main: open cmdmon and NTP internet sockets before dropping root

Call the CAM, NIO, NCR initialization functions and setup the access
restrictions before root is dropped. This will be needed on NetBSD,
where it's not possible to bind sockets to privileged ports without the
root privileges. Split the creation of the Unix domain command socket
from the CAM initialization to keep the chrony user as the owner of the
socket.

diff --git a/cmdmon.c b/cmdmon.c
index 6581e054a33a839be7d2ad08b29ca3d393a28e7b..8eaa0a20a11d0a54d969aaee158074cd167f2db4 100644 (file)
--- a/cmdmon.c
+++ b/cmdmon.c
@@ -267,10 +267,7 @@ CAM_Initialise(int family)
     assert(command_length == 0 || command_length >= offsetof(CMD_Reply, data));
   }
 
-  if (CNF_GetBindCommandPath()[0])
-    sock_fdu = prepare_socket(AF_UNIX, 0);
-  else
-    sock_fdu = -1;
+  sock_fdu = -1;
 
   port_number = CNF_GetCommandPort();
 
@@ -328,6 +325,17 @@ CAM_Finalise(void)
 
 /* ================================================== */
 
+void
+CAM_OpenUnixSocket(void)
+{
+  /* This is separated from CAM_Initialise() as it needs to be called when
+     the process has already dropped the root privileges */
+  if (CNF_GetBindCommandPath()[0])
+    sock_fdu = prepare_socket(AF_UNIX, 0);
+}
+
+/* ================================================== */
+
 static void
 transmit_reply(CMD_Reply *msg, union sockaddr_all *where_to)
 {

diff --git a/cmdmon.h b/cmdmon.h
index ac337e7e9c20aa2e33f9b099580fff22c648f293..5b717d2451826ce54c80b5e3030d43a904ec3221 100644 (file)
--- a/cmdmon.h
+++ b/cmdmon.h
@@ -33,6 +33,7 @@ extern void CAM_Initialise(int family);
 
 extern void CAM_Finalise(void);
 
+extern void CAM_OpenUnixSocket(void);
 extern int CAM_AddAccessRestriction(IPAddr *ip_addr, int subnet_bits, int allow, int all);
 extern int CAM_CheckAccessRestriction(IPAddr *ip_addr);
 

diff --git a/main.c b/main.c
index 95e99d2a9aa39f99eb9681884323bcc515388ad3..e9b729f14420048a4bae9c9b92406b10df4e67ab 100644 (file)
--- a/main.c
+++ b/main.c
@@ -95,10 +95,10 @@ MAI_CleanupAndExit(void)
   MNL_Finalise();
   CLG_Finalise();
   NSR_Finalise();
+  SST_Finalise();
   NCR_Finalise();
-  CAM_Finalise();
   NIO_Finalise();
-  SST_Finalise();
+  CAM_Finalise();
   KEY_Finalise();
   RCL_Finalise();
   SRC_Finalise();
@@ -474,6 +474,12 @@ int main
   RCL_Initialise();
   KEY_Initialise();
 
+  /* Open privileged ports before dropping root */
+  CAM_Initialise(address_family);
+  NIO_Initialise(address_family);
+  NCR_Initialise();
+  CNF_SetupAccessRestrictions();
+
   /* Command-line switch must have priority */
   if (!sched_priority) {
     sched_priority = CNF_GetSchedPriority();
@@ -502,9 +508,6 @@ int main
 
   REF_Initialise();
   SST_Initialise();
-  NIO_Initialise(address_family);
-  CAM_Initialise(address_family);
-  NCR_Initialise();
   NSR_Initialise();
   CLG_Initialise();
   MNL_Initialise();
@@ -514,7 +517,7 @@ int main
   /* From now on, it is safe to do finalisation on exit */
   initialised = 1;
 
-  CNF_SetupAccessRestrictions();
+  CAM_OpenUnixSocket();
 
   if (ref_mode == REF_ModeNormal && CNF_GetInitSources() > 0) {
     ref_mode = REF_ModeInitStepSlew;