diff options
author | psychon <psychon@e03df62e-2008-0410-955e-edbf42e46eb7> | 2008-10-22 09:14:31 +0000 |
---|---|---|
committer | psychon <psychon@e03df62e-2008-0410-955e-edbf42e46eb7> | 2008-10-22 09:14:31 +0000 |
commit | ed70b60ad828d01cc18462cc5f50461ad84ef01c (patch) | |
tree | dd3fcdc255f2718af62b90287aa92c69d326e26a | |
parent | f7730d08b695019c84a0b5961d8fb6bdb67365b9 (diff) |
First set our group id, then the user id, because we need to be root to set the
group (else it always fails with EPERM).
Plus also call setgroups(0, NULL); to get rid of the supplementary groups.
git-svn-id: http://svn.inspircd.org/repository/trunk/inspircd@10684 e03df62e-2008-0410-955e-edbf42e46eb7
-rw-r--r-- | src/inspircd.cpp | 43 |
1 files changed, 27 insertions, 16 deletions
diff --git a/src/inspircd.cpp b/src/inspircd.cpp index 9a64331b5..f1cccab19 100644 --- a/src/inspircd.cpp +++ b/src/inspircd.cpp @@ -730,48 +730,59 @@ InspIRCd::InspIRCd(int argc, char** argv) Logs->Log("STARTUP", DEFAULT, "Startup complete as '%s'[%s], %d max open sockets", Config->ServerName,Config->GetSID().c_str(), SE->GetMaxFds()); #ifndef WIN32 - if (*(this->Config->SetUser)) + if (*(this->Config->SetGroup)) { - // setuid - struct passwd *u; + int ret; + + // setgroups + ret = setgroups(0, NULL); + + if (ret == -1) + { + this->Logs->Log("SETGROUPS", DEFAULT, "setgroups() failed (wtf?): %s", strerror(errno)); + this->QuickExit(0); + } + + // setgid + struct group *g; errno = 0; - u = getpwnam(this->Config->SetUser); + g = getgrnam(this->Config->SetGroup); - if (!u) + if (!g) { - this->Logs->Log("SETGUID", DEFAULT, "getpwnam() failed (bad user?): %s", strerror(errno)); + this->Logs->Log("SETGUID", DEFAULT, "getgrnam() failed (bad user?): %s", strerror(errno)); this->QuickExit(0); } - int ret = setuid(u->pw_uid); + ret = setgid(g->gr_gid); if (ret == -1) { - this->Logs->Log("SETGUID", DEFAULT, "setuid() failed (bad user?): %s", strerror(errno)); + this->Logs->Log("SETGUID", DEFAULT, "setgid() failed (bad user?): %s", strerror(errno)); this->QuickExit(0); } } - if (*(this->Config->SetGroup)) + if (*(this->Config->SetUser)) { - // setgid - struct group *g; + // setuid + struct passwd *u; errno = 0; - g = getgrnam(this->Config->SetGroup); + u = getpwnam(this->Config->SetUser); - if (!g) + if (!u) { - this->Logs->Log("SETGUID", DEFAULT, "getgrnam() failed (bad user?): %s", strerror(errno)); + this->Logs->Log("SETGUID", DEFAULT, "getpwnam() failed (bad user?): %s", strerror(errno)); this->QuickExit(0); } - int ret = setgid(g->gr_gid); + int ret = setuid(u->pw_uid); if (ret == -1) { - this->Logs->Log("SETGUID", DEFAULT, "setgid() failed (bad user?): %s", strerror(errno)); + this->Logs->Log("SETGUID", DEFAULT, "setuid() failed (bad user?): %s", strerror(errno)); this->QuickExit(0); } } |