summaryrefslogtreecommitdiff
path: root/src/server.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/server.c')
-rw-r--r--src/server.c43
1 files changed, 24 insertions, 19 deletions
diff --git a/src/server.c b/src/server.c
index 132eb32..585a973 100644
--- a/src/server.c
+++ b/src/server.c
@@ -697,9 +697,6 @@ int main (int argc, char **argv) {
}
}
- /* #372: solaris need some fds extra for devpoll */
- if (rlim.rlim_cur > 10) rlim.rlim_cur -= 10;
-
if (srv->event_handler == FDEVENT_HANDLER_SELECT) {
srv->max_fds = rlim.rlim_cur < FD_SETSIZE - 200 ? rlim.rlim_cur : FD_SETSIZE - 200;
} else {
@@ -759,6 +756,19 @@ int main (int argc, char **argv) {
return -1;
}
+#ifdef HAVE_PWD_H
+ /*
+ * Change group before chroot, when we have access
+ * to /etc/group
+ * */
+ if (srv->srvconf.groupname->used) {
+ setgid(grp->gr_gid);
+ setgroups(0, NULL);
+ if (srv->srvconf.username->used) {
+ initgroups(srv->srvconf.username->ptr, grp->gr_gid);
+ }
+ }
+#endif
#ifdef HAVE_CHROOT
if (srv->srvconf.changeroot->used) {
tzset();
@@ -775,15 +785,7 @@ int main (int argc, char **argv) {
#endif
#ifdef HAVE_PWD_H
/* drop root privs */
- if (srv->srvconf.groupname->used) {
- setgid(grp->gr_gid);
- setgroups(0, NULL);
- }
-
if (srv->srvconf.username->used) {
- if (srv->srvconf.groupname->used) {
- initgroups(srv->srvconf.username->ptr, grp->gr_gid);
- }
setuid(pwd->pw_uid);
}
#endif
@@ -891,6 +893,17 @@ int main (int argc, char **argv) {
pid_fd = -1;
}
+ // Close stderr ASAP in the child process to make sure that nothing
+ // is being written to that fd which may not be valid anymore.
+ if (-1 == log_error_open(srv)) {
+ log_error_write(srv, __FILE__, __LINE__, "s", "Opening errorlog failed. Going down.");
+
+ plugins_free(srv);
+ network_close(srv);
+ server_free(srv);
+ return -1;
+ }
+
if (HANDLER_GO_ON != plugins_call_set_defaults(srv)) {
log_error_write(srv, __FILE__, __LINE__, "s", "Configuration of plugins failed. Going down.");
@@ -941,15 +954,7 @@ int main (int argc, char **argv) {
return -1;
}
- if (-1 == log_error_open(srv)) {
- log_error_write(srv, __FILE__, __LINE__, "s",
- "opening errorlog failed, dying");
- plugins_free(srv);
- network_close(srv);
- server_free(srv);
- return -1;
- }
#ifdef HAVE_SIGACTION
generated by cgit v1.2.3 (git 2.46.0) at 2025-12-08 03:39:25 +0000