Create recovery directory

Create a directory for sesexec instances to store their recovery sockets
matt335672 · Nov 27, 2024 · 2d982a1 · 2d982a1
1 parent fe7d169
commit 2d982a1
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 0 deletions.
diff --git a/sesman/sesman.c b/sesman/sesman.c
@@ -403,6 +403,51 @@ sesman_delete_listening_transport(void)
     g_list_trans_lock = NULL;
 }
 
+/******************************************************************************/
+static int
+create_recovery_directory(const char *listen_port)
+{
+    int rv = 1;
+    // The recovery directory contains Unix Domain sockets, so can't
+    // exceed XRDP_SOCKETS_MAXPATH in length
+    char recovery_dir[XRDP_SOCKETS_MAXPATH];
+    // Allow some overhead for the names of the directory entries
+#define MAX_LISTEN_PORT_LEN (XRDP_SOCKETS_MAXPATH - 10)
+
+    if (strlen(listen_port) > MAX_LISTEN_PORT_LEN)
+    {
+        LOG(LOG_LEVEL_ERROR, "Listen port string length must be <= %d",
+            MAX_LISTEN_PORT_LEN);
+    }
+    else
+    {
+        g_snprintf(recovery_dir, sizeof(recovery_dir), "%s.r", listen_port);
+        (void)g_mkdir(recovery_dir); // Directory may already exist
+        if (!g_directory_exist(recovery_dir))
+        {
+            LOG(LOG_LEVEL_ERROR, "Can't create recovery directory %s",
+                recovery_dir);
+        }
+        else if (g_chown(recovery_dir, g_getuid(), g_getuid()) != 0)
+        {
+            LOG(LOG_LEVEL_ERROR, "Can't set ownership of '%s' [%s]",
+                recovery_dir, g_get_strerror());
+        }
+        else if ((rv = g_chmod_hex(recovery_dir, 0x700)) != 0)
+        {
+            LOG(LOG_LEVEL_ERROR, "%s: Can't set permissions on '%s' [%s]",
+                __func__, recovery_dir, g_get_strerror());
+        }
+        else
+        {
+            rv = 0;
+        }
+    }
+
+    return rv;
+#undef MAX_LISTEN_PORT_LEN
+}
+
 /******************************************************************************/
 int
 sesman_create_listening_transport(const struct config_sesman *cfg)
@@ -435,6 +480,10 @@ sesman_create_listening_transport(const struct config_sesman *cfg)
             LOG(LOG_LEVEL_ERROR, "%s: Can't set permissions on '%s' [%s]",
                 __func__, cfg->listen_port, g_get_strerror());
         }
+        else if ((rv = create_recovery_directory(cfg->listen_port)) != 0)
+        {
+            ; // Error has been logged
+        }
         else
         {
             g_list_trans->trans_conn_in = sesman_listen_conn_in;

diff --git a/sesman/sig.c b/sesman/sig.c
@@ -58,6 +58,8 @@ sig_sesman_reload_cfg(void)
     {
         LOG(LOG_LEVEL_INFO, "sesman listen port changed to %s",
             cfg->listen_port);
+        LOG(LOG_LEVEL_WARNING,
+            "Restarting sesman will now lose active sessions");
 
         /* We have to delete the old port before listening to the new one
          * in case they overlap in scope */