diff options
Diffstat (limited to 'src/main.c')
| -rw-r--r-- | src/main.c | 78 |
1 files changed, 73 insertions, 5 deletions
@@ -2,6 +2,9 @@ #include <assert.h> #include <string.h> #include <errno.h> +#include <grp.h> +#include <pwd.h> +#include <sys/types.h> #include <libdaemon/dlog.h> #include <libdaemon/dfork.h> @@ -15,9 +18,14 @@ oop_source* event_source = NULL; struct gengetopt_args_info args; -const char *appname = NULL, *username = NULL; +const char *appname = NULL; + +uid_t target_uid = 0; +gid_t target_gid = 0; #define DEFAULT_MSNTABLE "../conf/msntab" +#define IVAM_USER "ivam" +#define IVAM_GROUP "ivam" static void *oop_exit_cb(oop_source *source, int sig, void *user) { daemon_log(LOG_ERR, "Recieved signal %s", sig == SIGINT ? "SIGINT" : (sig == SIGTERM ? "SIGTERM" : "UNKNWON")); @@ -42,11 +50,66 @@ static void *oop_dump_cb(oop_source *source, int sig, void *user) { } +static int change_uid_gid(void) { + if (args.no_drop_root_flag) + return 0; + + if (initgroups(IVAM_USER, target_gid) != 0) { + daemon_log(LOG_ERR, "Failed to change group list: %s", strerror(errno)); + return -1; + } + + if (setgid(target_gid) != 0) { + daemon_log(LOG_ERR, "Failed to change GID: %s", strerror(errno)); + return -1; + } + + if (setuid(target_uid) != 0) { + daemon_log(LOG_ERR, "Failed to change UID: %s", strerror(errno)); + return -1; + } + + daemon_log(LOG_INFO, "Successfully dropped root privileges."); + + return 0; +} + +static int get_target_uid_gid(void) { + struct passwd *pw; + struct group * gr; + + if (args.no_drop_root_flag) { + target_uid = getuid(); + target_gid = getgid(); + return 0; + } + + if (!(pw = getpwnam(IVAM_USER))) { + daemon_log(LOG_ERR, "Failed to find user '%s'.", IVAM_USER); + return -1; + } + + if (!(gr = getgrnam(IVAM_GROUP))) { + daemon_log(LOG_ERR, "Failed to find group '%s'.", IVAM_GROUP); + return -1; + } + + target_uid = pw->pw_uid; + target_gid = gr->gr_gid; + + daemon_log(LOG_INFO, "Found user '%s' (UID %lu) and group '%s' (GID %lu).", IVAM_USER, (unsigned long) target_uid, IVAM_GROUP, (unsigned long) target_gid); + + return 0; +} + int main_loop(void) { int r = -1, retval_sent = 0; oop_source_sys *sys = NULL; daemon_log(LOG_INFO, "Starting up."); + + if (get_target_uid_gid() < 0) + goto finish; if (!(sys = oop_sys_new())) { daemon_log(LOG_ERR, "Failed to create system source."); @@ -55,6 +118,12 @@ int main_loop(void) { event_source = oop_sys_source(sys); assert(event_source); + + if (modem_manager_init(args.channels_arg) < 0) + goto finish; + + if (change_uid_gid() < 0) + goto finish; if (child_process_init() < 0) goto finish; @@ -62,9 +131,6 @@ int main_loop(void) { if (msntab_load(args.msntab_arg ? args.msntab_arg : DEFAULT_MSNTABLE) < 0) goto finish; - if (modem_manager_init(args.channels_arg) < 0) - goto finish; - event_source->on_signal(event_source, SIGINT, oop_exit_cb, NULL); event_source->on_signal(event_source, SIGTERM, oop_exit_cb, NULL); event_source->on_signal(event_source, SIGHUP, oop_reload_cb, NULL); @@ -177,7 +243,9 @@ int main(int argc, char*argv[]) { ret = main_loop() < 0 ? 1 : 0; - daemon_pid_file_remove(); + if (daemon_pid_file_remove() < 0) + daemon_log(LOG_WARNING, "Failed to remove PID file (%s).", strerror(errno)); + return ret; } |