add flag -c: chroot(2) support - geomyidae - A small C-based gopherd. (HTM) git clone git://r-36.net/geomyidae (DIR) Log (DIR) Files (DIR) Refs (DIR) README (DIR) LICENSE --- (DIR) commit 3ed956cf71a15015b443dd7ab36299c242acd1af (DIR) parent 405a6206fe77dbdfd2be75960658fc383d7ad808 (HTM) Author: Hiltjo Posthuma <hiltjo@codemadness.org> Date: Fri, 30 Jun 2017 15:12:14 +0200 add flag -c: chroot(2) support Signed-off-by: Christoph Lohmann <20h@r-36.net> Diffstat: geomyidae.8 | 8 ++++++++ main.c | 17 ++++++++++++++++- 2 files changed, 24 insertions(+), 1 deletion(-) --- (DIR) diff --git a/geomyidae.8 b/geomyidae.8 @@ -13,6 +13,7 @@ .Bk -words .Op Fl 4 .Op Fl 6 +.Op Fl c .Op Fl d .Op Fl l Ar logfile .Op Fl v Ar loglevel @@ -85,6 +86,13 @@ Only use IPv4. .It Fl 6 Only use IPv6. . +.It Fl c +Use +.Xr chroot 2 +for the +.Ar base +directory (by default off). +. .It Fl d Don't fork into background. If no log file is given, this implies logging to tthe standard output. (DIR) diff --git a/main.c b/main.c @@ -328,7 +328,7 @@ main(int argc, char *argv[]) struct addrinfo hints; struct sockaddr_storage clt; socklen_t cltlen; - int sock, dofork, v4, v6; + int sock, dofork, v4, v6, usechroot = 0; char *port, *base, clienth[NI_MAXHOST], clientp[NI_MAXSERV]; char *user, *group, *bindip, *ohost, *sport; struct passwd *us; @@ -357,6 +357,9 @@ main(int argc, char *argv[]) case 'b': base = EARGF(usage()); break; + case 'c': + usechroot = 1; + break; case 'p': port = EARGF(usage()); break; @@ -460,6 +463,18 @@ main(int argc, char *argv[]) return 1; } + if(usechroot) { + if(chdir(base) < 0) { + perror("chdir"); + return 1; + } + base = ""; + if(chroot(".") < 0) { + perror("chroot"); + return 1; + } + } + if(dropprivileges(gr, us) < 0) { perror("dropprivileges"); close(listfd);