git.ipfire.org Git - thirdparty/haproxy.git/commit

author	Valentine Krasnobaeva <vkrasnobaeva@haproxy.com>
	Mon, 18 Mar 2024 13:50:26 +0000 (14:50 +0100)
committer	Willy Tarreau <w@1wt.eu>
	Fri, 5 Apr 2024 16:01:54 +0000 (18:01 +0200)
commit	e4306fb822fd1816dc7f46d48a99aa4d3b30e908
tree	a10b0065982cd987852ba5e6eda73e53aaab3c14	tree \| snapshot
parent	a4f564b05ee30ac68abd0a28a2b862b047a5dd40	commit \| diff

BUG/MINOR: init: relax LSTCHK_NETADM checks for non root

Linux capabilities support and ability to preserve it for running process
after switching to a global.uid was added recently by the commit bd84387beb26
("MEDIUM: capabilities: enable support for Linux capabilities")).
This new feature hasn't yet been taken into account by last config checks,
which are performed at initialization stage.

So, to update it, let's perform it after set_identity() call. Like this,
current EUID is already changed to a global.uid and prepare_caps_for_setuid()
would unset LSTCHK_NETADM flag, only if capabilities given in the 'setcap'
keyword in the configuration file were preserved.

Otherwise, if system doesn't support Linux capabilities or they were not set
via 'setcap', we keep the previous strict behaviour: process will terminate
with an alert, in order to insist that user: either needs to change
run UID (worst case: start and run as root), or he needs to set/recheck
capabilities listed as 'setcap' arguments.

In the case, when haproxy will start and run under a non-root user this patch
doesn't change the previous behaviour: we'll still let him try the
configuration, but we inform via warning that unexpected things may occur.

Need to be backported until v2.9, including v2.9.

src/haproxy.c		diff \| blob \| blame \| history
src/linuxcap.c		diff \| blob \| blame \| history