32 #endif |
32 #endif |
33 |
33 |
34 #include <stdio.h> |
34 #include <stdio.h> |
35 #include <stdlib.h> |
35 #include <stdlib.h> |
36 #include <dlfcn.h> |
36 #include <dlfcn.h> |
|
37 #include <grp.h> |
37 |
38 |
38 #include "../public/nsapi.h" |
39 #include "../public/nsapi.h" |
39 #include "../util/systhr.h" |
40 #include "../util/systhr.h" |
40 #include "../util/io.h" |
41 #include "../util/io.h" |
|
42 #include "../util/util.h" |
41 |
43 |
42 #include "func.h" |
44 #include "func.h" |
43 #include "config.h" |
45 #include "config.h" |
44 #include "configmanager.h" |
46 #include "configmanager.h" |
45 #include "httplistener.h" |
47 #include "httplistener.h" |
66 init_configuration_manager(); |
68 init_configuration_manager(); |
67 if(cfgmgr_load_config() != 0) { |
69 if(cfgmgr_load_config() != 0) { |
68 fprintf(stderr, "Cannot load configuration\n"); |
70 fprintf(stderr, "Cannot load configuration\n"); |
69 return -1; |
71 return -1; |
70 } |
72 } |
71 |
73 |
72 // create tmp dir and pid file |
74 // create tmp dir and pid file |
73 ServerConfiguration *cfg = cfgmgr_get_server_config(); |
75 ServerConfiguration *cfg = cfgmgr_get_server_config(); |
74 char *mkdir_cmd = NULL; |
76 char *mkdir_cmd = NULL; |
75 asprintf(&mkdir_cmd, "mkdir -p %s", cfg->tmp.ptr); |
77 asprintf(&mkdir_cmd, "mkdir -p %s", cfg->tmp.ptr); |
76 system(mkdir_cmd); |
78 system(mkdir_cmd); |
81 FILE *pidfile = fopen(pid_file_path, "w"); |
83 FILE *pidfile = fopen(pid_file_path, "w"); |
82 pid_t pid = getpid(); |
84 pid_t pid = getpid(); |
83 fprintf(pidfile, "%d", pid); |
85 fprintf(pidfile, "%d", pid); |
84 fclose(pidfile); |
86 fclose(pidfile); |
85 free(pid_file_path); |
87 free(pid_file_path); |
|
88 |
|
89 // set global vars |
|
90 conf_global_vars_s *vars = conf_getglobals(); |
|
91 |
|
92 if(cfg->user.ptr) { |
|
93 char *pwbuf = malloc(DEF_PWBUF); |
|
94 vars->Vuserpw = malloc(sizeof(struct passwd)); |
|
95 // open user database |
|
96 setpwent(); |
|
97 if(!util_getpwnam(cfg->user.ptr, vars->Vuserpw, pwbuf, DEF_PWBUF)) { |
|
98 log_ereport( |
|
99 LOG_LEVEL_ERROR, |
|
100 "user %s does not exist!", |
|
101 cfg->user.ptr); |
|
102 free(vars->Vuserpw); |
|
103 vars->Vuserpw = NULL; |
|
104 } |
|
105 free(pwbuf); |
|
106 endpwent(); |
|
107 } |
86 |
108 |
87 // init NSAPI functions |
109 // change uid |
|
110 if(vars->Vuserpw && geteuid() == 0) { |
|
111 // a webserver user is set and we are root |
|
112 |
|
113 if(setgid(vars->Vuserpw->pw_gid) != 0) { |
|
114 log_ereport( |
|
115 LOG_LEVEL_ERROR, |
|
116 "setgid(%d) failed", |
|
117 vars->Vuserpw->pw_gid); |
|
118 } else { |
|
119 // setgid was successful |
|
120 // we need to call initgroups to have all group permissions |
|
121 if(initgroups(vars->Vuserpw->pw_name, vars->Vuserpw->pw_gid)!=0) { |
|
122 log_ereport(LOG_LEVEL_ERROR, "initgroups failed"); |
|
123 } |
|
124 } |
|
125 |
|
126 // change the uid |
|
127 if(setuid(vars->Vuserpw->pw_uid)) { |
|
128 log_ereport( |
|
129 LOG_LEVEL_ERROR, |
|
130 "setuid(%d) failed", |
|
131 vars->Vuserpw->pw_uid); |
|
132 } |
|
133 } else if(vars->Vuserpw) { |
|
134 log_ereport( |
|
135 LOG_LEVEL_INFO, |
|
136 "server must be started as root to change uid"); |
|
137 } |
88 |
138 |
89 |
139 |
90 return 0; |
140 return 0; |
91 } |
141 } |
92 |
142 |