From: Tobias Heider Subject: Re: httpd,vmd,snmpd,relayd,iked: sync daemon(), don't orphan children To: tech@openbsd.org Cc: Dave Voutila , kn@openbsd.org Date: Thu, 4 Apr 2024 23:16:45 +0200 On Thu, Apr 04, 2024 at 04:28:24PM -0400, Dave Voutila wrote: > > Tobias Heider writes: > > > On Thu, Apr 04, 2024 at 07:38:48PM +0200, Florian Obser wrote: > >> snmpd and vmd also use proc.c and seem to have similar code in main(). > >> > >> I'm running neither so I have no idea if they have the same problem, but > >> it seems likely. > > > > Right, I don't either. Let me see if I can find more. > > > > Looks like relayd was already fixed by benno two years ago: > > https://github.com/openbsd/src/commit/7a99b37dfd03f1f281b20ab09f836d05794a9da5 > > > > vmd definitely does this the way httpd is/was doing it. Happy to look at > a diff or will add it to my short term todo > Alright, so here is a diff that syncs all of our proc.c daemons to call daemon() in proc_init() for the parent only to not orphan their child processes. In addition I am also moving the iked call to the same place as in relayd, changed the vmd error message to the same as the others and always use fatal() instead of err(). ok? diff 3b374a56007af68fb6fd1926b370d0a3e8d6dbca 3c269a7b5c44fca594ff2b42f7dc43e37dbe1e49 commit - 3b374a56007af68fb6fd1926b370d0a3e8d6dbca commit + 3c269a7b5c44fca594ff2b42f7dc43e37dbe1e49 blob - 534427b2b6585d55df1971a56d1e13c99de62612 blob + a21dda0712a81b38e5afb7aa2ba0f08437226c8d --- sbin/iked/proc.c +++ sbin/iked/proc.c @@ -231,9 +231,10 @@ proc_init(struct privsep *ps, struct privsep_proc *pro if (proc_id == PROC_PARENT) { privsep_process = PROC_PARENT; + proc_setup(ps, procs, nproc); + if (!debug && daemon(0, 0) == -1) fatal("failed to daemonize"); - proc_setup(ps, procs, nproc); /* * Create the children sockets so we can use them blob - af863cf2710dadce01a85cb618fe5bfbb91b9adc blob + 3cc506f1fb8d0f75deed32fb16b9f5331a0481bb --- usr.sbin/httpd/httpd.c +++ usr.sbin/httpd/httpd.c @@ -220,8 +220,6 @@ main(int argc, char *argv[]) proc_init(ps, procs, nitems(procs), debug, argc0, argv, proc_id); log_procinit("parent"); - if (!debug && daemon(1, 0) == -1) - err(1, "failed to daemonize"); if (ps->ps_noaction == 0) log_info("startup"); blob - e8b08dd23175817590214abb7b433caf541e215d blob + 113072d34ffdc78ec79a55d418409842570acce5 --- usr.sbin/httpd/proc.c +++ usr.sbin/httpd/proc.c @@ -205,6 +205,9 @@ proc_init(struct privsep *ps, struct privsep_proc *pro privsep_process = PROC_PARENT; proc_setup(ps, procs, nproc); + if (!debug && daemon(1, 0) == -1) + fatal("failed to daemonize"); + /* * Create the children sockets so we can use them * to distribute the rest of the socketpair()s using blob - 941857b712434a6c0aadbbf58ec621fd6f38fcee blob + 1962362c37d79ebc90bda3e869bb0454bcd59990 --- usr.sbin/snmpd/proc.c +++ usr.sbin/snmpd/proc.c @@ -205,6 +205,9 @@ proc_init(struct privsep *ps, struct privsep_proc *pro privsep_process = PROC_PARENT; proc_setup(ps, procs, nproc); + if (!debug && daemon(0, 0) == -1) + fatal("failed to daemonize"); + /* * Create the children sockets so we can use them * to distribute the rest of the socketpair()s using blob - d3ecfd6f0276c55b44f55627f4d15d0baf146916 blob + 0136f2801aec68508982b6ec69b5a08b4608deb6 --- usr.sbin/snmpd/snmpd.c +++ usr.sbin/snmpd/snmpd.c @@ -222,8 +222,6 @@ main(int argc, char *argv[]) env->sc_engine_boots = 0; proc_init(ps, procs, nitems(procs), debug, argc0, argv0, proc_id); - if (!debug && daemon(0, 0) == -1) - err(1, "failed to daemonize"); log_procinit("parent"); log_info("startup"); blob - ac6455dd7c70fbfc76c7107b31cc95b5ff55eb87 blob + b1d787de9e16da595433eeb9710cc31a3a4716c4 --- usr.sbin/vmd/proc.c +++ usr.sbin/vmd/proc.c @@ -205,6 +205,9 @@ proc_init(struct privsep *ps, struct privsep_proc *pro privsep_process = PROC_PARENT; proc_setup(ps, procs, nproc); + if (!debug && daemon(0, 0) == -1) + fatal("failed to daemonize"); + /* * Create the children sockets so we can use them * to distribute the rest of the socketpair()s using blob - 887e1cc9bf8b09abe70c873d96145673252bcb22 blob + 62c11da7f8c4eb4a1dec768255ed2cb1f1f5224c --- usr.sbin/vmd/vmd.c +++ usr.sbin/vmd/vmd.c @@ -947,9 +947,6 @@ main(int argc, char **argv) proc_init(ps, procs, nitems(procs), env->vmd_debug, argc0, argv, proc_id); - if (!env->vmd_debug && daemon(0, 0) == -1) - fatal("can't daemonize"); - if (ps->ps_noaction == 0) log_info("startup");