+ if (pwd->pw_uid != 0) {
+ if (sep->se_group)
+ pwd->pw_gid = grp->gr_gid;
+ /* initgroups, setgid, setuid: */
+ change_identity(pwd);
+ } else if (sep->se_group) {
+ xsetgid(grp->gr_gid);
+ setgroups(1, &grp->gr_gid);
+ }
+ if (rlim_ofile.rlim_cur != rlim_ofile_cur)
+ if (setrlimit(RLIMIT_NOFILE, &rlim_ofile) < 0)
+ bb_perror_msg("setrlimit");
+
+ /* closelog(); - WRONG. we are after vfork,
+ * this may confuse syslog() internal state.
+ * Let's hope libc sets syslog fd to CLOEXEC...
+ */
+ xmove_fd(ctrl, STDIN_FILENO);
+ xdup2(STDIN_FILENO, STDOUT_FILENO);
+ dbg("moved ctrl:%d to fd 0,1[,2]\n", ctrl);
+ /* manpages of inetd I managed to find either say
+ * that stderr is also redirected to the network,
+ * or do not talk about redirection at all (!) */
+ if (!sep->se_wait) /* only for usual "tcp nowait" */
+ xdup2(STDIN_FILENO, STDERR_FILENO);
+ /* NB: among others, this loop closes listening sockets
+ * for nowait stream children */
+ for (sep2 = serv_list; sep2; sep2 = sep2->se_next)
+ if (sep2->se_fd != ctrl)
+ maybe_close(sep2->se_fd);
+ sigaction_set(SIGPIPE, &saved_pipe_handler);
+ restore_sigmask(&omask);
+ dbg("execing:'%s'\n", sep->se_program);
+ BB_EXECVP(sep->se_program, sep->se_argv);
+ bb_perror_msg("can't execute '%s'", sep->se_program);
+ do_exit1:
+ /* eat packet in udp case */
+ if (sep->se_socktype != SOCK_STREAM)
+ recv(0, line, LINE_SIZE, MSG_DONTWAIT);
+ _exit(EXIT_FAILURE);