1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2008 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 */ 25 26 #pragma ident "%Z%%M% %I% %E% SMI" 27 28 #include <assert.h> 29 #include <door.h> 30 #include <errno.h> 31 #include <fcntl.h> 32 #include <limits.h> 33 #include <priv.h> 34 #include <procfs.h> 35 #include <pthread.h> 36 #include <signal.h> 37 #include <stdarg.h> 38 #include <stdio.h> 39 #include <stdio_ext.h> 40 #include <stdlib.h> 41 #include <string.h> 42 #include <syslog.h> 43 #include <sys/corectl.h> 44 #include <sys/resource.h> 45 #include <sys/stat.h> 46 #include <sys/wait.h> 47 #include <ucontext.h> 48 #include <unistd.h> 49 50 #include "configd.h" 51 52 /* 53 * This file manages the overall startup and shutdown of configd, as well 54 * as managing its door thread pool and per-thread datastructures. 55 * 56 * 1. Per-thread Datastructures 57 * ----------------------------- 58 * Each configd thread has an associated thread_info_t which contains its 59 * current state. A pointer is kept to this in TSD, keyed by thread_info_key. 60 * The thread_info_ts for all threads in configd are kept on a single global 61 * list, thread_list. After creation, the state in the thread_info structure 62 * is only modified by the associated thread, so no locking is needed. A TSD 63 * destructor removes the thread_info from the global list and frees it at 64 * pthread_exit() time. 65 * 66 * Threads access their per-thread data using thread_self() 67 * 68 * The thread_list is protected by thread_lock, a leaf lock. 69 * 70 * 2. Door Thread Pool Management 71 * ------------------------------ 72 * Whenever door_return(3door) returns from the kernel and there are no 73 * other configd threads waiting for requests, libdoor automatically 74 * invokes a function registered with door_server_create(), to request a new 75 * door server thread. The default function just creates a thread that calls 76 * door_return(3door). Unfortunately, since it can take a while for the new 77 * thread to *get* to door_return(3door), a stream of requests can cause a 78 * large number of threads to be created, even though they aren't all needed. 79 * 80 * In our callback, new_server_needed(), we limit ourself to two new threads 81 * at a time -- this logic is handled in reserve_new_thread(). This keeps 82 * us from creating an absurd number of threads in response to peaking load. 83 */ 84 static pthread_key_t thread_info_key; 85 static pthread_attr_t thread_attr; 86 87 static pthread_mutex_t thread_lock = PTHREAD_MUTEX_INITIALIZER; 88 int num_started; /* number actually running */ 89 int num_servers; /* number in-progress or running */ 90 static uu_list_pool_t *thread_pool; 91 uu_list_t *thread_list; 92 93 static thread_info_t main_thread_info; 94 95 static int finished; 96 97 static pid_t privileged_pid = 0; 98 static int privileged_psinfo_fd = -1; 99 100 static int privileged_user = 0; 101 102 static priv_set_t *privileged_privs; 103 104 static int log_to_syslog = 0; 105 106 int is_main_repository = 1; 107 108 int max_repository_backups = 4; 109 110 #define CONFIGD_MAX_FDS 262144 111 112 /* 113 * Thanks, Mike 114 */ 115 void 116 abort_handler(int sig, siginfo_t *sip, ucontext_t *ucp) 117 { 118 struct sigaction act; 119 120 (void) sigemptyset(&act.sa_mask); 121 act.sa_handler = SIG_DFL; 122 act.sa_flags = 0; 123 (void) sigaction(sig, &act, NULL); 124 125 (void) printstack(2); 126 127 if (sip != NULL && SI_FROMUSER(sip)) 128 (void) pthread_kill(pthread_self(), sig); 129 (void) sigfillset(&ucp->uc_sigmask); 130 (void) sigdelset(&ucp->uc_sigmask, sig); 131 ucp->uc_flags |= UC_SIGMASK; 132 (void) setcontext(ucp); 133 } 134 135 /* 136 * Don't want to have more than a couple thread creates outstanding 137 */ 138 static int 139 reserve_new_thread(void) 140 { 141 (void) pthread_mutex_lock(&thread_lock); 142 assert(num_started >= 0); 143 if (num_servers > num_started + 1) { 144 (void) pthread_mutex_unlock(&thread_lock); 145 return (0); 146 } 147 ++num_servers; 148 (void) pthread_mutex_unlock(&thread_lock); 149 return (1); 150 } 151 152 static void 153 thread_info_free(thread_info_t *ti) 154 { 155 uu_list_node_fini(ti, &ti->ti_node, thread_pool); 156 if (ti->ti_ucred != NULL) 157 uu_free(ti->ti_ucred); 158 uu_free(ti); 159 } 160 161 static void 162 thread_exiting(void *arg) 163 { 164 thread_info_t *ti = arg; 165 166 if (ti != NULL) 167 log_enter(&ti->ti_log); 168 169 (void) pthread_mutex_lock(&thread_lock); 170 if (ti != NULL) { 171 num_started--; 172 uu_list_remove(thread_list, ti); 173 } 174 assert(num_servers > 0); 175 --num_servers; 176 177 if (num_servers == 0) { 178 configd_critical("no door server threads\n"); 179 abort(); 180 } 181 (void) pthread_mutex_unlock(&thread_lock); 182 183 if (ti != NULL && ti != &main_thread_info) 184 thread_info_free(ti); 185 } 186 187 void 188 thread_newstate(thread_info_t *ti, thread_state_t newstate) 189 { 190 ti->ti_ucred_read = 0; /* invalidate cached ucred */ 191 if (newstate != ti->ti_state) { 192 ti->ti_prev_state = ti->ti_state; 193 ti->ti_state = newstate; 194 ti->ti_lastchange = gethrtime(); 195 } 196 } 197 198 thread_info_t * 199 thread_self(void) 200 { 201 return (pthread_getspecific(thread_info_key)); 202 } 203 204 /* 205 * get_ucred() returns NULL if it was unable to get the credential 206 * information. 207 */ 208 ucred_t * 209 get_ucred(void) 210 { 211 thread_info_t *ti = thread_self(); 212 ucred_t **ret = &ti->ti_ucred; 213 214 if (ti->ti_ucred_read) 215 return (*ret); /* cached value */ 216 217 if (door_ucred(ret) != 0) 218 return (NULL); 219 ti->ti_ucred_read = 1; 220 221 return (*ret); 222 } 223 224 int 225 ucred_is_privileged(ucred_t *uc) 226 { 227 const priv_set_t *ps; 228 229 if ((ps = ucred_getprivset(uc, PRIV_EFFECTIVE)) != NULL) { 230 if (priv_isfullset(ps)) 231 return (1); /* process has all privs */ 232 233 if (privileged_privs != NULL && 234 priv_issubset(privileged_privs, ps)) 235 return (1); /* process has zone privs */ 236 } 237 238 return (0); 239 } 240 241 /* 242 * The purpose of this function is to get the audit session data for use in 243 * generating SMF audit events. We use a single audit session per client. 244 * 245 * get_audit_session() may return NULL. It is legal to use a NULL pointer 246 * in subsequent calls to adt_* functions. 247 */ 248 adt_session_data_t * 249 get_audit_session(void) 250 { 251 thread_info_t *ti = thread_self(); 252 253 return (ti->ti_active_client->rc_adt_session); 254 } 255 256 static void * 257 thread_start(void *arg) 258 { 259 thread_info_t *ti = arg; 260 261 (void) pthread_setcancelstate(PTHREAD_CANCEL_DISABLE, NULL); 262 263 (void) pthread_mutex_lock(&thread_lock); 264 num_started++; 265 (void) uu_list_insert_after(thread_list, uu_list_last(thread_list), 266 ti); 267 (void) pthread_mutex_unlock(&thread_lock); 268 (void) pthread_setspecific(thread_info_key, ti); 269 270 thread_newstate(ti, TI_DOOR_RETURN); 271 272 /* 273 * Start handling door calls 274 */ 275 (void) door_return(NULL, 0, NULL, 0); 276 return (arg); 277 } 278 279 static void 280 new_thread_needed(door_info_t *dip) 281 { 282 thread_info_t *ti; 283 284 sigset_t new, old; 285 286 assert(dip == NULL); 287 288 if (!reserve_new_thread()) 289 return; 290 291 if ((ti = uu_zalloc(sizeof (*ti))) == NULL) 292 goto fail; 293 294 uu_list_node_init(ti, &ti->ti_node, thread_pool); 295 ti->ti_state = TI_CREATED; 296 ti->ti_prev_state = TI_CREATED; 297 298 if ((ti->ti_ucred = uu_zalloc(ucred_size())) == NULL) 299 goto fail; 300 301 (void) sigfillset(&new); 302 (void) pthread_sigmask(SIG_SETMASK, &new, &old); 303 if ((errno = pthread_create(&ti->ti_thread, &thread_attr, thread_start, 304 ti)) != 0) { 305 (void) pthread_sigmask(SIG_SETMASK, &old, NULL); 306 goto fail; 307 } 308 309 (void) pthread_sigmask(SIG_SETMASK, &old, NULL); 310 return; 311 312 fail: 313 /* 314 * Since the thread_info structure was never linked onto the 315 * thread list, thread_exiting() can't handle the cleanup. 316 */ 317 thread_exiting(NULL); 318 if (ti != NULL) 319 thread_info_free(ti); 320 } 321 322 int 323 create_connection(ucred_t *uc, repository_door_request_t *rp, 324 size_t rp_size, int *out_fd) 325 { 326 int flags; 327 int privileged = 0; 328 uint32_t debugflags = 0; 329 psinfo_t info; 330 331 if (privileged_pid != 0) { 332 /* 333 * in privileged pid mode, we only allow connections from 334 * our original parent -- the psinfo read verifies that 335 * it is the same process which we started with. 336 */ 337 if (ucred_getpid(uc) != privileged_pid || 338 read(privileged_psinfo_fd, &info, sizeof (info)) != 339 sizeof (info)) 340 return (REPOSITORY_DOOR_FAIL_PERMISSION_DENIED); 341 342 privileged = 1; /* he gets full privileges */ 343 } else if (privileged_user != 0) { 344 /* 345 * in privileged user mode, only one particular user is 346 * allowed to connect to us, and he can do anything. 347 */ 348 if (ucred_geteuid(uc) != privileged_user) 349 return (REPOSITORY_DOOR_FAIL_PERMISSION_DENIED); 350 351 privileged = 1; 352 } 353 354 /* 355 * Check that rp, of size rp_size, is large enough to 356 * contain field 'f'. If so, write the value into *out, and return 1. 357 * Otherwise, return 0. 358 */ 359 #define GET_ARG(rp, rp_size, f, out) \ 360 (((rp_size) >= offsetofend(repository_door_request_t, f)) ? \ 361 ((*(out) = (rp)->f), 1) : 0) 362 363 if (!GET_ARG(rp, rp_size, rdr_flags, &flags)) 364 return (REPOSITORY_DOOR_FAIL_BAD_REQUEST); 365 366 #if (REPOSITORY_DOOR_FLAG_ALL != REPOSITORY_DOOR_FLAG_DEBUG) 367 #error Need to update flag checks 368 #endif 369 370 if (flags & ~REPOSITORY_DOOR_FLAG_ALL) 371 return (REPOSITORY_DOOR_FAIL_BAD_FLAG); 372 373 if (flags & REPOSITORY_DOOR_FLAG_DEBUG) 374 if (!GET_ARG(rp, rp_size, rdr_debug, &debugflags)) 375 return (REPOSITORY_DOOR_FAIL_BAD_REQUEST); 376 #undef GET_ARG 377 378 return (create_client(ucred_getpid(uc), debugflags, privileged, 379 out_fd)); 380 } 381 382 void 383 configd_vlog(int severity, const char *prefix, const char *message, 384 va_list args) 385 { 386 if (log_to_syslog) 387 vsyslog(severity, message, args); 388 else { 389 flockfile(stderr); 390 if (prefix != NULL) 391 (void) fprintf(stderr, "%s", prefix); 392 (void) vfprintf(stderr, message, args); 393 if (message[0] == 0 || message[strlen(message) - 1] != '\n') 394 (void) fprintf(stderr, "\n"); 395 funlockfile(stderr); 396 } 397 } 398 399 void 400 configd_vcritical(const char *message, va_list args) 401 { 402 configd_vlog(LOG_CRIT, "svc.configd: Fatal error: ", message, args); 403 } 404 405 void 406 configd_critical(const char *message, ...) 407 { 408 va_list args; 409 va_start(args, message); 410 configd_vcritical(message, args); 411 va_end(args); 412 } 413 414 void 415 configd_info(const char *message, ...) 416 { 417 va_list args; 418 va_start(args, message); 419 configd_vlog(LOG_INFO, "svc.configd: ", message, args); 420 va_end(args); 421 } 422 423 static void 424 usage(const char *prog, int ret) 425 { 426 (void) fprintf(stderr, 427 "usage: %s [-np] [-d door_path] [-r repository_path]\n" 428 " [-t nonpersist_repository]\n", prog); 429 exit(ret); 430 } 431 432 /*ARGSUSED*/ 433 static void 434 handler(int sig, siginfo_t *info, void *data) 435 { 436 finished = 1; 437 } 438 439 static int pipe_fd = -1; 440 441 static int 442 daemonize_start(void) 443 { 444 char data; 445 int status; 446 447 int filedes[2]; 448 pid_t pid; 449 450 (void) close(0); 451 (void) dup2(2, 1); /* stderr only */ 452 453 if (pipe(filedes) < 0) 454 return (-1); 455 456 if ((pid = fork1()) < 0) 457 return (-1); 458 459 if (pid != 0) { 460 /* 461 * parent 462 */ 463 struct sigaction act; 464 465 act.sa_sigaction = SIG_DFL; 466 (void) sigemptyset(&act.sa_mask); 467 act.sa_flags = 0; 468 469 (void) sigaction(SIGPIPE, &act, NULL); /* ignore SIGPIPE */ 470 471 (void) close(filedes[1]); 472 if (read(filedes[0], &data, 1) == 1) { 473 /* presume success */ 474 _exit(CONFIGD_EXIT_OKAY); 475 } 476 477 status = -1; 478 (void) wait4(pid, &status, 0, NULL); 479 if (WIFEXITED(status)) 480 _exit(WEXITSTATUS(status)); 481 else 482 _exit(-1); 483 } 484 485 /* 486 * child 487 */ 488 pipe_fd = filedes[1]; 489 (void) close(filedes[0]); 490 491 /* 492 * generic Unix setup 493 */ 494 (void) setsid(); 495 (void) umask(0077); 496 497 return (0); 498 } 499 500 static void 501 daemonize_ready(void) 502 { 503 char data = '\0'; 504 505 /* 506 * wake the parent 507 */ 508 (void) write(pipe_fd, &data, 1); 509 (void) close(pipe_fd); 510 } 511 512 const char * 513 regularize_path(const char *dir, const char *base, char *tmpbuf) 514 { 515 if (base == NULL) 516 return (NULL); 517 if (base[0] == '/') 518 return (base); 519 520 if (snprintf(tmpbuf, PATH_MAX, "%s/%s", dir, base) >= PATH_MAX) { 521 (void) fprintf(stderr, "svc.configd: %s/%s: path too long\n", 522 dir, base); 523 exit(CONFIGD_EXIT_BAD_ARGS); 524 } 525 526 return (tmpbuf); 527 } 528 529 int 530 main(int argc, char *argv[]) 531 { 532 thread_info_t *ti = &main_thread_info; 533 534 char pidpath[sizeof ("/proc/" "/psinfo") + 10]; 535 536 struct rlimit fd_new; 537 538 const char *endptr; 539 sigset_t myset; 540 int c; 541 int ret; 542 int fd; 543 544 char curdir[PATH_MAX]; 545 char dbtmp[PATH_MAX]; 546 char npdbtmp[PATH_MAX]; 547 char doortmp[PATH_MAX]; 548 549 const char *dbpath = NULL; 550 const char *npdbpath = NULL; 551 const char *doorpath = REPOSITORY_DOOR_NAME; 552 struct sigaction act; 553 554 int daemonize = 1; /* default to daemonizing */ 555 int have_npdb = 1; 556 557 closefrom(3); /* get rid of extraneous fds */ 558 559 if (getcwd(curdir, sizeof (curdir)) == NULL) { 560 (void) fprintf(stderr, 561 "%s: unable to get current directory: %s\n", 562 argv[0], strerror(errno)); 563 exit(CONFIGD_EXIT_INIT_FAILED); 564 } 565 566 while ((c = getopt(argc, argv, "Dnpd:r:t:")) != -1) { 567 switch (c) { 568 case 'n': 569 daemonize = 0; 570 break; 571 case 'd': 572 doorpath = regularize_path(curdir, optarg, doortmp); 573 have_npdb = 0; /* default to no non-persist */ 574 break; 575 case 'p': 576 log_to_syslog = 0; /* don't use syslog */ 577 578 /* 579 * If our parent exits while we're opening its /proc 580 * psinfo, we're vulnerable to a pid wrapping. To 581 * protect against that, re-check our ppid after 582 * opening it. 583 */ 584 privileged_pid = getppid(); 585 (void) snprintf(pidpath, sizeof (pidpath), 586 "/proc/%d/psinfo", privileged_pid); 587 if ((fd = open(pidpath, O_RDONLY)) < 0 || 588 getppid() != privileged_pid) { 589 (void) fprintf(stderr, 590 "%s: unable to get parent info\n", argv[0]); 591 exit(CONFIGD_EXIT_BAD_ARGS); 592 } 593 privileged_psinfo_fd = fd; 594 break; 595 case 'r': 596 dbpath = regularize_path(curdir, optarg, dbtmp); 597 is_main_repository = 0; 598 break; 599 case 't': 600 npdbpath = regularize_path(curdir, optarg, npdbtmp); 601 is_main_repository = 0; 602 break; 603 default: 604 usage(argv[0], CONFIGD_EXIT_BAD_ARGS); 605 break; 606 } 607 } 608 609 /* 610 * If we're not running as root, allow our euid full access, and 611 * everyone else no access. 612 */ 613 if (privileged_pid == 0 && geteuid() != 0) { 614 privileged_user = geteuid(); 615 } 616 617 privileged_privs = priv_str_to_set("zone", "", &endptr); 618 if (endptr != NULL && privileged_privs != NULL) { 619 priv_freeset(privileged_privs); 620 privileged_privs = NULL; 621 } 622 623 openlog("svc.configd", LOG_PID | LOG_CONS, LOG_DAEMON); 624 (void) setlogmask(LOG_UPTO(LOG_NOTICE)); 625 626 /* 627 * if a non-persist db is specified, always enable it 628 */ 629 if (npdbpath) 630 have_npdb = 1; 631 632 if (optind != argc) 633 usage(argv[0], CONFIGD_EXIT_BAD_ARGS); 634 635 if (daemonize) { 636 if (getuid() == 0) 637 (void) chdir("/"); 638 if (daemonize_start() < 0) { 639 (void) perror("unable to daemonize"); 640 exit(CONFIGD_EXIT_INIT_FAILED); 641 } 642 } 643 if (getuid() == 0) 644 (void) core_set_process_path(CONFIGD_CORE, 645 strlen(CONFIGD_CORE) + 1, getpid()); 646 647 /* 648 * this should be enabled once we can drop privileges and still get 649 * a core dump. 650 */ 651 #if 0 652 /* turn off basic privileges we do not need */ 653 (void) priv_set(PRIV_OFF, PRIV_PERMITTED, PRIV_FILE_LINK_ANY, 654 PRIV_PROC_EXEC, PRIV_PROC_FORK, PRIV_PROC_SESSION, NULL); 655 #endif 656 657 /* not that we can exec, but to be safe, shut them all off... */ 658 (void) priv_set(PRIV_SET, PRIV_INHERITABLE, NULL); 659 660 (void) sigfillset(&act.sa_mask); 661 662 /* signals to ignore */ 663 act.sa_sigaction = SIG_IGN; 664 act.sa_flags = 0; 665 (void) sigaction(SIGPIPE, &act, NULL); 666 (void) sigaction(SIGALRM, &act, NULL); 667 (void) sigaction(SIGUSR1, &act, NULL); 668 (void) sigaction(SIGUSR2, &act, NULL); 669 (void) sigaction(SIGPOLL, &act, NULL); 670 671 /* signals to abort on */ 672 act.sa_sigaction = (void (*)(int, siginfo_t *, void *))&abort_handler; 673 act.sa_flags = SA_SIGINFO; 674 675 (void) sigaction(SIGABRT, &act, NULL); 676 677 /* signals to handle */ 678 act.sa_sigaction = &handler; 679 act.sa_flags = SA_SIGINFO; 680 681 (void) sigaction(SIGHUP, &act, NULL); 682 (void) sigaction(SIGINT, &act, NULL); 683 (void) sigaction(SIGTERM, &act, NULL); 684 685 (void) sigemptyset(&myset); 686 (void) sigaddset(&myset, SIGHUP); 687 (void) sigaddset(&myset, SIGINT); 688 (void) sigaddset(&myset, SIGTERM); 689 690 if ((errno = pthread_attr_init(&thread_attr)) != 0) { 691 (void) perror("initializing"); 692 exit(CONFIGD_EXIT_INIT_FAILED); 693 } 694 695 /* 696 * Set the hard and soft limits to CONFIGD_MAX_FDS. 697 */ 698 fd_new.rlim_max = fd_new.rlim_cur = CONFIGD_MAX_FDS; 699 (void) setrlimit(RLIMIT_NOFILE, &fd_new); 700 701 #ifndef NATIVE_BUILD /* Allow building on snv_38 and earlier; remove later. */ 702 (void) enable_extended_FILE_stdio(-1, -1); 703 #endif 704 705 if ((ret = backend_init(dbpath, npdbpath, have_npdb)) != 706 CONFIGD_EXIT_OKAY) 707 exit(ret); 708 709 if (!client_init()) 710 exit(CONFIGD_EXIT_INIT_FAILED); 711 712 if (!rc_node_init()) 713 exit(CONFIGD_EXIT_INIT_FAILED); 714 715 (void) pthread_attr_setdetachstate(&thread_attr, 716 PTHREAD_CREATE_DETACHED); 717 (void) pthread_attr_setscope(&thread_attr, PTHREAD_SCOPE_SYSTEM); 718 719 if ((errno = pthread_key_create(&thread_info_key, 720 thread_exiting)) != 0) { 721 perror("pthread_key_create"); 722 exit(CONFIGD_EXIT_INIT_FAILED); 723 } 724 725 if ((thread_pool = uu_list_pool_create("thread_pool", 726 sizeof (thread_info_t), offsetof(thread_info_t, ti_node), 727 NULL, UU_LIST_POOL_DEBUG)) == NULL) { 728 configd_critical("uu_list_pool_create: %s\n", 729 uu_strerror(uu_error())); 730 exit(CONFIGD_EXIT_INIT_FAILED); 731 } 732 733 if ((thread_list = uu_list_create(thread_pool, NULL, 0)) == NULL) { 734 configd_critical("uu_list_create: %s\n", 735 uu_strerror(uu_error())); 736 exit(CONFIGD_EXIT_INIT_FAILED); 737 } 738 739 (void) memset(ti, '\0', sizeof (*ti)); 740 uu_list_node_init(ti, &ti->ti_node, thread_pool); 741 (void) uu_list_insert_before(thread_list, uu_list_first(thread_list), 742 ti); 743 744 ti->ti_thread = pthread_self(); 745 ti->ti_state = TI_SIGNAL_WAIT; 746 ti->ti_prev_state = TI_SIGNAL_WAIT; 747 748 (void) pthread_setspecific(thread_info_key, ti); 749 750 (void) door_server_create(new_thread_needed); 751 752 if (!setup_main_door(doorpath)) { 753 configd_critical("Setting up main door failed.\n"); 754 exit(CONFIGD_EXIT_DOOR_INIT_FAILED); 755 } 756 757 if (daemonize) 758 daemonize_ready(); 759 760 (void) pthread_sigmask(SIG_BLOCK, &myset, NULL); 761 while (!finished) { 762 int sig = sigwait(&myset); 763 if (sig > 0) { 764 break; 765 } 766 } 767 768 backend_fini(); 769 770 return (CONFIGD_EXIT_OKAY); 771 }