From fe0663405e28f7746429f83c948c569efb78a447 Mon Sep 17 00:00:00 2001
From: Wouter Wijngaards <wouter@nlnetlabs.nl>
Date: Tue, 26 Jan 2016 08:05:04 +0000
Subject: [PATCH] - Fix #734: chown the pidfile if it resides inside the
 chroot.

git-svn-id: file:///svn/unbound/trunk@3604 be551aaa-1e26-0410-a405-d3ace91eadb9
---
 daemon/unbound.c | 16 +++++++++-------
 doc/Changelog    |  3 +++
 2 files changed, 12 insertions(+), 7 deletions(-)

diff --git a/daemon/unbound.c b/daemon/unbound.c
index 429d14842..4966acc33 100644
--- a/daemon/unbound.c
+++ b/daemon/unbound.c
@@ -481,6 +481,12 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
 #endif
 
 #ifdef HAVE_KILL
+	/* true if pidfile is inside chrootdir, or nochroot */
+	const int pidinchroot = !(cfg->chrootdir && cfg->chrootdir[0]) ||
+				(cfg->chrootdir && cfg->chrootdir[0] &&
+				strncmp(daemon->pidfile, cfg->chrootdir,
+				strlen(cfg->chrootdir))==0)
+
 	/* check old pid file before forking */
 	if(cfg->pidfile && cfg->pidfile[0]) {
 		/* calculate position of pidfile */
@@ -490,12 +496,7 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
 				cfg, 1);
 		if(!daemon->pidfile)
 			fatal_exit("pidfile alloc: out of memory");
-		checkoldpid(daemon->pidfile,
-			/* true if pidfile is inside chrootdir, or nochroot */
-			!(cfg->chrootdir && cfg->chrootdir[0]) ||
-			(cfg->chrootdir && cfg->chrootdir[0] &&
-			strncmp(daemon->pidfile, cfg->chrootdir,
-				strlen(cfg->chrootdir))==0));
+		checkoldpid(daemon->pidfile, pidinchroot);
 	}
 #endif
 
@@ -508,7 +509,8 @@ perform_setup(struct daemon* daemon, struct config_file* cfg, int debug_mode,
 #ifdef HAVE_KILL
 	if(cfg->pidfile && cfg->pidfile[0]) {
 		writepid(daemon->pidfile, getpid());
-		if(cfg->username && cfg->username[0] && cfg_uid != (uid_t)-1) {
+		if(cfg->username && cfg->username[0] && cfg_uid != (uid_t)-1 &&
+			pidinchroot) {
 #  ifdef HAVE_CHOWN
 			if(chown(daemon->pidfile, cfg_uid, cfg_gid) == -1) {
 				verbose(VERB_QUERY, "cannot chown %u.%u %s: %s",
diff --git a/doc/Changelog b/doc/Changelog
index 97319a046..78d68fd00 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,6 @@
+26 January 2016: Wouter
+	- Fix #734: chown the pidfile if it resides inside the chroot.
+
 25 January 2016: Wouter
 	- Fix #738: Swig should not be invoked with CPPFLAGS.
 
-- 
2.47.2