mirrors/core-lightning
1
0
Fork 0
mirror of https://github.com/ElementsProject/lightning.git synced 2025-02-21 14:24:09 +01:00
Code Issues Projects Releases Wiki Activity

plugin_control: spawn plugin processes with a non-0 umask

Browse source 
Changelog-Added: JSONRPC: 'plugin start' now restores initial umask before spawning the plugin process
This commit is contained in:
darosior 2019-12-25 00:11:52 +01:00 committed by Christian Decker
parent 1cfb8425f5
commit 841fbf54ea
3 changed files with 15 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
lightningd/lightningd.c
View file

@ -244,10 +244,15 @@ static struct lightningd *new_lightningd(const tal_t *ctx)
ld->stop_conn = NULL;
/*~ This is used to signal that `hsm_secret` is encrypted, and will
* be set to `true` if the `--encrypted` option is passed at startup.
* be set to `true` if the `--encrypted-hsm` option is passed at startup.
*/
ld->encrypted_hsm = false;
/*~ We change umask if we daemonize, but not if we don't. Initialize the
* initial_umask anyway as we might rely on it later (`plugin start`). */
ld->initial_umask = umask(0);
umask(ld->initial_umask);
return ld;
}
@ -533,7 +538,7 @@ static void complete_daemonize(struct lightningd *ld)
fatal("Could not setsid: %s", strerror(errno));
/* Discard our parent's old-fashioned umask prejudices. */
umask(0);
ld->initial_umask = umask(0);
/* OK, parent, you can exit(0) now. */
write_all(ld->daemon_parent_fd, &ok_status, sizeof(ok_status));

2
lightningd/lightningd.h
View file

@ -249,6 +249,8 @@ struct lightningd {
char *wallet_dsn;
bool encrypted_hsm;
mode_t initial_umask;
};
/* Turning this on allows a tal allocation to return NULL, rather than aborting.

6
lightningd/plugin_control.c
View file

@ -1,6 +1,8 @@
#include <lightningd/options.h>
#include <lightningd/plugin_control.h>
#include <lightningd/plugin_hook.h>
#include <sys/stat.h>
#include <sys/types.h>
/* A dummy structure used to give multiple arguments to callbacks. */
struct dynamic_plugin {
@ -108,6 +110,7 @@ static void plugin_dynamic_manifest_callback(const char *buffer,
static struct command_result *plugin_start(struct dynamic_plugin *dp)
{
int stdin, stdout;
mode_t prev_mask;
char **p_cmd;
struct jsonrpc_request *req;
struct plugin *p = dp->plugin;
@ -115,7 +118,10 @@ static struct command_result *plugin_start(struct dynamic_plugin *dp)
p->dynamic = true;
p_cmd = tal_arrz(NULL, char *, 2);
p_cmd[0] = p->cmd;
/* In case the plugin create files, this is a better default. */
prev_mask = umask(dp->cmd->ld->initial_umask);
p->pid = pipecmdarr(&stdin, &stdout, &pipecmd_preserve, p_cmd);
umask(prev_mask);
if (p->pid == -1)
return plugin_dynamic_error(dp, "Error running command");
else