about summary refs log tree commit diff
path: root/nscd/nscd.c
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>2000-04-30 06:52:59 +0000
committerUlrich Drepper <drepper@redhat.com>2000-04-30 06:52:59 +0000
commitadcf0e4a330995739a4298abd33588e44bd329a1 (patch)
tree1673e40e79e85dc9912d0a8119664f88290dd656 /nscd/nscd.c
parent9d4d69b88b5e601029d86ce037552bceea931c0b (diff)
downloadglibc-adcf0e4a330995739a4298abd33588e44bd329a1.tar.gz
glibc-adcf0e4a330995739a4298abd33588e44bd329a1.tar.xz
glibc-adcf0e4a330995739a4298abd33588e44bd329a1.zip
Update.
	* iconv/iconv_prog.c (main): Handle input file name "-" correctly.
	Recognize option -s, -c, and -l.

2000-04-20  Thorsten Kukuk  <kukuk@suse.de>

	* nscd/nscd.c: Start new session for nscd, drop privilegs
	to configured user if requested and no -S parameter are used.
	* nscd/nscd.conf: Add new option "server-user".
	* nscd/nscd_conf.c: Add support for new "server-user" option.
	* nscd/nscd.h: Add declaration for server_user variable.
	Based on patch by Chris Wing <wingc@engin.umich.edu>

2000-04-29  Mark Kettenis  <kettenis@gnu.org>

	* sysdeps/unix/sysv/linux/i386/sigaction.c: Add comment explaining
	that changing the __restore and __restore_rt signal return code
	will break GDB.

2000-04-29  Mark Kettenis  <kettenis@gnu.org>

	* sysdeps/unix/sysv/linux/i386/sys/ucontext.h: Do not include
	<sys/user.h>.

2000-04-29  Mark Kettenis  <kettenis@gnu.org>

	* conform/data/ucontext.h-data: Allow ss_* instead of SS_*.

2000-04-29  Ulrich Drepper  <drepper@redhat.com>
Diffstat (limited to 'nscd/nscd.c')
-rw-r--r--nscd/nscd.c43
1 files changed, 42 insertions, 1 deletions
diff --git a/nscd/nscd.c b/nscd/nscd.c
index 45928f0f67..bc291d81d9 100644
--- a/nscd/nscd.c
+++ b/nscd/nscd.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 1998, 1999 Free Software Foundation, Inc.
+/* Copyright (c) 1998, 1999, 2000 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Contributed by Thorsten Kukuk <kukuk@suse.de>, 1998.
 
@@ -62,6 +62,7 @@ int do_shutdown;
 int disabled_passwd;
 int disabled_group;
 int go_background = 1;
+const char *server_user;
 
 int secure[lastdb];
 int secure_in_use;
@@ -69,6 +70,7 @@ static const char *conffile = _PATH_NSCDCONF;
 
 static int check_pid (const char *file);
 static int write_pid (const char *file);
+static void drop_privileges (void);
 
 /* Name and version of program.  */
 static void print_version (FILE *stream, struct argp_state *state);
@@ -140,6 +142,8 @@ main (int argc, char **argv)
       if (fork ())
 	exit (0);
 
+      setsid ();
+
       chdir ("/");
 
       openlog ("nscd", LOG_CONS | LOG_ODELAY, LOG_DAEMON);
@@ -164,6 +168,10 @@ main (int argc, char **argv)
   /* Init databases.  */
   nscd_init (conffile);
 
+  /* Change to unprivileged UID if specifed in config file */
+  if(server_user && !secure_in_use)
+    drop_privileges ();
+
   /* Handle incoming requests */
   start_threads ();
 
@@ -364,3 +372,36 @@ write_pid (const char *file)
 
   return 0;
 }
+
+/* Look up the uid and gid associated with the user we are supposed to run
+   the server as, and then call setgid(), setgroups(), and setuid().
+   Otherwise, abort- we should not run as root if the configuration file
+   specifically tells us not to. */
+
+static void
+drop_privileges (void)
+{
+  int buflen = 256;
+  char *buffer = alloca (buflen);
+  struct passwd resultbuf;
+  struct passwd *pwd;
+
+  while (__getpwnam_r (server_user, &resultbuf, buffer, buflen, &pwd) != 0
+	 && errno == ERANGE)
+    {
+      errno = 0;
+      buflen += 256;
+      buffer = alloca (buflen);
+    }
+
+  if(!pwd)
+    {
+      dbg_log (_("Failed to look up user '%s' to run server as"),
+	       server_user);
+      exit(1);
+    }
+
+  setgroups (0, NULL);
+  setgid (pwd->pw_gid);
+  setuid (pwd->pw_uid);
+}