From e8123a34d5c13c89443de540f8d3ef10f53225a6 Mon Sep 17 00:00:00 2001 From: Art Cancro Date: Mon, 20 Apr 2015 10:52:32 -0400 Subject: [PATCH] ctdluid is now specified on the command line with the new -u option. Config file is not used anymore. --- citadel/citserver.h | 14 +++--- citadel/config.c | 26 ++---------- citadel/control.c | 10 ++--- citadel/include/ctdl_module.h | 2 +- citadel/modules/migrate/serv_migrate.c | 4 +- citadel/netconfig.c | 2 +- citadel/server.h | 2 + citadel/server_main.c | 59 ++++++++++++++++++++++---- citadel/utils/setup.c | 1 - 9 files changed, 70 insertions(+), 50 deletions(-) diff --git a/citadel/citserver.h b/citadel/citserver.h index 4224fcdcb..997775bd2 100644 --- a/citadel/citserver.h +++ b/citadel/citserver.h @@ -1,13 +1,13 @@ /* - * Copyright (c) 1987-2012 by the citadel.org team + * Copyright (c) 1987-2015 by the citadel.org team * - * This program is open source software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 3. + * This program is open source software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 3. * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. */ #include "serv_extensions.h" diff --git a/citadel/config.c b/citadel/config.c index e30f098a2..2c376f467 100644 --- a/citadel/config.c +++ b/citadel/config.c @@ -57,10 +57,9 @@ void validate_config(void) { TEST_PORT(c_nntp_port, 119); TEST_PORT(c_nntps_port, 563); - if (config.c_ctdluid == 0) - syslog(LOG_EMERG, "citadel should not be configured to run as root! Check the value of c_ctdluid"); - else if (getpwuid(CTDLUID) == NULL) - syslog(LOG_EMERG, "The UID (%d) citadel is configured to use is not defined in your system (/etc/passwd?)! Check the value of c_ctdluid", CTDLUID); + if (getpwuid(ctdluid) == NULL) { + syslog(LOG_EMERG, "The UID (%d) citadel is configured to use is not defined in your system (/etc/passwd?)!", ctdluid); + } } @@ -69,7 +68,6 @@ void validate_config(void) { */ void brand_new_installation_set_defaults(void) { - struct passwd *pw; struct utsname my_utsname; struct hostent *he; @@ -97,24 +95,6 @@ void brand_new_installation_set_defaults(void) { config.c_port_number = 504; config.c_sleeping = 900; - if (config.c_ctdluid == 0) { - pw = getpwnam("citadel"); - if (pw != NULL) { - config.c_ctdluid = pw->pw_uid; - } - } - if (config.c_ctdluid == 0) { - pw = getpwnam("bbs"); - if (pw != NULL) { - config.c_ctdluid = pw->pw_uid; - } - } - if (config.c_ctdluid == 0) { - pw = getpwnam("guest"); - if (pw != NULL) { - config.c_ctdluid = pw->pw_uid; - } - } if (config.c_createax == 0) { config.c_createax = 3; } diff --git a/citadel/control.c b/citadel/control.c index fd4b650f7..22d7097ca 100644 --- a/citadel/control.c +++ b/citadel/control.c @@ -133,7 +133,7 @@ void get_control(void) control_fp = fopen(file_citadel_control, "rb+"); if (control_fp != NULL) { lock_control(); - rv = fchown(fileno(control_fp), config.c_ctdluid, -1); + rv = fchown(fileno(control_fp), ctdluid, -1); if (rv == -1) syslog(LOG_EMERG, "Failed to adjust ownership of: %s [%s]\n", file_citadel_control, strerror(errno)); @@ -149,7 +149,7 @@ void get_control(void) lock_control(); memset(&CitControl, 0, sizeof(struct CitControl)); - rv = fchown(fileno(control_fp), config.c_ctdluid, -1); + rv = fchown(fileno(control_fp), ctdluid, -1); if (rv == -1) syslog(LOG_EMERG, "Failed to adjust ownership of: %s [%s]\n", file_citadel_control, strerror(errno)); @@ -176,7 +176,7 @@ void get_control(void) syslog(LOG_EMERG, "Failed to read Controlfile: %s [%s]\n", file_citadel_control, strerror(errno)); already_have_control = 1; - rv = chown(file_citadel_control, config.c_ctdluid, (-1)); + rv = chown(file_citadel_control, ctdluid, (-1)); if (rv == -1) syslog(LOG_EMERG, "Failed to adjust ownership of: %s [%s]\n", file_citadel_control, strerror(errno)); @@ -386,7 +386,7 @@ void cmd_conf(char *argbuf) cprintf("%d\n", config.c_spam_flag_only); cprintf("%d\n", config.c_guest_logins); cprintf("%d\n", config.c_port_number); - cprintf("%d\n", config.c_ctdluid); + cprintf("%d\n", ctdluid); cprintf("%d\n", config.c_nntp_port); cprintf("%d\n", config.c_nntps_port); cprintf("000\n"); @@ -629,7 +629,7 @@ void cmd_conf(char *argbuf) config.c_port_number = atoi(buf); break; case 69: - config.c_ctdluid = atoi(buf); + /* niu */ break; case 70: config.c_nntp_port = atoi(buf); diff --git a/citadel/include/ctdl_module.h b/citadel/include/ctdl_module.h index 5ea37bfe5..3eda4a833 100644 --- a/citadel/include/ctdl_module.h +++ b/citadel/include/ctdl_module.h @@ -385,7 +385,7 @@ extern struct config config; #define NODENAME config.c_nodename #define FQDN config.c_fqdn -#define CTDLUID config.c_ctdluid +#define CTDLUID ctdluid #define CREATAIDE config.c_creataide #define REGISCALL config.c_regiscall #define TWITDETECT config.c_twitdetect diff --git a/citadel/modules/migrate/serv_migrate.c b/citadel/modules/migrate/serv_migrate.c index 0ec223e03..e4d39d0ec 100644 --- a/citadel/modules/migrate/serv_migrate.c +++ b/citadel/modules/migrate/serv_migrate.c @@ -1,7 +1,7 @@ /* * This module dumps and/or loads the Citadel database in XML format. * - * Copyright (c) 1987-2014 by the citadel.org team + * Copyright (c) 1987-2015 by the citadel.org team * * This program is open source software; you can redistribute it and/or modify * it under the terms of the GNU General Public License version 3. @@ -436,7 +436,6 @@ void migr_do_export(void) { client_write("", 8); xml_strout(config.c_fqdn); client_write("\n", 10); client_write("", 13); xml_strout(config.c_humannode); client_write("\n", 15); client_write("", 12); xml_strout(config.c_phonenum); client_write("\n", 14); - cprintf("%d\n", config.c_ctdluid); cprintf("%d\n", config.c_creataide); cprintf("%d\n", config.c_sleeping); cprintf("%d\n", config.c_initax); @@ -624,7 +623,6 @@ int migr_config(void *data, const char *el) else if (!strcasecmp(el, "c_fqdn")) SET_CFGSTRBUF(c_fqdn, migr_chardata); else if (!strcasecmp(el, "c_humannode")) SET_CFGSTRBUF(c_humannode, migr_chardata); else if (!strcasecmp(el, "c_phonenum")) SET_CFGSTRBUF(c_phonenum, migr_chardata); - else if (!strcasecmp(el, "c_ctdluid")) config.c_ctdluid = atoi(ChrPtr(migr_chardata)); else if (!strcasecmp(el, "c_creataide")) config.c_creataide = atoi(ChrPtr(migr_chardata)); else if (!strcasecmp(el, "c_sleeping")) config.c_sleeping = atoi(ChrPtr(migr_chardata)); else if (!strcasecmp(el, "c_initax")) config.c_initax = atoi(ChrPtr(migr_chardata)); diff --git a/citadel/netconfig.c b/citadel/netconfig.c index 3161b1100..14fe8be50 100644 --- a/citadel/netconfig.c +++ b/citadel/netconfig.c @@ -262,7 +262,7 @@ int SaveRoomNetConfigFile(OneRoomNetCfg *OneRNCfg, char *filename) else { OutBuffer = NewStrBuf(); CfgIt = GetNewHashPos(CfgTypeHash, 1); - fchown(TmpFD, config.c_ctdluid, 0); + fchown(TmpFD, ctdluid, 0); for (eCfg = subpending; eCfg < maxRoomNetCfg; eCfg ++) { const CfgLineType *pCfg; diff --git a/citadel/server.h b/citadel/server.h index a34e1e423..45e0d7498 100644 --- a/citadel/server.h +++ b/citadel/server.h @@ -80,6 +80,7 @@ typedef struct __recptypes { #define CTDLEXIT_DB 105 /* Unable to initialize database */ #define CTDLEXIT_LIBCITADEL 106 /* Incorrect version of libcitadel */ #define CTDL_EXIT_UNSUP_AUTH 107 /* Unsupported auth mode configured */ +#define CTDLEXIT_UNUSER 108 /* Could not determine uid to run as */ /* * Reasons why a session would be terminated (set CC->kill_me to these values) @@ -131,6 +132,7 @@ struct CitControl { extern int ScheduledShutdown; extern struct CitControl CitControl; +extern uid_t ctdluid; struct ExpressMessage { struct ExpressMessage *next; diff --git a/citadel/server_main.c b/citadel/server_main.c index 691096b66..9837f86e5 100644 --- a/citadel/server_main.c +++ b/citadel/server_main.c @@ -26,11 +26,9 @@ #include "user_ops.h" #include "ecrash.h" +uid_t ctdluid = 0; const char *CitadelServiceUDS="citadel-UDS"; const char *CitadelServiceTCP="citadel-TCP"; - - - void go_threading(void); /* @@ -51,6 +49,8 @@ int main(int argc, char **argv) char ctdldir[PATH_MAX]=CTDLDIR; int syslog_facility = LOG_DAEMON; const char *eDebuglist[] = {NULL, NULL}; + uid_t u = 0; + struct passwd *p = NULL; #ifdef HAVE_RUN_DIR struct stat filestats; #endif @@ -64,7 +64,7 @@ int main(int argc, char **argv) InitializeMasterTSD(); /* parse command-line arguments */ - while ((a=getopt(argc, argv, "l:dh:x:t:B:Dr")) != EOF) switch(a) { + while ((a=getopt(argc, argv, "l:dh:x:t:B:Dru:")) != EOF) switch(a) { case 'l': safestrncpy(facility, optarg, sizeof(facility)); @@ -108,16 +108,57 @@ int main(int argc, char **argv) drop_root_perms = 0; break; + /* -u tells the server what uid to run under... */ + case 'u': + u = atoi(optarg); + if (u > 0) { + ctdluid = u; + } + else { + p = getpwnam(optarg); + if (p) { + u = p->pw_uid; + } + } + if (u > 0) { + ctdluid = u; + } + break; + default: /* any other parameter makes it crash and burn */ fprintf(stderr, "citserver: usage: " "citserver " "[-l LogFacility] " "[-d] [-D] [-r] " + "[-u user] " "[-h HomeDir]\n" ); exit(1); } + + /* Last ditch effort to determine the user name ... if there's a user called "citadel" then use that */ + if (ctdluid == 0) { + p = getpwnam("citadel"); + if (!p) { + p = getpwnam("bbs"); + } + if (!p) { + p = getpwnam("guest"); + } + if (p) { + u = p->pw_uid; + } + if (u > 0) { + ctdluid = u; + } + } + + if ((ctdluid == 0) && (drop_root_perms == 0)) { + fprintf(stderr, "citserver: cannot determine user to run as; please specify -r or -u options\n"); + exit(CTDLEXIT_UNUSER); + } + StartLibCitadel(basesize); openlog("citserver", ( running_as_daemon ? (LOG_PID) : (LOG_PID | LOG_PERROR) ), @@ -178,9 +219,9 @@ int main(int argc, char **argv) if (stat(ctdl_run_dir, &filestats)==-1){ #ifdef HAVE_GETPWUID_R #ifdef SOLARIS_GETPWUID - pwp = getpwuid_r(config.c_ctdluid, &pw, pwbuf, sizeof(pwbuf)); + pwp = getpwuid_r(ctdluid, &pw, pwbuf, sizeof(pwbuf)); #else // SOLARIS_GETPWUID - getpwuid_r(config.c_ctdluid, &pw, pwbuf, sizeof(pwbuf), &pwp); + getpwuid_r(ctdluid, &pw, pwbuf, sizeof(pwbuf), &pwp); #endif // SOLARIS_GETPWUID #else // HAVE_GETPWUID_R pwp = NULL; @@ -191,7 +232,7 @@ int main(int argc, char **argv) "unable to create run directory [%s]: %s", ctdl_run_dir, strerror(errno)); - if (chown(ctdl_run_dir, config.c_ctdluid, (pwp==NULL)?-1:pw.pw_gid) != 0) + if (chown(ctdl_run_dir, ctdluid, (pwp==NULL)?-1:pw.pw_gid) != 0) syslog(LOG_EMERG, "unable to set the access rights for [%s]: %s", ctdl_run_dir, strerror(errno)); @@ -298,9 +339,9 @@ int main(int argc, char **argv) #ifdef HAVE_GETPWUID_R #ifdef SOLARIS_GETPWUID - pwp = getpwuid_r(config.c_ctdluid, &pw, pwbuf, sizeof(pwbuf)); + pwp = getpwuid_r(ctdluid, &pw, pwbuf, sizeof(pwbuf)); #else // SOLARIS_GETPWUID - getpwuid_r(config.c_ctdluid, &pw, pwbuf, sizeof(pwbuf), &pwp); + getpwuid_r(ctdluid, &pw, pwbuf, sizeof(pwbuf), &pwp); #endif // SOLARIS_GETPWUID #else // HAVE_GETPWUID_R pwp = NULL; diff --git a/citadel/utils/setup.c b/citadel/utils/setup.c index eec27947f..afb4bb566 100644 --- a/citadel/utils/setup.c +++ b/citadel/utils/setup.c @@ -1312,7 +1312,6 @@ int main(int argc, char *argv[]) activity = _("Setting file permissions"); progress(activity, 0, 2); - //chown(file_citadel_config, config.c_ctdluid, gid); progress(activity, 1, 2); chmod(file_citadel_config, S_IRUSR | S_IWUSR); progress(activity, 2, 2); -- 2.30.2