From d9949320c79fc06a0a370b45d408bc4e0a447704 Mon Sep 17 00:00:00 2001
From: Adam <Adam@anope.org>
Date: Sat, 28 Jun 2014 23:13:57 -0400
Subject: Don't try to setuid down until after we signal the parent to exit,
 unless we're not forking. Also don't issue the run as root warning if we're
 going to setuid later.

---
 src/init.cpp | 23 ++++++++++++++++++-----
 1 file changed, 18 insertions(+), 5 deletions(-)

(limited to 'src/init.cpp')

diff --git a/src/init.cpp b/src/init.cpp
index da91e2fcf..8f479f73e 100644
--- a/src/init.cpp
+++ b/src/init.cpp
@@ -100,6 +100,8 @@ bool Anope::AtTerm()
 	return isatty(fileno(stdout)) && isatty(fileno(stdin)) && isatty(fileno(stderr));
 }
 
+static void setuidgid();
+
 void Anope::Fork()
 {
 #ifndef _WIN32
@@ -110,6 +112,8 @@ void Anope::Fork()
 	freopen("/dev/null", "w", stderr);
 
 	setpgid(0, 0);
+
+	setuidgid();
 #else
 	FreeConsole();
 #endif
@@ -418,10 +422,15 @@ void Anope::Init(int ac, char **av)
 	/* If we're root, issue a warning now */
 	if (!getuid() && !getgid())
 	{
-		std::cerr << "WARNING: You are currently running Anope as the root superuser. Anope does not" << std::endl;
-		std::cerr << "         require root privileges to run, and it is discouraged that you run Anope" << std::endl;
-		std::cerr << "         as the root superuser." << std::endl;
-		sleep(3);
+		/* If we are configured to setuid later, don't issue a warning */
+		Configuration::Block *options = Config->GetBlock("options");
+		if (options->Get<const Anope::string>("user").empty())
+		{
+			std::cerr << "WARNING: You are currently running Anope as the root superuser. Anope does not" << std::endl;
+			std::cerr << "         require root privileges to run, and it is discouraged that you run Anope" << std::endl;
+			std::cerr << "         as the root superuser." << std::endl;
+			sleep(3);
+		}
 	}
 #endif
 
@@ -513,7 +522,11 @@ void Anope::Init(int ac, char **av)
 	for (int i = 0; i < Config->CountBlock("module"); ++i)
 		ModuleManager::LoadModule(Config->GetBlock("module", i)->Get<const Anope::string>("name"), NULL);
 
-	setuidgid();
+#ifndef _WIN32
+	/* We won't background later, so we should setuid now */
+	if (Anope::NoFork || !Anope::AtTerm())
+		setuidgid();
+#endif
 
 	Module *protocol = ModuleManager::FindFirstOf(PROTOCOL);
 	if (protocol == NULL)
-- 
cgit