statd - delay drop-privs until sockets have been setup.

[nfs-utils.git] / utils / statd / statd.c

diff --git a/utils/statd/statd.c b/utils/statd/statd.c
index 62009111edd5a0a594c823c3dc62972fa58f2193..157de853bf5aa4fbab1d6cc655f40beb6b806bca 100644 (file)
--- a/utils/statd/statd.c
+++ b/utils/statd/statd.c
@@ -70,6 +70,7 @@ static struct option longopts[] =
        { "state-directory-path", 1, 0, 'P' },
        { "notify-mode", 0, 0, 'N' },
        { "ha-callout", 1, 0, 'H' },
+       { "no-notify", 0, 0, 'L' },
        { NULL, 0, 0, 0 }
 };
 
@@ -158,6 +159,7 @@ usage()
        fprintf(stderr,"      -n, --name           Specify a local hostname.\n");
        fprintf(stderr,"      -P                   State directory path.\n");
        fprintf(stderr,"      -N                   Run in notify only mode.\n");
+       fprintf(stderr,"      -L, --no-notify      Do not perform any notification.\n");
        fprintf(stderr,"      -H                   Specify a high-availability callout program.\n");
 }
 
@@ -249,6 +251,7 @@ int main (int argc, char **argv)
        int arg;
        int port = 0, out_port = 0;
        struct rlimit rlim;
+       int once = 1;
 
        int pipefds[2] = { -1, -1};
        char status;
@@ -274,7 +277,7 @@ int main (int argc, char **argv)
        MY_NAME = NULL;
 
        /* Process command line switches */
-       while ((arg = getopt_long(argc, argv, "h?vVFNH:dn:p:o:P:", longopts, NULL)) != EOF) {
+       while ((arg = getopt_long(argc, argv, "h?vVFNH:dn:p:o:P:L", longopts, NULL)) != EOF) {
                switch (arg) {
                case 'V':       /* Version */
                case 'v':
@@ -286,6 +289,9 @@ int main (int argc, char **argv)
                case 'N':
                        run_mode |= MODE_NOTIFY_ONLY;
                        break;
+               case 'L': /* Listen only */
+                       run_mode |= MODE_NO_NOTIFY;
+                       break;
                case 'd':       /* No daemon only - log to stderr */
                        run_mode |= MODE_LOG_STDERR;
                        break;
@@ -458,17 +464,17 @@ int main (int argc, char **argv)
        create_pidfile();
        atexit(truncate_pidfile);
 
-       switch (pid = fork()) {
-       case 0:
-               run_sm_notify(out_port);
-               break;
-       case -1:
-               break;
-       default:
-               waitpid(pid, NULL, 0);
-       }
+       if (! (run_mode & MODE_NO_NOTIFY))
+               switch (pid = fork()) {
+               case 0:
+                       run_sm_notify(out_port);
+                       break;
+               case -1:
+                       break;
+               default:
+                       waitpid(pid, NULL, 0);
+               }
 
-       drop_privs();
 
        for (;;) {
                pmap_unset (SM_PROG, SM_VERS);
@@ -484,6 +490,10 @@ int main (int argc, char **argv)
                /* this registers both UDP and TCP services */
                rpc_init("statd", SM_PROG, SM_VERS, sm_prog_1, port);
 
+               if (once) {
+                       once = 0;
+                       drop_privs();
+               }
                /*
                 * Handle incoming requests:  SM_NOTIFY socket requests, as
                 * well as callbacks from lockd.
@@ -496,15 +506,17 @@ int main (int argc, char **argv)
                 * responding to SM_SIMU_CRASH is an important use cases to
                 * get perfect.
                 */
-               switch (pid = fork()) {
-               case 0:
-                       run_sm_notify(out_port);
-                       break;
-               case -1:
-                       break;
-               default:
-                       waitpid(pid, NULL, 0);
-               }
+               if (! (run_mode & MODE_NO_NOTIFY))
+                       switch (pid = fork()) {
+                       case 0:
+                               run_sm_notify(out_port);
+                               break;
+                       case -1:
+                               break;
+                       default:
+                               waitpid(pid, NULL, 0);
+                       }
+
        }
        return 0;
 }