From 057685e4612add03e197a4c172830258123b01f1 Mon Sep 17 00:00:00 2001 From: Ulrich Drepper Date: Fri, 18 Jan 2002 02:10:41 +0000 Subject: Update. 2002-01-17 Ulrich Drepper * nscd/nscd.c (drop_privileges): Removed. Adjust caller. * nscd/connections.c (begin_drop_privileges): New function. (finish_drop_privileges): New function. (nscd_init): Call the new functions which also install all groups for the server user. 2002-01-17 H.J. Lu * sysdeps/mips/dl-machine.h (__dl_runtime_resolve): Remove `const' from `got'. --- nscd/nscd.c | 41 ----------------------------------------- 1 file changed, 41 deletions(-) (limited to 'nscd/nscd.c') diff --git a/nscd/nscd.c b/nscd/nscd.c index 52385a1..045256b 100644 --- a/nscd/nscd.c +++ b/nscd/nscd.c @@ -23,11 +23,9 @@ #include #include #include -#include #include #include #include -#include #include #include #include @@ -63,7 +61,6 @@ int do_shutdown; int disabled_passwd; int disabled_group; int go_background = 1; -const char *server_user; int secure[lastdb]; int secure_in_use; @@ -71,7 +68,6 @@ static const char *conffile = _PATH_NSCDCONF; static int check_pid (const char *file); static int write_pid (const char *file); -static void drop_privileges (void); /* Name and version of program. */ static void print_version (FILE *stream, struct argp_state *state); @@ -169,10 +165,6 @@ main (int argc, char **argv) /* Init databases. */ nscd_init (conffile); - /* Change to unprivileged UID if specifed in config file */ - if(server_user && !secure_in_use) - drop_privileges (); - /* Handle incoming requests */ start_threads (); @@ -373,36 +365,3 @@ write_pid (const char *file) return 0; } - -/* Look up the uid and gid associated with the user we are supposed to run - the server as, and then call setgid(), setgroups(), and setuid(). - Otherwise, abort- we should not run as root if the configuration file - specifically tells us not to. */ - -static void -drop_privileges (void) -{ - int buflen = 256; - char *buffer = alloca (buflen); - struct passwd resultbuf; - struct passwd *pwd; - - while (__getpwnam_r (server_user, &resultbuf, buffer, buflen, &pwd) != 0 - && errno == ERANGE) - { - errno = 0; - buflen += 256; - buffer = alloca (buflen); - } - - if(!pwd) - { - dbg_log (_("Failed to look up user '%s' to run server as"), - server_user); - exit(1); - } - - setgroups (0, NULL); - setgid (pwd->pw_gid); - setuid (pwd->pw_uid); -} -- cgit v1.1