aljaz/lightning
1
0
Fork 0
mirror of https://github.com/aljazceru/lightning.git synced 2025-12-23 09:04:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

plugin_control: spawn plugin processes with a non-0 umask

Browse Source 
Changelog-Added: JSONRPC: 'plugin start' now restores initial umask before spawning the plugin process
This commit is contained in:
darosior
2019-12-25 00:11:52 +01:00
committed by Christian Decker
parent 1cfb8425f5
commit 841fbf54ea
3 changed files with 15 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lightningd/lightningd.c
View File

@@ -244,10 +244,15 @@ static struct lightningd *new_lightningd(const tal_t *ctx)
ld->stop_conn = NULL; ld->stop_conn = NULL;
/*~ This is used to signal that `hsm_secret` is encrypted, and will /*~ This is used to signal that `hsm_secret` is encrypted, and will
* be set to `true` if the `--encrypted` option is passed at startup. * be set to `true` if the `--encrypted-hsm` option is passed at startup.
*/ */
ld->encrypted_hsm = false; ld->encrypted_hsm = false;
/*~ We change umask if we daemonize, but not if we don't. Initialize the
* initial_umask anyway as we might rely on it later (`plugin start`). */
ld->initial_umask = umask(0);
umask(ld->initial_umask);
return ld; return ld;
} }
@@ -533,7 +538,7 @@ static void complete_daemonize(struct lightningd *ld)
fatal("Could not setsid: %s", strerror(errno)); fatal("Could not setsid: %s", strerror(errno));
/* Discard our parent's old-fashioned umask prejudices. */ /* Discard our parent's old-fashioned umask prejudices. */
umask(0); ld->initial_umask = umask(0);
/* OK, parent, you can exit(0) now. */ /* OK, parent, you can exit(0) now. */
write_all(ld->daemon_parent_fd, &ok_status, sizeof(ok_status)); write_all(ld->daemon_parent_fd, &ok_status, sizeof(ok_status));

2
lightningd/lightningd.h
View File

@@ -249,6 +249,8 @@ struct lightningd {
char *wallet_dsn; char *wallet_dsn;
bool encrypted_hsm; bool encrypted_hsm;
mode_t initial_umask;
}; };
/* Turning this on allows a tal allocation to return NULL, rather than aborting. /* Turning this on allows a tal allocation to return NULL, rather than aborting.

6
lightningd/plugin_control.c
View File

@@ -1,6 +1,8 @@
#include <lightningd/options.h> #include <lightningd/options.h>
#include <lightningd/plugin_control.h> #include <lightningd/plugin_control.h>
#include <lightningd/plugin_hook.h> #include <lightningd/plugin_hook.h>
#include <sys/stat.h>
#include <sys/types.h>
/* A dummy structure used to give multiple arguments to callbacks. */ /* A dummy structure used to give multiple arguments to callbacks. */
struct dynamic_plugin { struct dynamic_plugin {
@@ -108,6 +110,7 @@ static void plugin_dynamic_manifest_callback(const char *buffer,
static struct command_result *plugin_start(struct dynamic_plugin *dp) static struct command_result *plugin_start(struct dynamic_plugin *dp)
{ {
int stdin, stdout; int stdin, stdout;
mode_t prev_mask;
char **p_cmd; char **p_cmd;
struct jsonrpc_request *req; struct jsonrpc_request *req;
struct plugin *p = dp->plugin; struct plugin *p = dp->plugin;
@@ -115,7 +118,10 @@ static struct command_result *plugin_start(struct dynamic_plugin *dp)
p->dynamic = true; p->dynamic = true;
p_cmd = tal_arrz(NULL, char *, 2); p_cmd = tal_arrz(NULL, char *, 2);
p_cmd[0] = p->cmd; p_cmd[0] = p->cmd;
/* In case the plugin create files, this is a better default. */
prev_mask = umask(dp->cmd->ld->initial_umask);
p->pid = pipecmdarr(&stdin, &stdout, &pipecmd_preserve, p_cmd); p->pid = pipecmdarr(&stdin, &stdout, &pipecmd_preserve, p_cmd);
umask(prev_mask);
if (p->pid == -1) if (p->pid == -1)
return plugin_dynamic_error(dp, "Error running command"); return plugin_dynamic_error(dp, "Error running command");
else else