autofs-5.0.9 - dont allocate dev_ctl_ops too early From: Ian Kent If the standard io file descriptors have been closed by the cloning process the file handle for autofs device control can correspond to a descriptor number of one of the standard io descriptors which will be closed when the process is daemonized. Avoid this by closing the device control descriptor opened when performing sanity checks at startup so that it can be opened on a higher numbered file descriptor after the process has switched to daemon mode. --- CHANGELOG | 1 + lib/mounts.c | 14 +++++++++++++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/CHANGELOG b/CHANGELOG index ca66aed..61f1051 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -6,6 +6,7 @@ - wait for master map available at start. - add master read wait option. - add serialization to sasl init. +- dont allocate dev_ctl_ops too early. 28/03/2014 autofs-5.0.9 ======================= diff --git a/lib/mounts.c b/lib/mounts.c index 868dcb1..af78067 100644 --- a/lib/mounts.c +++ b/lib/mounts.c @@ -77,7 +77,7 @@ unsigned int linux_version_code(void) unsigned int query_kproto_ver(void) { - struct ioctl_ops *ops = get_ioctl_ops(); + struct ioctl_ops *ops; char dir[] = "/tmp/autoXXXXXX", *t_dir; char options[MAX_OPTIONS_LEN + 1]; pid_t pgrp = getpgrp(); @@ -118,10 +118,19 @@ unsigned int query_kproto_ver(void) return 0; } + ops = get_ioctl_ops(); + if (!ops) { + umount(t_dir); + close(pipefd[0]); + rmdir(t_dir); + return 0; + } + ops->open(LOGOPT_NONE, &ioctlfd, st.st_dev, t_dir); if (ioctlfd == -1) { umount(t_dir); close(pipefd[0]); + close_ioctl_ctl(); rmdir(t_dir); return 0; } @@ -133,6 +142,7 @@ unsigned int query_kproto_ver(void) ops->close(LOGOPT_NONE, ioctlfd); umount(t_dir); close(pipefd[0]); + close_ioctl_ctl(); rmdir(t_dir); return 0; } @@ -142,6 +152,7 @@ unsigned int query_kproto_ver(void) ops->close(LOGOPT_NONE, ioctlfd); umount(t_dir); close(pipefd[0]); + close_ioctl_ctl(); rmdir(t_dir); return 0; } @@ -149,6 +160,7 @@ unsigned int query_kproto_ver(void) ops->close(LOGOPT_NONE, ioctlfd); umount(t_dir); close(pipefd[0]); + close_ioctl_ctl(); rmdir(t_dir); return 1;