mirror of
https://github.com/sshuttle/sshuttle.git
synced 2025-01-15 18:38:26 +01:00
Make setsid() call in firewall process optional.
We previously called setsid() to ensure that the SIGINT generated by Ctrl+C went to the main sshuttle process instead of the firewall process. With the previous commit, we gracefully shutdown if either the sshuttle process or firewall process receives a SIGINT. Therefore, the setsid() call is optional. We still try calling setsid() since the preferred shutdown process involves having the signal go to the main sshuttle process. However, setsid() will fail if the firewall process is started with sudo and sudo is configured with the use_pty option.
This commit is contained in:
parent
ae8af71886
commit
286bd3fa80
@ -85,16 +85,17 @@ def setup_daemon():
|
|||||||
signal.signal(signal.SIGTERM, firewall_exit)
|
signal.signal(signal.SIGTERM, firewall_exit)
|
||||||
signal.signal(signal.SIGINT, firewall_exit)
|
signal.signal(signal.SIGINT, firewall_exit)
|
||||||
|
|
||||||
# ctrl-c shouldn't be passed along to me. When the main sshuttle dies,
|
# Calling setsid() here isn't strictly necessary. However, it forces
|
||||||
# I'll die automatically.
|
# Ctrl+C to get sent to the main sshuttle process instead of to
|
||||||
|
# the firewall process---which is our preferred way to shutdown.
|
||||||
|
# Nonetheless, if the firewall process receives a SIGTERM/SIGINT
|
||||||
|
# signal, it will relay a SIGINT to the main sshuttle process
|
||||||
|
# automatically.
|
||||||
try:
|
try:
|
||||||
os.setsid()
|
os.setsid()
|
||||||
except OSError:
|
except OSError:
|
||||||
raise Fatal("setsid() failed. This may occur if you are using sudo's "
|
# setsid() fails if sudo is configured with the use_pty option.
|
||||||
"use_pty option. sshuttle does not currently work with "
|
pass
|
||||||
"this option. An imperfect workaround: Run the sshuttle "
|
|
||||||
"command with sudo instead of running it as a regular "
|
|
||||||
"user and entering the sudo password when prompted.")
|
|
||||||
|
|
||||||
# because of limitations of the 'su' command, the *real* stdin/stdout
|
# because of limitations of the 'su' command, the *real* stdin/stdout
|
||||||
# are both attached to stdout initially. Clone stdout into stdin so we
|
# are both attached to stdout initially. Clone stdout into stdin so we
|
||||||
|
Loading…
Reference in New Issue
Block a user