Always create run_dir and logdir if needed

diff --git a/src/include/radiusd.h b/src/include/radiusd.h
index 8f71005fe7f73dce5265268480539b15891e774f..1123b777a238b6e291aec9e182c584ca65101cd7 100644 (file)
--- a/src/include/radiusd.h
+++ b/src/include/radiusd.h
@@ -165,6 +165,9 @@ typedef struct main_config {
        bool            allow_core_dumps;               //!< Whether the server is allowed to drop a core when
                                                        //!< receiving a fatal signal.
 
+       bool            write_pid;                      //!< write the PID file
+
+
 #ifdef ENABLE_OPENSSL_VERSION_CHECK
        char const      *allow_vulnerable_openssl;      //!< The CVE number of the last security issue acknowledged.
 #endif

diff --git a/src/main/mainconfig.c b/src/main/mainconfig.c
index a082d6c0c0e28cf983bada9ba354bad956a85d76..2af8889723c92d2d8902212aab8271b0c348ac6e 100644 (file)
--- a/src/main/mainconfig.c
+++ b/src/main/mainconfig.c
@@ -584,16 +584,15 @@ static int switch_users(CONF_SECTION *cs)
 #endif
 
        /*
-        *      If we did change from root to a normal user, do some
-        *      more work.
+        *      The directories for PID files and logs must exist.  We
+        *      need to create them if we're told to write files to
+        *      those directories.
         *
-        *      Try to create the various output directories.  Because
-        *      this creation is new in 3.0.9, it's a soft fail.
+        *      Because this creation is new in 3.0.9, it's a soft
+        *      fail.
         *
-        *      And once we're done with all of the above work,
-        *      permanently change the UID.
         */
-       if (do_suid) {
+       if (main_config.write_pid) {
                char *my_dir;
 
                my_dir = talloc_strdup(NULL, run_dir);
@@ -602,16 +601,24 @@ static int switch_users(CONF_SECTION *cs)
                              my_dir, strerror(errno));
                }
                talloc_free(my_dir);
+       }
 
-               if (default_log.dst == L_DST_FILES) {
-                       my_dir = talloc_strdup(NULL, radlog_dir);
-                       if (rad_mkdir(my_dir, 0750, server_uid, server_gid) < 0) {
-                               DEBUG("Failed to create logdir %s: %s",
-                                     my_dir, strerror(errno));
-                       }
-                       talloc_free(my_dir);
+       if (default_log.dst == L_DST_FILES) {
+               char *my_dir;
+
+               my_dir = talloc_strdup(NULL, radlog_dir);
+               if (rad_mkdir(my_dir, 0750, server_uid, server_gid) < 0) {
+                       DEBUG("Failed to create logdir %s: %s",
+                             my_dir, strerror(errno));
                }
+               talloc_free(my_dir);
+       }
 
+       /*
+        *      Once we're done with all of the privileged work,
+        *      permanently change the UID.
+        */
+       if (do_suid) {
                rad_suid_set_down_uid(server_uid);
                rad_suid_down();
        }

diff --git a/src/main/radiusd.c b/src/main/radiusd.c
index d65f1601e03d1b44eabfc3042c9cd16219bc6a7e..fa0fcfa843f7508e7331fee19dd234aa9641cd61 100644 (file)
--- a/src/main/radiusd.c
+++ b/src/main/radiusd.c
@@ -91,7 +91,6 @@ int main(int argc, char *argv[])
        int status;
        int argval;
        bool spawn_flag = true;
-       bool write_pid = false;
        bool display_version = false;
        int flag = 0;
        int from_child[2] = {-1, -1};
@@ -222,7 +221,7 @@ int main(int argc, char *argv[])
 
                        case 'P':
                                /* Force the PID to be written, even in -f mode */
-                               write_pid = true;
+                               main_config.write_pid = true;
                                break;
 
                        case 's':       /* Single process mode */
@@ -331,6 +330,11 @@ int main(int argc, char *argv[])
        tls_global_init();
 #endif
 
+       /*
+        *  Write the PID always if we're running as a daemon.
+        */
+       if (main_config.daemonize) main_config.write_pid = true;
+
        /*
         *  Read the configuration files, BEFORE doing anything else.
         */
@@ -523,15 +527,10 @@ int main(int argc, char *argv[])
        radius_stats_init(0);
 #endif
 
-       /*
-        *  Write the PID always if we're running as a daemon.
-        */
-       if (main_config.daemonize) write_pid = true;
-
        /*
         *  Write the PID after we've forked, so that we write the correct one.
         */
-       if (write_pid) {
+       if (main_config.write_pid) {
                FILE *fp;
 
                fp = fopen(main_config.pid_file, "w");