summaryrefslogtreecommitdiff
path: root/security/prelude-lml
diff options
context:
space:
mode:
Diffstat (limited to 'security/prelude-lml')
-rw-r--r--security/prelude-lml/Makefile3
-rw-r--r--security/prelude-lml/files/preludelml.sh4
-rw-r--r--security/prelude-lml/files/run-prelude-lml.c21
3 files changed, 22 insertions, 6 deletions
diff --git a/security/prelude-lml/Makefile b/security/prelude-lml/Makefile
index c77421f8cd3..3223de2c020 100644
--- a/security/prelude-lml/Makefile
+++ b/security/prelude-lml/Makefile
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.10 2006/05/22 11:49:51 shannonjr Exp $
+# $NetBSD: Makefile,v 1.11 2006/05/26 11:25:22 shannonjr Exp $
#
DISTNAME= prelude-lml-0.9.5
+PKGREVISION= 1
CATEGORIES= security
MASTER_SITES= http://www.prelude-ids.org/download/releases/
diff --git a/security/prelude-lml/files/preludelml.sh b/security/prelude-lml/files/preludelml.sh
index 4c905fd9c6e..f2a7efe99b9 100644
--- a/security/prelude-lml/files/preludelml.sh
+++ b/security/prelude-lml/files/preludelml.sh
@@ -1,6 +1,6 @@
#!/bin/sh
#
-# $NetBSD: preludelml.sh,v 1.3 2006/01/31 18:25:43 shannonjr Exp $
+# $NetBSD: preludelml.sh,v 1.4 2006/05/26 11:25:22 shannonjr Exp $
#
# PROVIDE: preludelml
@@ -13,7 +13,7 @@ procname="@PREFIX@/bin/prelude-lml"
rcvar=${name}
required_files="@PKG_SYSCONFDIR@/prelude-lml/prelude-lml.conf"
start_precmd="preludelml_precommand"
-start_cmd="@PREFIX@/sbin/run-prelude-lml -d --pidfile @PRELUDE_LML_PID_DIR@/prelude-lml.pid"
+start_cmd="@PREFIX@/sbin/run-prelude-lml --pidfile @PRELUDE_LML_PID_DIR@/prelude-lml.pid"
pidfile="@PRELUDE_LML_PID_DIR@/prelude-lml.pid"
preludelml_precommand()
diff --git a/security/prelude-lml/files/run-prelude-lml.c b/security/prelude-lml/files/run-prelude-lml.c
index cd6dd165f05..41e5888524a 100644
--- a/security/prelude-lml/files/run-prelude-lml.c
+++ b/security/prelude-lml/files/run-prelude-lml.c
@@ -62,6 +62,8 @@ int main (int argc, char **argv )
gid_t GID;
pid_t pidwait;
int waitstat;
+ int s;
+ int max_fd;
/* Sanity check */
if (argc > MAX_ARGS)
@@ -69,13 +71,12 @@ int main (int argc, char **argv )
error_sys("arg buffer too small");
exit(-1);
}
-/*
- if (getpid() != 0)
+
+ if (geteuid() != 0)
{
error_sys("must be called by root");
exit(-1);
}
-*/
/* fork child that will become prelude-lml */
if ((pid = fork()) < 0)
@@ -97,9 +98,23 @@ int main (int argc, char **argv )
/* Become session leader */
setsid();
+ /* Change working directory to root directory.
+ The current working directory could be a mounted
+ filesystem; if the daemon stays on a mounted
+ filesystem it could prevent the filesystem from
+ being umounted. */
+ chdir("/");
+
/* Clear out file creation mask */
umask(0);
+ /* Close unneeded file descriptors */
+ max_fd = (int) sysconf(_SC_OPEN_MAX);
+ if (max_fd == -1)
+ max_fd = getdtablesize();
+ for (s = 3; s < max_fd; s++)
+ (void) close(s);
+
if (!obtainUIDandGID(PRELUDE_LML_USER, &UID, &GID))
exit(-1);