Switch to non-privileged UID/GID before startup.
* src/userprivs.c: New file. * src/Makefile.am (wydawca_SOURCES): Add userprivs.c * src/config.c (cb_access_method_params): Add missing gl_list_iterator_free. (cb_user, cb_supp_groups): New callbacks. (wydawca_kw): New keywords: user and group. * src/wydawca.c (wydawca_uid, wydawca_gid) (wydawca_supp_groupc, wydawca_supp_groups): New variables. (wydawca_set_uid, wydawca_set_gid, wydawca_set_privs) (wydawca_set_triplet_privs, wydawca_set_root_privs): Remove. (main): --dry-run implies --cron. Switch to non-privileged UID/GID before startup. * src/wydawca.h (wydawca_uid, wydawca_gid) (wydawca_supp_groupc, wydawca_supp_groups): New declarations. * src/mail.c (do_notify): Duplicate admin_address, it gets freed in do_notify. * src/directive.c, src/diskio.c, src/lock.c, src/triplet.c: Update.
@@ -303,6 +303,10 @@ void make_default_meta (struct metadef kwexp[5], const char *user,
/* Global variables */
+extern uid_t wydawca_uid;
+extern gid_t wydawca_gid;
+extern size_t wydawca_supp_groupc;
+extern gid_t *wydawca_supp_groups;
extern char *conffile; /* Configuration file name */
extern int debug_level; /* Debugging level */
extern int dry_run_mode; /* Dry run indicator */
@@ -355,8 +359,8 @@ size_t trim_length (const char *str);
size_t trim (char *str);
void logmsg (int prio, char *fmt, ...) GSC_PRINTFLIKE(2,3);
int test_dir (const char *name, int *ec);
-char *create_directory (const char *base, const char *name,
- uid_t uid, gid_t gid);
+char *create_directory (const char *base, const char *name);
+int create_hierarchy (char *dir, size_t baselen);
void parse_config (void);
void log_output (int prio, const char *prog, FILE *fp);
@@ -428,9 +432,6 @@ int process_directives (struct file_triplet *trp,
int enabled_spool_p (const struct spool *spool);
-int wydawca_set_privs (uid_t uid, gid_t gid);
-int wydawca_set_triplet_privs (struct file_triplet *trp);
-int wydawca_set_root_privs (void);
int parse_time_interval (const char *str, time_t *pint, const char **endp);
@@ -538,3 +539,6 @@ void wydawca_lock_init (void);
/* tcpwrap.h */
extern struct gconf_keyword tcpwrapper_kw[];
int tcpwrap_access(int fd);
+/* userprivs.c */
+int wydawca_userprivs (uid_t uid, gid_t gid, gid_t *grplist, size_t ngrp);

