1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
--- asterisk-1.0.7/asterisk.c.orig 2005-05-12 21:33:21.000000000 +0200
+++ asterisk-1.0.7/asterisk.c 2005-05-12 21:38:33.000000000 +0200
@@ -1581,7 +1581,9 @@ int main(int argc, char *argv[])
int num;
char *buf;
char *runuser=NULL, *rungroup=NULL;
- struct pollfd silly_macos[1];
+ struct pollfd silly_macos[1];
+ gid_t runasgid = 0;
+ uid_t runasuid = 0;
/* Remember original args for restart */
if (argc > sizeof(_argv) / sizeof(_argv[0]) - 1) {
@@ -1701,17 +1703,9 @@ int main(int argc, char *argv[])
ast_log(LOG_WARNING, "No such group '%s'!\n", rungroup);
exit(1);
}
- if (setgid(gr->gr_gid)) {
- ast_log(LOG_WARNING, "Unable to setgid to %d (%s)\n", gr->gr_gid, rungroup);
- exit(1);
- }
- if (option_verbose)
- ast_verbose("Running as group '%s'\n", rungroup);
+ runasgid = gr->gr_gid;
}
- if (set_priority(option_highpriority)) {
- exit(1);
- }
if (runuser) {
struct passwd *pw;
pw = getpwnam(runuser);
@@ -1719,8 +1713,29 @@ int main(int argc, char *argv[])
ast_log(LOG_WARNING, "No such user '%s'!\n", runuser);
exit(1);
}
- if (setuid(pw->pw_uid)) {
- ast_log(LOG_WARNING, "Unable to setuid to %d (%s)\n", pw->pw_uid, runuser);
+ runasuid = pw->pw_uid;
+ }
+
+ if (set_priority(option_highpriority)) {
+ exit(1);
+ }
+
+ if (runasgid) {
+ if (setgid(runasgid)) {
+ ast_log(LOG_WARNING, "Unable to setgid to %d (%s)\n", runasgid, rungroup);
+ exit(1);
+ }
+ if (option_verbose)
+ ast_verbose("Running as group '%s'\n", rungroup);
+ }
+
+ if (runasuid) {
+ if(initgroups(runuser, runasgid) < 0) {
+ ast_log(LOG_WARNING, "Unable to set supplemental groups for %s\n", runuser);
+ exit(1);
+ }
+ if (setuid(runasuid)) {
+ ast_log(LOG_WARNING, "Unable to setuid to %d (%s)\n", runasuid, runuser);
exit(1);
}
if (option_verbose)
|
GitWeb
