diff options
Diffstat (limited to 'sysutils/catatonit/files/patch-catatonit.c')
| -rw-r--r-- | sysutils/catatonit/files/patch-catatonit.c | 117 |
1 files changed, 117 insertions, 0 deletions
diff --git a/sysutils/catatonit/files/patch-catatonit.c b/sysutils/catatonit/files/patch-catatonit.c new file mode 100644 index 000000000000..afa14692122a --- /dev/null +++ b/sysutils/catatonit/files/patch-catatonit.c @@ -0,0 +1,117 @@ +--- catatonit.c.orig 2024-12-14 09:08:49 UTC ++++ catatonit.c +@@ -28,8 +28,9 @@ + #include <stdbool.h> + #include <unistd.h> + #include <getopt.h> +-#include <sys/prctl.h> +-#include <sys/signalfd.h> ++#include <sys/param.h> ++#include <sys/event.h> ++#include <sys/procctl.h> + #include <sys/stat.h> + #include <sys/types.h> + #include <sys/wait.h> +@@ -359,7 +360,7 @@ static int spawn_pid1(char *file, char **argv, sigset_ + if (sigprocmask(SIG_SETMASK, sigmask, NULL) < 0) + bail("failed to reset sigmask: %m"); + +- execvpe(file, argv, environ); ++ execvp(file, argv); + bail("failed to exec pid1: %m"); + } + +@@ -412,6 +413,19 @@ static int reap_zombies(pid_t pid1, int *pid1_exitcode + } + } + ++#if defined(__FreeBSD__) && __FreeBSD_version < 1400093 ++ ++char *secure_getenv(const char *name) ++{ ++ if (getuid() != geteuid()) { ++ return NULL; ++ } else { ++ return getenv(name); ++ } ++} ++ ++#endif ++ + int main(int argc, char **argv) + { + /* If CATATONIT_DEBUG is defined we change the global log level. */ +@@ -439,9 +453,18 @@ int main(int argc, char **argv) + if (sigprocmask(SIG_SETMASK, &init_sigmask, &pid1_sigmask) < 0) + bail("failed to block all signals: %m"); + +- int sfd = signalfd(-1, &init_sigmask, SFD_CLOEXEC); ++ int sfd = kqueue(); + if (sfd < 0) +- bail("failed to create signalfd: %m"); ++ bail("failed to create kqueue: %m"); ++ for (i = 0; i < SIGRTMIN; i++) { ++ if (sigismember(&init_sigmask, i)) { ++ struct kevent kev; ++ EV_SET(&kev, i, EVFILT_SIGNAL, EV_ADD, 0, 0, NULL); ++ if (kevent(sfd, &kev, 1, NULL, 0, NULL)) { ++ bail("failed to add kevent signal %d: %m", i); ++ } ++ } ++ } + + /* + * We need to support "--" as well as provide license information and so +@@ -490,12 +513,9 @@ int main(int argc, char **argv) + * container init is effectively zero in that instance). + */ + if (getpid() != 1) { +-#if defined(PR_SET_CHILD_SUBREAPER) +- if (prctl(PR_SET_CHILD_SUBREAPER, 1, 0, 0, 0) < 0) ++ if (procctl(P_PID, getpid(), PROC_REAP_ACQUIRE, NULL) < 0) { + bail("failed to set child-reaper as non-pid1: %m"); +-#else +- bail("cannot run as non-pid1 without child-reaper support in kernel"); +-#endif ++ } + } + + /* Spawn the faux-pid1. */ +@@ -541,18 +561,15 @@ int main(int argc, char **argv) + * anything else, so no need for select(2) or epoll(2) or anything + * equivalently clever. + */ +- struct signalfd_siginfo ssi = {0}; ++ struct kevent kev; + +- int n = read(sfd, &ssi, sizeof(ssi)); +- if (n != sizeof(ssi)) { +- if (n < 0) +- warn("signalfd read failed: %m"); +- else +- warn("signalfd had %d-byte partial-read: %m", n); ++ int n = kevent(sfd, NULL, 0, &kev, 1, NULL); ++ if (n < 0) { ++ warn("signalfd read failed: %m"); + continue; + } + +- switch (ssi.ssi_signo) { ++ switch (kev.ident) { + /* + * Signals that we get sent if we are a background job in the current + * terminal (if it has TOSTOP set), which is possible since we make +@@ -578,10 +595,10 @@ int main(int argc, char **argv) + default: + /* We just forward the signal to pid1. */ + if (run_as_pause) { +- if (ssi.ssi_signo == SIGTERM || ssi.ssi_signo == SIGINT) ++ if (kev.ident == SIGTERM || kev.ident == SIGINT) + return 0; +- } else if (kill(pid1_target, ssi.ssi_signo) < 0) { +- warn("forwarding of signal %d to pid1 (%d) failed: %m", ssi.ssi_signo, pid1_target); ++ } else if (kill(pid1_target, kev.ident) < 0) { ++ warn("forwarding of signal %d to pid1 (%d) failed: %m", kev.ident, pid1_target); + } + break; + } |