diff --git a/doc/INSTALL.md b/doc/INSTALL.md index b689daf..cd66402 100644 --- a/doc/INSTALL.md +++ b/doc/INSTALL.md @@ -68,8 +68,10 @@ After each run of ./configure, those changes are gone and the Makefile is recrea There are a couple of configuration options at the beginning of the Makefile: * `# override undefine HAVE_LANDLOCK` if you uncomment this line, sslh will be compiled - without landlock. As an alternative ./configure creates a config.h file, - which gives also the possibility, to comment that out. + without landlock. This works with gcc versions < 12. Otherwise, if your system has + linux/landlock.h in the include path, the configure script creates a _**config.h**_ file, + which defines HAVE_LANDLOCK. It is not enough, to set this to 0, you must delete it, + when you don't wish to have landlock in your binary. * `USELIBWRAP` compiles support for host access control (see `hosts_access(3)`), you will need `libwrap` headers and library to compile (`libwrap0-dev` in Debian). @@ -82,6 +84,11 @@ There are a couple of configuration options at the beginning of the Makefile: * `USELIBBSD` compiles support for updating the process name (as shown by `ps`). +* `USELIBCAP` compiles support for libcap, which allows to inherit capabilities to + daughter-processes, which run as restricted users. You need this, when you wish to + make sure, that the --user= parameter can be used, without setting capabilities etc. + to your binaries, to make this work. + Now you can do either a plain `make` to create the binaries, or you can do an `make install` to create the binaries and install them. diff --git a/landlock.c b/landlock.c index befe24c..b57161c 100644 --- a/landlock.c +++ b/landlock.c @@ -90,6 +90,9 @@ static int add_path_ro(int ruleset_fd, ll_obj_type otype, const char* path) return -1; } + // close helper handle + close(fd); + return 0; } diff --git a/sslh-main.c b/sslh-main.c index 5c6f9c4..5887ccc 100644 --- a/sslh-main.c +++ b/sslh-main.c @@ -288,14 +288,20 @@ int main(int argc, char *argv[], char* envp[]) if (!cfg.foreground) { if (fork() > 0) exit(0); /* Detach */ // close stdin, stderr, stdout + // closing stdin frees a filehandle, and 0 will not be reused, so no problem + // with control-jobs, trying to catch fd/0 + close(fileno(stdin)); int newfd; - if (newfd = open("/dev/null", O_RDWR)) { - dup2 (newfd, STDIN_FILENO); + // duplicating a handle connected to /dev/null to stdout and stderr + // so we don't run in any problems, when a control-job wor whats-o-ever will + // grab stdout and stderr + if ((newfd = open("/dev/null", O_RDWR))) { dup2 (newfd, STDOUT_FILENO); dup2 (newfd, STDERR_FILENO); + // close the helper handle, as this is now unnecessary close(newfd); } else { - print_message(msg_config, "Error closing standard filehandles for background daemon\n"); + print_message(msg_system_error, "Error closing standard filehandles for background daemon\n"); } /* New session -- become group leader */ diff --git a/sslh-select.c b/sslh-select.c index 305a977..acac6eb 100644 --- a/sslh-select.c +++ b/sslh-select.c @@ -210,7 +210,7 @@ void start_shoveler(int listen_socket) { } -/* The actual main is in common.c: it's the same for both version of +/* The actual main is in sslh-main.c: it's the same for all versions of * the server */