From cdc3dab3cd5d0295f638de3088bc4f5c9669e7c2 Mon Sep 17 00:00:00 2001 From: John Crispin Date: Wed, 8 Feb 2017 12:02:10 +0100 Subject: [PATCH] ujail: fix signal forwarding Signed-off-by: John Crispin --- jail/jail.c | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/jail/jail.c b/jail/jail.c index 8e7cddc..9d7483c 100644 --- a/jail/jail.c +++ b/jail/jail.c @@ -25,6 +25,7 @@ #include #include #include +#include #include "capabilities.h" #include "elf.h" @@ -298,12 +299,19 @@ static void jail_process_timeout_cb(struct uloop_timeout *t) kill(jail_process.pid, SIGKILL); } +static void jail_handle_signal(int signo) +{ + DEBUG("forwarding signal %d to the jailed process\n", signo); + kill(jail_process.pid, signo); +} + int main(int argc, char **argv) { + sigset_t sigmask; uid_t uid = getuid(); char log[] = "/dev/log"; char ubus[] = "/var/run/ubus.sock"; - int ch; + int ch, i; if (uid) { ERROR("not root, aborting: %s\n", strerror(errno)); @@ -397,6 +405,20 @@ int main(int argc, char **argv) prctl(PR_SET_NAME, opts.name, NULL, NULL, NULL); uloop_init(); + + sigfillset(&sigmask); + for (i = 0; i < _NSIG; i++) { + struct sigaction s = { 0 }; + + if (!sigismember(&sigmask, i)) + continue; + if ((i == SIGCHLD) || (i == SIGPIPE)) + continue; + + s.sa_handler = jail_handle_signal; + sigaction(i, &s, NULL); + } + if (opts.namespace) { add_mount("/dev/full", 0, -1); add_mount("/dev/null", 0, -1); -- 2.11.0