From patchwork Thu Mar 5 08:49:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Petr_=C5=A0tetiar?= X-Patchwork-Id: 1249472 X-Patchwork-Delegate: ynezz@true.cz Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:e::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=true.cz Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20170209 header.b=R99BBO5R; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:e::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 48Y4FJ1R80z9sPg for ; Thu, 5 Mar 2020 19:49:55 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20170209; h=Sender: Content-Transfer-Encoding:Content-Type:Cc:List-Subscribe:List-Help:List-Post: List-Archive:List-Unsubscribe:List-Id:Subject:MIME-Version:Message-Id:Date:To :From:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References: List-Owner; bh=8pKh5WVRbL8jJb55hpN610FqGX5E//kylsaM/8ml+xg=; b=R99BBO5RE9FcUg ybVSqHfRHicgOkgnyF4ioR7JkMf+JfG11E4JEfKXe/zIjbuq119Dp4b5KSBwBIJowYzr9SHwguXkn lE9ckaO+DV4yue4gNJ/3LvQkPLs3LQp5lChMEy2hYepii+wjD8/IxsdynZnP4IWPBb6KZBDBF+hUp chLe5BwOA809/GKrApDOPoSKzr2IbUVIHDABs0QeiCvtj6BqYuV7RzNg6oxszSQJiGFKHJMW7ZKig HOoNJY6xlROp2lovOygqGDTFL0u5/Q67SR2zK0QQjX2/aYYTWLq2jX99NVBrTNZZ60Y0lRaN2PuY7 YnDWWb12FkF2ylyXn8YA==; Received: from localhost ([127.0.0.1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1j9mCP-0008FQ-CA; Thu, 05 Mar 2020 08:49:45 +0000 Received: from smtp-out.xnet.cz ([178.217.244.18]) by bombadil.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1j9mCL-0008Et-QD for openwrt-devel@lists.openwrt.org; Thu, 05 Mar 2020 08:49:43 +0000 Received: from meh.true.cz (meh.true.cz [108.61.167.218]) (Authenticated sender: petr@true.cz) by smtp-out.xnet.cz (Postfix) with ESMTPSA id 7FFDF332F; Thu, 5 Mar 2020 09:49:27 +0100 (CET) Received: by meh.true.cz (OpenSMTPD) with ESMTP id 0da70f2a; Thu, 5 Mar 2020 09:49:14 +0100 (CET) From: =?utf-8?q?Petr_=C5=A0tetiar?= To: openwrt-devel@lists.openwrt.org Date: Thu, 5 Mar 2020 09:49:12 +0100 Message-Id: <20200305084912.14659-1-ynezz@true.cz> MIME-Version: 1.0 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20200305_004941_998904_4BF2E2FE X-CRM114-Status: UNSURE ( 9.28 ) X-CRM114-Notice: Please train this message. X-Spam-Score: 0.0 (/) X-Spam-Report: SpamAssassin version 3.4.3 on bombadil.infradead.org summary: Content analysis details: (0.0 points) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [178.217.244.18 listed in list.dnswl.org] 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record Subject: [OpenWrt-Devel] [PATCH] rpcd: fix respawn settings X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Hauke Mehrtens , =?utf-8?q?Petr_=C5=A0tetiar?= , Jo-Philip Wich , Florian Eckert Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org Commit 432ec292ccc8 ("rpcd: add respawn param") has introduced infinite restarting of the service which could be reached over network. This is not recommended security practice as it might give potential adversary infinite number of tries in case there might be some issue in the rpcd or its surrounding stack. So lets remove the currently bogus `respawn_retry` variable (it wasn't possible to override it anyway), reverting to the previous default max. of 5 service restarts which could be now overriden via system's UCI settings if desired. Cc: Jo-Philip Wich Cc: Florian Eckert Cc: Hauke Mehrtens Fixes: 432ec292ccc8 ("rpcd: add respawn param") Signed-off-by: Petr Štetiar --- package/system/rpcd/files/rpcd.init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/package/system/rpcd/files/rpcd.init b/package/system/rpcd/files/rpcd.init index 3e9ea5bbf329..f75d0e0f0eea 100755 --- a/package/system/rpcd/files/rpcd.init +++ b/package/system/rpcd/files/rpcd.init @@ -12,7 +12,7 @@ start_service() { procd_open_instance procd_set_param command "$PROG" ${socket:+-s "$socket"} ${timeout:+-t "$timeout"} - procd_set_param respawn ${respawn_retry:-0} + procd_set_param respawn procd_close_instance }