lldpd: add option to disable privilege separation
[openwrt/svn-archive/archive.git] / package / network / services / lldpd / patches / 001-priv-don-t-lookup-for-_lldpd-when-privsep-is-disable.patch
1 From 28bf40220840c277d70ed66f6d58729ebb975de8 Mon Sep 17 00:00:00 2001
2 From: Vincent Bernat <vincent@bernat.im>
3 Date: Thu, 12 Feb 2015 08:07:43 +0100
4 Subject: [PATCH] priv: don't lookup for _lldpd when privsep is disabled
5
6 Closes #95
7 ---
8 src/daemon/lldpd.c | 10 ++++++++++
9 1 file changed, 10 insertions(+)
10
11 diff --git a/src/daemon/lldpd.c b/src/daemon/lldpd.c
12 index f868fc7..6a3a160 100644
13 --- a/src/daemon/lldpd.c
14 +++ b/src/daemon/lldpd.c
15 @@ -1335,11 +1335,13 @@ lldpd_main(int argc, char *argv[], char *envp[])
16 int receiveonly = 0;
17 int ctl;
18
19 +#ifdef ENABLE_PRIVSEP
20 /* Non privileged user */
21 struct passwd *user;
22 struct group *group;
23 uid_t uid;
24 gid_t gid;
25 +#endif
26
27 saved_argv = argv;
28
29 @@ -1493,12 +1495,14 @@ lldpd_main(int argc, char *argv[], char *envp[])
30 log_debug("main", "lldpd starting...");
31
32 /* Grab uid and gid to use for priv sep */
33 +#ifdef ENABLE_PRIVSEP
34 if ((user = getpwnam(PRIVSEP_USER)) == NULL)
35 fatal("main", "no " PRIVSEP_USER " user for privilege separation");
36 uid = user->pw_uid;
37 if ((group = getgrnam(PRIVSEP_GROUP)) == NULL)
38 fatal("main", "no " PRIVSEP_GROUP " group for privilege separation");
39 gid = group->gr_gid;
40 +#endif
41
42 /* Create and setup socket */
43 int retry = 1;
44 @@ -1526,12 +1530,14 @@ lldpd_main(int argc, char *argv[], char *envp[])
45 log_warn("main", "unable to create control socket");
46 fatalx("giving up");
47 }
48 +#ifdef ENABLE_PRIVSEP
49 if (chown(ctlname, uid, gid) == -1)
50 log_warn("main", "unable to chown control socket");
51 if (chmod(ctlname,
52 S_IRUSR | S_IWUSR | S_IXUSR |
53 S_IRGRP | S_IWGRP | S_IXGRP) == -1)
54 log_warn("main", "unable to chmod control socket");
55 +#endif
56
57 /* Disable SIGPIPE */
58 signal(SIGPIPE, SIG_IGN);
59 @@ -1576,7 +1582,11 @@ lldpd_main(int argc, char *argv[], char *envp[])
60 }
61
62 log_debug("main", "initialize privilege separation");
63 +#ifdef ENABLE_PRIVSEP
64 priv_init(PRIVSEP_CHROOT, ctl, uid, gid);
65 +#else
66 + priv_init(PRIVSEP_CHROOT, ctl, 0, 0);
67 +#endif
68
69 /* Initialization of global configuration */
70 if ((cfg = (struct lldpd *)
71 --
72 2.1.2
73