On Fri, Dec 13, 2019 at 12:42:03PM +0100, Alex Gladkov wrote: > diff --git a/hasher-priv/Makefile b/hasher-priv/Makefile > index a815e9e..82aa385 100644 > --- a/hasher-priv/Makefile > +++ b/hasher-priv/Makefile > @@ -11,7 +11,7 @@ VERSION = $(shell sed '/^Version: */!d;s///;q' hasher-priv.spec) > HELPERS = getconf.sh getugid1.sh chrootuid1.sh getugid2.sh chrootuid2.sh > MAN5PAGES = $(PROJECT).conf.5 > MAN8PAGES = $(PROJECT).8 hasher-useradd.8 > -TARGETS = $(PROJECT) hasher-useradd $(HELPERS) $(MAN5PAGES) $(MAN8PAGES) > +TARGETS = $(PROJECT) hasher-privd hasher-useradd $(HELPERS) $(MAN5PAGES) $(MAN8PAGES) To everyone: While the name "hasher-privd" minimises the amount of renaming we have to do, it is too long a name, given that /proc/%d/comm for each task is up to 16 bytes long on Linux, and is too easy to confuse with hasher-priv, the client invoker program. How about hasherd? hshd is too easily confused with sshd. hasher-priv can then be mnemonised as "hasher-request-priv-operation", hsh is the user frontend, and hasherd is the daemon. > > sysconfdir = /etc > libexecdir = /usr/lib > @@ -21,6 +21,7 @@ man5dir = $(mandir)/man5 > man8dir = $(mandir)/man8 > configdir = $(sysconfdir)/$(PROJECT) > helperdir = $(libexecdir)/$(PROJECT) > +socketdir = /var/run Why /var/run and not /run, especially in a new project? Even further, I would suggest that we store the socket in /run/hasher-priv or something, setgid hashman, with 0710 rights. The major service managers can create the directory on startup for us: there's mkdir(1), there's RuntimeDirectory= and RuntimeDirectoryMode=. > DESTDIR = > > MKDIR_P = mkdir -p > @@ -33,17 +34,25 @@ WARNINGS = -Wall -W -Wshadow -Wpointer-arith -Wwrite-strings \ > -Wmissing-prototypes -Wmissing-declarations -Wmissing-noreturn \ > -Wmissing-format-attribute -Wredundant-decls -Wdisabled-optimization > CPPFLAGS = -std=gnu99 -D_GNU_SOURCE $(CHDIRUID_FLAGS) \ > - $(LFS_CFLAGS) -DPROJECT_VERSION=\"$(VERSION)\" > + $(LFS_CFLAGS) -DPROJECT_VERSION=\"$(VERSION)\" \ > + -DSOCKETDIR=\"$(socketdir)\" -DPROJECT=\"$(PROJECT)\" > CFLAGS = -pipe -O2 > override CFLAGS += $(WARNINGS) > LDLIBS = > > -SRC = caller.c chdir.c chdiruid.c chid.c child.c chrootuid.c cmdline.c \ > +SRC = hasher-priv.c cmdline.c fds.c sockets.c logging.c communication.c xmalloc.c pass.c > +OBJ = $(SRC:.c=.o) > + > +server_SRC = hasher-privd.c \ > + communication.c epoll.c pidfile.c logging.c sockets.c \ > + caller.c caller_server.c caller_task.c \ > + chdir.c chdiruid.c chid.c child.c chrootuid.c cmdline.c \ > config.c fds.c getconf.c getugid.c ipc.c killuid.c io_log.c io_x11.c \ > - main.c makedev.c mount.c net.c parent.c pass.c pty.c signal.c tty.c \ > + makedev.c mount.c net.c parent.c pass.c pty.c signal.c tty.c \ > unshare.c xmalloc.c x11.c > -OBJ = $(SRC:.c=.o) > -DEP = $(SRC:.c=.d) > +server_OBJ = $(server_SRC:.c=.o) > + > +DEP = $(SRC:.c=.d) $(server_SRC:.c=.d) > > .PHONY: all install clean indent > > @@ -52,14 +61,19 @@ all: $(TARGETS) > $(PROJECT): $(OBJ) > $(LINK.o) $^ $(LOADLIBES) $(LDLIBS) -o $@ > > +hasher-privd: $(server_OBJ) > + $(LINK.o) $^ $(LOADLIBES) $(LDLIBS) -o $@ > + > install: all > $(MKDIR_P) -m710 $(DESTDIR)$(configdir)/user.d > $(INSTALL) -p -m640 fstab $(DESTDIR)$(configdir)/fstab > $(INSTALL) -p -m640 system.conf $(DESTDIR)$(configdir)/system > + $(INSTALL) -p -m640 server.conf $(DESTDIR)$(configdir)/server > $(MKDIR_P) -m750 $(DESTDIR)$(helperdir) > $(INSTALL) -p -m700 $(PROJECT) $(DESTDIR)$(helperdir)/ > $(INSTALL) -p -m755 $(HELPERS) $(DESTDIR)$(helperdir)/ > $(MKDIR_P) -m755 $(DESTDIR)$(sbindir) > + $(INSTALL) -p -m755 hasher-privd $(DESTDIR)$(sbindir)/ > $(INSTALL) -p -m755 hasher-useradd $(DESTDIR)$(sbindir)/ > $(MKDIR_P) -m755 $(DESTDIR)$(man5dir) > $(INSTALL) -p -m644 $(MAN5PAGES) $(DESTDIR)$(man5dir)/ > @@ -67,7 +81,7 @@ install: all > $(INSTALL) -p -m644 $(MAN8PAGES) $(DESTDIR)$(man8dir)/ > > clean: > - $(RM) $(TARGETS) $(DEP) $(OBJ) core *~ > + $(RM) $(TARGETS) $(DEP) $(OBJ) $(server_OBJ) core *~ > > indent: > indent *.h *.c