diff options
| author | Lennart Poettering <lennart@poettering.net> | 2018-02-09 12:17:26 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-02-09 12:17:26 +0100 |
| commit | af77d6f8da3994212b300f1dfd94d67366448f99 (patch) | |
| tree | eded5c385e279dec5b6edb9f81a5fb5a8dcd24e4 | |
| parent | 8c2dbc8779025c7bd592708a0fc7ef0a29b80f90 (diff) | |
| parent | 392cf1d05dbfa1395f6d99102e5ea41debb58fec (diff) | |
| download | systemd-af77d6f8da3994212b300f1dfd94d67366448f99.tar.gz | |
Merge pull request #8083 from shawnl/close-ssh
sd-bus: cleanup ssh sessions (Closes: #8076)
| -rw-r--r-- | src/basic/process-util.c | 7 | ||||
| -rw-r--r-- | src/basic/process-util.h | 1 | ||||
| -rw-r--r-- | src/libsystemd/sd-bus/bus-internal.h | 1 | ||||
| -rw-r--r-- | src/libsystemd/sd-bus/bus-socket.c | 4 | ||||
| -rw-r--r-- | src/libsystemd/sd-bus/sd-bus.c | 17 | ||||
| -rw-r--r-- | src/machine/machinectl.c | 6 |
6 files changed, 34 insertions, 2 deletions
diff --git a/src/basic/process-util.c b/src/basic/process-util.c index e04bcc9782..7f8644ea9f 100644 --- a/src/basic/process-util.c +++ b/src/basic/process-util.c @@ -806,6 +806,13 @@ void sigkill_waitp(pid_t *pid) { sigkill_wait(*pid); } +void sigterm_wait(pid_t pid) { + assert(pid > 1); + + if (kill_and_sigcont(pid, SIGTERM) > 0) + (void) wait_for_terminate(pid, NULL); +} + int kill_and_sigcont(pid_t pid, int sig) { int r; diff --git a/src/basic/process-util.h b/src/basic/process-util.h index 9fabe4a5be..93029e36e5 100644 --- a/src/basic/process-util.h +++ b/src/basic/process-util.h @@ -76,6 +76,7 @@ int wait_for_terminate_with_timeout(pid_t pid, usec_t timeout); void sigkill_wait(pid_t pid); void sigkill_waitp(pid_t *pid); +void sigterm_wait(pid_t pid); int kill_and_sigcont(pid_t pid, int sig); diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h index 1b55cdafed..b305c41622 100644 --- a/src/libsystemd/sd-bus/bus-internal.h +++ b/src/libsystemd/sd-bus/bus-internal.h @@ -296,6 +296,7 @@ struct sd_bus { unsigned n_memfd_cache; pid_t original_pid; + pid_t busexec_pid; sd_event_source *input_io_event_source; sd_event_source *output_io_event_source; diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c index 2fe86b61c4..d210102841 100644 --- a/src/libsystemd/sd-bus/bus-socket.c +++ b/src/libsystemd/sd-bus/bus-socket.c @@ -937,18 +937,18 @@ int bus_socket_connect(sd_bus *b) { int bus_socket_exec(sd_bus *b) { int s[2], r; - pid_t pid; assert(b); assert(b->input_fd < 0); assert(b->output_fd < 0); assert(b->exec_path); + assert(b->busexec_pid == 0); r = socketpair(AF_UNIX, SOCK_STREAM|SOCK_NONBLOCK|SOCK_CLOEXEC, 0, s); if (r < 0) return -errno; - r = safe_fork_full("(sd-busexec)", s+1, 1, FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS, &pid); + r = safe_fork_full("(sd-busexec)", s+1, 1, FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS, &b->busexec_pid); if (r < 0) { safe_close_pair(s); return r; diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c index 5bc7ba6607..c69c596c59 100644 --- a/src/libsystemd/sd-bus/sd-bus.c +++ b/src/libsystemd/sd-bus/sd-bus.c @@ -22,8 +22,10 @@ #include <netdb.h> #include <poll.h> #include <pthread.h> +#include <signal.h> #include <stdlib.h> #include <sys/mman.h> +#include <sys/wait.h> #include <unistd.h> #include "sd-bus.h" @@ -1095,6 +1097,13 @@ static int bus_parse_next_address(sd_bus *b) { return 1; } +static void bus_kill_exec(sd_bus *bus) { + if (pid_is_valid(bus->busexec_pid) > 0) { + sigterm_wait(bus->busexec_pid); + bus->busexec_pid = 0; + } +} + static int bus_start_address(sd_bus *b) { int r; @@ -1104,6 +1113,8 @@ static int bus_start_address(sd_bus *b) { bus_close_io_fds(b); bus_close_inotify_fd(b); + bus_kill_exec(b); + /* If you provide multiple different bus-addresses, we * try all of them in order and use the first one that * succeeds. */ @@ -1507,6 +1518,9 @@ _public_ void sd_bus_close(sd_bus *bus) { if (bus_pid_changed(bus)) return; + /* Don't leave ssh hanging around */ + bus_kill_exec(bus); + bus_set_state(bus, BUS_CLOSED); sd_bus_detach_event(bus); @@ -1524,6 +1538,9 @@ _public_ sd_bus* sd_bus_flush_close_unref(sd_bus *bus) { if (!bus) return NULL; + /* Have to do this before flush() to prevent hang */ + bus_kill_exec(bus); + sd_bus_flush(bus); sd_bus_close(bus); diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c index 75743ce6a6..e695bdbab4 100644 --- a/src/machine/machinectl.c +++ b/src/machine/machinectl.c @@ -1724,6 +1724,8 @@ static int rename_image(int argc, char *argv[], void *userdata) { sd_bus *bus = userdata; int r; + assert(bus); + polkit_agent_open_if_enabled(arg_transport, arg_ask_password); r = sd_bus_call_method( @@ -1749,6 +1751,8 @@ static int clone_image(int argc, char *argv[], void *userdata) { sd_bus *bus = userdata; int r; + assert(bus); + polkit_agent_open_if_enabled(arg_transport, arg_ask_password); r = sd_bus_message_new_method_call( @@ -1778,6 +1782,8 @@ static int read_only_image(int argc, char *argv[], void *userdata) { sd_bus *bus = userdata; int b = true, r; + assert(bus); + if (argc > 2) { b = parse_boolean(argv[2]); if (b < 0) { |