comparison: src/server/daemon/webserver.c
src/server/daemon/webserver.c
- changeset 47
- ce9790523346
- parent 44
- 3da1f7b6847f
- child 58
- 66c22e54aa90
equal
deleted
inserted
replaced
| 46:636e05eb48f6 | 47:ce9790523346 |
|---|---|
| 32 #endif | 32 #endif |
| 33 | 33 |
| 34 #include <stdio.h> | 34 #include <stdio.h> |
| 35 #include <stdlib.h> | 35 #include <stdlib.h> |
| 36 #include <dlfcn.h> | 36 #include <dlfcn.h> |
| 37 #include <grp.h> | |
| 37 | 38 |
| 38 #include "../public/nsapi.h" | 39 #include "../public/nsapi.h" |
| 39 #include "../util/systhr.h" | 40 #include "../util/systhr.h" |
| 40 #include "../util/io.h" | 41 #include "../util/io.h" |
| 42 #include "../util/util.h" | |
| 41 | 43 |
| 42 #include "func.h" | 44 #include "func.h" |
| 43 #include "config.h" | 45 #include "config.h" |
| 44 #include "configmanager.h" | 46 #include "configmanager.h" |
| 45 #include "httplistener.h" | 47 #include "httplistener.h" |
| 66 init_configuration_manager(); | 68 init_configuration_manager(); |
| 67 if(cfgmgr_load_config() != 0) { | 69 if(cfgmgr_load_config() != 0) { |
| 68 fprintf(stderr, "Cannot load configuration\n"); | 70 fprintf(stderr, "Cannot load configuration\n"); |
| 69 return -1; | 71 return -1; |
| 70 } | 72 } |
| 71 | 73 |
| 72 // create tmp dir and pid file | 74 // create tmp dir and pid file |
| 73 ServerConfiguration *cfg = cfgmgr_get_server_config(); | 75 ServerConfiguration *cfg = cfgmgr_get_server_config(); |
| 74 char *mkdir_cmd = NULL; | 76 char *mkdir_cmd = NULL; |
| 75 asprintf(&mkdir_cmd, "mkdir -p %s", cfg->tmp.ptr); | 77 asprintf(&mkdir_cmd, "mkdir -p %s", cfg->tmp.ptr); |
| 76 system(mkdir_cmd); | 78 system(mkdir_cmd); |
| 81 FILE *pidfile = fopen(pid_file_path, "w"); | 83 FILE *pidfile = fopen(pid_file_path, "w"); |
| 82 pid_t pid = getpid(); | 84 pid_t pid = getpid(); |
| 83 fprintf(pidfile, "%d", pid); | 85 fprintf(pidfile, "%d", pid); |
| 84 fclose(pidfile); | 86 fclose(pidfile); |
| 85 free(pid_file_path); | 87 free(pid_file_path); |
| 88 | |
| 89 // set global vars | |
| 90 conf_global_vars_s *vars = conf_getglobals(); | |
| 91 | |
| 92 if(cfg->user.ptr) { | |
| 93 char *pwbuf = malloc(DEF_PWBUF); | |
| 94 vars->Vuserpw = malloc(sizeof(struct passwd)); | |
| 95 // open user database | |
| 96 setpwent(); | |
| 97 if(!util_getpwnam(cfg->user.ptr, vars->Vuserpw, pwbuf, DEF_PWBUF)) { | |
| 98 log_ereport( | |
| 99 LOG_LEVEL_ERROR, | |
| 100 "user %s does not exist!", | |
| 101 cfg->user.ptr); | |
| 102 free(vars->Vuserpw); | |
| 103 vars->Vuserpw = NULL; | |
| 104 } | |
| 105 free(pwbuf); | |
| 106 endpwent(); | |
| 107 } | |
| 86 | 108 |
| 87 // init NSAPI functions | 109 // change uid |
| 110 if(vars->Vuserpw && geteuid() == 0) { | |
| 111 // a webserver user is set and we are root | |
| 112 | |
| 113 if(setgid(vars->Vuserpw->pw_gid) != 0) { | |
| 114 log_ereport( | |
| 115 LOG_LEVEL_ERROR, | |
| 116 "setgid(%d) failed", | |
| 117 vars->Vuserpw->pw_gid); | |
| 118 } else { | |
| 119 // setgid was successful | |
| 120 // we need to call initgroups to have all group permissions | |
| 121 if(initgroups(vars->Vuserpw->pw_name, vars->Vuserpw->pw_gid)!=0) { | |
| 122 log_ereport(LOG_LEVEL_ERROR, "initgroups failed"); | |
| 123 } | |
| 124 } | |
| 125 | |
| 126 // change the uid | |
| 127 if(setuid(vars->Vuserpw->pw_uid)) { | |
| 128 log_ereport( | |
| 129 LOG_LEVEL_ERROR, | |
| 130 "setuid(%d) failed", | |
| 131 vars->Vuserpw->pw_uid); | |
| 132 } | |
| 133 } else if(vars->Vuserpw) { | |
| 134 log_ereport( | |
| 135 LOG_LEVEL_INFO, | |
| 136 "server must be started as root to change uid"); | |
| 137 } | |
| 88 | 138 |
| 89 | 139 |
| 90 return 0; | 140 return 0; |
| 91 } | 141 } |
| 92 | 142 |
