chroot fixup.

git-svn-id: file:///svn/unbound/trunk@727 be551aaa-1e26-0410-a405-d3ace91eadb9

diff --git a/daemon/unbound.c b/daemon/unbound.c
index 95358616243d6dc6a7bd9a5725e322a70f63e0b1..7d4ecce76fd0e36895b0f2ccfb85248d308f1891 100644 (file)
--- a/daemon/unbound.c
+++ b/daemon/unbound.c
@@ -268,10 +268,6 @@ do_chroot(struct daemon* daemon, struct config_file* cfg, int debug_mode)
                        fatal_exit("Could not chdir to %s: %s",
                                cfg->directory, strerror(errno));
                }
-       if(cfg->chrootdir && cfg->chrootdir[0])
-               if(chroot(cfg->chrootdir))
-                       fatal_exit("unable to chroot to %s: %s", 
-                               cfg->chrootdir, strerror(errno));
        if(cfg->username && cfg->username[0]) {
                struct passwd *pwd;
                if((pwd = getpwnam(cfg->username)) == NULL)
@@ -282,6 +278,10 @@ do_chroot(struct daemon* daemon, struct config_file* cfg, int debug_mode)
                        fatal_exit("unable to set user id: %s", strerror(errno));
                endpwent();
        }
+       if(cfg->chrootdir && cfg->chrootdir[0])
+               if(chroot(cfg->chrootdir))
+                       fatal_exit("unable to chroot to %s: %s", 
+                               cfg->chrootdir, strerror(errno));
        /* check old pid file before forking */
        if(cfg->pidfile && cfg->pidfile[0]) {
                checkoldpid(cfg);

diff --git a/doc/Changelog b/doc/Changelog
index d9158f2a708a8e78d817703794c0d765c5ef98e4..ed4e54ccb269d74bed687b2451f3920cb1d620fa 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,6 +1,8 @@
 1 November 2007: Wouter
        - Fixup of crash on reload, due to anchors in env not NULLed after
          dealloc during deinit.
+       - Fixup of chroot call. Happens after privileges are dropped, so
+         that checking the passwd entry still works.
 
 31 October 2007: Wouter
        - cache-max-ttl config option.