+
+
+// Make sure we own all the files, because in a few milliseconds we're going to drop root privs.
+void cdb_chmod_data(void) {
+ DIR *dp;
+ struct dirent *d;
+ char filename[PATH_MAX];
+
+ // Silently try to create the database subdirectory. If it's already there, no problem.
+ if ((mkdir(ctdl_db_dir, 0700) != 0) && (errno != EEXIST)) {
+ syslog(LOG_ERR, "bdb: database directory [%s] does not exist and could not be created: %m", ctdl_db_dir);
+ exit(CTDLEXIT_DB);
+ }
+ if (chmod(ctdl_db_dir, 0700) != 0) {
+ syslog(LOG_ERR, "bdb: unable to set database directory permissions [%s]: %m", ctdl_db_dir);
+ exit(CTDLEXIT_DB);
+ }
+ if (chown(ctdl_db_dir, CTDLUID, (-1)) != 0) {
+ syslog(LOG_ERR, "bdb: unable to set the owner for [%s]: %m", ctdl_db_dir);
+ exit(CTDLEXIT_DB);
+ }
+ dp = opendir(ctdl_db_dir);
+ if (dp != NULL) {
+ while (d = readdir(dp), d != NULL) {
+ if (d->d_name[0] != '.') {
+ snprintf(filename, sizeof filename, "%s/%s", ctdl_db_dir, d->d_name);
+ syslog(LOG_DEBUG, "bdb: chmod(%s, 0600) returned %d", filename, chmod(filename, 0600));
+ syslog(LOG_DEBUG, "bdb: chown(%s, CTDLUID, -1) returned %d", filename, chown(filename, CTDLUID, (-1)));
+ }
+ }
+ closedir(dp);
+ }
+}
+
+