From 3ed2f28b768cf769355a415d4063b7a465db1619 Mon Sep 17 00:00:00 2001
From: Wouter Wijngaards <wouter@nlnetlabs.nl>
Date: Thu, 8 Nov 2007 10:44:30 +0000
Subject: [PATCH] Fixup chroot (Thanks Jakob).

git-svn-id: file:///svn/unbound/trunk@733 be551aaa-1e26-0410-a405-d3ace91eadb9
---
 daemon/unbound.c | 21 +++++++++++++++------
 doc/Changelog    |  3 +++
 2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/daemon/unbound.c b/daemon/unbound.c
index c2e541d2e..41bb53de3 100644
--- a/daemon/unbound.c
+++ b/daemon/unbound.c
@@ -260,6 +260,11 @@ detach(struct config_file* cfg)
 static void
 do_chroot(struct daemon* daemon, struct config_file* cfg, int debug_mode)
 {
+	uid_t uid;
+	gid_t gid;
+	/* initialize, but not to 0 (root) */
+	memset(&uid, -12, sizeof(uid));
+	memset(&gid, -12, sizeof(gid));
 	log_assert(cfg);
 
 	/* daemonize last to be able to print error to user */
@@ -274,13 +279,9 @@ do_chroot(struct daemon* daemon, struct config_file* cfg, int debug_mode)
 		struct passwd *pwd;
 		if((pwd = getpwnam(cfg->username)) == NULL)
 			fatal_exit("user '%s' does not exist.", cfg->username);
-		if(setgid(pwd->pw_gid) != 0)
-			fatal_exit("unable to set group id: %s", strerror(errno));
-		if(setuid(pwd->pw_uid) != 0)
-			fatal_exit("unable to set user id: %s", strerror(errno));
+		uid = pwd->pw_uid;
+		gid = pwd->pw_gid;
 		endpwent();
-		verbose(VERB_DETAIL, "drop user privileges, run as %s", 
-			cfg->username);
 	}
 	if(cfg->chrootdir && cfg->chrootdir[0]) {
 		if(chroot(cfg->chrootdir))
@@ -288,6 +289,14 @@ do_chroot(struct daemon* daemon, struct config_file* cfg, int debug_mode)
 				cfg->chrootdir, strerror(errno));
 		verbose(VERB_DETAIL, "chroot to %s", cfg->chrootdir);
 	}
+	if(cfg->username && cfg->username[0]) {
+		if(setgid(gid) != 0)
+			fatal_exit("unable to set group id: %s", strerror(errno));
+		if(setuid(uid) != 0)
+			fatal_exit("unable to set user id: %s", strerror(errno));
+		verbose(VERB_DETAIL, "drop user privileges, run as %s", 
+			cfg->username);
+	}
 	/* check old pid file before forking */
 	if(cfg->pidfile && cfg->pidfile[0]) {
 		checkoldpid(cfg);
diff --git a/doc/Changelog b/doc/Changelog
index 1f79b38a9..d298e2955 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+8 November 2007: Wouter
+	- Fixup chroot and drop user privileges.
+
 1 November 2007: Wouter
 	- Fixup of crash on reload, due to anchors in env not NULLed after
 	  dealloc during deinit.
-- 
2.47.2