2174 }
2175 (void) close(slavefd);
2176 slavefd = newslave;
2177
2178 /*
2179 * dup the slave to the various FDs, so that when the
2180 * spawned process does a write/read it maps to the slave
2181 * pty.
2182 */
2183 (void) dup2(slavefd, STDIN_FILENO);
2184 (void) dup2(slavefd, STDOUT_FILENO);
2185 (void) dup2(slavefd, STDERR_FILENO);
2186 if (slavefd != STDIN_FILENO && slavefd != STDOUT_FILENO &&
2187 slavefd != STDERR_FILENO) {
2188 (void) close(slavefd);
2189 }
2190
2191 /*
2192 * In failsafe mode, we don't use login(1), so don't try
2193 * setting up a utmpx entry.
2194 */
2195 if (!failsafe)
2196 if (setup_utmpx(slaveshortname) == -1)
2197 return (1);
2198
2199 /*
2200 * The child needs to run as root to
2201 * execute the brand's login program.
2202 */
2203 if (setuid(0) == -1) {
2204 zperror(gettext("insufficient privilege"));
2205 return (1);
2206 }
2207
2208 (void) execve(new_args[0], new_args, new_env);
2209 zperror(gettext("exec failure"));
2210 return (1);
2211 }
2212
2213 (void) ct_tmpl_clear(tmpl_fd);
2214 (void) close(tmpl_fd);
2215
|
2174 }
2175 (void) close(slavefd);
2176 slavefd = newslave;
2177
2178 /*
2179 * dup the slave to the various FDs, so that when the
2180 * spawned process does a write/read it maps to the slave
2181 * pty.
2182 */
2183 (void) dup2(slavefd, STDIN_FILENO);
2184 (void) dup2(slavefd, STDOUT_FILENO);
2185 (void) dup2(slavefd, STDERR_FILENO);
2186 if (slavefd != STDIN_FILENO && slavefd != STDOUT_FILENO &&
2187 slavefd != STDERR_FILENO) {
2188 (void) close(slavefd);
2189 }
2190
2191 /*
2192 * In failsafe mode, we don't use login(1), so don't try
2193 * setting up a utmpx entry.
2194 *
2195 * A branded zone may have very different utmpx semantics.
2196 * At the moment, we only have two brand types:
2197 * Solaris-like (native, sn1) and Linux. In the Solaris
2198 * case, we know exactly how to do the necessary utmpx
2199 * setup. Fortunately for us, the Linux /bin/login is
2200 * prepared to deal with a non-initialized utmpx entry, so
2201 * we can simply skip it. If future brands don't fall into
2202 * either category, we'll have to add a per-brand utmpx
2203 * setup hook.
2204 */
2205 if (!failsafe && (strcmp(zonebrand, "lx") != 0))
2206 if (setup_utmpx(slaveshortname) == -1)
2207 return (1);
2208
2209 /*
2210 * The child needs to run as root to
2211 * execute the brand's login program.
2212 */
2213 if (setuid(0) == -1) {
2214 zperror(gettext("insufficient privilege"));
2215 return (1);
2216 }
2217
2218 (void) execve(new_args[0], new_args, new_env);
2219 zperror(gettext("exec failure"));
2220 return (1);
2221 }
2222
2223 (void) ct_tmpl_clear(tmpl_fd);
2224 (void) close(tmpl_fd);
2225
|