-
Notifications
You must be signed in to change notification settings - Fork 4
/
give-assist.c
806 lines (652 loc) · 21.9 KB
/
give-assist.c
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
/** @file give-assist.c
* give-assist- create secure directories for file exchange
* 2010-08-27 Shawn Instenes <shawni@llnl.gov>
*
* 2012-07 Re-Write for LANL enviornment Jon Bringhurst and Dominic Manno
* @author: Shawn Instenes
* @author: Trent D'Hooge
* @author: Jim Garlick
* @author: Jon Bringhurst
* @author: Dominic Manno
* @author: Ryan Day
* @author: Georgia Pedicini
*
* This program assists the give program to create a secure
* directory structure for the exchange of files, with some
* local assumptions:
*
* 1. each user has a group with the same gid as their uid,
* and they are the only member.
*
* 2. both the giver and the taker usernames can be looked up with
* getpwent()
*
* For LLNL convienience, a group named "gt-<taker_uid>" may exist.
* If it does, then the giver must be a member of that group or the
* program will not continue. (This is also checked in the "give"
* program.)
*
*
* The give spool directory structure is:
*
* SPOOL_ROOT/TAKER_UNAME/GIVER_UNAME/GIVEN_FILENAME
*
* Where:
*
* SPOOL = top level spool directory, owned by root, mode 0755.
*
* TAKER_UNAME = taker's username, owned taker_uid:taker_gid, mode 0711.*
*
* GIVER_UNAME = giver's username, owned giver_uid:taker_gid, mode 0770.
*
* GIVEN_FILENAME = any file, owned giver_uid:giver_gid, mode 0X44
* where X is the original owner permission bits.
* The perms on the directories are defined this way because the taker needs to own their givedir, the giver needs to own the subdir for which they have given to the taker (for ungive), but the
* taker's gid group also owns this because the taker needs to acess it as well (to take).
*
*
* Goals:
*
* A) Files given are owned by giver until taken (for quota purposes)
*
* B) Filenames are private to giver/taker (ignoring root, of course)
*
* C) Files may be given and taken without special privledges from giver
* to taker after this program has run at least once.
*
*
* This program checks return codes from everything, and dies if
* anything goes wrong.
*/
#define _BSD_SOURCE
#ifdef _AIX
#define dirfd(x) (((struct _dirdesc *)(x))->dd_fd)
#endif
#define _POSIX_SOURCE
#include "./config.h"
#include <stdio.h>
#include <sys/param.h>
#include <sys/types.h>
#include <pwd.h>
#include <grp.h>
#include <sys/stat.h>
#include "./string_m/string_m.h"
#include <string.h>
#include <unistd.h>
#include <dirent.h>
#include <paths.h>
#include <sys/ptrace.h>
#include <sys/time.h>
#include <sys/resource.h>
#include <stdlib.h>
#include <signal.h>
#include <errno.h>
#include <sys/wait.h>
#include <wchar.h>
#include <limits.h>
#ifndef SPOOL_DIRECTORY
#define SPOOL_DIRECTORY "/usr/givedir"
#endif
#ifndef STRICT_CHECKING
#define STRICT_CHECKING 1
#endif
//IEEE Std 1003.1-2008 says (3.429), use portable filename character set (3.276)
#define ACCEPTABLE_CHARS "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789._-"
#define GA_VERSION "give-assist 3.1-5"
//these functions are used for error checks and handling
static void try_m(errno_t result);
static void try_err(errno_t result, char* err);
static void die_err_zs(char* zs, errno_t err);
static void die_2zs(char* a, char* b);
static void die_zs(char* zs);
//thes functions are used as checks to be sure user perms, uids, gids are valid etc.
static bool gt_access_ok(struct passwd *g, struct passwd *t);
static bool give_spool_ok (char *spooldir);
static bool taker_group_ok (struct passwd *t);
static void safe_mkdir_m (string_m s, mode_t mode, uid_t u, gid_t g);
static void emit(char *a, string_m s, char *b);
//these functions are used to sanitize the environment...close open files, disable memory dumps, check for dubuggers.
int check_for_debuggers(void);
void ignore_signals(void);
void sanitize_fds(void);
void limit_cores(void);
static int open_devnull(int fd);
static const bool debug = false;
int main(int argc, char** argv){
errno_t e;
//int ret;
string_m pathname = NULL; // safe string declared to eventually hold the pathname
string_m taker_uname = NULL; // safe string declared to eventually hold the taker's username, to create a safe string
char* zs_taker = NULL; // will hold the taker's username, created from safe string wrappers
long s_passwd_size = 0L;
struct passwd* giver_ent = NULL; // pointer that will point to giver's pwd struct, so info pertaining to passwd file can be looked up
struct passwd* taker_ent = NULL; // pointer that will point to taker's pwd struct, so info pertaining to passwd file can be looked up
char* taker_buf = NULL; // string created to be buffer for taker using the s_passwd_size
char* giver_buf = NULL; // string created to be buffer for giver using the s_passwd_size
struct passwd taker_s; // passwd struct to hold the taker's passwd info, needed when calling getpwnam_r
struct passwd giver_s; // passwd struct to hold the giver's passwd info, needed when calling getpwuid_r
//try to ignore debuggers
if(check_for_debuggers()){
exit(EXIT_FAILURE);
}
//ignore signals
ignore_signals();
//close open files
sanitize_fds();
//disable memory dumps
limit_cores();
//these next three checks will make sure that only one arg is passed in for the call to give-assist
//if 0 or 2+ then the usage of give-assist is printed to stdout
//the third checks to be sure that suid or root is running give-assist
if(argc != 2){
die_zs(GA_VERSION " usage: give-assist <taker_username>");
}
if(argv == NULL){
die_zs(GA_VERSION " usage: give-assist <taker_username>");
}
if(geteuid() != 0){
die_zs("give-assist must be run as root or suid");
}
//We won't tolerate odd characters in the usernames- we mkdir later.
//This is the first and last time we use argv.
e = strcreate_m(&taker_uname, argv[1], 0, ACCEPTABLE_CHARS);
try_err(e, "That username contains invalid characters.");
try_m(cgetstr_m(taker_uname, &zs_taker));
//Here we setup for getpwuid_r & getpwnam_r.
s_passwd_size = sysconf(_SC_GETPW_R_SIZE_MAX);
if(s_passwd_size == 0L){
die_zs("System configuration error: _SC_GETPW_R_SIZE_MAX is zero.");
}
taker_buf = (char*) calloc((size_t) 1, (size_t) s_passwd_size);
giver_buf = (char*) calloc((size_t) 1, (size_t) s_passwd_size);
if(taker_buf == NULL || giver_buf == NULL){
die_zs("Out of memory.");
}
// Ok, sizes and buffers are all ready so:
//these will get the passwd structs and assign them to pointer giver_ent and taker_ent for respective person
//accesses the passwd file for this, struct is defined in /usr/include/pwd.h
//the actual struct is stored in giver_s and taker_s, using getpwuid_r and getpwnam_r is safer because of the size limit
//by using try_err we make sure that we have a success when calling these functions, if info not found msg is printed
try_err((errno_t)getpwuid_r(getuid(), &giver_s, giver_buf, s_passwd_size, &giver_ent), "Cannot find your user information.");
try_err((errno_t)getpwnam_r(zs_taker, &taker_s, taker_buf, s_passwd_size, &taker_ent), "Cannot find taker user information.");
if(taker_ent == NULL || giver_ent == NULL){
die_zs("getpw(nam|uid) returned null buffer- out of memory?");
}
//if non-strict checking is enabled at config it will set STRICT_CHECKING to 0, so it will not execute these checks, the default is for STRICT_CHECKING to = 1, so that these checks will run
if(STRICT_CHECKING){
if(taker_ent->pw_uid != taker_ent->pw_gid){
die_zs("Taker is not authorized to receive files (uid != gid).");
}
if(giver_ent->pw_uid != giver_ent->pw_gid){
die_zs("You are not authorized to give files (uid != gid).");
}
if(!gt_access_ok(giver_ent, taker_ent)){
die_zs("You are not authorized to give files to that user.");
}
}
if(!taker_group_ok(taker_ent)){
die_zs("Taker must be sole member of their username group.");
}
if(debug){
printf("ok giver: %s\n", giver_ent->pw_name);
printf("ok taker: %s\n", taker_ent->pw_name);
}
if(!give_spool_ok(SPOOL_DIRECTORY)){
// this shouldn't happen- if it returns at all it's good.
die_zs("give_spool_ok() returned zero");
}
//wrappers for safe strings, creating pathname from SPOOL (SPOOL/taker's_username)
// these may fail on malloc() but otherwise no.
try_m(strcreate_m(&pathname, SPOOL_DIRECTORY, 0, NULL));
try_m(cstrcat_m(pathname, "/"));
try_m(cstrcat_m(pathname, taker_ent->pw_name));
(void) umask((mode_t) 0); // we will be setting exact mkdir/chmod perms.
//make the directory SPOOL/taker, it is owned by (taker:taker_default_group) only the taker should have acess to this dir, but perms 0711 are needed so that givers can get into their specific subdir
safe_mkdir_m(pathname, 0711, taker_ent->pw_uid, taker_ent->pw_gid);
//wrappers for safe strings to be able to create next dir
try_m(cstrcat_m(pathname, "/"));
try_m(cstrcat_m(pathname, giver_ent->pw_name));
//make the directory SPOOL/taker/giver, it is owned by (giver:taker_default_group) this is to enable ungive functionality, perms 0770 allow all access to giver and taker, none to world
safe_mkdir_m(pathname, 0770, giver_ent->pw_uid, taker_ent->pw_gid);
if(debug){
emit("PATH = ", pathname, "\n");
}
free(taker_buf); //make sure we are cleaning up!
free(giver_buf);
exit(EXIT_SUCCESS);
}
//these functions are used as checks to be sure user and taker fit certain params to be able to give/take
/**
* print a managed string, possibly with fore & after
* ie. print a managed string between two unmanaged ones
*
* @param a string already ready to be printed
* @param s string_m managed string to be printed
* @param b string already ready to be printed
*
*/
static void emit(char* a, string_m s, char* b){
char* out = NULL;
if(a != NULL){
printf("%s", a);
}
try_m(cgetstr_m(s, &out));
printf("%s", out);
free(out);
if(b != NULL){
printf("%s", b);
}
return;
}
/**
* safe_mkdir_m()-
*
* Make a directory (it may already exist), and make sure it
* ends up with the correct ownership and permissions
*
* This code is intended to work within a managed directory tree-
* the topmost directory should be owned by root and writable only
* by root
*
* @param s string_m pathname
* @param mode mode_t mode of directory
* @param u uid_t user id
* @param g gid_t group id from /etc/passwd file
*/
static void safe_mkdir_m(string_m s, mode_t mode, uid_t u, gid_t g){
DIR* dir;
int result = 0, fd = 0;
struct stat chk, buf;
char* path = NULL;
try_m(cgetstr_m(s, &path)); //string needs to be made from string_m because mdkir requires a string for path
result = mkdir(path, mode); //making directory with path and mode, will return 0 on success or error if something goes bad
if(result != 0){
if(errno != EEXIST){
die_err_zs("error making directory", errno);
}
}
if(lstat(path, &chk) != 0){
die_2zs("directory does not exist", path);
}
if((chk.st_mode & S_IFDIR) == 0){
die_2zs("pathname is not a directory", path);
}
dir = opendir(path);
if(dir == NULL){
if(errno == ENOTDIR){
die_2zs("file where directory should be", path);
}
else{
die_err_zs("error with path", errno);
}
}
fd = dirfd(dir);
if(fstat(fd, &buf) != 0){
die_2zs("directory does not exist", path);
}
if((buf.st_mode & S_IFDIR) == 0){
die_2zs("pathname is not a directory", path);
}
// One last check- is this the same dev/inode we checked before?
if((buf.st_dev != chk.st_dev) || (buf.st_ino != chk.st_ino)){
die_2zs("directory is not static", path);
}
if((buf.st_mode & 0777) != mode){
result = fchmod(fd, mode);
if(result != 0){
die_err_zs("error chmoding directory", errno);
}
}
result = fchown(fd, u, g); ///may seem funny here, but directory needs to be owned by giver:taker_gid, so that both have acess to this
if(result != 0){
die_err_zs("error chowning directory", errno);
}
result = closedir(dir);
if(result != 0){
die_err_zs("error closing directory", errno);
}
free(path);
return;
}
/**
* check to see if a string is a member of the array a
* in the case where it is called, it is checking to be sure
* that the user is a member of the group, this is called from gt_access
* so in that case there could be multiple members of the group
*
* @param s string user
* @param a array(char **) group members
*/
static bool scanfor(char* s, char** a){
bool wasfound = false;
int i = 0;
char* p = a[i];
if(p == NULL){
return false;
}
if(s == NULL){
return false;
}
while((!wasfound) && (p != NULL)){
if(debug){
printf("scanfor: %s %s\n", s, p);
}
if(strcmp((const char*)s, (const char*)p) == 0){
wasfound = true;
break;
}
p = a[++i];
}
return wasfound;
}
/**
* see if s is the only item in a[]
* this makes sure that the user is the only member of
* his/her uid group, this should be tree in all cases
*
* @param s string username
* @param a array(char**) the array that holds the members of the group
*
*/
static bool onlycontains(char* s, char** a){
bool wasfound = true;
int i = 0;
char* p = a[i];
if(p == NULL){
return false;
}
if(s == NULL){
return false;
}
while((wasfound) && (p != NULL)){
if(debug){
printf("only: %s %s\n", s, p);
}
if(strcmp((const char*)s, (const char*)p) != 0){
wasfound = false;
break;
}
p = a[++i];
}
return wasfound;
}
/**
*
* give_spool_ok()- make sure spool directory:
* 1) exist
* 2) owned by root
* 3) be a directory
* 4) is mode 755
*
* This eliminates some potential security holes with our chown() calls and race conditions, if the
* spool directory were otherwise writable by someone other than root.
*
* @param spooldir string the SPOOL which represents the givedir
* @return if the givedir passes the checks described above
*/
static bool give_spool_ok(char* spooldir){
struct stat buf;
if(stat(spooldir, &buf) != 0){
die_2zs("give spool directory does not exist", spooldir);
}
if(buf.st_uid != 0){
die_2zs("give spool directory not owned by uid 0", spooldir);
}
if((buf.st_mode & S_IFDIR) == 0){
die_2zs("give spool pathname is not a directory", spooldir);
}
if((buf.st_mode & 0777) != 0755){
die_2zs("give spool directory is not mode 0755", spooldir);
}
// if we get here, it's good.
return (true);
}
/**
* This is implemented for LLNL...and IS necessary
* It keeps control over which users can give/take with eachother...for classified clusters
*
* If a group named "gt-<taker-uid-in-decimal>" exists, then the giver must be a member
* or the operation will be denied. If the group does not exist then the operation is OK.
*
* @param g struct passwd* giver
* @param t struct passwd* taker
*/
static bool gt_access_ok(struct passwd* g, struct passwd* t){
struct group* access_grp = NULL;
string_m s = NULL, fmt = NULL;
char* zs = NULL;
int count = 0; //managed string library wants this when using sprintf_m...tried using NULL and invalid args error came up... this works
if(g == NULL || t == NULL){
die_zs("null arg passed to gt_access_ok()");
}
//wrapper classes for the managed string library
try_m(strcreate_m(&fmt, "gt-%ld", 0, NULL));
try_m(strcreate_m(&s, "", 0, NULL));
try_m(sprintf_m(s, fmt, &count, t->pw_uid)); //see comment a few lines up about managed string library
try_m(cgetstr_m(s, &zs));
access_grp = getgrnam(zs);
free(zs);
if(access_grp == NULL){
if(debug){
printf("gt- access group does NOT exist\n");
}
return (true); // ok, no group exists
}
if(debug){
printf("gt- access group exists\n");
}
if(scanfor(g->pw_name, access_grp->gr_mem)){
if(debug){
printf("giver IS in gt- access group\n");
}
return (true); // ok, group exists and giver is in it.
}
if(debug){
printf("giver is NOT in gt- access group\n");
}
return (false);
}
/**
* taker_group_ok will check to see if taker is in a valid group and is the only member of the group
* it checks the uid group, so yes they should be the only member
*
* this also checks the /etc/grp file to see if group(uid) exists (access_grp = getgrnam(username))
* if it does, it then checks to be sure that there is only one member
*
*@param t struct passwd* taker
*
*/
static bool taker_group_ok(struct passwd* t){
struct group* access_grp = NULL;
string_m s = NULL;
char* zs = NULL;
if(t == NULL){
die_zs("null arg passed to taker_group_ok()");
}
try_m(strcreate_m(&s, t->pw_name, 0, NULL));
try_m(cgetstr_m(s, &zs));
access_grp = getgrnam(zs);
free(zs);
if(access_grp == NULL){
if(debug){
printf("taker uname group does NOT exist\n");
}
return (false); // supposed to be there.
}
if(debug){
printf("taker uname access group exists\n");
}
//this is where we are actually checking to see if the access_grp->gr_mem has more than one member
if(onlycontains(t->pw_name, access_grp->gr_mem)){
if(debug){
printf("taker is alone in uname group\n");
}
return (true);
}
if(debug){
printf("taker is NOT alone in uname group\n");
}
return (false);
}
//these functions are used to handle errors if we encounter them
/**
*
* try_m()- abort program if any managed string assertion fails.
* @param result errno_t the return value of the function being called before try_m, if no errors result == 0
*/
static void try_m(errno_t result){
if((int)result != 0){
die_err_zs("generic error, errno", result);
}
}
/**
*
* try_err()- abort program if any managed string assertion fails,
* include error.
* @param result errno_t return value of the function being called before try_m, if no errors result == 0
* @param err string error msg
*/
static void try_err(errno_t result, char* err){
if((int)result != 0) { die_zs(err); }
}
/**
* die_err_zs()- abort program if any managed string assertion fails,
* print msg and error number to stderr
*
* @param zs string message to print
* @param err errno_t error number obtained from function call that failed
*/
static void die_err_zs(char* zs, errno_t err){
if(zs != NULL){
fprintf(stderr, "%s: %d\n", zs, err);
}
exit(EXIT_FAILURE);
}
/**
* abort program
* print two messages to stderr
*
* @param a string message to print to stderr
* @param b string second message to print to stderr
*
*/
static void die_2zs(char* a, char* b){
if(a != NULL){
fprintf(stderr, "%s ", a);
}
if(b != NULL){
fprintf(stderr, "%s\n", b);
}
exit(EXIT_FAILURE);
}
/**
* abort program
* print one message to stderr
*
* @param zs string message to be printed to stderr
*/
static void die_zs(char* zs){
if(zs != NULL){
fprintf(stderr, "%s\n", zs);
}
exit(EXIT_FAILURE);
}
//these functions are used to sanitize the enviornment...close open files, disable memory dumps, check for dubuggers.
/**
* Check for debuggers, try to ignore them
*
* @return int status of debugger check
*/
int check_for_debuggers(){
int status, waitrc;
pid_t child, parent;
parent = getpid();
if(!(child = fork())){
//child
if(ptrace(PT_ATTACH, parent, 0, 0)){
exit(1);
}
do{
waitrc = waitpid(parent, &status, 0);
}
while(waitrc == -1 );
//errno = EINTR);
ptrace(PT_DETACH, parent, (caddr_t)1, SIGCONT);
exit(0);
}
if(child == -1){
return -1;
}
do{
waitrc = waitpid(child, &status, 0);
}
while(waitrc == -1 && errno != EINTR);
return WEXITSTATUS(status);
}
/**
*
*ignore signals
*
*/
void ignore_signals(){
int i;
for(i = 0; i < NSIG; i++){
if(i != SIGKILL && i != SIGCHLD){
(void) signal(i, SIG_IGN);
}
}
return;
}
/**
*
* Disable memory dumps
*
*/
void limit_cores(void){
struct rlimit rlim;
rlim.rlim_cur = rlim.rlim_max = 0;
setrlimit(RLIMIT_CORE, &rlim);
return;
}
/**
*
* helper with closing all open files, reopens stdin, stdout, and stderr
* @param fd integer
* @return integer to determine success or fail
*/
static int open_devnull(int fd){
FILE* f = 0;
if(!fd){
f = freopen(_PATH_DEVNULL, "rb", stdin);
}
else if(fd == 1){
f = freopen(_PATH_DEVNULL, "wb", stdout);
}
else if(fd == 2){
f = freopen(_PATH_DEVNULL, "wb", stderr);
}
return (f && fileno(f) == fd);
}
/**
*
*Close all open files, also calls open_devnull to reopen stdin, stdout, stderr
*
*/
void sanitize_fds(void){
int fd, fds;
struct stat st;
if((fds = getdtablesize()) == -1){
fds = 256;
}
for(fd = 3; fd < fds; fd++){
close(fd);
}
for(fd = 0; fd < 3; fd++){
if(fstat(fd, &st) == -1 && (errno != EBADF || !open_devnull(fd))){
abort();
}
}
return;
}
//
// vim: set ts=4 sw=4: