From 86c78a6be959031e8a7a370a834d29666d7ba3db Mon Sep 17 00:00:00 2001
From: Michael Smith <msmith@xiph.org>
Date: Mon, 20 May 2002 13:25:31 +0000
Subject: [PATCH] chroot and setuid interacted badly in the previous version.
 Fixed now.

svn path=/trunk/icecast/; revision=3311
---
 src/main.c | 71 ++++++++++++++++++++++++++++++------------------------
 1 file changed, 39 insertions(+), 32 deletions(-)

diff --git a/src/main.c b/src/main.c
index 1fce1af0..c0b2eb66 100644
--- a/src/main.c
+++ b/src/main.c
@@ -162,14 +162,35 @@ static void _server_proc(void)
 	sock_close(global.serversock);
 }
 
-#ifdef CHROOT
 /* chroot the process. Watch out - we need to do this before starting other
- * threads */
+ * threads. Change uid as well, after figuring out uid _first_ */
 
-static void _chroot_setup(void)
+static void _ch_root_uid__setup(void)
 {
    ice_config_t *conf = config_get_config();
+#ifdef CHUID
+   struct passwd *user;
+   struct group *group;
+   uid_t uid=-1;
+   gid_t gid=-1;
 
+   if(conf->chuid)
+   {
+       user = getpwnam(conf->user);
+       group = getgrnam(conf->group);
+
+       if(user)
+           uid = user->pw_uid;
+       else
+           fprintf(stderr, "Couldn't find user \"%s\" in password file\n", conf->user);
+       if(group)
+           gid = group->gr_gid;
+       else
+           fprintf(stderr, "Couldn't find group \"%s\" in groups file\n", conf->group);
+   }
+#endif
+
+#ifdef CHROOT
    if (conf->chroot)
    {
        if(getuid()) /* root check */
@@ -186,17 +207,9 @@ static void _chroot_setup(void)
            fprintf(stdout, "Changed root successfully to \"%s\".\n", conf->base_dir);
 
    }   
-}
 #endif
-
 #ifdef CHUID
-/* change uid and gid */
-static void _chuid_setup(void)
-{
-   ice_config_t *conf = config_get_config();
-   struct passwd *user;
-   struct group *group;
-   
+
    if(conf->chuid)
    {
        if(getuid()) /* root check */
@@ -205,22 +218,22 @@ static void _chuid_setup(void)
            return;
        }
 
-       user = getpwnam(conf->user);
-       group = getgrnam(conf->group);
-       
-       if(!setgid(group->gr_gid))
-           fprintf(stdout, "Changed groupid to %i.\n", group->gr_gid);
-       else
-           fprintf(stdout, "Error changing groupid: %s.\n", strerror(errno));
-
-       if(!setuid(user->pw_uid))
-           fprintf(stdout, "Changed userid to %i.\n", user->pw_uid);
-       else
-           fprintf(stdout, "Error changing userid: %s.\n", strerror(errno));
+       if(gid != -1) {
+           if(!setgid(gid))
+               fprintf(stdout, "Changed groupid to %i.\n", group->gr_gid);
+           else
+               fprintf(stdout, "Error changing groupid: %s.\n", strerror(errno));
+       }
 
+       if(uid != -1) {
+           if(!setuid(uid))
+               fprintf(stdout, "Changed userid to %i.\n", user->pw_uid);
+           else
+               fprintf(stdout, "Error changing userid: %s.\n", strerror(errno));
+       }
    }
-}
 #endif
+}
 
 int main(int argc, char **argv)
 {
@@ -263,15 +276,9 @@ int main(int argc, char **argv)
 	/* override config file options with commandline options */
 	config_parse_cmdline(argc, argv);
 
-#ifdef CHROOT
-    _chroot_setup(); /* Perform chroot, if requested */
-#endif
-
     _server_proc_init(); /* Bind socket, before we change userid */
 
-#ifdef CHUID
-    _chuid_setup(); /* change user id */
-#endif
+    _ch_root_uid__setup(); /* Change user id and root if requested/possible */
 
     stats_initialize(); /* We have to do this later on because of threading */