Sat, 12 Nov 2022 16:52:32 +0100
run Init directives after setuid
--- a/src/server/daemon/config.c Sat Nov 12 12:09:37 2022 +0100 +++ b/src/server/daemon/config.c Sat Nov 12 16:52:32 2022 +0100 @@ -67,14 +67,19 @@ return path.ptr; } -int load_init_conf(char *file) { +InitConfig* load_init_conf(const char *file) { log_ereport(LOG_VERBOSE, "load_init_conf"); InitConfig *cfg = initconfig_load(file); if(cfg == NULL) { log_ereport(LOG_FAILURE, "Cannot load init.conf"); - return 1; + return NULL;; } + + return cfg; +} + +int apply_init_conf(InitConfig *cfg) { init_pool = pool_create(); ConfigNode *dir = cfg->root->children_begin; @@ -131,9 +136,11 @@ dir = dir->next; } + return 0; +} + +void free_init_conf(InitConfig *cfg) { initconfig_free(cfg); - - return 0; } ServerConfiguration* load_server_conf(CfgManager *mgr, char *file) {
--- a/src/server/daemon/config.h Sat Nov 12 12:09:37 2022 +0100 +++ b/src/server/daemon/config.h Sat Nov 12 16:52:32 2022 +0100 @@ -101,7 +101,9 @@ char* cfg_config_file_path(const char *file); -int load_init_conf(char *file); +InitConfig* load_init_conf(const char *file); +int apply_init_conf(InitConfig *cfg); +void free_init_conf(InitConfig *cfg); void init_server_config_parser();
--- a/src/server/daemon/configmanager.c Sat Nov 12 12:09:37 2022 +0100 +++ b/src/server/daemon/configmanager.c Sat Nov 12 16:52:32 2022 +0100 @@ -61,11 +61,6 @@ mgr->cfg = config; - if(current_config) { - cfg_unref(current_config); - } - current_config = config; - return 0; }
--- a/src/server/daemon/webserver.c Sat Nov 12 12:09:37 2022 +0100 +++ b/src/server/daemon/webserver.c Sat Nov 12 16:52:32 2022 +0100 @@ -92,7 +92,8 @@ } // load init.conf - if(load_init_conf("config/init.conf")) { + InitConfig *init_config = load_init_conf("config/init.conf"); + if(!init_config) { return -1; } @@ -108,12 +109,6 @@ log_ereport(LOG_VERBOSE, "cfgmgr_load_config stage 1 successful"); ServerConfiguration *cfg = mgr.cfg; - // init caches - auth_cache_init(); - - // init SAFs - common_saf_init(); - // set global vars conf_global_vars_s *vars = conf_getglobals(); @@ -178,6 +173,21 @@ "server must be started as root to change uid"); } + // run Init directives + // this must be done after setuid + int err = apply_init_conf(init_config); + free_init_conf(init_config); + if(err) { + log_ereport(LOG_FAILURE, "server init failed"); + return 1; + } + + // init caches + auth_cache_init(); + + // init SAFs + common_saf_init(); + // now that the process is running as the correct user, we can load // the remaining config