If for some reason the uuidd daemon or the process calling uuidd
exited unexpectely, the read_all() function would end up looping
forever, either in uuidd or in libuuid. Fix this terminating the loop
if no data can be read after five tries to read from the file
descriptor.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
In the event that file descriptors 0-2 are closed when uuidd is
started, the server socket could be created as a file descriptor that
will get closed when create_daemon() tries detaching the uuidd daemon
from its controlling tty. Avoid this case by using dup(2).
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Fixed a potential bug caused by partial returns from the write system
call (especially possible for network connections).
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
SuSE's security team audited uuidd and came up with these issues.
None of them are serious given that uuidd runs setuid as a
unprivileged user which has no special access other than libuuid
directory, but it's good to get them fixed.
Signed-off-by: Matthias Koenig <mkoenig@suse.de>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
The pid file was getting created before the fork(), so it had the
incorrect pid number. No one noticed for a while, since "uuidd -k"
will kill the daemon and it has enough automatic convenience functions
that it's usually not necessary to refer to the pid file except as a
convenient place for uuidd to lock against multiple instances of the
daemon starting up.
Addresses-Sourceforge-Bug: #1893244
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Use an improved locking protocol based on the pid file to assure that
only one uuidd is started. Apparently the kernel does not prevent
multiple processes from racing to bind to a Unix domain socket.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Also store the clock sequence information in a state file in
/var/lib/misc/uuid-clock so that if the time goes backwards the clock
sequence counter can get bumped. This allows us to completely
correctly generate time-based (version 1) UUID's according to the
algorithm specified RFC 4122.
Addresses-Sourceforge-Bug: #1529672
Addresses-Red-Hat-Bugzilla: #233471
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Theodore Ts'o