From d865d04651f5563c2b3257a8f2073c9eac5fcfe0 Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 21 Jun 2005 10:16:33 +0000 Subject: [PATCH] * move socket and pid file to its own directory /var/run/avahi * create /var/run/avahi securely git-svn-id: file:///home/lennart/svn/public/avahi/trunk@133 941a03a8-eaeb-0310-b9a0-b1bbd8fe43fe --- avahi-daemon/Makefile.am | 3 +- avahi-daemon/main.c | 69 +++++++++++++++++++++++++++++++--- avahi-daemon/simple-protocol.c | 8 +--- bootstrap.sh | 2 +- 4 files changed, 68 insertions(+), 14 deletions(-) diff --git a/avahi-daemon/Makefile.am b/avahi-daemon/Makefile.am index 0682fba..3b90852 100644 --- a/avahi-daemon/Makefile.am +++ b/avahi-daemon/Makefile.am @@ -25,7 +25,8 @@ AM_CFLAGS= \ -I$(top_srcdir) \ -D_GNU_SOURCE \ -DAVAHI_SERVICE_DIRECTORY=\"$(servicedir)\" \ - -DAVAHI_CONFIG_FILE=\"$(pkgsysconfdir)/avahi.conf\" + -DAVAHI_CONFIG_FILE=\"$(pkgsysconfdir)/avahi.conf\" \ + -DAVAHI_RUNTIME_DIR=\"$(localstatedir)/run/avahi\" AM_LDADD=-lexpat # GLIB 2.0 diff --git a/avahi-daemon/main.c b/avahi-daemon/main.c index 7fce3a5..ce3400a 100644 --- a/avahi-daemon/main.c +++ b/avahi-daemon/main.c @@ -31,6 +31,7 @@ #include #include #include +#include #include #include @@ -474,6 +475,59 @@ static gint drop_root(void) { return 0; } +static const char* pid_file_proc(void) { + return AVAHI_RUNTIME_DIR"/pid"; +} + +static gint make_runtime_dir(void) { + gint r = -1; + mode_t u; + gboolean reset_umask = FALSE; + struct passwd *pw; + struct group * gr; + struct stat st; + + if (!(pw = getpwnam(AVAHI_USER))) { + avahi_log_error( "Failed to find user '"AVAHI_USER"'."); + goto fail; + } + + if (!(gr = getgrnam(AVAHI_GROUP))) { + avahi_log_error( "Failed to find group '"AVAHI_GROUP"'."); + goto fail; + } + + u = umask(0000); + reset_umask = TRUE; + + if (mkdir(AVAHI_RUNTIME_DIR, 0755) < 0 && errno != EEXIST) { + avahi_log_error("mkdir(\""AVAHI_RUNTIME_DIR"\"): %s", strerror(errno)); + goto fail; + } + + chown(AVAHI_RUNTIME_DIR, pw->pw_uid, gr->gr_gid); + + if (stat(AVAHI_RUNTIME_DIR, &st) < 0) { + avahi_log_error("stat(): %s\n", strerror(errno)); + goto fail; + } + + if (!S_ISDIR(st.st_mode) || st.st_uid != pw->pw_uid || st.st_gid != gr->gr_gid) { + avahi_log_error("Failed to create runtime directory "AVAHI_RUNTIME_DIR"."); + goto fail; + } + + r = 0; + +fail: + if (reset_umask) + umask(u); + return r; + +} + + + int main(int argc, char *argv[]) { gint r = 255; DaemonConfig config; @@ -495,6 +549,8 @@ int main(int argc, char *argv[]) { argv0 = argv[0]; daemon_pid_file_ident = daemon_log_ident = (char *) argv0; + + daemon_pid_file_proc = pid_file_proc; if (parse_command_line(&config, argc, argv) < 0) goto finish; @@ -561,6 +617,14 @@ int main(int argc, char *argv[]) { chdir("/"); + if (make_runtime_dir() < 0) + goto finish; + + if (config.drop_root) { + if (drop_root() < 0) + goto finish; + } + if (daemon_pid_file_create() < 0) { avahi_log_error("Failed to create PID file: %s", strerror(errno)); @@ -570,11 +634,6 @@ int main(int argc, char *argv[]) { } else wrote_pid_file = TRUE; - if (config.drop_root) { - if (drop_root() < 0) - goto finish; - } - if (run_server(&config) == 0) r = 0; } diff --git a/avahi-daemon/simple-protocol.c b/avahi-daemon/simple-protocol.c index 6eaef99..8bd8da4 100644 --- a/avahi-daemon/simple-protocol.c +++ b/avahi-daemon/simple-protocol.c @@ -41,8 +41,7 @@ #define BUFFER_SIZE (10*1024) -#define UNIX_SOCKET_PATH "/tmp/avahi" -#define UNIX_SOCKET UNIX_SOCKET_PATH"/socket" +#define UNIX_SOCKET AVAHI_RUNTIME_DIR "/socket" #define CLIENTS_MAX 50 @@ -378,11 +377,6 @@ int simple_protocol_setup(GMainContext *c) { u = umask(0000); - if (mkdir(UNIX_SOCKET_PATH, 0755) < 0 && errno != EEXIST) { - avahi_log_warn("mkdir(): %s", strerror(errno)); - goto fail; - } - if ((server->fd = socket(PF_LOCAL, SOCK_STREAM, 0)) < 0) { avahi_log_warn("socket(PF_LOCAL, SOCK_STREAM, 0): %s", strerror(errno)); goto fail; diff --git a/bootstrap.sh b/bootstrap.sh index f0eedcd..d50ba72 100755 --- a/bootstrap.sh +++ b/bootstrap.sh @@ -42,7 +42,7 @@ else run_versioned automake 1.7 -a -c --foreign autoconf -Wall - CFLAGS="-g -O0" ./configure --sysconfdir=/etc "$@" + CFLAGS="-g -O0" ./configure --sysconfdir=/etc --localstatedir=/var"$@" make clean fi -- 2.39.5