diff options
author | Henryk Plötz <henryk@ploetzli.ch> | 2014-10-03 19:58:52 +0200 |
---|---|---|
committer | Henryk Plötz <henryk@ploetzli.ch> | 2014-10-03 19:58:52 +0200 |
commit | 0e5b2871ca6456b01d4bf037a6e68badf1ff1a41 (patch) | |
tree | 97b95b74c9618d85da9aa9451a55a819cd7b1c2e /droproot.c | |
download | tinydnssec-0e5b2871ca6456b01d4bf037a6e68badf1ff1a41.tar.gz tinydnssec-0e5b2871ca6456b01d4bf037a6e68badf1ff1a41.tar.bz2 |
Initial commit of djbdns-1.05.tar.gz
Source was http://cr.yp.to/djbdns/djbdns-1.05.tar.gz, SHA1 2efdb3a039d0c548f40936aa9cb30829e0ce8c3d
Diffstat (limited to 'droproot.c')
-rw-r--r-- | droproot.c | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/droproot.c b/droproot.c new file mode 100644 index 0000000..33e8f18 --- /dev/null +++ b/droproot.c @@ -0,0 +1,33 @@ +#include <unistd.h> +#include "env.h" +#include "scan.h" +#include "prot.h" +#include "strerr.h" + +void droproot(const char *fatal) +{ + char *x; + unsigned long id; + + x = env_get("ROOT"); + if (!x) + strerr_die2x(111,fatal,"$ROOT not set"); + if (chdir(x) == -1) + strerr_die4sys(111,fatal,"unable to chdir to ",x,": "); + if (chroot(".") == -1) + strerr_die4sys(111,fatal,"unable to chroot to ",x,": "); + + x = env_get("GID"); + if (!x) + strerr_die2x(111,fatal,"$GID not set"); + scan_ulong(x,&id); + if (prot_gid((int) id) == -1) + strerr_die2sys(111,fatal,"unable to setgid: "); + + x = env_get("UID"); + if (!x) + strerr_die2x(111,fatal,"$UID not set"); + scan_ulong(x,&id); + if (prot_uid((int) id) == -1) + strerr_die2sys(111,fatal,"unable to setuid: "); +} |