119 lines
3.3 KiB
Diff
119 lines
3.3 KiB
Diff
diff --git a/includes/dhcpd.h b/includes/dhcpd.h
|
|
index 378459b..e7ed5a3 100644
|
|
--- a/includes/dhcpd.h
|
|
+++ b/includes/dhcpd.h
|
|
@@ -2033,6 +2033,11 @@ extern const char *path_dhcpd_pid;
|
|
extern int dhcp_max_agent_option_packet_length;
|
|
extern struct eventqueue *rw_queue_empty;
|
|
|
|
+#if defined (PARANOIA)
|
|
+extern uid_t set_uid;
|
|
+extern gid_t set_gid;
|
|
+#endif
|
|
+
|
|
int main(int, char **);
|
|
void postconf_initialization(int);
|
|
void postdb_startup(void);
|
|
diff --git a/server/db.c b/server/db.c
|
|
index d4d42fe..5238ed8 100644
|
|
--- a/server/db.c
|
|
+++ b/server/db.c
|
|
@@ -1125,6 +1125,22 @@ int new_lease_file ()
|
|
log_error ("Can't create new lease file: %m");
|
|
return 0;
|
|
}
|
|
+
|
|
+#if defined (PARANOIA)
|
|
+ /*
|
|
+ * If we are currently root and plan to change the
|
|
+ * uid and gid change the file information so we
|
|
+ * can manipulate it later, after we've changed
|
|
+ * our group and user (that is dropped privileges.)
|
|
+ */
|
|
+ if ((set_uid != 0) && (geteuid() == 0) &&
|
|
+ (set_gid != 0) && (getegid() == 0)) {
|
|
+ if (fchown(db_fd, set_uid, set_gid)) {
|
|
+ log_fatal ("Can't chown new lease file: %m");
|
|
+ }
|
|
+ }
|
|
+#endif /* PARANOIA */
|
|
+
|
|
if ((new_db_file = fdopen(db_fd, "we")) == NULL) {
|
|
log_error("Can't fdopen new lease file: %m");
|
|
close(db_fd);
|
|
diff --git a/server/dhcpd.8 b/server/dhcpd.8
|
|
index f4b13dc..8cf756a 100644
|
|
--- a/server/dhcpd.8
|
|
+++ b/server/dhcpd.8
|
|
@@ -78,6 +78,18 @@ dhcpd - Dynamic Host Configuration Protocol Server
|
|
.B --no-pid
|
|
]
|
|
[
|
|
+.B -user
|
|
+.I user
|
|
+]
|
|
+[
|
|
+.B -group
|
|
+.I group
|
|
+]
|
|
+[
|
|
+.B -chroot
|
|
+.I dir
|
|
+]
|
|
+[
|
|
.B -tf
|
|
.I trace-output-file
|
|
]
|
|
@@ -249,6 +261,26 @@ for correct syntax, but will not attempt to perform any network
|
|
operations. This can be used to test a new lease file
|
|
automatically before installing it.
|
|
.TP
|
|
+.BI \-user \ user
|
|
+Setuid to user after completing privileged operations,
|
|
+such as creating sockets that listen on privileged ports.
|
|
+This option is only available if the code was compiled
|
|
+with the PARANOIA patch (./configure --enable-paranoia).
|
|
+.TP
|
|
+.BI \-group \ group
|
|
+Setgid to group after completing privileged operations,
|
|
+such as creating sockets that listen on privileged ports.
|
|
+This option is only available if the code was compiled
|
|
+with the PARANOIA patch (./configure --enable-paranoia).
|
|
+.TP
|
|
+.BI \-chroot \ dir
|
|
+Chroot to directory. This may occur before or after
|
|
+reading the configuration files depending on whether
|
|
+the code was compiled with the EARLY_CHROOT option
|
|
+enabled (./configure --enable-early-chroot).
|
|
+This option is only available if the code was compiled
|
|
+with the PARANOIA patch (./configure --enable-paranoia).
|
|
+.TP
|
|
.BI \-tf \ tracefile
|
|
Specify a file into which the entire startup state of the server and
|
|
all the transactions it processes are logged. This can be
|
|
diff --git a/server/dhcpd.c b/server/dhcpd.c
|
|
index ebb6d3e..ca50178 100644
|
|
--- a/server/dhcpd.c
|
|
+++ b/server/dhcpd.c
|
|
@@ -50,6 +50,10 @@ static const char url [] =
|
|
# define group real_group
|
|
# include <grp.h>
|
|
# undef group
|
|
+
|
|
+/* global values so db.c can look at them */
|
|
+uid_t set_uid = 0;
|
|
+gid_t set_gid = 0;
|
|
#endif /* PARANOIA */
|
|
|
|
#ifndef UNIT_TEST
|
|
@@ -180,9 +184,6 @@ main(int argc, char **argv) {
|
|
char *set_user = 0;
|
|
char *set_group = 0;
|
|
char *set_chroot = 0;
|
|
-
|
|
- uid_t set_uid = 0;
|
|
- gid_t set_gid = 0;
|
|
#endif /* PARANOIA */
|
|
|
|
/* Make sure that file descriptors 0 (stdin), 1, (stdout), and
|