fiorix / go-daemon Goto Github PK
View Code? Open in Web Editor NEWUtility to "daemonize" Go programs
License: Other
Utility to "daemonize" Go programs
License: Other
Set up an automated release system and release new version with fix from #8.
I have a trivial go program:
package main
import (
"log"
"time"
)
func main() {
for {
log.Print("Hello.")
time.Sleep(1 * time.Second)
}
}
When I run this with god with the logfile option, the go program also gets a file descriptor for the log file. When the log file is rotated, the go program keeps the old file descriptor. It logs to the new log file, but this prevents the old file from being deleted by the OS until the go program is restarted.
This is because you open the logfile, then fork. The child process inherits the open file descriptor.
this issue is related to #4 but focuses more on the privdrop. In order to make a correct privdrop you need to set more then the effective uid/gid. Using setresuid and setresgid.
From the research:
There is a pretty good paper regarding this: http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf
They did a reference implementation:
The implementation uses setresuid
if available since it has the clearest semantics and
it is able to set each of the user IDs independently
From The Man Page:
Setting the effective user (group) ID to the saved set-user-ID (saved
set-group-ID) is possible since Linux 1.1.37 (1.1.38). On an
arbitrary system one should check _POSIX_SAVED_IDS.
Under glibc 2.0 seteuid(euid) is equivalent to setreuid(-1, euid) and
hence may change the saved set-user-ID. Under glibc 2.1 and later it
is equivalent to setresuid(-1, euid, -1) and hence does not change
the saved set-user-ID. Analogous remarks hold for setegid(), with
the difference that the change in implementation from setregid(-1,
egid) to setresgid(-1, egid, -1) occurred in glibc 2.2 or 2.3
(depending on the hardware architecture).
According to POSIX.1, seteuid() (setegid()) need not permit euid
(egid) to be the same value as the current effective user (group) ID,
and some implementations do not permit this.
Important section:
Under glibc 2.1 and later it is equivalent to setresuid(-1, euid, -1) and hence does not change the saved set-user-ID.
It'd be very useful if go-daemon supported re-loading of go binary to ease updating.
Currently, only way to update the currently running go binary is.
Proposed solution:
I notice when dropping privileges, supplementary groups are not dropped:
https://github.com/fiorix/go-daemon/blob/master/god.c#L160
I've not been able to confirm but this would mean the process retain supplementary groups such as "wheel", and "admin". Only the primary group is dropped. This would allow the process continued access to /var/log and other potentially sensitive areas.
A call to initgroups(user_pwd, getegid())
should be made after setegid()
to replace supplementary groups with the specified primary group and the supplementary of the specified user. Alternatively, setgroups(NULL, 0)
will wipe the supplementary list but usually it's desirable to maintain supplementary groups of the requested user.
If I ssh into a server and start a daemon everything works fine.
However if I use a pseudo terminal with SSH the process fails:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.