-const char jcc_rcs[] = "$Id: jcc.c,v 1.76 2002/03/06 22:54:35 jongfoster Exp $";
+const char jcc_rcs[] = "$Id: jcc.c,v 1.77 2002/03/07 03:52:06 oes Exp $";
/*********************************************************************
*
* File : $Source: /cvsroot/ijbswa/current/jcc.c,v $
*
* Revisions :
* $Log: jcc.c,v $
+ * Revision 1.77 2002/03/07 03:52:06 oes
+ * - Fixed compiler warnings etc
+ * - Improved handling of failed DNS lookups
+ *
* Revision 1.76 2002/03/06 22:54:35 jongfoster
* Automated function-comment nitpicking.
*
#ifdef unix
#include <pwd.h>
+#include <grp.h>
#endif
# include <signal.h>
void usage(const char *myname)
{
printf("JunkBuster proxy version " VERSION " (" HOME_PAGE_URL ")\n"
- "Usage: %s [--help] [--version] [--no-daemon] [--pidfile pidfile] [--user user] [configfile]\n"
+ "Usage: %s [--help] [--version] [--no-daemon] [--pidfile pidfile] [--user user[.group]] [configfile]\n"
"Aborting.\n", myname);
exit(2);
int argc_pos = 0;
#ifdef unix
struct passwd *pw = NULL;
+ struct group *grp = NULL;
+ char *p;
#endif
Argc = argc;
else if (strcmp(argv[argc_pos], "--user" ) == 0)
{
- if (++argc_pos == argc) usage(argv[0]);
- pw = getpwnam(argv[argc_pos]);
-
- if (pw == NULL)
+ if (++argc_pos == argc) usage(argv[argc_pos]);
+
+ if ((NULL != (p = strchr(argv[argc_pos], '.'))) && *(p + 1) != '0')
+ {
+ *p++ = '\0';
+ if (NULL == (grp = getgrnam(p)))
+ {
+ log_error(LOG_LEVEL_FATAL, "Group %s not found.", p);
+ }
+ }
+
+ if (NULL == (pw = getpwnam(argv[argc_pos])))
{
log_error(LOG_LEVEL_FATAL, "User %s not found.", argv[argc_pos]);
}
+
+ if (p != NULL) *--p = '\0';
}
#endif /* defined(unix) */
else
/*
* As soon as we have written the PID file, we can switch
- * to the user ID indicated by the --user option
+ * to the user and group ID indicated by the --user option
*/
write_pid_file();
- if ((NULL != pw) && setuid(pw->pw_uid))
+ if (NULL != pw)
{
- log_error(LOG_LEVEL_FATAL, "Cannot setuid(): Insufficient permissions.");
+ if (((NULL != grp) && setgid(grp->gr_gid)) || (setgid(pw->pw_gid)))
+ {
+ log_error(LOG_LEVEL_FATAL, "Cannot setgid(): Insufficient permissions.");
+ }
+ if (setuid(pw->pw_uid))
+ {
+ log_error(LOG_LEVEL_FATAL, "Cannot setuid(): Insufficient permissions.");
+ }
}
-
}
#endif /* defined unix */