Commit e196ce4c authored by Justin Mitchell's avatar Justin Mitchell

init script, and making mwserv drop privs on startup

parent e173090d
......@@ -12,6 +12,8 @@ ifeq ($(SVNVER),exported)
install:
install -d $(DESTDIR)$(libdir)/mw
cp -a $(INSTALLFILES) $(DESTDIR)$(libdir)/mw/
install -d $(DESTDIR)/etc/init.d
install mwserv.init $(DESTDIR)/etc/init.d/mwserv
$(MAKE) -C src $@
$(MAKE) -C po $@
$(MAKE) -C src/webclient $@
......
#! /bin/sh
### BEGIN INIT INFO
# Provides: mw
# Required-Start:
# Required-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Milliways comms server
# Description: Required to make mw talk work
### END INIT INFO
# Author: Justin Mitchell <arthur@sucs.org>
#
# Do NOT "set -e"
# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="Milliways comms server"
NAME=mwserv
DAEMON=/usr/lib/mw/$NAME
DAEMON_ARGS="--port 9999"
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
# Read configuration variable file if it is present
[ -r /etc/default/$NAME ] && . /etc/default/$NAME
# Load the VERBOSE setting and other rcS variables
. /lib/init/vars.sh
# Define LSB log_* functions.
# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
# and status_of_proc is working.
. /lib/lsb/init-functions
#
# Function that starts the daemon/service
#
do_start()
{
# Return
# 0 if daemon has been started
# 1 if daemon was already running
# 2 if daemon could not be started
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
|| return 1
start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON -- \
$DAEMON_ARGS \
|| return 2
# Add code here, if necessary, that waits for the process to be ready
# to handle requests from services started subsequently which depend
# on this one. As a last resort, sleep for some time.
}
#
# Function that stops the daemon/service
#
do_stop()
{
# Return
# 0 if daemon has been stopped
# 1 if daemon was already stopped
# 2 if daemon could not be stopped
# other if a failure occurred
start-stop-daemon --stop --quiet --retry=TERM/30/KILL/5 --pidfile $PIDFILE --name $NAME
RETVAL="$?"
[ "$RETVAL" = 2 ] && return 2
# Wait for children to finish too if this is a daemon that forks
# and if the daemon is only ever run from this initscript.
# If the above conditions are not satisfied then add some other code
# that waits for the process to drop all resources that could be
# needed by services started subsequently. A last resort is to
# sleep for some time.
start-stop-daemon --stop --quiet --oknodo --retry=0/30/KILL/5 --exec $DAEMON
[ "$?" = 2 ] && return 2
# Many daemons don't delete their pidfiles when they exit.
rm -f $PIDFILE
return "$RETVAL"
}
#
# Function that sends a SIGHUP to the daemon/service
#
do_reload() {
#
# If the daemon can reload its configuration without
# restarting (for example, when it is sent a SIGHUP),
# then implement that here.
#
start-stop-daemon --stop --signal 1 --quiet --pidfile $PIDFILE --name $NAME
return 0
}
case "$1" in
start)
[ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
do_start
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
stop)
[ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
do_stop
case "$?" in
0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
status)
status_of_proc "$DAEMON" "$NAME" && exit 0 || exit $?
;;
#reload|force-reload)
#
# If do_reload() is not implemented then leave this commented out
# and leave 'force-reload' as an alias for 'restart'.
#
#log_daemon_msg "Reloading $DESC" "$NAME"
#do_reload
#log_end_msg $?
#;;
restart|force-reload)
#
# If the "reload" option is implemented then remove the
# 'force-reload' alias
#
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
case "$?" in
0|1)
do_start
case "$?" in
0) log_end_msg 0 ;;
1) log_end_msg 1 ;; # Old process is still running
*) log_end_msg 1 ;; # Failed to start
esac
;;
*)
# Failed to stop
log_end_msg 1
;;
esac
;;
*)
#echo "Usage: $SCRIPTNAME {start|stop|restart|reload|force-reload}" >&2
echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac
:
......@@ -3,7 +3,10 @@
#include <stdlib.h>
#include <getopt.h>
#include <errno.h>
#include <sys/types.h>
#include <pwd.h>
#include <inttypes.h>
#include <string.h>
#include "../socket.h"
#include "servsock.h"
#include "../files.h"
......@@ -13,14 +16,17 @@ int idle = 0;
int internet = 0;
int userposn = 0;
#define MWUSER "mw"
struct servopts {
uint16_t port;
int foreground;
int help;
};
void usage(char *name)
{
printf("Usage:\n %s [--help|-h][--port|-p <port>]\n", name);
printf("Usage:\n %s [--help|-h][--port|-p <port>][--foreground|-f]\n", name);
}
static int getopts(int argc, char **argv, struct servopts *opts)
......@@ -31,6 +37,7 @@ static int getopts(int argc, char **argv, struct servopts *opts)
static struct option loptspec[] = {
{"port", required_argument, 0, 'p'},
{"help", no_argument, 0, 'h'},
{"foreground", no_argument, 0, 'f'},
{0, 0, 0, 0}
};
......@@ -49,6 +56,9 @@ static int getopts(int argc, char **argv, struct servopts *opts)
}
opts->port = (uint16_t)num;
break;
case 'f':
opts->foreground = 1;
break;
case 'h':
opts->help = 1;
return 0;
......@@ -70,7 +80,7 @@ static int getopts(int argc, char **argv, struct servopts *opts)
int main(int argc, char **argv)
{
struct servopts opts = {.port = IPCPORT_DEFAULT};
struct servopts opts = {.port = IPCPORT_DEFAULT, .foreground = 0};
int mainsock = -1;
int err = getopts(argc, argv, &opts);
......@@ -82,10 +92,6 @@ int main(int argc, char **argv)
init_server();
/* at server start nobody is logged in, wipe who list */
int fd = openwhofile(O_TRUNC|O_WRONLY);
close(fd);
mainsock = open_mainsock(opts.port);
if (mainsock < 0) {
......@@ -93,8 +99,27 @@ int main(int argc, char **argv)
return 1;
}
uint32_t test = FOURCC("CAST");
printf("test %4.4s == 0x%X\n", (char *)&test, test);
if (geteuid() == 0) {
struct passwd *pwbuff = getpwnam(MWUSER);
if (!pwbuff) {
fprintf(stderr, "Username %s does not exist.\n", MWUSER);
return 1;
}
if (setgid(pwbuff->pw_gid)) {
fprintf(stderr, "Failed to setgid. %s\n", strerror(errno));
return 1;
}
if (setuid(pwbuff->pw_uid)) {
fprintf(stderr, "Failed to setuid. %s\n", strerror(errno));
return 1;
}
}
if (!opts.foreground) daemon(0,0);
/* at server start nobody is logged in, wipe who list */
int fd = openwhofile(O_TRUNC|O_WRONLY);
close(fd);
watch_mainsock(mainsock);
printf("Done.\n");
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment