[policycoreutils/f14] Change seunshare to send kill signals to the childs session. Also add signal handler to catch sigint
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Jul 7 18:55:08 UTC 2011
commit 93c449a55aa755e4c66784024e6f7cc8726a4446
Author: Dan Walsh <dwalsh at redhat.com>
Date: Thu Jul 7 14:54:52 2011 -0400
Change seunshare to send kill signals to the childs session.
Also add signal handler to catch sigint, so if user enters ctrl-C sandbox will shutdown.
Add -k qualifier to seunshare to have it attempt to kill all processes with
the matching MCS label.
Add -C option to sandbox and seunshare to maintain capabilities, otherwise
the bounding set will be dropped.
Change --cgroups short name -c rather then -C for consistancy
Fix memory and fd leaks in seunshare
policycoreutils-sandbox.patch | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/policycoreutils-sandbox.patch b/policycoreutils-sandbox.patch
index 254dd89..4fcc345 100644
--- a/policycoreutils-sandbox.patch
+++ b/policycoreutils-sandbox.patch
@@ -382,7 +382,7 @@ diff -up policycoreutils-2.0.86/sandbox/seunshare.c.sandbox policycoreutils-2.0.
+ /* Make sure all child processes exit */
+ kill(-child,SIGTERM);
+
-+ if (execcon && kill)
++ if (execcon && kill_all)
+ killall(execcon);
+
if (tmpdir_r) cleanup_tmpdir(tmpdir_r, tmpdir_s, pwd, 1);
More information about the scm-commits
mailing list