run Init directives after setuid

Sat, 12 Nov 2022 16:52:32 +0100

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Sat, 12 Nov 2022 16:52:32 +0100
changeset 426
6a2e7a464991
parent 425
6440171c257f
child 427
a327cb6cc868

run Init directives after setuid

src/server/daemon/config.c file | annotate | diff | comparison | revisions
src/server/daemon/config.h file | annotate | diff | comparison | revisions
src/server/daemon/configmanager.c file | annotate | diff | comparison | revisions
src/server/daemon/webserver.c file | annotate | diff | comparison | revisions
--- a/src/server/daemon/config.c	Sat Nov 12 12:09:37 2022 +0100
+++ b/src/server/daemon/config.c	Sat Nov 12 16:52:32 2022 +0100
@@ -67,14 +67,19 @@
     return path.ptr;
 }
 
-int load_init_conf(char *file) {
+InitConfig* load_init_conf(const char *file) {
     log_ereport(LOG_VERBOSE, "load_init_conf");
 
     InitConfig *cfg = initconfig_load(file);
     if(cfg == NULL) {
         log_ereport(LOG_FAILURE, "Cannot load init.conf");
-        return 1;
+        return NULL;;
     }
+    
+    return cfg;
+}
+
+int apply_init_conf(InitConfig *cfg) {
     init_pool = pool_create();
     
     ConfigNode *dir = cfg->root->children_begin;
@@ -131,9 +136,11 @@
         dir = dir->next;
     }
     
+    return 0;
+}
+
+void free_init_conf(InitConfig *cfg) {
     initconfig_free(cfg);
-    
-    return 0;
 }
 
 ServerConfiguration* load_server_conf(CfgManager *mgr, char *file) {
--- a/src/server/daemon/config.h	Sat Nov 12 12:09:37 2022 +0100
+++ b/src/server/daemon/config.h	Sat Nov 12 16:52:32 2022 +0100
@@ -101,7 +101,9 @@
 
 char* cfg_config_file_path(const char *file);
 
-int load_init_conf(char *file);
+InitConfig* load_init_conf(const char *file);
+int apply_init_conf(InitConfig *cfg);
+void free_init_conf(InitConfig *cfg);
 
 void init_server_config_parser();
 
--- a/src/server/daemon/configmanager.c	Sat Nov 12 12:09:37 2022 +0100
+++ b/src/server/daemon/configmanager.c	Sat Nov 12 16:52:32 2022 +0100
@@ -61,11 +61,6 @@
     
     mgr->cfg = config;
     
-    if(current_config) {
-        cfg_unref(current_config);
-    }
-    current_config = config;
-    
     return 0;
 }
 
--- a/src/server/daemon/webserver.c	Sat Nov 12 12:09:37 2022 +0100
+++ b/src/server/daemon/webserver.c	Sat Nov 12 16:52:32 2022 +0100
@@ -92,7 +92,8 @@
     }
     
     // load init.conf
-    if(load_init_conf("config/init.conf")) {
+    InitConfig *init_config = load_init_conf("config/init.conf");
+    if(!init_config) {
         return -1;
     }
 
@@ -108,12 +109,6 @@
     log_ereport(LOG_VERBOSE, "cfgmgr_load_config stage 1 successful");
     ServerConfiguration *cfg = mgr.cfg;
     
-    // init caches
-    auth_cache_init();
-    
-    // init SAFs
-    common_saf_init();
-    
     // set global vars
     conf_global_vars_s *vars = conf_getglobals();
     
@@ -178,6 +173,21 @@
                     "server must be started as root to change uid");
     }
     
+    // run Init directives
+    // this must be done after setuid
+    int err = apply_init_conf(init_config);
+    free_init_conf(init_config);
+    if(err) {
+        log_ereport(LOG_FAILURE, "server init failed");
+        return 1;
+    }
+    
+    // init caches
+    auth_cache_init();
+    
+    // init SAFs
+    common_saf_init();
+    
     
     // now that the process is running as the correct user, we can load
     // the remaining config

mercurial