Change seunshare to send kill signals to the childs session.

Also add signal handler to catch sigint, so if user enters ctrl-C sandbox will shutdown.
This commit is contained in:
Dan Walsh 2011-07-07 14:53:37 -04:00
parent af0f4926da
commit a648c6f239
2 changed files with 2 additions and 4 deletions

View File

@ -2186,7 +2186,7 @@ index 0000000..c69ceda
+and +and
+.I Thomas Liu <tliu@fedoraproject.org> +.I Thomas Liu <tliu@fedoraproject.org>
diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c diff --git a/policycoreutils/sandbox/seunshare.c b/policycoreutils/sandbox/seunshare.c
index ec692e7..431271f 100644 index ec692e7..2718a68 100644
--- a/policycoreutils/sandbox/seunshare.c --- a/policycoreutils/sandbox/seunshare.c
+++ b/policycoreutils/sandbox/seunshare.c +++ b/policycoreutils/sandbox/seunshare.c
@@ -1,27 +1,35 @@ @@ -1,27 +1,35 @@
@ -3290,7 +3290,7 @@ index ec692e7..431271f 100644
+ /* Make sure all child processes exit */ + /* Make sure all child processes exit */
+ kill(-child,SIGTERM); + kill(-child,SIGTERM);
+ +
+ if (execcon && kill) + if (execcon && kill_all)
+ killall(execcon); + killall(execcon);
+ +
+ if (tmpdir_r) cleanup_tmpdir(tmpdir_r, tmpdir_s, pwd, 1); + if (tmpdir_r) cleanup_tmpdir(tmpdir_r, tmpdir_s, pwd, 1);

View File

@ -356,8 +356,6 @@ fi
* Wed Jul 6 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-17 * Wed Jul 6 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-17
- Add -k qualifier to seunshare to have it attempt to kill all processes with - Add -k qualifier to seunshare to have it attempt to kill all processes with
the matching MCS label. the matching MCS label.
sandbox will default to using the -k, if the level was not specified.
This is added to make sure all processes are killed with the sandbox exits.
* Tue Jul 5 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-16 * Tue Jul 5 2011 Dan Walsh <dwalsh@redhat.com> 2.0.86-16
- Add -C option to sandbox and seunshare to maintain capabilities, otherwise - Add -C option to sandbox and seunshare to maintain capabilities, otherwise