mirror of
https://gitlab.xiph.org/xiph/icecast-server.git
synced 2024-12-04 14:46:30 -05:00
Update: Record result from chroot/chuid
This commit is contained in:
parent
5ef8b13a4a
commit
7c5d01a1a2
@ -46,6 +46,11 @@ typedef struct ice_global_tag
|
|||||||
relay_t *master_relays;
|
relay_t *master_relays;
|
||||||
|
|
||||||
module_container_t *modulecontainer;
|
module_container_t *modulecontainer;
|
||||||
|
|
||||||
|
|
||||||
|
/* state */
|
||||||
|
bool chroot_succeeded;
|
||||||
|
bool chuid_succeeded;
|
||||||
} ice_global_t;
|
} ice_global_t;
|
||||||
|
|
||||||
extern ice_global_t global;
|
extern ice_global_t global;
|
||||||
|
39
src/main.c
39
src/main.c
@ -479,34 +479,36 @@ static void _ch_root_uid_setup(void)
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* ensure a valid initial state */
|
||||||
|
global.chroot_succeeded = false;
|
||||||
|
global.chuid_succeeded = false;
|
||||||
|
|
||||||
#if HAVE_CHROOT
|
#if HAVE_CHROOT
|
||||||
if (conf->chroot)
|
if (conf->chroot) {
|
||||||
{
|
if (getuid()) { /* root check */
|
||||||
if(getuid()) /* root check */
|
|
||||||
{
|
|
||||||
fprintf(stderr, "WARNING: Cannot change server root unless running as root.\n");
|
fprintf(stderr, "WARNING: Cannot change server root unless running as root.\n");
|
||||||
}
|
}
|
||||||
if(chroot(conf->base_dir) == -1 || chdir("/") == -1)
|
|
||||||
{
|
if(chroot(conf->base_dir) == -1 || chdir("/") == -1) {
|
||||||
fprintf(stderr,"WARNING: Couldn't change server root: %s\n", strerror(errno));
|
fprintf(stderr,"WARNING: Couldn't change server root: %s\n", strerror(errno));
|
||||||
return;
|
return;
|
||||||
}
|
} else {
|
||||||
else
|
|
||||||
fprintf(stdout, "Changed root successfully to \"%s\".\n", conf->base_dir);
|
fprintf(stdout, "Changed root successfully to \"%s\".\n", conf->base_dir);
|
||||||
|
global.chroot_succeeded = true;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if HAVE_SETUID
|
#if HAVE_SETUID
|
||||||
if(conf->chuid)
|
if(conf->chuid) {
|
||||||
{
|
if (getuid()) { /* root check */
|
||||||
if(getuid()) /* root check */
|
|
||||||
{
|
|
||||||
fprintf(stderr, "WARNING: Can't change user id unless you are root.\n");
|
fprintf(stderr, "WARNING: Can't change user id unless you are root.\n");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if(uid != (uid_t)-1 && gid != (gid_t)-1) {
|
if (uid != (uid_t)-1 && gid != (gid_t)-1) {
|
||||||
|
global.chuid_succeeded = true;
|
||||||
|
|
||||||
#ifdef HAVE_SETRESGID
|
#ifdef HAVE_SETRESGID
|
||||||
if(!setresgid(gid, gid, gid)) {
|
if(!setresgid(gid, gid, gid)) {
|
||||||
#else
|
#else
|
||||||
@ -515,11 +517,15 @@ static void _ch_root_uid_setup(void)
|
|||||||
fprintf(stdout, "Changed groupid to %i.\n", (int)gid);
|
fprintf(stdout, "Changed groupid to %i.\n", (int)gid);
|
||||||
} else {
|
} else {
|
||||||
fprintf(stdout, "Error changing groupid: %s.\n", strerror(errno));
|
fprintf(stdout, "Error changing groupid: %s.\n", strerror(errno));
|
||||||
|
global.chuid_succeeded = false;
|
||||||
}
|
}
|
||||||
if(!initgroups(conf->user, gid))
|
if(!initgroups(conf->user, gid)) {
|
||||||
fprintf(stdout, "Changed supplementary groups based on user: %s.\n", conf->user);
|
fprintf(stdout, "Changed supplementary groups based on user: %s.\n", conf->user);
|
||||||
else
|
} else {
|
||||||
fprintf(stdout, "Error changing supplementary groups: %s.\n", strerror(errno));
|
fprintf(stdout, "Error changing supplementary groups: %s.\n", strerror(errno));
|
||||||
|
global.chuid_succeeded = false;
|
||||||
|
}
|
||||||
|
|
||||||
#ifdef HAVE_SETRESUID
|
#ifdef HAVE_SETRESUID
|
||||||
if(!setresuid(uid, uid, uid)) {
|
if(!setresuid(uid, uid, uid)) {
|
||||||
#else
|
#else
|
||||||
@ -528,6 +534,7 @@ static void _ch_root_uid_setup(void)
|
|||||||
fprintf(stdout, "Changed userid to %i.\n", (int)uid);
|
fprintf(stdout, "Changed userid to %i.\n", (int)uid);
|
||||||
} else {
|
} else {
|
||||||
fprintf(stdout, "Error changing userid: %s.\n", strerror(errno));
|
fprintf(stdout, "Error changing userid: %s.\n", strerror(errno));
|
||||||
|
global.chuid_succeeded = false;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user