sheepdog broken out of the box

Coroutine stack size of 1M is not enough for the corosync backend, and placing objects in /tmp is a vulnerability. While at it, do not double-fork the daemon.
2016-11-18 10:28:13 +01:00 · 2016-11-18 10:28:13 +01:00 · c210216b0b
parent f25932db85
commit c210216b0b
3 changed files with 18 additions and 2 deletions
--- a/coroutine-stack-size.patch
+++ b/coroutine-stack-size.patch
@ -0,0 +1,15 @@
+cpg_dispatch requires 0x101568 bytes of stack.
+
+diff --git a/lib/coroutine.c b/lib/coroutine.c
+index 5b2ed79..1e1060c 100644
+--- a/lib/coroutine.c
+++ b/lib/coroutine.c
+@@ -52,7 +52,7 @@ enum co_action {
+ #define POOL_MAX_SIZE   64
+ #endif
+ 
+-#define STACK_MAX_SIZE (1 << 20)  /* 1 MB */
+#define STACK_MAX_SIZE (2 << 20)  /* 1 MB */
+ 
+ struct coroutine {
+ 	coroutine_entry_func_t *entry;
--- a/sheepdog.service
+++ b/sheepdog.service
@ -3,8 +3,7 @@ Description=Sheepdog QEMU/KVM Block Storage
 After=syslog.target

 [Service]
-ExecStart=/usr/sbin/sheep
-Type=forking
+ExecStart=/usr/sbin/sheep -f /var/lib/sheepdog

 [Install]
 WantedBy=multi-user.target
--- a/sheepdog.spec
+++ b/sheepdog.spec
@ -9,6 +9,7 @@ Source0: collie-sheepdog-v0.3.0-0-gbb41896.tar.gz
 #get source from github here https://github.com/collie/sheepdog/tarball/v0.3.0
 Source1: sheepdog.service
 Patch0: update_cpg_to_cs_defines.patch
+Patch1: coroutine-stack-size.patch

 # Runtime bits
 Requires: corosync 
@ -40,6 +41,7 @@ a distributed object storage system for KVM.
 %prep
 %setup -qn collie-sheepdog-bb41896
 %patch0 -p1
+%patch1 -p1

 %build
 ./autogen.sh