_extract_by_path( if (socketpair(AF_UNIX, SOCK_SEQPACKET|SOCK_CLOEXEC, 0, seq) < 0) return log_debug_errno(errno, "Failed to allocated SOCK_SEQPACKET socket: %m"); - r = safe_fork("(sd-dissect)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE|FORK_LOG, &child); + r = safe_fork("(sd-dissect)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE|FORK_LOG, &child); if (r < 0) return r; if (r == 0) { diff --git a/src/quotacheck/quotacheck.c b/src/quotacheck/quotacheck.c index ef5fec3f10..27a914d737 100644 --- a/src/quotacheck/quotacheck.c +++ b/src/quotacheck/quotacheck.c @@ -79,7 +79,7 @@ static int run(int argc, char *argv[]) { return 0; } - r = safe_fork("(quotacheck)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_RLIMIT_NOFILE_SAFE|FORK_WAIT|FORK_LOG, NULL); + r = safe_fork("(quotacheck)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_WAIT|FORK_LOG, NULL); if (r < 0) return r; if (r == 0) { diff --git a/src/remount-fs/remount-fs.c b/src/remount-fs/remount-fs.c index 2874a0390d..37c7b389b4 100644 --- a/src/remount-fs/remount-fs.c +++ b/src/remount-fs/remount-fs.c @@ -51,7 +51,7 @@ static int do_remount(const char *path, bool force_rw, Hashmap **pids) { log_debug("Remounting %s...", path); r = safe_fork(force_rw ? "(remount-rw)" : "(remount)", - FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); + FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); if (r < 0) return r; if (r == 0) { diff --git a/src/resolve/test-resolved-stream.c b/src/resolve/test-resolved-stream.c index d1b38b3aad..847de04f90 100644 --- a/src/resolve/test-resolved-stream.c +++ b/src/resolve/test-resolved-stream.c @@ -151,7 +151,7 @@ static void *tls_dns_server(void *p) { r = safe_fork_full("(test-resolved-stream-tls-openssl)", (int[]) { fd_tls, fd_tls, STDOUT_FILENO }, NULL, 0, - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_LOG|FORK_REOPEN_LOG, + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG|FORK_REOPEN_LOG, &openssl_pid); assert_se(r >= 0); if (r == 0) { @@ -336,7 +336,7 @@ static void try_isolate_network(void) { /* First test if CLONE_NEWUSER/CLONE_NEWNET can actually work for us, i.e. we can open the namespaces * and then still access the build dir we are run from. We do that in a child process since it's * nasty if we have to go back from the namespace once we entered it and realized it cannot work. */ - r = safe_fork("(usernstest)", FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(usernstest)", FORK_DEATHSIG_SIGKILL|FORK_LOG|FORK_WAIT, NULL); if (r == 0) { /* child */ _cleanup_free_ char *rt = NULL, *d = NULL; diff --git a/src/shared/calendarspec.c b/src/shared/calendarspec.c index 2665930209..039080f052 100644 --- a/src/shared/calendarspec.c +++ b/src/shared/calendarspec.c @@ -1401,7 +1401,7 @@ int calendar_spec_next_usec(const CalendarSpec *spec, usec_t usec, usec_t *ret_n if (shared == MAP_FAILED) return negative_errno(); - r = safe_fork("(sd-calendar)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_WAIT, NULL); + r = safe_fork("(sd-calendar)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_WAIT, NULL); if (r < 0) { (void) munmap(shared, sizeof *shared); return r; diff --git a/src/shared/dissect-image.c b/src/shared/dissect-image.c index ef23c4a255..2687eafaf6 100644 --- a/src/shared/dissect-image.c +++ b/src/shared/dissect-image.c @@ -1718,7 +1718,7 @@ static int run_fsck(int node_fd, const char *fstype) { "(fsck)", NULL, &node_fd, 1, /* Leave the node fd open */ - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_CLOEXEC_OFF, + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_CLOEXEC_OFF, &pid); if (r < 0) return log_debug_errno(r, "Failed to fork off fsck: %m"); @@ -3410,7 +3410,7 @@ int dissected_image_acquire_metadata(DissectedImage *m, DissectImageFlags extra_ goto finish; } - r = safe_fork("(sd-dissect)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, &child); + r = safe_fork("(sd-dissect)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, &child); if (r < 0) goto finish; if (r == 0) { diff --git a/src/shared/edit-util.c b/src/shared/edit-util.c index 96ad721343..045839b663 100644 --- a/src/shared/edit-util.c +++ b/src/shared/edit-util.c @@ -270,7 +270,7 @@ static int run_editor(const EditFileContext *context) { assert(context); - r = safe_fork("(editor)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(editor)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG|FORK_WAIT, NULL); if (r < 0) return r; if (r == 0) { /* Child */ diff --git a/src/shared/exec-util.c b/src/shared/exec-util.c index 5da613bc17..852b3c0e3d 100644 --- a/src/shared/exec-util.c +++ b/src/shared/exec-util.c @@ -45,7 +45,7 @@ static int do_spawn(const char *path, char *argv[], int stdout_fd, pid_t *pid, b return 0; } - r = safe_fork("(direxec)", FORK_DEATHSIG|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &_pid); + r = safe_fork("(direxec)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &_pid); if (r < 0) return r; if (r == 0) { @@ -250,7 +250,7 @@ int execute_strv( * them to finish. Optionally a timeout is applied. If a file with the same name * exists in more than one directory, the earliest one wins. */ - r = safe_fork("(sd-executor)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG, &executor_pid); + r = safe_fork("(sd-executor)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_LOG, &executor_pid); if (r < 0) return r; if (r == 0) { @@ -541,7 +541,7 @@ int fork_agent(const char *name, const int except[], size_t n_except, pid_t *ret NULL, except, n_except, - FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG|FORK_RLIMIT_NOFILE_SAFE, + FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG|FORK_RLIMIT_NOFILE_SAFE, ret_pid); if (r < 0) return r; diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c index d3053ceabb..a5d04003bd 100644 --- a/src/shared/logs-show.c +++ b/src/shared/logs-show.c @@ -1692,7 +1692,7 @@ static int get_boot_id_for_machine(const char *machine, sd_id128_t *boot_id) { if (socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) < 0) return -errno; - r = namespace_fork("(sd-bootidns)", "(sd-bootid)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG, + r = namespace_fork("(sd-bootidns)", "(sd-bootid)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGKILL, pidnsfd, mntnsfd, -1, -1, rootfd, &child); if (r < 0) return r; diff --git a/src/shared/mkfs-util.c b/src/shared/mkfs-util.c index 6ea080869f..4e58b6e871 100644 --- a/src/shared/mkfs-util.c +++ b/src/shared/mkfs-util.c @@ -155,7 +155,7 @@ static int do_mcopy(const char *node, const char *root) { if (strv_extend(&argv, "::") < 0) return log_oom(); - r = safe_fork("(mcopy)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS, NULL); + r = safe_fork("(mcopy)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS, NULL); if (r < 0) return r; if (r == 0) { @@ -336,7 +336,7 @@ int make_filesystem( _cleanup_(unlink_and_freep) char *protofile = NULL; char vol_id[CONST_MAX(SD_ID128_UUID_STRING_MAX, 8U + 1U)] = {}; int stdio_fds[3] = { -EBADF, STDERR_FILENO, STDERR_FILENO}; - ForkFlags flags = FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_WAIT| + ForkFlags flags = FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT| FORK_CLOSE_ALL_FDS|FORK_REARRANGE_STDIO|FORK_REOPEN_LOG; int r; diff --git a/src/shared/mount-util.c b/src/shared/mount-util.c index a7493a3814..af4729b9dc 100644 --- a/src/shared/mount-util.c +++ b/src/shared/mount-util.c @@ -981,7 +981,7 @@ static int mount_in_namespace_legacy( goto finish; } - r = namespace_fork("(sd-bindmnt)", "(sd-bindmnt-inner)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG, + r = namespace_fork("(sd-bindmnt)", "(sd-bindmnt-inner)", NULL, 0, FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM, pidns_fd, mntns_fd, -1, -1, root_fd, &child); if (r < 0) goto finish; @@ -1184,7 +1184,7 @@ static int mount_in_namespace( "(sd-bindmnt-inner)", /* except_fds= */ NULL, /* n_except_fds= */ 0, - FORK_RESET_SIGNALS|FORK_DEATHSIG, + FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM, pidns_fd, mntns_fd, /* netns_fd= */ -1, diff --git a/src/shared/pager.c b/src/shared/pager.c index 2e9c82cde7..19deefab56 100644 --- a/src/shared/pager.c +++ b/src/shared/pager.c @@ -316,7 +316,7 @@ int show_man_page(const char *desc, bool null_stdio) { } else args[1] = desc; - r = safe_fork("(man)", FORK_RESET_SIGNALS|FORK_DEATHSIG|(null_stdio ? FORK_REARRANGE_STDIO : 0)|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); + r = safe_fork("(man)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|(null_stdio ? FORK_REARRANGE_STDIO : 0)|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); if (r < 0) return r; if (r == 0) { diff --git a/src/shared/varlink.c b/src/shared/varlink.c index 23ce56ca9f..2ba942f30e 100644 --- a/src/shared/varlink.c +++ b/src/shared/varlink.c @@ -452,7 +452,7 @@ int varlink_connect_exec(Varlink **ret, const char *_command, char **_argv) { /* stdio_fds= */ NULL, /* except_fds= */ (int[]) { pair[1] }, /* n_except_fds= */ 1, - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REOPEN_LOG|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &pid); if (r < 0) return log_debug_errno(r, "Failed to spawn process: %m"); diff --git a/src/socket-activate/socket-activate.c b/src/socket-activate/socket-activate.c index 644bed0dcc..78ecb29e60 100644 --- a/src/socket-activate/socket-activate.c +++ b/src/socket-activate/socket-activate.c @@ -223,7 +223,7 @@ static int fork_and_exec_process(const char *child, char **argv, int fd) { return log_oom(); r = safe_fork("(activate)", - FORK_RESET_SIGNALS | FORK_DEATHSIG | FORK_RLIMIT_NOFILE_SAFE | FORK_LOG, + FORK_RESET_SIGNALS | FORK_DEATHSIG_SIGTERM | FORK_RLIMIT_NOFILE_SAFE | FORK_LOG, &child_pid); if (r < 0) return r; diff --git a/src/sulogin-shell/sulogin-shell.c b/src/sulogin-shell/sulogin-shell.c index f2de30cc3f..b26663df08 100644 --- a/src/sulogin-shell/sulogin-shell.c +++ b/src/sulogin-shell/sulogin-shell.c @@ -70,7 +70,7 @@ static int fork_wait(const char* const cmdline[]) { pid_t pid; int r; - r = safe_fork("(sulogin)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); + r = safe_fork("(sulogin)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); if (r < 0) return r; if (r == 0) { diff --git a/src/sysext/sysext.c b/src/sysext/sysext.c index 858868c0c5..8dc515e4d5 100644 --- a/src/sysext/sysext.c +++ b/src/sysext/sysext.c @@ -973,7 +973,7 @@ static int merge(ImageClass image_class, pid_t pid; int r; - r = safe_fork("(sd-merge)", FORK_DEATHSIG|FORK_LOG|FORK_NEW_MOUNTNS, &pid); + r = safe_fork("(sd-merge)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_NEW_MOUNTNS, &pid); if (r < 0) return log_error_errno(r, "Failed to fork off child: %m"); if (r == 0) { diff --git a/src/systemctl/systemctl-start-special.c b/src/systemctl/systemctl-start-special.c index 6e2238f2a5..d93bffb759 100644 --- a/src/systemctl/systemctl-start-special.c +++ b/src/systemctl/systemctl-start-special.c @@ -84,7 +84,7 @@ static int load_kexec_kernel(void) { if (arg_dry_run) return 0; - r = safe_fork("(kexec)", FORK_WAIT|FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); + r = safe_fork("(kexec)", FORK_WAIT|FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); if (r < 0) return r; if (r == 0) { diff --git a/src/systemctl/systemctl-sysv-compat.c b/src/systemctl/systemctl-sysv-compat.c index 37fc6347fe..2aa1ec6d83 100644 --- a/src/systemctl/systemctl-sysv-compat.c +++ b/src/systemctl/systemctl-sysv-compat.c @@ -210,7 +210,7 @@ int enable_sysv_units(const char *verb, char **args) { if (!arg_quiet) log_info("Executing: %s", l); - j = safe_fork("(sysv-install)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); + j = safe_fork("(sysv-install)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); if (j < 0) return j; if (j == 0) { diff --git a/src/sysupdate/sysupdate-resource.c b/src/sysupdate/sysupdate-resource.c index 15e89336de..e4bdd88284 100644 --- a/src/sysupdate/sysupdate-resource.c +++ b/src/sysupdate/sysupdate-resource.c @@ -292,7 +292,7 @@ static int download_manifest( r = safe_fork_full("(sd-pull)", (int[]) { -EBADF, pfd[1], STDERR_FILENO }, NULL, 0, - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_LOG, + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG, &pid); if (r < 0) return r; diff --git a/src/sysupdate/sysupdate-transfer.c b/src/sysupdate/sysupdate-transfer.c index acf75e51c7..f8f4a154f9 100644 --- a/src/sysupdate/sysupdate-transfer.c +++ b/src/sysupdate/sysupdate-transfer.c @@ -793,7 +793,7 @@ static int run_helper( assert(path); assert(cmdline); - r = safe_fork(name, FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork(name, FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL); if (r < 0) return r; if (r == 0) { diff --git a/src/test/test-async.c b/src/test/test-async.c index b5a4f5904b..75bc4d8238 100644 --- a/src/test/test-async.c +++ b/src/test/test-async.c @@ -30,7 +30,7 @@ TEST(asynchronous_close) { assert_se(fcntl(fd, F_GETFD) == -1); assert_se(errno == EBADF); - r = safe_fork("(subreaper)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(subreaper)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGKILL|FORK_LOG|FORK_WAIT, NULL); assert(r >= 0); if (r == 0) { @@ -63,7 +63,7 @@ TEST(asynchronous_rm_rf) { /* Do this once more, form a subreaper. Which is nice, because we can watch the async child even * though detached */ - r = safe_fork("(subreaper)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(subreaper)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL); assert_se(r >= 0); if (r == 0) { diff --git a/src/test/test-capability.c b/src/test/test-capability.c index 2f93fbeede..e8a0569737 100644 --- a/src/test/test-capability.c +++ b/src/test/test-capability.c @@ -254,7 +254,7 @@ static void test_capability_get_ambient(void) { assert_se(capability_get_ambient(&c) >= 0); - r = safe_fork("(getambient)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_WAIT|FORK_LOG, NULL); + r = safe_fork("(getambient)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_LOG, NULL); assert_se(r >= 0); if (r == 0) { diff --git a/src/test/test-data-fd-util.c b/src/test/test-data-fd-util.c index d3bb0e3f5f..aa68132e45 100644 --- a/src/test/test-data-fd-util.c +++ b/src/test/test-data-fd-util.c @@ -115,7 +115,7 @@ TEST(copy_data_fd) { assert_se(socketpair(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0, sfd) >= 0); - r = safe_fork("(sd-pipe)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_LOG, &pid); + r = safe_fork("(sd-pipe)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_LOG, &pid); assert_se(r >= 0); if (r == 0) { diff --git a/src/test/test-env-util.c b/src/test/test-env-util.c index a6b5f2f347..dffbad6327 100644 --- a/src/test/test-env-util.c +++ b/src/test/test-env-util.c @@ -475,7 +475,7 @@ TEST(setenv_systemd_exec_pid) { TEST(getenv_steal_erase) { int r; - r = safe_fork("(sd-getenvstealerase)", FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(sd-getenvstealerase)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL); if (r == 0) { _cleanup_strv_free_ char **l = NULL; diff --git a/src/test/test-execute.c b/src/test/test-execute.c index 6156c9caa7..ab0c4e905d 100644 --- a/src/test/test-execute.c +++ b/src/test/test-execute.c @@ -602,7 +602,7 @@ static int find_libraries(const char *exec, char ***ret) { r = safe_fork_full("(spawn-ldd)", (int[]) { -EBADF, outpipe[1], errpipe[1] }, NULL, 0, - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_LOG, &pid); + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG, &pid); assert_se(r >= 0); if (r == 0) { execlp("ldd", "ldd", exec, NULL); @@ -1299,7 +1299,7 @@ static int prepare_ns(const char *process_name) { r = safe_fork(process_name, FORK_RESET_SIGNALS | FORK_CLOSE_ALL_FDS | - FORK_DEATHSIG | + FORK_DEATHSIG_SIGTERM | FORK_WAIT | FORK_REOPEN_LOG | FORK_LOG | diff --git a/src/test/test-fd-util.c b/src/test/test-fd-util.c index 9c74d88abc..021d4b47c2 100644 --- a/src/test/test-fd-util.c +++ b/src/test/test-fd-util.c @@ -337,7 +337,7 @@ TEST(close_all_fds) { * with /proc/ overmounted, and once with the combination of both. This should trigger all fallbacks * in the close_range_all() function. */ - r = safe_fork("(caf-plain)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(caf-plain)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL); if (r == 0) { test_close_all_fds_inner(); _exit(EXIT_SUCCESS); @@ -347,7 +347,7 @@ TEST(close_all_fds) { if (geteuid() != 0) return (void) log_tests_skipped("Lacking privileges for test with close_range() blocked and /proc/ overmounted"); - r = safe_fork("(caf-noproc)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, NULL); + r = safe_fork("(caf-noproc)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, NULL); if (r == 0) { r = mount_nofollow_verbose(LOG_WARNING, "tmpfs", "/proc", "tmpfs", 0, NULL); if (r < 0) @@ -361,7 +361,7 @@ TEST(close_all_fds) { if (!is_seccomp_available()) return (void) log_tests_skipped("Seccomp not available"); - r = safe_fork("(caf-seccomp)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(caf-seccomp)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL); if (r == 0) { r = seccomp_prohibit_close_range(); if (r < 0) @@ -373,7 +373,7 @@ TEST(close_all_fds) { } assert_se(r >= 0); - r = safe_fork("(caf-scnp)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, NULL); + r = safe_fork("(caf-scnp)", FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT|FORK_NEW_MOUNTNS|FORK_MOUNTNS_SLAVE, NULL); if (r == 0) { r = seccomp_prohibit_close_range(); if (r < 0) diff --git a/src/test/test-fileio.c b/src/test/test-fileio.c index d76a4ced91..ad98a92060 100644 --- a/src/test/test-fileio.c +++ b/src/test/test-fileio.c @@ -969,7 +969,7 @@ TEST(read_full_file_socket) { /* Bind the *client* socket to some randomized name, to verify that this works correctly. */ assert_se(asprintf(&clientname, "@%" PRIx64 "/test-bindname", random_u64()) >= 0); - r = safe_fork("(server)", FORK_DEATHSIG|FORK_LOG, &pid); + r = safe_fork("(server)", FORK_DEATHSIG_SIGTERM|FORK_LOG, &pid); assert_se(r >= 0); if (r == 0) { union sockaddr_union peer = {}; diff --git a/src/test/test-mempress.c b/src/test/test-mempress.c index 69928f3de0..26ce4cee79 100644 --- a/src/test/test-mempress.c +++ b/src/test/test-mempress.c @@ -226,7 +226,7 @@ TEST(real_pressure) { assert_se(pipe2(pipe_fd, O_CLOEXEC) >= 0); - r = safe_fork("(eat-memory)", FORK_RESET_SIGNALS|FORK_DEATHSIG, &pid); + r = safe_fork("(eat-memory)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM, &pid); assert_se(r >= 0); if (r == 0) { real_pressure_eat_memory(pipe_fd[0]); diff --git a/src/test/test-mkdir.c b/src/test/test-mkdir.c index 03e5a4997c..4820b3251a 100644 --- a/src/test/test-mkdir.c +++ b/src/test/test-mkdir.c @@ -80,7 +80,7 @@ TEST(mkdir_p_safe) { p = mfree(p); assert_se(p = path_join(tmp, "zero-mode/should-fail-to-create-child")); assert_se(mkdir_parents_safe(tmp, p, 0000, UID_INVALID, GID_INVALID, 0) >= 0); - r = safe_fork("(test-mkdir-no-cap)", FORK_DEATHSIG | FORK_WAIT | FORK_LOG, NULL); + r = safe_fork("(test-mkdir-no-cap)", FORK_DEATHSIG_SIGTERM | FORK_WAIT | FORK_LOG, NULL); if (r == 0) { (void) capability_bounding_set_drop(0, /* right_now = */ true); assert_se(mkdir_p_safe(tmp, p, 0000, UID_INVALID, GID_INVALID, 0) == -EACCES); diff --git a/src/test/test-mount-util.c b/src/test/test-mount-util.c index 1cfc1f3ae5..c3d0acb6af 100644 --- a/src/test/test-mount-util.c +++ b/src/test/test-mount-util.c @@ -280,7 +280,7 @@ TEST(make_mount_switch_root) { r = safe_fork("(switch-root)", FORK_RESET_SIGNALS | FORK_CLOSE_ALL_FDS | - FORK_DEATHSIG | + FORK_DEATHSIG_SIGTERM | FORK_WAIT | FORK_REOPEN_LOG | FORK_LOG | @@ -332,7 +332,7 @@ TEST(umount_recursive) { r = safe_fork("(umount-rec)", FORK_RESET_SIGNALS | FORK_CLOSE_ALL_FDS | - FORK_DEATHSIG | + FORK_DEATHSIG_SIGTERM | FORK_WAIT | FORK_REOPEN_LOG | FORK_LOG | @@ -406,7 +406,7 @@ TEST(fd_make_mount_point) { r = safe_fork("(make_mount-point)", FORK_RESET_SIGNALS | FORK_CLOSE_ALL_FDS | - FORK_DEATHSIG | + FORK_DEATHSIG_SIGTERM | FORK_WAIT | FORK_REOPEN_LOG | FORK_LOG | diff --git a/src/test/test-process-util.c b/src/test/test-process-util.c index 22fb1fd278..09ad82d239 100644 --- a/src/test/test-process-util.c +++ b/src/test/test-process-util.c @@ -634,7 +634,7 @@ TEST(safe_fork) { BLOCK_SIGNALS(SIGCHLD); - r = safe_fork("(test-child)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_REOPEN_LOG, &pid); + r = safe_fork("(test-child)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_REOPEN_LOG, &pid); assert_se(r >= 0); if (r == 0) { @@ -701,7 +701,7 @@ TEST(setpriority_closest) { int r; r = safe_fork("(test-setprio)", - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_WAIT|FORK_LOG, NULL); + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_WAIT|FORK_LOG, NULL); assert_se(r >= 0); if (r == 0) { @@ -855,7 +855,7 @@ TEST(get_process_threads) { int r; /* Run this test in a child, so that we can guarantee there's exactly one thread around in the child */ - r = safe_fork("(nthreads)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_REOPEN_LOG|FORK_WAIT|FORK_LOG, NULL); + r = safe_fork("(nthreads)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_WAIT|FORK_LOG, NULL); assert_se(r >= 0); if (r == 0) { diff --git a/src/test/test-rm-rf.c b/src/test/test-rm-rf.c index 6a8b7d823f..4c69bd28c9 100644 --- a/src/test/test-rm-rf.c +++ b/src/test/test-rm-rf.c @@ -93,7 +93,7 @@ TEST(rm_rf_chmod) { /* This test only works unpriv (as only then the access mask for the owning user matters), * hence drop privs here */ - r = safe_fork("(setresuid)", FORK_DEATHSIG|FORK_WAIT, NULL); + r = safe_fork("(setresuid)", FORK_DEATHSIG_SIGTERM|FORK_WAIT, NULL); assert_se(r >= 0); if (r == 0) { diff --git a/src/test/test-socket-util.c b/src/test/test-socket-util.c index b5fb437c5b..e9c776a8c5 100644 --- a/src/test/test-socket-util.c +++ b/src/test/test-socket-util.c @@ -158,7 +158,7 @@ TEST(in_addr_is_multicast) { TEST(getpeercred_getpeergroups) { int r; - r = safe_fork("(getpeercred)", FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(getpeercred)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL); assert_se(r >= 0); if (r == 0) { @@ -228,7 +228,7 @@ TEST(passfd_read) { assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) >= 0); - r = safe_fork("(passfd_read)", FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(passfd_read)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL); assert_se(r >= 0); if (r == 0) { @@ -270,7 +270,7 @@ TEST(passfd_contents_read) { assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) >= 0); - r = safe_fork("(passfd_contents_read)", FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(passfd_contents_read)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL); assert_se(r >= 0); if (r == 0) { @@ -322,7 +322,7 @@ TEST(pass_many_fds_contents_read) { assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) >= 0); - r = safe_fork("(passfd_contents_read)", FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(passfd_contents_read)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL); assert_se(r >= 0); if (r == 0) { @@ -382,7 +382,7 @@ TEST(receive_nopassfd) { assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) >= 0); - r = safe_fork("(receive_nopassfd)", FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(receive_nopassfd)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL); assert_se(r >= 0); if (r == 0) { @@ -418,7 +418,7 @@ TEST(send_nodata_nofd) { assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) >= 0); - r = safe_fork("(send_nodata_nofd)", FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(send_nodata_nofd)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL); assert_se(r >= 0); if (r == 0) { @@ -451,7 +451,7 @@ TEST(send_emptydata) { assert_se(socketpair(AF_UNIX, SOCK_DGRAM, 0, pair) >= 0); - r = safe_fork("(send_emptydata)", FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL); + r = safe_fork("(send_emptydata)", FORK_DEATHSIG_SIGTERM|FORK_LOG|FORK_WAIT, NULL); assert_se(r >= 0); if (r == 0) { diff --git a/src/udev/udev-manager.c b/src/udev/udev-manager.c index 697dc2f14f..aca241c0c9 100644 --- a/src/udev/udev-manager.c +++ b/src/udev/udev-manager.c @@ -381,7 +381,7 @@ static int worker_spawn(Manager *manager, Event *event) { if (r < 0) return log_error_errno(r, "Worker: Failed to enable receiving of device: %m"); - r = safe_fork("(udev-worker)", FORK_DEATHSIG, &pid); + r = safe_fork("(udev-worker)", FORK_DEATHSIG_SIGTERM, &pid); if (r < 0) { event->state = EVENT_QUEUED; return log_error_errno(r, "Failed to fork() worker: %m"); diff --git a/src/udev/udev-spawn.c b/src/udev/udev-spawn.c index 9501013d1c..1d0b8548e3 100644 --- a/src/udev/udev-spawn.c +++ b/src/udev/udev-spawn.c @@ -280,7 +280,7 @@ int udev_event_spawn( r = safe_fork_full("(spawn)", (int[]) { -EBADF, outpipe[WRITE_END], errpipe[WRITE_END] }, NULL, 0, - FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_REARRANGE_STDIO|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, + FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG_SIGTERM|FORK_REARRANGE_STDIO|FORK_LOG|FORK_RLIMIT_NOFILE_SAFE, &pid); if (r < 0) return log_device_error_errno(event->dev, r, diff --git a/src/udev/udevadm-lock.c b/src/udev/udevadm-lock.c index 89d7d256d2..8993cc4571 100644 --- a/src/udev/udevadm-lock.c +++ b/src/udev/udevadm-lock.c @@ -226,7 +226,7 @@ static int lock_device( BLOCK_SIGNALS(SIGCHLD); - r = safe_fork("(timed-flock)", FORK_DEATHSIG|FORK_LOG, &flock_pid); + r = safe_fork("(timed-flock)", FORK_DEATHSIG_SIGKILL|FORK_LOG, &flock_pid); if (r < 0) return r; if (r == 0) { @@ -349,7 +349,7 @@ int lock_main(int argc, char *argv[], void *userdata) { /* Ignore SIGINT and allow the forked process to receive it */ (void) ignore_signals(SIGINT); - r = safe_fork("(lock)", FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_CLOSE_ALL_FDS|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); + r = safe_fork("(lock)", FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_CLOSE_ALL_FDS|FORK_RLIMIT_NOFILE_SAFE|FORK_LOG, &pid); if (r < 0) return r; if (r == 0) { diff --git a/src/userdb/userdbd-manager.c b/src/userdb/userdbd-manager.c index 73da3fb1e8..62a1fa5f4b 100644 --- a/src/userdb/userdbd-manager.c +++ b/src/userdb/userdbd-manager.c @@ -149,7 +149,7 @@ static int start_one_worker(Manager *m) { "(sd-worker)", /* stdio_fds= */ NULL, &m->listen_fd, 1, - FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_REOPEN_LOG|FORK_LOG|FORK_CLOSE_ALL_FDS, + FORK_RESET_SIGNALS|FORK_DEATHSIG_SIGTERM|FORK_REOPEN_LOG|FORK_LOG|FORK_CLOSE_ALL_FDS, &pid); if (r < 0) return log_error_errno(r, "Failed to fork new worker child: %m"); |