From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Mon, 24 Aug 2015 15:15:31 +0000 (+0200)
Subject: main: open cmdmon and NTP internet sockets before dropping root
X-Git-Tag: 2.2-pre1~60
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8854c00d481840c507423f773cfaea100e980d78;p=thirdparty%2Fchrony.git

main: open cmdmon and NTP internet sockets before dropping root

Call the CAM, NIO, NCR initialization functions and setup the access
restrictions before root is dropped. This will be needed on NetBSD,
where it's not possible to bind sockets to privileged ports without the
root privileges. Split the creation of the Unix domain command socket
from the CAM initialization to keep the chrony user as the owner of the
socket.
---

diff --git a/cmdmon.c b/cmdmon.c
index 6581e054..8eaa0a20 100644
--- a/cmdmon.c
+++ b/cmdmon.c
@@ -267,10 +267,7 @@ CAM_Initialise(int family)
     assert(command_length == 0 || command_length >= offsetof(CMD_Reply, data));
   }
 
-  if (CNF_GetBindCommandPath()[0])
-    sock_fdu = prepare_socket(AF_UNIX, 0);
-  else
-    sock_fdu = -1;
+  sock_fdu = -1;
 
   port_number = CNF_GetCommandPort();
 
@@ -328,6 +325,17 @@ CAM_Finalise(void)
 
 /* ================================================== */
 
+void
+CAM_OpenUnixSocket(void)
+{
+  /* This is separated from CAM_Initialise() as it needs to be called when
+     the process has already dropped the root privileges */
+  if (CNF_GetBindCommandPath()[0])
+    sock_fdu = prepare_socket(AF_UNIX, 0);
+}
+
+/* ================================================== */
+
 static void
 transmit_reply(CMD_Reply *msg, union sockaddr_all *where_to)
 {
diff --git a/cmdmon.h b/cmdmon.h
index ac337e7e..5b717d24 100644
--- a/cmdmon.h
+++ b/cmdmon.h
@@ -33,6 +33,7 @@ extern void CAM_Initialise(int family);
 
 extern void CAM_Finalise(void);
 
+extern void CAM_OpenUnixSocket(void);
 extern int CAM_AddAccessRestriction(IPAddr *ip_addr, int subnet_bits, int allow, int all);
 extern int CAM_CheckAccessRestriction(IPAddr *ip_addr);
 
diff --git a/main.c b/main.c
index 95e99d2a..e9b729f1 100644
--- a/main.c
+++ b/main.c
@@ -95,10 +95,10 @@ MAI_CleanupAndExit(void)
   MNL_Finalise();
   CLG_Finalise();
   NSR_Finalise();
+  SST_Finalise();
   NCR_Finalise();
-  CAM_Finalise();
   NIO_Finalise();
-  SST_Finalise();
+  CAM_Finalise();
   KEY_Finalise();
   RCL_Finalise();
   SRC_Finalise();
@@ -474,6 +474,12 @@ int main
   RCL_Initialise();
   KEY_Initialise();
 
+  /* Open privileged ports before dropping root */
+  CAM_Initialise(address_family);
+  NIO_Initialise(address_family);
+  NCR_Initialise();
+  CNF_SetupAccessRestrictions();
+
   /* Command-line switch must have priority */
   if (!sched_priority) {
     sched_priority = CNF_GetSchedPriority();
@@ -502,9 +508,6 @@ int main
 
   REF_Initialise();
   SST_Initialise();
-  NIO_Initialise(address_family);
-  CAM_Initialise(address_family);
-  NCR_Initialise();
   NSR_Initialise();
   CLG_Initialise();
   MNL_Initialise();
@@ -514,7 +517,7 @@ int main
   /* From now on, it is safe to do finalisation on exit */
   initialised = 1;
 
-  CNF_SetupAccessRestrictions();
+  CAM_OpenUnixSocket();
 
   if (ref_mode == REF_ModeNormal && CNF_GetInitSources() > 0) {
     ref_mode = REF_ModeInitStepSlew;