summary refs log tree commit diff
path: root/nscd/nscd.c
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>2002-01-18 02:10:41 +0000
committerUlrich Drepper <drepper@redhat.com>2002-01-18 02:10:41 +0000
commit057685e4612add03e197a4c172830258123b01f1 (patch)
tree89c682ec149a8a45ca3c2baa57bd802f7d39ee97 /nscd/nscd.c
parent52831fb8705ab0d6cb177219b3c4781d6055c094 (diff)
downloadglibc-057685e4612add03e197a4c172830258123b01f1.tar.gz
glibc-057685e4612add03e197a4c172830258123b01f1.tar.xz
glibc-057685e4612add03e197a4c172830258123b01f1.zip
Update.
2002-01-17  Ulrich Drepper  <drepper@redhat.com>

	* nscd/nscd.c (drop_privileges): Removed.  Adjust caller.
	* nscd/connections.c (begin_drop_privileges): New function.
	(finish_drop_privileges): New function.
	(nscd_init): Call the new functions which also install all groups
	for the server user.

2002-01-17  H.J. Lu  <hjl@gnu.org>

	* sysdeps/mips/dl-machine.h (__dl_runtime_resolve): Remove
	`const' from `got'.
Diffstat (limited to 'nscd/nscd.c')
-rw-r--r--nscd/nscd.c41
1 files changed, 0 insertions, 41 deletions
diff --git a/nscd/nscd.c b/nscd/nscd.c
index 52385a1730..045256b07f 100644
--- a/nscd/nscd.c
+++ b/nscd/nscd.c
@@ -23,11 +23,9 @@
 #include <assert.h>
 #include <errno.h>
 #include <error.h>
-#include <grp.h>
 #include <libintl.h>
 #include <locale.h>
 #include <pthread.h>
-#include <pwd.h>
 #include <signal.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -63,7 +61,6 @@ int do_shutdown;
 int disabled_passwd;
 int disabled_group;
 int go_background = 1;
-const char *server_user;
 
 int secure[lastdb];
 int secure_in_use;
@@ -71,7 +68,6 @@ static const char *conffile = _PATH_NSCDCONF;
 
 static int check_pid (const char *file);
 static int write_pid (const char *file);
-static void drop_privileges (void);
 
 /* Name and version of program.  */
 static void print_version (FILE *stream, struct argp_state *state);
@@ -169,10 +165,6 @@ main (int argc, char **argv)
   /* Init databases.  */
   nscd_init (conffile);
 
-  /* Change to unprivileged UID if specifed in config file */
-  if(server_user && !secure_in_use)
-    drop_privileges ();
-
   /* Handle incoming requests */
   start_threads ();
 
@@ -373,36 +365,3 @@ write_pid (const char *file)
 
   return 0;
 }
-
-/* Look up the uid and gid associated with the user we are supposed to run
-   the server as, and then call setgid(), setgroups(), and setuid().
-   Otherwise, abort- we should not run as root if the configuration file
-   specifically tells us not to. */
-
-static void
-drop_privileges (void)
-{
-  int buflen = 256;
-  char *buffer = alloca (buflen);
-  struct passwd resultbuf;
-  struct passwd *pwd;
-
-  while (__getpwnam_r (server_user, &resultbuf, buffer, buflen, &pwd) != 0
-	 && errno == ERANGE)
-    {
-      errno = 0;
-      buflen += 256;
-      buffer = alloca (buflen);
-    }
-
-  if(!pwd)
-    {
-      dbg_log (_("Failed to look up user '%s' to run server as"),
-	       server_user);
-      exit(1);
-    }
-
-  setgroups (0, NULL);
-  setgid (pwd->pw_gid);
-  setuid (pwd->pw_uid);
-}