init script, and making mwserv drop privs on startup

Makefile

@@ -12,6 +12,8 @@ ifeq ($(SVNVER),exported)
 install:
 	install -d $(DESTDIR)$(libdir)/mw
 	cp -a $(INSTALLFILES) $(DESTDIR)$(libdir)/mw/
+	install -d $(DESTDIR)/etc/init.d
+	install mwserv.init $(DESTDIR)/etc/init.d/mwserv
 	$(MAKE) -C src $@
 	$(MAKE) -C po $@
 	$(MAKE) -C src/webclient $@

mwserv.init

+#! /bin/sh
+### BEGIN INIT INFO
+# Provides:          mw
+# Required-Start:    
+# Required-Stop:     
+# Default-Start:     2 3 4 5
+# Default-Stop:      0 1 6
+# Short-Description: Milliways comms server
+# Description:       Required to make mw talk work
+### END INIT INFO
+
+# Author: Justin Mitchell <arthur@sucs.org>
+#
+
+# Do NOT "set -e"
+
+# PATH should only include /usr/* if it runs after the mountnfs.sh script
+PATH=/sbin:/usr/sbin:/bin:/usr/bin
+DESC="Milliways comms server"
+NAME=mwserv
+DAEMON=/usr/lib/mw/$NAME
+DAEMON_ARGS="--port 9999"
+PIDFILE=/var/run/$NAME.pid
+SCRIPTNAME=/etc/init.d/$NAME
+
+# Exit if the package is not installed
+[ -x "$DAEMON" ] || exit 0
+
+# Read configuration variable file if it is present
+[ -r /etc/default/$NAME ] && . /etc/default/$NAME
+
+# Load the VERBOSE setting and other rcS variables
+. /lib/init/vars.sh
+
+# Define LSB log_* functions.
+# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
+# and status_of_proc is working.
+. /lib/lsb/init-functions
+
+#
+# Function that starts the daemon/service
+#
+do_start()
+{
+	# Return
+	#   0 if daemon has been started
+	#   1 if daemon was already running
+	#   2 if daemon could not be started
+	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+		|| return 1
+	start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
+		$DAEMON_ARGS \
+		|| return 2
+	# Add code here, if necessary, that waits for the process to be ready
+	# to handle requests from services started subsequently which depend
+	# on this one.  As a last resort, sleep for some time.
+}
+
+#
+# Function that stops the daemon/service
+#
+do_stop()
+{
+	# Return
+	#   0 if daemon has been stopped
+	#   1 if daemon was already stopped
+	#   2 if daemon could not be stopped
+	#   other if a failure occurred
+	start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
+	RETVAL="$?"
+	[ "$RETVAL" = 2 ] && return 2
+	# Wait for children to finish too if this is a daemon that forks
+	# and if the daemon is only ever run from this initscript.
+	# If the above conditions are not satisfied then add some other code
+	# that waits for the process to drop all resources that could be
+	# needed by services started subsequently.  A last resort is to
+	# sleep for some time.
+	start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
+	[ "$?" = 2 ] && return 2
+	# Many daemons don't delete their pidfiles when they exit.
+	rm -f $PIDFILE
+	return "$RETVAL"
+}
+
+#
+# Function that sends a SIGHUP to the daemon/service
+#
+do_reload() {
+	#
+	# If the daemon can reload its configuration without
+	# restarting (for example, when it is sent a SIGHUP),
+	# then implement that here.
+	#
+	start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
+	return 0
+}
+
+case "$1" in
+  start)
+	[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+	do_start
+	case "$?" in
+		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+	esac
+	;;
+  stop)
+	[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+	do_stop
+	case "$?" in
+		0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+		2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+	esac
+	;;
+  status)
+       status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
+       ;;
+  #reload|force-reload)
+	#
+	# If do_reload() is not implemented then leave this commented out
+	# and leave 'force-reload' as an alias for 'restart'.
+	#
+	#log_daemon_msg "Reloading $DESC" "$NAME"
+	#do_reload
+	#log_end_msg $?
+	#;;
+  restart|force-reload)
+	#
+	# If the "reload" option is implemented then remove the
+	# 'force-reload' alias
+	#
+	log_daemon_msg "Restarting $DESC" "$NAME"
+	do_stop
+	case "$?" in
+	  0|1)
+		do_start
+		case "$?" in
+			0) log_end_msg 0 ;;
+			1) log_end_msg 1 ;; # Old process is still running
+			*) log_end_msg 1 ;; # Failed to start
+		esac
+		;;
+	  *)
+	  	# Failed to stop
+		log_end_msg 1
+		;;
+	esac
+	;;
+  *)
+	#echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
+	echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
+	exit 3
+	;;
+esac
+
+:

src/server/mwserv.c

@@ -3,7 +3,10 @@
 #include <stdlib.h>
 #include <getopt.h>
 #include <errno.h>
+#include <sys/types.h>
+#include <pwd.h>
 #include <inttypes.h>
+#include <string.h>
 #include "../socket.h"
 #include "servsock.h"
 #include "../files.h"
@@ -13,14 +16,17 @@ int idle = 0;
 int internet = 0;
 int userposn = 0;
 
+#define MWUSER "mw"
+
 struct servopts {
 	uint16_t port;
+	int foreground;
 	int help;
 };
 
 void usage(char *name)
 {
-	printf("Usage:\n  %s [--help|-h][--port|-p <port>]\n", name);
+	printf("Usage:\n  %s [--help|-h][--port|-p <port>][--foreground|-f]\n", name);
 }
 
 static int getopts(int argc, char **argv, struct servopts *opts)
@@ -31,6 +37,7 @@ static int getopts(int argc, char **argv, struct servopts *opts)
 	static struct option loptspec[] = {
 		{"port", required_argument, 0, 'p'},
 		{"help", no_argument, 0, 'h'},
+		{"foreground", no_argument, 0, 'f'},
 		{0, 0, 0, 0}
 	};
 
@@ -49,6 +56,9 @@ static int getopts(int argc, char **argv, struct servopts *opts)
 				}
 				opts->port = (uint16_t)num;
 				break;
+			case 'f':
+				opts->foreground = 1;
+				break;
 			case 'h':
 				opts->help = 1;
 				return 0;
@@ -70,7 +80,7 @@ static int getopts(int argc, char **argv, struct servopts *opts)
 
 int main(int argc, char **argv)
 {
-	struct servopts opts = {.port = IPCPORT_DEFAULT};
+	struct servopts opts = {.port = IPCPORT_DEFAULT, .foreground = 0};
 	int mainsock = -1;
 	int err = getopts(argc, argv, &opts);
 
@@ -82,10 +92,6 @@ int main(int argc, char **argv)
 
 	init_server();
 
-	/* at server start nobody is logged in, wipe who list */
-	int fd = openwhofile(O_TRUNC|O_WRONLY);
-	close(fd);
-
 	mainsock = open_mainsock(opts.port);
 
 	if (mainsock < 0) {
@@ -93,8 +99,27 @@ int main(int argc, char **argv)
 		return 1;
 	}
 
-	uint32_t test = FOURCC("CAST");
-	printf("test %4.4s == 0x%X\n", (char *)&test, test);
+	if (geteuid() == 0) {
+		struct passwd *pwbuff = getpwnam(MWUSER);
+		if (!pwbuff) {
+			fprintf(stderr, "Username %s does not exist.\n", MWUSER);
+			return 1;
+		}
+		if (setgid(pwbuff->pw_gid)) {
+			fprintf(stderr, "Failed to setgid. %s\n", strerror(errno));
+			return 1;
+		}
+		if (setuid(pwbuff->pw_uid)) {
+			fprintf(stderr, "Failed to setuid. %s\n", strerror(errno));
+			return 1;
+		}
+	}
+
+	if (!opts.foreground) daemon(0,0);
+
+	/* at server start nobody is logged in, wipe who list */
+	int fd = openwhofile(O_TRUNC|O_WRONLY);
+	close(fd);
 
 	watch_mainsock(mainsock);
 	printf("Done.\n");