[dovecot-cvs] dovecot/src/auth main.c,1.8,1.9

cras at procontrol.fi cras at procontrol.fi
Wed Dec 18 06:00:03 EET 2002 

Update of /home/cvs/dovecot/src/auth
In directory danu:/tmp/cvs-serv2284/auth

Modified Files:
	main.c 
Log Message:
Drop root privileges earlier. Close syslog more later in imap-master when   
forking new processes, so that any errors get logged. Make sure that all   
errors show up in log files - use specific exit status codes if we can't
write to log file. Make sure imap and login processes always drop root
privileges even if master process didn't ask for it for some reason.
putenv() wasn't verified to succeed - luckily we never allowed large user
given data there.     



Index: main.c
===================================================================
RCS file: /home/cvs/dovecot/src/auth/main.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -d -r1.8 -r1.9
--- main.c	1 Dec 2002 15:39:20 -0000	1.8
+++ main.c	18 Dec 2002 04:00:01 -0000	1.9
@@ -38,32 +38,32 @@
 	}
 }
 
-static void main_init(void)
+static void open_logfile(void)
 {
-	const char *logfile;
-
-	lib_init_signals(sig_quit);
-
-	logfile = getenv("IMAP_LOGFILE");
-	if (logfile == NULL) {
-		/* open the syslog immediately so chroot() won't
-		   break logging */
-		openlog("imap-auth", LOG_NDELAY, LOG_MAIL);
-
-		i_set_panic_handler(i_syslog_panic_handler);
-		i_set_fatal_handler(i_syslog_fatal_handler);
-		i_set_error_handler(i_syslog_error_handler);
-		i_set_warning_handler(i_syslog_warning_handler);
-	} else {
-		/* log failures into specified log file */
-		i_set_failure_file(logfile, "imap-auth");
+	if (getenv("IMAP_USE_SYSLOG") != NULL)
+		i_set_failure_syslog("imap-auth", LOG_NDELAY, LOG_MAIL);
+	else {
+		/* log to file or stderr */
+		i_set_failure_file(getenv("IMAP_LOGFILE"), "imap-auth");
 		i_set_failure_timestamp_format(getenv("IMAP_LOGSTAMP"));
 	}
+}
 
-	/* open /dev/urandom before chrooting */
+static void drop_privileges(void)
+{
+	/* Log file or syslog opening probably requires roots */
+	open_logfile();
+
+	/* Open /dev/urandom before chrooting */
 	random_init();
 
-	restrict_access_by_env();
+	/* Password lookups etc. may require roots, allow it. */
+	restrict_access_by_env(FALSE);
+}
+
+static void main_init(void)
+{
+	lib_init_signals(sig_quit);
 
 	auth_init();
 	cookies_init();
@@ -100,6 +100,8 @@
 	/* NOTE: we start rooted, so keep the code minimal until
 	   restrict_access_by_env() is called */
 	lib_init();
+	drop_privileges();
+
 	ioloop = io_loop_create(system_pool);
 
 	main_init();

More information about the dovecot-cvs mailing list