From: Shawn Routhier Date: Wed, 7 May 2014 18:54:27 +0000 (-0700) Subject: [master] Print out files used and move the dropping of privileges in paranoia X-Git-Tag: v4_3_1b1~19 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d8c7c34ef64922f1b7d60c5bd5ac01d8ad5ffdca;p=thirdparty%2Fdhcp.git [master] Print out files used and move the dropping of privileges in paranoia 17551 - When starting up in verbose mode have the server print out the files it will use 25806 - Moving the paranoia code that drops the privileges to be after the server has written the PID file. --- diff --git a/RELNOTES b/RELNOTES index 2c39b66a7..938a819ca 100644 --- a/RELNOTES +++ b/RELNOTES @@ -123,6 +123,16 @@ by Eric Young (eay@cryptsoft.com). Thanks to Tomas Hozza at Red Hat for the suggestion and a prototype fix. [ISC-Bugs #33098] +- Several updates to the dhcp server code + When not in quiet mode print out the files being used. + [ISC-Bugs #17551] + As accessing some pid files may require privileges move the dropping + of permission bits due to the paranoia patch to be after the pid code. + Thanks to Jiri Popelka at Red Hat for the bug and fix. + [ISC-Bugs #25806] + When processing a "--version" request don't output the version information + to syslog. + Changes since 4.3.0rc1 - None diff --git a/server/dhcpd.c b/server/dhcpd.c index 28cc56292..bd9e1efbc 100644 --- a/server/dhcpd.c +++ b/server/dhcpd.c @@ -308,7 +308,13 @@ main(int argc, char **argv) { local_family_set = 1; #endif /* DHCPv6 */ } else if (!strcmp (argv [i], "--version")) { - log_info("isc-dhcpd-%s", PACKAGE_VERSION); + const char vstring[] = "isc-dhcpd-"; + IGNORE_RET(write(STDERR_FILENO, vstring, + strlen(vstring))); + IGNORE_RET(write(STDERR_FILENO, + PACKAGE_VERSION, + strlen(PACKAGE_VERSION))); + IGNORE_RET(write(STDERR_FILENO, "\n", 1)); exit (0); #if defined (TRACING) } else if (!strcmp (argv [i], "-tf")) { @@ -394,6 +400,9 @@ main(int argc, char **argv) { log_info (copyright); log_info (arr); log_info (url); + log_info ("Config file: %s", path_dhcpd_conf); + log_info ("Database file: %s", path_dhcpd_db); + log_info ("PID file: %s", path_dhcpd_pid); } else { quiet = 0; log_perror = 0; @@ -690,22 +699,6 @@ main(int argc, char **argv) { exit (0); } -#if defined (PARANOIA) - /* change uid to the specified one */ - - if (set_gid) { - if (setgroups (0, (void *)0)) - log_fatal ("setgroups: %m"); - if (setgid (set_gid)) - log_fatal ("setgid(%d): %m", (int) set_gid); - } - - if (set_uid) { - if (setuid (set_uid)) - log_fatal ("setuid(%d): %m", (int) set_uid); - } -#endif /* PARANOIA */ - /* * Deal with pid files. If the user told us * not to write a file we don't read one either @@ -742,6 +735,22 @@ main(int argc, char **argv) { } } +#if defined (PARANOIA) + /* change uid to the specified one */ + + if (set_gid) { + if (setgroups (0, (void *)0)) + log_fatal ("setgroups: %m"); + if (setgid (set_gid)) + log_fatal ("setgid(%d): %m", (int) set_gid); + } + + if (set_uid) { + if (setuid (set_uid)) + log_fatal ("setuid(%d): %m", (int) set_uid); + } +#endif /* PARANOIA */ + /* If we were requested to log to stdout on the command line, keep doing so; otherwise, stop. */ if (log_perror == -1)