Commit 09cd8b0f authored by Marek Vavrusa's avatar Marek Vavrusa

Create empty PID file before dropping privileges.

This solves problem when PID file needs to be created in a directory
where only root can write, but the user can enter.

Change-Id: I357ece2d36574931850e366573b10dcd64c9482a
parent 6d45a7c9
......@@ -246,12 +246,6 @@ int main(int argc, char **argv)
}
log_server_info("\n");
/* Alter privileges. */
log_update_privileges(conf()->uid, conf()->gid);
if (proc_update_privileges(conf()->uid, conf()->gid) != KNOT_EOK) {
return 1;
}
/* Create empty PID file. */
char* pidfile = pid_filename();
FILE *f = fopen(pidfile, "w");
......@@ -263,6 +257,19 @@ int main(int argc, char **argv)
}
fclose(f);
/* Alter PID file privileges. */
if (chown(pidfile, conf()->uid, conf()->gid) < 0) {
log_server_warning("Cannot change PID file ownership\n");
free(pidfile);
return 1;
}
/* Alter privileges. */
log_update_privileges(conf()->uid, conf()->gid);
if (proc_update_privileges(conf()->uid, conf()->gid) != KNOT_EOK) {
return 1;
}
/* Load zones and add hook. */
zones_ns_conf_hook(conf(), server->nameserver);
conf_add_hook(conf(), CONF_ALL, zones_ns_conf_hook, server->nameserver);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment