From f6ef5b8dd3f1b8d6af104304a9988ff1f8edd182 Mon Sep 17 00:00:00 2001
From: David Oberhollenzer <goliath@infraroot.at>
Date: Fri, 8 May 2020 02:44:33 +0200
Subject: Implement a "subreaper" service flag

For particularly hostile daemons.

Signed-off-by: David Oberhollenzer <goliath@infraroot.at>
---
 initd/init.h   |  1 +
 initd/runsvc.c | 15 ++++++++++++---
 2 files changed, 13 insertions(+), 3 deletions(-)

(limited to 'initd')

diff --git a/initd/init.h b/initd/init.h
index 9e18b96..b1287ee 100644
--- a/initd/init.h
+++ b/initd/init.h
@@ -16,6 +16,7 @@
 
 #include <linux/reboot.h>
 #include <sys/reboot.h>
+#include <sys/prctl.h>
 #include <stdbool.h>
 #include <signal.h>
 
diff --git a/initd/runsvc.c b/initd/runsvc.c
index b30e8e3..144490b 100644
--- a/initd/runsvc.c
+++ b/initd/runsvc.c
@@ -132,13 +132,13 @@ static __attribute__((noreturn)) void argv_exec(exec_t *e)
 	exit(EXIT_FAILURE);
 }
 
-static int run_sequentially(exec_t *list)
+static int run_sequentially(exec_t *list, bool direct_exec_last)
 {
 	pid_t ret, pid;
 	int status;
 
 	for (; list != NULL; list = list->next) {
-		if (list->next == NULL)
+		if (list->next == NULL && direct_exec_last)
 			argv_exec(list);
 
 		pid = fork();
@@ -169,6 +169,7 @@ pid_t runsvc(service_t *svc)
 {
 	sigset_t mask;
 	pid_t pid;
+	int ret;
 
 	pid = fork();
 
@@ -190,7 +191,15 @@ pid_t runsvc(service_t *svc)
 			exit(EXIT_FAILURE);
 		}
 
-		exit(run_sequentially(svc->exec));
+		if (svc->flags & SVC_FLAG_SUB_REAPER) {
+			prctl(PR_SET_CHILD_SUBREAPER, 1, 0, 0, 0);
+
+			ret = run_sequentially(svc->exec, false);
+		} else {
+			ret = run_sequentially(svc->exec, true);
+		}
+
+		exit(ret);
 	}
 
 	return pid;
-- 
cgit v1.2.3