- Fix #647 crash in 1.5.2 because pwd.db no longer accessible after

reload.


git-svn-id: file:///svn/unbound/trunk@3341 be551aaa-1e26-0410-a405-d3ace91eadb9

daemon/remote.c

@@ -329,7 +329,7 @@ add_open(const char* ip, int nr, struct listen_port** list, int noproto_is_err,
 		if(fd != -1) {
 #ifdef HAVE_CHOWN
 			if (cfg->username && cfg->username[0])
-				chown(ip, cfg->uid, cfg->gid);
+				chown(ip, cfg_uid, cfg_gid);
 			chmod(ip, (mode_t)(S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP));
 #else
 			(void)cfg;

daemon/unbound.c

@@ -505,9 +505,9 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
 		writepid(daemon->pidfile, getpid());
 		if(cfg->username && cfg->username[0]) {
 #  ifdef HAVE_CHOWN
-			if(chown(daemon->pidfile, cfg->uid, cfg->gid) == -1) {
+			if(chown(daemon->pidfile, cfg_uid, cfg_gid) == -1) {
 				log_err("cannot chown %u.%u %s: %s",
-					(unsigned)cfg->uid, (unsigned)cfg->gid,
+					(unsigned)cfg_uid, (unsigned)cfg_gid,
 					daemon->pidfile, strerror(errno));
 			}
 #  endif /* HAVE_CHOWN */
@@ -524,7 +524,7 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
 		/* setusercontext does initgroups, setuid, setgid, and
 		 * also resource limits from login config, but we
 		 * still call setresuid, setresgid to be sure to set all uid*/
-		if(setusercontext(NULL, pwd, cfg->uid, (unsigned)
+		if(setusercontext(NULL, pwd, cfg_uid, (unsigned)
 			LOGIN_SETALL & ~LOGIN_SETUSER & ~LOGIN_SETGROUP) != 0)
 			log_warn("unable to setusercontext %s: %s",
 				cfg->username, strerror(errno));
@@ -588,27 +588,27 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
 #ifdef HAVE_GETPWNAM
 	if(cfg->username && cfg->username[0]) {
 #  ifdef HAVE_INITGROUPS
-		if(initgroups(cfg->username, cfg->gid) != 0)
+		if(initgroups(cfg->username, cfg_gid) != 0)
 			log_warn("unable to initgroups %s: %s",
 				cfg->username, strerror(errno));
 #  endif /* HAVE_INITGROUPS */
 		endpwent();
 
 #ifdef HAVE_SETRESGID
-		if(setresgid(cfg->gid,cfg->gid,cfg->gid) != 0)
+		if(setresgid(cfg_gid,cfg_gid,cfg_gid) != 0)
 #elif defined(HAVE_SETREGID) && !defined(DARWIN_BROKEN_SETREUID)
-		if(setregid(cfg->gid,cfg->gid) != 0)
+		if(setregid(cfg_gid,cfg_gid) != 0)
 #else /* use setgid */
-		if(setgid(cfg->gid) != 0)
+		if(setgid(cfg_gid) != 0)
 #endif /* HAVE_SETRESGID */
 			fatal_exit("unable to set group id of %s: %s", 
 				cfg->username, strerror(errno));
 #ifdef HAVE_SETRESUID
-		if(setresuid(cfg->uid,cfg->uid,cfg->uid) != 0)
+		if(setresuid(cfg_uid,cfg_uid,cfg_uid) != 0)
 #elif defined(HAVE_SETREUID) && !defined(DARWIN_BROKEN_SETREUID)
-		if(setreuid(cfg->uid,cfg->uid) != 0)
+		if(setreuid(cfg_uid,cfg_uid) != 0)
 #else /* use setuid */
-		if(setuid(cfg->uid) != 0)
+		if(setuid(cfg_uid) != 0)
 #endif /* HAVE_SETRESUID */
 			fatal_exit("unable to set user id of %s: %s", 
 				cfg->username, strerror(errno));
@@ -653,7 +653,8 @@ run_daemon(const char* cfgfile, int cmdline_verbose, int debug_mode)
 			log_warn("Continuing with default config settings");
 		}
 		apply_settings(daemon, cfg, cmdline_verbose, debug_mode);
-		config_lookup_uid(cfg);
+		if(!done_setup)
+			config_lookup_uid(cfg);
 	
 		/* prepare */
 		if(!daemon_open_shared_ports(daemon))

doc/Changelog

@@ -3,6 +3,8 @@
 	  Kallweit).
 	- Fix #645 Portability to Solaris 10, use AF_LOCAL.
 	- Fix #646 Portability to Solaris, -lrt for getentropy_solaris.
+	- Fix #647 crash in 1.5.2 because pwd.db no longer accessible after
+	  reload.
 
 19 February 2015: Wouter
 	- 1.5.2 release tag.

util/config_file.c

@@ -65,6 +65,11 @@
 #include <pwd.h>
 #endif
 
+/** from cfg username, after daemonise setup performed */
+uid_t cfg_uid = (uid_t)-1;
+/** from cfg username, after daemonise setup performed */
+gid_t cfg_gid = (gid_t)-1;
+
 /** global config during parsing */
 struct config_parser_state* cfg_parser = 0;
 
@@ -136,8 +141,6 @@ config_create(void)
 		goto error_exit;
 	init_outgoing_availports(cfg->outgoing_avail_ports, 65536);
 	if(!(cfg->username = strdup(UB_USERNAME))) goto error_exit;
-	cfg->uid = (uid_t)-1;
-	cfg->gid = (gid_t)-1;
 #ifdef HAVE_CHROOT
 	if(!(cfg->chrootdir = strdup(CHROOT_DIR))) goto error_exit;
 #endif
@@ -1210,8 +1213,8 @@ void config_lookup_uid(struct config_file* cfg)
 		struct passwd *pwd;
 		if((pwd = getpwnam(cfg->username)) == NULL)
 			log_err("user '%s' does not exist.", cfg->username);
-		cfg->uid = pwd->pw_uid;
-		cfg->gid = pwd->pw_gid;
+		cfg_uid = pwd->pw_uid;
+		cfg_gid = pwd->pw_gid;
 	}
 #else
 	(void)cfg;

util/config_file.h

@@ -194,8 +194,6 @@ struct config_file {
 	char* chrootdir;
 	/** username to change to, if not "". */
 	char* username;
-	uid_t uid;
-	gid_t gid;
 	/** working directory */
 	char* directory;
 	/** filename to log to. */
@@ -345,6 +343,11 @@ struct config_file {
 	int dnstap_log_forwarder_response_messages;
 };
 
+/** from cfg username, after daemonise setup performed */
+extern uid_t cfg_uid;
+/** from cfg username, after daemonise setup performed */
+extern gid_t cfg_gid;
+
 /**
  * Stub config options
  */
@@ -429,7 +432,7 @@ void config_delete(struct config_file* config);
 void config_apply(struct config_file* config);
 
 /**
- * Find username, sets uid and gid.
+ * Find username, sets cfg_uid and cfg_gid.
  * @param config: the config structure.
  */
 void config_lookup_uid(struct config_file* config);