MyFavMirrors/owntone-server
1
0
Fork 0
mirror of https://github.com/owntone/owntone-server.git synced 2025-02-05 02:38:09 -05:00
Code Issues Packages Projects Releases Wiki Activity

Do not elevate privileges to reopen the log file

Browse Source 
Instead, set ownership and permissions at startup and rely on logrotate
recreating a new log file with appropriate permissions after that.
This commit is contained in:
Julien BLACHE 2011-06-27 18:29:21 +02:00
parent 8310bc226d
commit 6feac7dd45
1 changed files with 23 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
src/logger.c
View File

@ -1,5 +1,5 @@
/* /*
* Copyright (C) 2009-2010 Julien BLACHE <jb@jblache.org> * Copyright (C) 2009-2011 Julien BLACHE <jb@jblache.org>
* *
* This program is free software; you can redistribute it and/or modify * This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
@ -26,12 +26,15 @@
#include <string.h> #include <string.h>
#include <time.h> #include <time.h>
#include <errno.h> #include <errno.h>
#include <sys/stat.h>
#include <pwd.h>
#include <pthread.h> #include <pthread.h>
#include <event.h> #include <event.h>
#include <libavutil/log.h> #include <libavutil/log.h>
#include "conffile.h"
#include "logger.h" #include "logger.h"
@ -198,32 +201,13 @@ void
logger_reinit(void) logger_reinit(void)
{ {
FILE *fp; FILE *fp;
uid_t uid;
int ret;
if (!logfile) if (!logfile)
return; return;
pthread_mutex_lock(&logger_lck); pthread_mutex_lock(&logger_lck);
uid = geteuid();
if (uid != 0)
{
ret = seteuid(0);
if (ret < 0)
fprintf(logfile, "logger_reinit: seteuid(0) failed: %s\n", strerror(errno));
}
fp = fopen(logfilename, "a"); fp = fopen(logfilename, "a");
if (uid != 0)
{
ret = seteuid(uid);
if (ret < 0)
fprintf(logfile, "logger_reinit: seteuid(%lu) failed: %s\n", (unsigned long)uid, strerror(errno));
}
if (!fp) if (!fp)
{ {
fprintf(logfile, "Could not reopen logfile: %s\n", strerror(errno)); fprintf(logfile, "Could not reopen logfile: %s\n", strerror(errno));
@ -262,6 +246,8 @@ logger_detach(void)
int int
logger_init(char *file, char *domains, int severity) logger_init(char *file, char *domains, int severity)
{ {
struct passwd *pw;
char *runas;
int ret; int ret;
if ((sizeof(labels) / sizeof(labels[0])) != N_LOGDOMAINS) if ((sizeof(labels) / sizeof(labels[0])) != N_LOGDOMAINS)
@ -286,6 +272,15 @@ logger_init(char *file, char *domains, int severity)
if (!file) if (!file)
return 0; return 0;
runas = cfg_getstr(cfg_getsec(cfg, "general"), "uid");
pw = getpwnam(runas);
if (!pw)
{
fprintf(stderr, "Could not lookup user %s: %s\n", runas, strerror(errno));
return -1;
}
logfile = fopen(file, "a"); logfile = fopen(file, "a");
if (!logfile) if (!logfile)
{ {
@ -294,6 +289,14 @@ logger_init(char *file, char *domains, int severity)
return -1; return -1;
} }
ret = fchown(fileno(logfile), pw->pw_uid, 0);
if (ret < 0)
fprintf(stderr, "Failed to set ownership on logfile: %s\n", strerror(errno));
ret = fchmod(fileno(logfile), 0644);
if (ret < 0)
fprintf(stderr, "Failed to set permissions on logfile: %s\n", strerror(errno));
logfilename = file; logfilename = file;
return 0; return 0;