summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorthe xhr <xhr@giessen.ccc.de>2021-08-26 11:29:02 +0200
committerthe xhr <xhr@giessen.ccc.de>2021-08-26 11:29:02 +0200
commit9e328210ec26e3d0f683da9aa21c777769b9e7c4 (patch)
tree2a6229b310ecf300a819ac79947abb5e26efce11
parenta944bd9316b3f8853ef8a1d6f833f727b84f199a (diff)
Open logs later and add more pledge promises
twind needs to write and create files on SIGHUP
-rw-r--r--twind.c10
1 files changed, 6 insertions, 4 deletions
diff --git a/twind.c b/twind.c
index e7cc338..9c29421 100644
--- a/twind.c
+++ b/twind.c
@@ -161,18 +161,18 @@ main(int argc, char *argv[])
log_init(debug_flag, LOG_DAEMON);
log_setverbose(verbose_flag);
- open_twind_logs();
#ifdef __OpenBSD__
- if (pledge("stdio inet dns proc rpath", NULL) == -1)
+ if (pledge("stdio inet dns proc rpath wpath cpath", NULL) == -1)
fatalx("pledge");
#endif /* __OpenBSD__ */
-
if (!fg_flag)
if (daemon(0, 0) == -1)
fatalx("daemonizing failed");
+ open_twind_logs();
+
fork_main_process(tcpsock, sslctx);
organize_termination();
@@ -185,6 +185,8 @@ organize_termination(void)
{
pid_t sub_pid;
+ close_twind_logs();
+
log_debug("waiting for sub processes to terminate");
for (;;) {
sub_pid = wait(NULL);
@@ -253,7 +255,7 @@ handle_incoming_connections(int counter, int tcpsock, SSL_CTX *sslctx)
#ifdef __OpenBSD__
/* We can get rid of proc pledge here */
- if (pledge("stdio inet dns rpath", NULL) == -1)
+ if (pledge("stdio inet dns rpath wpath cpath", NULL) == -1)
fatalx("pledge");
#endif /* __OpenBSD__ */
generated by cgit on OpenBSD