138 } |
138 } |
139 |
139 |
140 // change uid |
140 // change uid |
141 if(changeuid && ws_uid == 0) { |
141 if(changeuid && ws_uid == 0) { |
142 // a webserver user is set and we are root |
142 // a webserver user is set and we are root |
143 |
143 log_ereport(LOG_VERBOSE, "setgid(%d)", vars->Vuserpw->pw_gid); |
144 if(setgid(vars->Vuserpw->pw_gid) != 0) { |
144 if(setgid(vars->Vuserpw->pw_gid) != 0) { |
145 log_ereport( |
145 log_ereport( |
146 LOG_FAILURE, |
146 LOG_FAILURE, |
147 "setgid(%d) failed", |
147 "setgid(%d) failed", |
148 vars->Vuserpw->pw_gid); |
148 vars->Vuserpw->pw_gid); |
|
149 return -1; |
149 } else { |
150 } else { |
150 // setgid was successful |
151 // setgid was successful |
151 // we need to call initgroups to have all group permissions |
152 // we need to call initgroups to have all group permissions |
152 if(initgroups(vars->Vuserpw->pw_name, vars->Vuserpw->pw_gid)!=0) { |
153 if(initgroups(vars->Vuserpw->pw_name, vars->Vuserpw->pw_gid)!=0) { |
153 log_ereport(LOG_FAILURE, "initgroups failed"); |
154 log_ereport(LOG_FAILURE, "initgroups failed"); |
|
155 return -1; |
154 } |
156 } |
155 } |
157 } |
156 |
158 |
157 // change the uid |
159 // change the uid |
|
160 log_ereport(LOG_VERBOSE, "setuid(%d)", vars->Vuserpw->pw_uid); |
158 if(setuid(vars->Vuserpw->pw_uid)) { |
161 if(setuid(vars->Vuserpw->pw_uid)) { |
159 log_ereport( |
162 log_ereport( |
160 LOG_FAILURE, |
163 LOG_FAILURE, |
161 "setuid(%d) failed", |
164 "setuid(%d) failed", |
162 vars->Vuserpw->pw_uid); |
165 vars->Vuserpw->pw_uid); |
|
166 return -1; |
163 } |
167 } |
164 } else if(vars->Vuserpw) { |
168 } else if(vars->Vuserpw) { |
165 log_ereport( |
169 log_ereport( |
166 LOG_WARN, |
170 LOG_WARN, |
167 "server must be started as root to change uid"); |
171 "server must be started as root to change uid"); |