-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 03/27/2012 11:53 AM, Colin Walters wrote:
> On Tue, 2012-03-27 at 11:49 -0400, Daniel J Walsh wrote:
>> This patch looks good to me. acked.
>>
>> systemd expects a pid file to be written by unit services.
>
> It doesn't if the service is non-forking. In fact moving to non-forking services that don't write pid files is a major improvement that systemd brings over sysvinit, because the state is 100% reliable. Pid files create the possibility of desynchronization if the service crashes, but the pid file remains.
>
> So a better fix would be to change mcstransd to have a --no-fork option, and update the unit file to use it.
>
>
>
> -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
How about. this patch.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk9yAMYACgkQrlYvE4MpobNgMwCgxJ0rYn5VJyybfV5OeuYNIrCU
CbUAnA5BoNnWx2/JXS5IzHgbfrn/IDJb
=FH0Q
-----END PGP SIGNATURE-----
>From bcc3759332cea5a425f993453df0f11f8fc9c4e8 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Tue, 27 Mar 2012 14:00:35 -0400
Subject: [PATCH 143/143] Add an -f option to run mcstransd in the foreground.
This will allow better integration into systemd.
---
policycoreutils/mcstrans/man/man8/mcstransd.8 | 9 ++++++++-
policycoreutils/mcstrans/src/mcstransd.c | 27 +++++++++++++++++++++++--
2 files changed, 33 insertions(+), 3 deletions(-)
diff --git a/policycoreutils/mcstrans/man/man8/mcstransd.8 b/policycoreutils/mcstrans/man/man8/mcstransd.8
index 4c63965..718fd85 100644
--- a/policycoreutils/mcstrans/man/man8/mcstransd.8
+++ b/policycoreutils/mcstrans/man/man8/mcstransd.8
@@ -3,7 +3,7 @@
mcstransd \- MCS (Multiple Category System) daemon. Translates SELinux MCS/MLS labels to human readable form.
.SH "SYNOPSIS"
-.B mcstransd
+.B mcstransd [-f] [-h]
.P
.SH "DESCRIPTION"
@@ -12,6 +12,13 @@ This manual page describes the
program.
.P
This daemon reads /etc/selinux/{SELINUXTYPE}/setrans.conf configuration file, and communicates with libselinux via a socket in /var/run/setrans.
+.SH "OPTIONS"
+.TP
+-f
+Run mcstransd in the foreground. Do not run as a daemon.
+.TP
+-h
+Output a short summary of available command line options\&.
.SH "AUTHOR"
This man page was written by Dan Walsh <dwalsh@xxxxxxxxxx>.
diff --git a/policycoreutils/mcstrans/src/mcstransd.c b/policycoreutils/mcstrans/src/mcstransd.c
index 26d9be8..e49fb98 100644
--- a/policycoreutils/mcstrans/src/mcstransd.c
+++ b/policycoreutils/mcstrans/src/mcstransd.c
@@ -13,6 +13,7 @@
#include <signal.h>
#include <string.h>
#include <syslog.h>
+#include <unistd.h>
#include <selinux/selinux.h>
#include <sys/types.h>
#include <sys/capability.h>
@@ -556,9 +557,31 @@ void dropprivs(void)
cap_free(new_caps);
}
+static void usage(char *program)
+{
+ printf("%s [-f] [-h] \n", program);
+}
+
int
-main(int UNUSED(argc), char *argv[])
+main(int argc, char *argv[])
{
+ int opt;
+ int foreground = 1;
+ while ((opt = getopt(argc, argv, "hf")) > 0) {
+ switch (opt) {
+ case 'f':
+ foreground = 0;
+ break;
+ case 'h':
+ usage(argv[0]);
+ exit(0);
+ break;
+ case '?':
+ usage(argv[0]);
+ exit(-1);
+ }
+ }
+
#ifndef DEBUG
/* Make sure we are root */
if (getuid() != 0) {
@@ -576,7 +599,7 @@ main(int UNUSED(argc), char *argv[])
dropprivs();
/* run in the background as a daemon */
- if (daemon(0, 0)) {
+ if (foreground && daemon(0, 0)) {
syslog(LOG_ERR, "daemon() failed: %m");
cleanup_exit(1);
}
--
1.7.9.3
