summaryrefslogtreecommitdiffabout
path: root/src/wydawca.c
Side-by-side diff
Diffstat (limited to 'src/wydawca.c') (more/less context) (ignore whitespace changes)
-rw-r--r--src/wydawca.c90
1 files changed, 22 insertions, 68 deletions
diff --git a/src/wydawca.c b/src/wydawca.c
index 48c27e9..f02ac99 100644
--- a/src/wydawca.c
+++ b/src/wydawca.c
@@ -19,6 +19,10 @@
#include "argmatch.h"
#include "version-etc.h"
+uid_t wydawca_uid;
+gid_t wydawca_gid;
+size_t wydawca_supp_groupc;
+gid_t *wydawca_supp_groups;
char *conffile = SYSCONFDIR "/wydawca.rc" ;
int debug_level;
int dry_run_mode;
@@ -265,73 +269,6 @@ collect_uids (int argc, char **argv)
}
-static int
-wydawca_set_uid (uid_t uid)
-{
- int rc;
-
- if (getuid () != 0)
- return 0;
-#if defined(HAVE_SETREUID)
- rc = setreuid (0, uid);
-#elif defined(HAVE_SETRESUID)
- rc = setresuid (-1, uid, -1);
-#elif defined(HAVE_SETEUID)
- rc = seteuid (uid);
-#else
-# error "No way to reset user privileges?"
-#endif
- if (rc < 0)
- logmsg (LOG_ERR, _("cannot switch to UID %d: %s (r=%d, e=%d)"),
- uid, strerror (errno), getuid (), geteuid ());
- return rc;
-}
-
-static int
-wydawca_set_gid (gid_t gid)
-{
- int rc;
-
- if (getuid () != 0)
- return 0;
-#if defined(HAVE_SETREGID)
- rc = setregid (0, gid);
-#elif defined(HAVE_SETRESGID)
- rc = setresgid (-1, gid, -1);
-#elif defined(HAVE_SETEGID)
- rc = setegid (gid);
-#else
-# error "No way to reset user privileges?"
-#endif
- if (rc < 0)
- logmsg (LOG_ERR, _("cannot switch to GID %d: %s (r=%d, e=%d)"),
- gid, strerror (errno), getgid (), getegid ());
- return rc;
-}
-
-int
-wydawca_set_privs (uid_t uid, gid_t gid)
-{
- if (wydawca_set_gid (gid))
- return -1;
- if (wydawca_set_uid (uid))
- return -1;
- return 0;
-}
-
-int
-wydawca_set_triplet_privs (struct file_triplet *trp)
-{
- return wydawca_set_privs (TRIPLET_UID (trp), TRIPLET_GID (trp));
-}
-
-int
-wydawca_set_root_privs ()
-{
- return wydawca_set_privs (0, 0);
-}
-
-
char **x_argv;
extern int reconfigure;
@@ -377,6 +314,8 @@ main (int argc, char **argv)
if (lint_mode)
exit (0);
+ if (dry_run_mode)
+ cron_option = 1;
if (cron_option)
daemon_mode = 0;
if (foreground_option >= 0)
@@ -394,6 +333,22 @@ main (int argc, char **argv)
log_printer = syslog_printer;
}
+ if (getgid () == 0)
+ {
+ if (wydawca_uid == 0)
+ {
+ if (!force_startup)
+ {
+ logmsg (LOG_CRIT, _("won't run with root privileges"));
+ exit (EX_UNAVAILABLE);
+ }
+ }
+ else if (wydawca_userprivs (wydawca_uid, wydawca_gid,
+ wydawca_supp_groups,
+ wydawca_supp_groupc))
+ exit (EX_UNAVAILABLE);
+ }
+
mail_init ();
wydawca_lock_init ();
@@ -414,7 +369,6 @@ main (int argc, char **argv)
if (reconfigure)
{
int i;
- wydawca_set_uid (0);
for (i = getdtablesize (); i > 2; i--)
close (i);
remove_pidfile ();

Return to:

Send suggestions and report system problems to the System administrator.