diff options
| author | Adam <Adam@anope.org> | 2014-06-28 23:13:57 -0400 |
|---|---|---|
| committer | Adam <Adam@anope.org> | 2014-06-28 23:15:59 -0400 |
| commit | d9949320c79fc06a0a370b45d408bc4e0a447704 (patch) | |
| tree | 3023bb63451b8a531677559ecf42e2a6814c865f /src/init.cpp | |
| parent | b0ec178e85c5fdc5ce803af17a5820b116fbe928 (diff) | |
Don't try to setuid down until after we signal the parent to exit, unless we're not forking. Also don't issue the run as root warning if we're going to setuid later.
Diffstat (limited to 'src/init.cpp')
| -rw-r--r-- | src/init.cpp | 23 |
1 files changed, 18 insertions, 5 deletions
diff --git a/src/init.cpp b/src/init.cpp index da91e2fcf..8f479f73e 100644 --- a/src/init.cpp +++ b/src/init.cpp @@ -100,6 +100,8 @@ bool Anope::AtTerm() return isatty(fileno(stdout)) && isatty(fileno(stdin)) && isatty(fileno(stderr)); } +static void setuidgid(); + void Anope::Fork() { #ifndef _WIN32 @@ -110,6 +112,8 @@ void Anope::Fork() freopen("/dev/null", "w", stderr); setpgid(0, 0); + + setuidgid(); #else FreeConsole(); #endif @@ -418,10 +422,15 @@ void Anope::Init(int ac, char **av) /* If we're root, issue a warning now */ if (!getuid() && !getgid()) { - std::cerr << "WARNING: You are currently running Anope as the root superuser. Anope does not" << std::endl; - std::cerr << " require root privileges to run, and it is discouraged that you run Anope" << std::endl; - std::cerr << " as the root superuser." << std::endl; - sleep(3); + /* If we are configured to setuid later, don't issue a warning */ + Configuration::Block *options = Config->GetBlock("options"); + if (options->Get<const Anope::string>("user").empty()) + { + std::cerr << "WARNING: You are currently running Anope as the root superuser. Anope does not" << std::endl; + std::cerr << " require root privileges to run, and it is discouraged that you run Anope" << std::endl; + std::cerr << " as the root superuser." << std::endl; + sleep(3); + } } #endif @@ -513,7 +522,11 @@ void Anope::Init(int ac, char **av) for (int i = 0; i < Config->CountBlock("module"); ++i) ModuleManager::LoadModule(Config->GetBlock("module", i)->Get<const Anope::string>("name"), NULL); - setuidgid(); +#ifndef _WIN32 + /* We won't background later, so we should setuid now */ + if (Anope::NoFork || !Anope::AtTerm()) + setuidgid(); +#endif Module *protocol = ModuleManager::FindFirstOf(PROTOCOL); if (protocol == NULL) |