tmtt/feuille
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix(feuille.c): background mode wasn't working when chrooted

Browse source 
freopen() could not find /dev/null but still closed std(in|out|err).
New sockets took the stdin file descriptor and broke everything.

Now it's fixed, and I even discovered the daemon() function.
This commit is contained in:
Tom MTT 2022-11-21 20:53:55 +01:00
parent 7781c2b960
commit e9009b9198
1 changed files with 21 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

53
feuille.c
View file

@ -232,6 +232,19 @@ int main(int argc, char *argv[])
chdir(path); chdir(path);
/* user checks */
if (strlen(settings.user) == 0)
settings.user = "nobody";
verbose(2, "getting uid and gid of user `%s'...", settings.user);
struct passwd *user;
if ((user = getpwnam(settings.user)) == NULL)
die(1, "User `%s' doesn't exist\n", settings.user);
int uid = user->pw_uid;
int gid = user->pw_gid;
/* server socket creation (before dropping root permissions) */ /* server socket creation (before dropping root permissions) */
verbose(1, "initializing server socket..."); verbose(1, "initializing server socket...");
@ -239,20 +252,16 @@ int main(int argc, char *argv[])
if ((server = initialize_server()) == -1) if ((server = initialize_server()) == -1)
die(errno, "Failed to initialize server socket: %s\n", strerror(errno)); die(errno, "Failed to initialize server socket: %s\n", strerror(errno));
/* make feuille run in the background */
if (!settings.foreground) {
verbose(1, "making feuille run in the background...");
verbose(2, "closing input / output file descriptors...");
daemon(1, 0);
}
/* chroot and drop root permissions */ /* chroot and drop root permissions */
if (getuid() == 0) { if (getuid() == 0) {
if (strlen(settings.user) == 0)
settings.user = "nobody";
verbose(2, "getting uid and gid of user `%s'...", settings.user);
struct passwd *user;
if ((user = getpwnam(settings.user)) == NULL)
die(1, "User `%s' doesn't exist\n", settings.user);
int uid = user->pw_uid;
int gid = user->pw_gid;
verbose(2, "setting owner of `%s' to `%s'...", path, settings.user); verbose(2, "setting owner of `%s' to `%s'...", path, settings.user);
chown(path, uid, gid); chown(path, uid, gid);
@ -272,26 +281,6 @@ int main(int argc, char *argv[])
puts(""); puts("");
} }
/* run feuille in the background */
if (!settings.foreground) {
verbose(1, "making feuille run in the background...");
verbose(2, "closing input / output file descriptors...");
int pid;
if ((pid = fork()) < 0)
exit(1);
else if (pid > 0)
exit(0);
if (setsid() < 0)
exit(1);
freopen("/dev/null", "r", stdin);
freopen("/dev/null", "w", stdout);
freopen("/dev/null", "w", stderr);
}
/* OpenBSD-only security measures */ /* OpenBSD-only security measures */
#ifdef __OpenBSD__ #ifdef __OpenBSD__
pledge("proc stdio rpath wpath cpath inet", "stdio rpath wpath cpath inet"); pledge("proc stdio rpath wpath cpath inet", "stdio rpath wpath cpath inet");