[tac_plus] Re: Patch for tac_plus to fix the -G option

Mon Jun 16 19:37:12 UTC 2008

Fri, Jun 13, 2008 at 01:36:21PM -0700, Nathan Schrenk:
> Attached is a patch against version F4.0.4.15 of the tacacs+ package
> that fixes support for the -G command-line option.  My understanding
> of -G is that it is supposed to keep tac_plus running in the
> foreground: no forking, no detaching from the tty, etc.  The code in
> the F4.0.4.15 distribution does not do this: it forks and detaches.

I've applied the following variation of your patch.

@@ -41,7 +41,7 @@
 int port;			/* port we're listening on */
 int console;			/* write all syslog messages to console */
 int parse_only;			/* exit after verbose parsing */
-int childpid	       = 1;	/* child pid, global for unlink(PIDFILE) */
+int childpid;			/* child pid, global for unlink(PIDFILE) */
 int single;			/* single thread (for debugging) */
 int opt_G;			/* foreground */
 int wtmpfd;			/* for wtmp file logging */
@@ -392,7 +392,6 @@
 
 	    if (debug)
 		report(LOG_DEBUG, "Backgrounded");
-	}
 
 #ifndef REAPCHILD
 #if SETPGRP_VOID
@@ -430,19 +429,17 @@
 	    signal(SIGCHLD, SIG_IGN);
 #endif /* REAPCHILD */
 
-	/*
-	 * after forking to disassociate; make sure we know we're the mother
-	 * so that we remove our pid file upon exit in die().
-	 */
-	childpid = 1;
-
-	closelog(); /* some systems require this */
+	    closelog(); /* some systems require this */
 
-	for (c = 0; c < getdtablesize(); c++)
-	    (void) close(c);
+	    for (c = 0; c < getdtablesize(); c++)
+		(void) close(c);
 
-	/* make sure we can still log to syslog now we've closed everything */
-	open_logfile();
+	    /*
+	     * make sure we can still log to syslog now that we have closed
+	     * everything
+	     */
+	    open_logfile();
+	}
     }
 
     ostream = NULL;
@@ -482,16 +479,23 @@
     if (c >= PIDSZ) {
 	pidfilebuf[PIDSZ - 1] = '\0';
 	report(LOG_ERR, "pid filename truncated: %s", pidfilebuf);
+	childpid = 0;
+    } else {
+	/* write process id to pidfile */
+	if ((fp = fopen(pidfilebuf, "w")) != NULL) {
+	    fprintf(fp, "%d\n", (int) getpid());
+	    fclose(fp);
+	    /*
+	     * After forking to disassociate; make sure we know we're the
+	     * mother so that we remove our pid file upon exit in die().
+	     */
+	    childpid = 1;
+	} else {
+	    report(LOG_ERR, "Cannot write pid to %s %s", pidfilebuf,
+		   strerror(errno));
+	    childpid = 0;
+	}
     }
-
-    /* write process id to pidfile */
-    if ((fp = fopen(pidfilebuf, "w")) != NULL) {
-	fprintf(fp, "%d\n", (int) getpid());
-	fclose(fp);
-    } else
-	report(LOG_ERR, "Cannot write pid to %s %s",
-	       pidfilebuf, strerror(errno));
-
 #ifdef TACPLUS_GROUPID
     if (setgid(TACPLUS_GROUPID))
 	report(LOG_ERR, "Cannot set group id to %d %s",

