priv: create chroot if it does not exist

This is not the ideal situation since the chroot should maybe contain
some additional stuff (like `/etc/localtime` with GNU libc) to make it
work properly, but this is more convenient that leaving the user does
exactly the same things. Packagers are still expected to populate the
chroot correctly before starting lldpd.

diff --git a/src/daemon/lldpd.h b/src/daemon/lldpd.h
index 82163587b76e2ff3216367625594c4f64ab10e2e..921ab6a2c0b433f59edb7b21f0369564b8ff1ab8 100644 (file)
--- a/src/daemon/lldpd.h
+++ b/src/daemon/lldpd.h
@@ -201,7 +201,7 @@ client_handle_client(struct lldpd *cfg,
     int*);
 
 /* priv.c */
-void    priv_init(char*, int, uid_t, gid_t);
+void    priv_init(const char*, int, uid_t, gid_t);
 void    priv_ctl_cleanup(void);
 char           *priv_gethostbyname(void);
 #ifdef HOST_OS_LINUX

diff --git a/src/daemon/priv.c b/src/daemon/priv.c
index d3335908324d54efacc141de38524e72cd34fc8b..67f84a2d44aa2ff5d8d79cfd7e3ad13e19f3b661 100644 (file)
--- a/src/daemon/priv.c
+++ b/src/daemon/priv.c
@@ -661,7 +661,7 @@ sig_chld(int sig)
 
 /* Initialization */
 void
-priv_init(char *chrootdir, int ctl, uid_t uid, gid_t gid)
+priv_init(const char *chrootdir, int ctl, uid_t uid, gid_t gid)
 {
 
        int pair[2];
@@ -681,6 +681,15 @@ priv_init(char *chrootdir, int ctl, uid_t uid, gid_t gid)
                if (RUNNING_ON_VALGRIND)
                        log_warnx("privsep", "running on valgrind, keep privileges");
                else {
+                       struct stat schroot;
+                       if (stat(chrootdir, &schroot) == -1) {
+                               if (errno != ENOENT)
+                                       fatal("privsep", "chroot directory does not exist");
+                               if (mkdir(chrootdir, 0755) == -1)
+                                       fatal("privsep", "unable to create chroot directory");
+                               log_info("privsep", "created chroot directory %s",
+                                   chrootdir);
+                       }
                        if (chroot(chrootdir) == -1)
                                fatal("privsep", "unable to chroot");
                        if (chdir("/") != 0)