|
 |
fa39dc |
diff -up ./src/daemon/fapolicyd.c.sighup ./src/daemon/fapolicyd.c
|
|
|
fa39dc |
--- ./src/daemon/fapolicyd.c.sighup 2022-06-21 16:55:47.000000000 +0200
|
|
|
fa39dc |
+++ ./src/daemon/fapolicyd.c 2022-08-04 11:07:10.245069443 +0200
|
|
|
fa39dc |
@@ -527,6 +527,7 @@ int main(int argc, const char *argv[])
|
|
|
fa39dc |
while (!stop) {
|
|
|
fa39dc |
if (hup) {
|
|
|
fa39dc |
hup = 0;
|
|
|
fa39dc |
+ msg(LOG_INFO, "Got SIGHUP");
|
|
|
fa39dc |
reconfigure();
|
|
|
fa39dc |
}
|
|
|
fa39dc |
rc = poll(pfd, 2, -1);
|
|
|
fa39dc |
diff -up ./src/library/database.c.sighup ./src/library/database.c
|
|
|
fa39dc |
--- ./src/library/database.c.sighup 2022-08-04 11:07:10.237069609 +0200
|
|
|
fa39dc |
+++ ./src/library/database.c 2022-08-04 11:08:44.852057119 +0200
|
|
|
fa39dc |
@@ -68,7 +68,7 @@ static int lib_symlink=0, lib64_symlink=
|
|
|
fa39dc |
static struct pollfd ffd[1] = { {0, 0, 0} };
|
|
|
fa39dc |
static const char *fifo_path = "/run/fapolicyd/fapolicyd.fifo";
|
|
|
fa39dc |
static integrity_t integrity;
|
|
|
fa39dc |
-static atomic_int db_operation;
|
|
|
fa39dc |
+static atomic_int reload_db = 0;
|
|
|
fa39dc |
|
|
|
fa39dc |
static pthread_t update_thread;
|
|
|
fa39dc |
static pthread_mutex_t update_lock;
|
|
|
fa39dc |
@@ -1147,7 +1147,31 @@ static int handle_record(const char * bu
|
|
|
fa39dc |
|
|
|
fa39dc |
void update_trust_database(void)
|
|
|
fa39dc |
{
|
|
|
fa39dc |
- db_operation = RELOAD_DB;
|
|
|
fa39dc |
+ reload_db = 1;
|
|
|
fa39dc |
+}
|
|
|
fa39dc |
+
|
|
|
fa39dc |
+static void do_reload_db(conf_t* config)
|
|
|
fa39dc |
+{
|
|
|
fa39dc |
+ msg(LOG_INFO,"It looks like there was an update of the system... Syncing DB.");
|
|
|
fa39dc |
+
|
|
|
fa39dc |
+ int rc;
|
|
|
fa39dc |
+ backend_close();
|
|
|
fa39dc |
+ backend_init(config);
|
|
|
fa39dc |
+ backend_load(config);
|
|
|
fa39dc |
+
|
|
|
fa39dc |
+ if ((rc = update_database(config))) {
|
|
|
fa39dc |
+ msg(LOG_ERR,
|
|
|
fa39dc |
+ "Cannot update trust database!");
|
|
|
fa39dc |
+ close(ffd[0].fd);
|
|
|
fa39dc |
+ backend_close();
|
|
|
fa39dc |
+ unlink_fifo();
|
|
|
fa39dc |
+ exit(rc);
|
|
|
fa39dc |
+ }
|
|
|
fa39dc |
+
|
|
|
fa39dc |
+ msg(LOG_INFO, "Updated");
|
|
|
fa39dc |
+
|
|
|
fa39dc |
+ // Conserve memory
|
|
|
fa39dc |
+ backend_close();
|
|
|
fa39dc |
}
|
|
|
fa39dc |
|
|
|
fa39dc |
static void *update_thread_main(void *arg)
|
|
|
fa39dc |
@@ -1158,6 +1182,8 @@ static void *update_thread_main(void *ar
|
|
|
fa39dc |
char err_buff[BUFFER_SIZE];
|
|
|
fa39dc |
conf_t *config = (conf_t *)arg;
|
|
|
fa39dc |
|
|
|
fa39dc |
+ int do_operation = DB_NO_OP;;
|
|
|
fa39dc |
+
|
|
|
fa39dc |
#ifdef DEBUG
|
|
|
fa39dc |
msg(LOG_DEBUG, "Update thread main started");
|
|
|
fa39dc |
#endif
|
|
|
fa39dc |
@@ -1182,6 +1208,12 @@ static void *update_thread_main(void *ar
|
|
|
fa39dc |
|
|
|
fa39dc |
rc = poll(ffd, 1, 1000);
|
|
|
fa39dc |
|
|
|
fa39dc |
+ // got SIGHUP
|
|
|
fa39dc |
+ if (reload_db) {
|
|
|
fa39dc |
+ reload_db = 0;
|
|
|
fa39dc |
+ do_reload_db(config);
|
|
|
fa39dc |
+ }
|
|
|
fa39dc |
+
|
|
|
fa39dc |
#ifdef DEBUG
|
|
|
fa39dc |
msg(LOG_DEBUG, "Update poll interrupted");
|
|
|
fa39dc |
#endif
|
|
|
fa39dc |
@@ -1228,17 +1260,17 @@ static void *update_thread_main(void *ar
|
|
|
fa39dc |
// assume file name
|
|
|
fa39dc |
// operation = 0
|
|
|
fa39dc |
if (buff[i] == '/') {
|
|
|
fa39dc |
- db_operation = ONE_FILE;
|
|
|
fa39dc |
+ do_operation = ONE_FILE;
|
|
|
fa39dc |
break;
|
|
|
fa39dc |
}
|
|
|
fa39dc |
|
|
|
fa39dc |
if (buff[i] == '1') {
|
|
|
fa39dc |
- db_operation = RELOAD_DB;
|
|
|
fa39dc |
+ do_operation = RELOAD_DB;
|
|
|
fa39dc |
break;
|
|
|
fa39dc |
}
|
|
|
fa39dc |
|
|
|
fa39dc |
if (buff[i] == '2') {
|
|
|
fa39dc |
- db_operation = FLUSH_CACHE;
|
|
|
fa39dc |
+ do_operation = FLUSH_CACHE;
|
|
|
fa39dc |
break;
|
|
|
fa39dc |
}
|
|
|
fa39dc |
|
|
|
fa39dc |
@@ -1252,34 +1284,16 @@ static void *update_thread_main(void *ar
|
|
|
fa39dc |
*end = '\n';
|
|
|
fa39dc |
|
|
|
fa39dc |
// got "1" -> reload db
|
|
|
fa39dc |
- if (db_operation == RELOAD_DB) {
|
|
|
fa39dc |
- db_operation = DB_NO_OP;
|
|
|
fa39dc |
- msg(LOG_INFO,
|
|
|
fa39dc |
- "It looks like there was an update of the system... Syncing DB.");
|
|
|
fa39dc |
-
|
|
|
fa39dc |
- backend_close();
|
|
|
fa39dc |
- backend_init(config);
|
|
|
fa39dc |
- backend_load(config);
|
|
|
fa39dc |
-
|
|
|
fa39dc |
- if ((rc = update_database(config))) {
|
|
|
fa39dc |
- msg(LOG_ERR,
|
|
|
fa39dc |
- "Cannot update trust database!");
|
|
|
fa39dc |
- close(ffd[0].fd);
|
|
|
fa39dc |
- backend_close();
|
|
|
fa39dc |
- unlink_fifo();
|
|
|
fa39dc |
- exit(rc);
|
|
|
fa39dc |
- }
|
|
|
fa39dc |
-
|
|
|
fa39dc |
- msg(LOG_INFO, "Updated");
|
|
|
fa39dc |
+ if (do_operation == RELOAD_DB) {
|
|
|
fa39dc |
+ do_operation = DB_NO_OP;
|
|
|
fa39dc |
+ do_reload_db(config);
|
|
|
fa39dc |
|
|
|
fa39dc |
- // Conserve memory
|
|
|
fa39dc |
- backend_close();
|
|
|
fa39dc |
// got "2" -> flush cache
|
|
|
fa39dc |
- } else if (db_operation == FLUSH_CACHE) {
|
|
|
fa39dc |
- db_operation = DB_NO_OP;
|
|
|
fa39dc |
+ } else if (do_operation == FLUSH_CACHE) {
|
|
|
fa39dc |
+ do_operation = DB_NO_OP;
|
|
|
fa39dc |
needs_flush = true;
|
|
|
fa39dc |
- } else if (db_operation == ONE_FILE) {
|
|
|
fa39dc |
- db_operation = DB_NO_OP;
|
|
|
fa39dc |
+ } else if (do_operation == ONE_FILE) {
|
|
|
fa39dc |
+ do_operation = DB_NO_OP;
|
|
|
fa39dc |
if (handle_record(buff))
|
|
|
fa39dc |
continue;
|
|
|
fa39dc |
}
|