- Fix #734: chown the pidfile if it resides inside the chroot.

author Wouter Wijngaards <wouter@nlnetlabs.nl>

Tue, 26 Jan 2016 08:05:04 +0000 (08:05 +0000)

committer Wouter Wijngaards <wouter@nlnetlabs.nl>

Tue, 26 Jan 2016 08:05:04 +0000 (08:05 +0000)
author Wouter Wijngaards <wouter@nlnetlabs.nl>
Tue, 26 Jan 2016 08:05:04 +0000 (08:05 +0000)
committer Wouter Wijngaards <wouter@nlnetlabs.nl>
Tue, 26 Jan 2016 08:05:04 +0000 (08:05 +0000)
diff --git a/daemon/unbound.c b/daemon/unbound.c

index 429d148428fab8d56eab520c2c4fd42d9a789227..4966acc335301d8398d123bd76e6cb2b6af37307 100644 (file)
--- a/daemon/unbound.c
+++ b/daemon/unbound.c
@@ -481,6 +481,12 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
  #endif
  
  #ifdef HAVE_KILL
+       /* true if pidfile is inside chrootdir, or nochroot */
+       const int pidinchroot = !(cfg->chrootdir && cfg->chrootdir[0]) ||
+                               (cfg->chrootdir && cfg->chrootdir[0] &&
+                               strncmp(daemon->pidfile, cfg->chrootdir,
+                               strlen(cfg->chrootdir))==0)
+
         /* check old pid file before forking */
         if(cfg->pidfile && cfg->pidfile[0]) {
                 /* calculate position of pidfile */
@@ -490,12 +496,7 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
                                 cfg, 1);
                 if(!daemon->pidfile)
                         fatal_exit("pidfile alloc: out of memory");
-               checkoldpid(daemon->pidfile,
-                       /* true if pidfile is inside chrootdir, or nochroot */
-                       !(cfg->chrootdir && cfg->chrootdir[0]) ||
-                       (cfg->chrootdir && cfg->chrootdir[0] &&
-                       strncmp(daemon->pidfile, cfg->chrootdir,
-                               strlen(cfg->chrootdir))==0));
+               checkoldpid(daemon->pidfile, pidinchroot);
         }
  #endif
  
@@ -508,7 +509,8 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
  #ifdef HAVE_KILL
         if(cfg->pidfile && cfg->pidfile[0]) {
                 writepid(daemon->pidfile, getpid());
-               if(cfg->username && cfg->username[0] && cfg_uid != (uid_t)-1) {
+               if(cfg->username && cfg->username[0] && cfg_uid != (uid_t)-1 &&
+                       pidinchroot) {
  #  ifdef HAVE_CHOWN
                         if(chown(daemon->pidfile, cfg_uid, cfg_gid) == -1) {
                                 verbose(VERB_QUERY, "cannot chown %u.%u %s: %s",
diff --git a/doc/Changelog b/doc/Changelog

index 97319a046b7f3e71f320b59d3cdb45f7bd12e88d..78d68fd00062b5853e1cde6df52a100f8985a61e 100644 (file)
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+26 January 2016: Wouter
+       - Fix #734: chown the pidfile if it resides inside the chroot.
+
  25 January 2016: Wouter
         - Fix #738: Swig should not be invoked with CPPFLAGS.
author	Wouter Wijngaards <wouter@nlnetlabs.nl>
	Tue, 26 Jan 2016 08:05:04 +0000 (08:05 +0000)
committer	Wouter Wijngaards <wouter@nlnetlabs.nl>
	Tue, 26 Jan 2016 08:05:04 +0000 (08:05 +0000)
daemon/unbound.c		patch \| blob \| blame \| history
doc/Changelog		patch \| blob \| blame \| history