X-Git-Url: http://git.tuebingen.mpg.de/?p=paraslash.git;a=blobdiff_plain;f=daemon.c;h=a2fa1caa3b97910c968b4b0e0ee1b8109a54d7ba;hp=616fd2c2f9adf7f9afb927ce840a00a0ae01aa97;hb=cd8bb5a2d51179a31842a2cd7012cad28deea78d;hpb=2ed89c59f0efcd0a2763f47c7d3455663241e623

diff --git a/daemon.c b/daemon.c
index 616fd2c2..a2fa1caa 100644
--- a/daemon.c
+++ b/daemon.c
@@ -1,33 +1,26 @@
 /*
- * Copyright (C) 1997-2006 Andre Noll <maan@systemlinux.org>
+ * Copyright (C) 1997-2008 Andre Noll <maan@systemlinux.org>
  *
- *     This program is free software; you can redistribute it and/or modify
- *     it under the terms of the GNU General Public License as published by
- *     the Free Software Foundation; either version 2 of the License, or
- *     (at your option) any later version.
- *
- *     This program is distributed in the hope that it will be useful,
- *     but WITHOUT ANY WARRANTY; without even the implied warranty of
- *     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *     GNU General Public License for more details.
- *
- *     You should have received a copy of the GNU General Public License
- *     along with this program; if not, write to the Free Software
- *     Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111, USA.
+ * Licensed under the GPL v2. For licencing details see COPYING.
  */
 
-/** \file daemon.c some helpers for programs that detach from the console */
+/** \file daemon.c Some helpers for programs that detach from the console. */
 #include "para.h"
 #include "daemon.h"
 #include <pwd.h>
+
+/* getgrnam() */
+#include <sys/types.h>
+#include <grp.h>
+
 #include "string.h"
 
 /**
- * do the usual stuff to become a daemon
+ * Do the usual stuff to become a daemon.
  *
  * Fork, become session leader, dup fd 0, 1, 2 to /dev/null.
  *
- * \sa fork(2), setsid(2), dup(2)
+ * \sa fork(2), setsid(2), dup(2).
  */
 void daemon_init(void)
 {
@@ -55,31 +48,33 @@ void daemon_init(void)
 }
 
 /**
- * fopen() a file in append mode
+ * fopen() a file in append mode.
  *
- * \param logfile_name the name of the file to open
+ * \param logfile_name The name of the file to open.
  *
- * Either calls exit() or returns a valid file handle.
+ * \return Either calls exit() or returns a valid file handle.
  */
-/* might be called from para_log, so we must not use para_log */
 FILE *open_log(const char *logfile_name)
 {
 	FILE *logfile;
 
 	if (!logfile_name)
 		return NULL;
-	if (!(logfile = fopen(logfile_name, "a")))
+	if (!(logfile = fopen(logfile_name, "a"))) {
+		PARA_EMERG_LOG("can not open %s, uid: %d\n", logfile_name,
+			(int)getuid());
 		exit(EXIT_FAILURE);
+	}
 	setlinebuf(logfile);
 	return logfile;
 }
 
 /**
- * close the log file of the daemon
+ * Close the log file of the daemon.
  *
- * \param logfile the log file handle
+ * \param logfile The log file handle.
  *
- * It's OK to call this with logfile == NULL
+ * It's OK to call this with logfile == \p NULL.
  */
 void close_log(FILE* logfile)
 {
@@ -90,31 +85,48 @@ void close_log(FILE* logfile)
 }
 
 /**
- * log the startup message containing the paraslash version
+ * Log the startup message containing the paraslash version.
  */
 void log_welcome(const char *whoami, int loglevel)
 {
-	PARA_INFO_LOG("welcome to %s " VERSION " ("BUILD_DATE")\n", whoami);
+	PARA_INFO_LOG("welcome to %s " PACKAGE_VERSION " ("BUILD_DATE")\n",
+		whoami);
 	PARA_DEBUG_LOG("using loglevel %d\n", loglevel);
 }
 
 /**
- * give up superuser privileges
+ * Give up superuser privileges.
  *
- * This function returns immediately if not invoked with EUID zero.  Otherwise,
- * it tries to obtain the UID for the user specified by \a username and exits
- * if this user was not found. On success, effective and real UID and the saved
- * set-user-ID are all set to the UID of \a username.
+ * \param username The user to switch to.
+ * \param groupname The group to switch to.
  *
- * \sa getpwnam(3), getuid(2), setuid(2)
+ * This function returns immediately if not invoked with EUID zero. Otherwise,
+ * it tries to obtain the GID of \a groupname and the UID of \a username.  On
+ * success, effective and real GID/UID and the saved set-group-ID/set-user-ID
+ * are all set accordingly. On errors, an appropriate message is logged and
+ * exit() is called to terminate the process.
+ *
+ * \sa getpwnam(3), getuid(2), setuid(2), getgrnam(2), setgid(2)
  */
-void para_drop_privileges(const char *username)
+void para_drop_privileges(const char *username, const char *groupname)
 {
 	struct passwd *p;
 	char *tmp;
 
 	if (geteuid())
 		return;
+	if (groupname) {
+		struct group *g = getgrnam(groupname);
+		if (!g) {
+			PARA_EMERG_LOG("failed to get group %s\n", groupname);
+			exit(EXIT_FAILURE);
+		}
+		if (setgid(g->gr_gid) < 0) {
+			PARA_EMERG_LOG("failed to set group id %d (%s)\n",
+				(int)g->gr_gid, strerror(errno));
+			exit(EXIT_FAILURE);
+		}
+	}
 	if (!username) {
 		PARA_EMERG_LOG("%s", "root privileges, but no user option given\n");
 		exit(EXIT_FAILURE);
@@ -126,48 +138,50 @@ void para_drop_privileges(const char *username)
 		PARA_EMERG_LOG("%s", "no such user\n");
 		exit(EXIT_FAILURE);
 	}
-	PARA_NOTICE_LOG("%s", "dropping root privileges\n");
-	setuid(p->pw_uid);
-	PARA_DEBUG_LOG("uid: %d, euid: %d\n", getuid(), geteuid());
+	PARA_INFO_LOG("%s", "dropping root privileges\n");
 	setuid(p->pw_uid);
+	PARA_DEBUG_LOG("uid: %d, euid: %d\n", (int)getuid(), (int)geteuid());
 }
 
 /**
- * set/get the server uptime
+ * Set/get the server uptime.
  *
- * \param set_or_get chose one of the two modes
+ * \param set_or_get Chose one of the two modes.
  *
  * This should be called at startup time with \a set_or_get equal to \p
  * UPTIME_SET which sets the uptime to zero.  Subsequent calls with \a
- * set_or_get equal to \p UPTIME_GET return the number of seconds ellapsed
- * since the last reset.
+ * set_or_get equal to \p UPTIME_GET return the uptime.
+
+ * \return Zero if called with \a set_or_get equal to \p UPTIME_SET, the number
+ * of seconds ellapsed since the last reset otherwise.
  *
- * \sa time(2), difftime(3)
+ * \sa time(2), difftime(3).
  */
 time_t server_uptime(enum uptime set_or_get)
 {
 	static time_t startuptime;
 	time_t now;
+	double diff;
 
 	if (set_or_get == UPTIME_SET) {
 		time(&startuptime);
 		return 0;
 	}
 	time(&now);
-	return (time_t) difftime(now, startuptime);
+	diff = difftime(now, startuptime);
+	return (time_t) diff;
 }
 
 /**
- * construct string containing uptime
+ * Construct string containing uptime.
  *
- * The format of the returned string is "days:hours:minutes"
+ * \return A dynamically allocated string of the form "days:hours:minutes".
  *
- * \sa server_uptime
+ * \sa server_uptime.
  */
 __malloc char *uptime_str(void)
 {
-	time_t t = server_uptime(UPTIME_GET);
+	long t = server_uptime(UPTIME_GET);
 	return make_message("%li:%02li:%02li", t / 86400,
 		(t / 3600) % 24, (t / 60) % 60);
 }
-