Commit 46523ea2 authored by Marek Vavruša's avatar Marek Vavruša

daemon: change user privileges

parent 93df7260
......@@ -123,12 +123,12 @@ Configuration example
---------------------
.. code-block:: lua
-- 10MB cache
cache.size = 10*MB
-- load some modules
modules = { 'policy', 'cachectl' }
-- interfaces
net = { '127.0.0.1', '::1' }
-- interfaces
net = { '127.0.0.1', '::1' }
-- load some modules
modules = { 'policy', 'cachectl' }
-- 10MB cache
cache.size = 10*MB
Configuration syntax
--------------------
......@@ -277,6 +277,35 @@ Environment
:return: Toggle verbose logging.
.. function:: user(name, [group])
:param string name: user name
:param string group: group name (optional)
:return: boolean
Drop privileges and run as given user (and group, if provided).
.. tip:: Note that you should bind to required network addresses before changing user. At the same time, you should open the cache **AFTER** you change the user (so it remains accessible). A good practice is to divide configuration in two parts:
.. code-block:: lua
-- privileged
net = { '127.0.0.1', '::1' }
-- unprivileged
cache.size = 100*MB
trust_anchors.file = 'root.key'
Example output:
.. code-block:: lua
> user('baduser')
invalid user name
> user('kresd', 'netgrp')
true
> user('root')
Operation not permitted
Network configuration
^^^^^^^^^^^^^^^^^^^^^
......
......@@ -18,6 +18,8 @@
#include <ccan/asprintf/asprintf.h>
#include <uv.h>
#include <unistd.h>
#include <grp.h>
#include <pwd.h>
#include <libknot/internal/mempattern.h>
/* #include <libknot/internal/namedb/namedb_trie.h> @todo Not supported (doesn't keep value copy) */
#include <libknot/internal/namedb/namedb_lmdb.h>
......@@ -54,6 +56,7 @@ static int l_help(lua_State *L)
"help()\n show this help\n"
"quit()\n quit\n"
"hostname()\n hostname\n"
"user(name[, group])\n change process user (and group)\n"
"verbose(true|false)\n toggle verbose mode\n"
"option(opt[, new_val])\n get/set server option\n"
;
......@@ -61,6 +64,55 @@ static int l_help(lua_State *L)
return 1;
}
static bool update_privileges(int uid, int gid)
{
if ((gid_t)gid != getgid()) {
if (setregid(gid, gid) < 0) {
return false;
}
}
if ((uid_t)uid != getuid()) {
if (setreuid(uid, uid) < 0) {
return false;
}
}
return true;
}
/** Set process user/group. */
static int l_setuser(lua_State *L)
{
int n = lua_gettop(L);
if (n < 1 || !lua_isstring(L, 1)) {
lua_pushliteral(L, "user(user[, group)");
lua_error(L);
}
/* Fetch UID/GID based on string identifiers. */
struct passwd *user_pw = getpwnam(lua_tostring(L, 1));
if (!user_pw) {
lua_pushliteral(L, "invalid user name");
lua_error(L);
}
int uid = user_pw->pw_uid;
int gid = getgid();
if (n > 1 && lua_isstring(L, 2)) {
struct group *group_pw = getgrnam(lua_tostring(L, 2));
if (!group_pw) {
lua_pushliteral(L, "invalid group name");
lua_error(L);
}
gid = group_pw->gr_gid;
}
/* Drop privileges */
bool ret = update_privileges(uid, gid);
if (!ret) {
lua_pushstring(L, strerror(errno));
lua_error(L);
}
lua_pushboolean(L, ret);
return 1;
}
/** Return platform-specific versioned library name. */
static int l_libpath(lua_State *L)
{
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment