95 system(mkdir_cmd); |
95 system(mkdir_cmd); |
96 free(mkdir_cmd); |
96 free(mkdir_cmd); |
97 |
97 |
98 char *pid_file_path = NULL; |
98 char *pid_file_path = NULL; |
99 asprintf(&pid_file_path, "%s/pid", cfg->tmp.ptr); |
99 asprintf(&pid_file_path, "%s/pid", cfg->tmp.ptr); |
100 FILE *pidfile = fopen(pid_file_path, "w"); |
100 FILE *pidfile = fopen(pid_file_path, "w"); // TODO: check error |
101 pid_t pid = getpid(); |
101 pid_t pid = getpid(); |
102 fprintf(pidfile, "%d", pid); |
102 fprintf(pidfile, "%d", pid); |
103 fclose(pidfile); |
103 fclose(pidfile); |
104 free(pid_file_path); |
104 free(pid_file_path); |
105 |
105 |
106 // set global vars |
106 // set global vars |
107 conf_global_vars_s *vars = conf_getglobals(); |
107 conf_global_vars_s *vars = conf_getglobals(); |
108 |
108 |
|
109 WSBool changeuid = FALSE; |
109 uid_t ws_uid = geteuid(); |
110 uid_t ws_uid = geteuid(); |
110 setpwent(); |
111 setpwent(); |
111 char *pwbuf = malloc(DEF_PWBUF); |
112 char *pwbuf = malloc(DEF_PWBUF); |
112 vars->Vuserpw = malloc(sizeof(struct passwd)); |
113 vars->Vuserpw = malloc(sizeof(struct passwd)); |
113 if(cfg->user.ptr) { |
114 if(cfg->user.ptr) { |
116 LOG_MISCONFIG, |
117 LOG_MISCONFIG, |
117 "user %s does not exist!", |
118 "user %s does not exist!", |
118 cfg->user.ptr); |
119 cfg->user.ptr); |
119 free(vars->Vuserpw); |
120 free(vars->Vuserpw); |
120 vars->Vuserpw = NULL; |
121 vars->Vuserpw = NULL; |
|
122 } else { |
|
123 changeuid = TRUE; |
121 } |
124 } |
122 } else { |
125 } else { |
123 if(!util_getpwuid(ws_uid, vars->Vuserpw, pwbuf, DEF_PWBUF)) { |
126 if(!util_getpwuid(ws_uid, vars->Vuserpw, pwbuf, DEF_PWBUF)) { |
124 log_ereport(LOG_FAILURE, "webserver_init: cannot get passwd data"); |
127 log_ereport(LOG_FAILURE, "webserver_init: cannot get passwd data"); |
125 free(vars->Vuserpw); |
128 free(vars->Vuserpw); |
127 } |
130 } |
128 } |
131 } |
129 if(!vars->Vuserpw) { |
132 if(!vars->Vuserpw) { |
130 log_ereport(LOG_WARN, "globalvars->Vuserpw is null"); |
133 log_ereport(LOG_WARN, "globalvars->Vuserpw is null"); |
131 } |
134 } |
132 |
|
133 if(cfg->user.ptr) { |
|
134 vars->Vuserpw = malloc(sizeof(struct passwd)); |
|
135 // open user database |
|
136 //setpwent(); |
|
137 if(!util_getpwnam(cfg->user.ptr, vars->Vuserpw, pwbuf, DEF_PWBUF)) { |
|
138 log_ereport( |
|
139 LOG_MISCONFIG, |
|
140 "user %s does not exist!", |
|
141 cfg->user.ptr); |
|
142 free(vars->Vuserpw); |
|
143 vars->Vuserpw = NULL; |
|
144 } |
|
145 //endpwent(); // TODO: close or not? |
|
146 } |
|
147 free(pwbuf); |
|
148 |
135 |
149 // change uid |
136 // change uid |
150 if(vars->Vuserpw && ws_uid == 0) { |
137 if(changeuid && ws_uid == 0) { |
151 // a webserver user is set and we are root |
138 // a webserver user is set and we are root |
152 |
139 |
153 if(setgid(vars->Vuserpw->pw_gid) != 0) { |
140 if(setgid(vars->Vuserpw->pw_gid) != 0) { |
154 log_ereport( |
141 log_ereport( |
155 LOG_FAILURE, |
142 LOG_FAILURE, |