Asterisk
/
asterisk
mirror of https://github.com/asterisk/asterisk
1
0
Fork 0
Code Issues Releases Wiki Activity

don't try to change run priority, EUID or EGID on restart if they were already set (issue #4734 with minor mods)

Browse Source 
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@6369 65c4cc65-6c06-0410-ace0-fbb531ad65f3
1.2-netsec
Kevin P. Fleming 20 years ago
parent 2cde73fddb
commit 8b1077669e
1 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File

13
asterisk.c
Unescape View File

@ -1815,6 +1815,7 @@ int main(int argc, char *argv[])
FILE *f; FILE *f;
sigset_t sigs; sigset_t sigs;
int num; int num;
int is_child_of_nonroot=0;
char *buf; char *buf;
char *runuser=NULL, *rungroup=NULL; char *runuser=NULL, *rungroup=NULL;
@ -1840,6 +1841,11 @@ int main(int argc, char *argv[])
callerid_init(); callerid_init();
ast_utils_init(); ast_utils_init();
tdd_init(); tdd_init();
/* When Asterisk restarts after it has dropped the root privileges,
* it can't issue setuid(), setgid(), setgroups() or set_priority()
* */
if (getenv("ASTERISK_ALREADY_NONROOT"))
is_child_of_nonroot=1;
if (getenv("HOME")) if (getenv("HOME"))
snprintf(filename, sizeof(filename), "%s/.asterisk_history", getenv("HOME")); snprintf(filename, sizeof(filename), "%s/.asterisk_history", getenv("HOME"));
/* Check if we're root */ /* Check if we're root */
@ -1940,11 +1946,11 @@ int main(int argc, char *argv[])
ast_verbose("[ Reading Master Configuration ]"); ast_verbose("[ Reading Master Configuration ]");
ast_readconfig(); ast_readconfig();
if (ast_set_priority(option_highpriority)) { if (!is_child_of_nonroot && ast_set_priority(option_highpriority)) {
exit(1); exit(1);
} }
if (rungroup) { if (!is_child_of_nonroot && rungroup) {
struct group *gr; struct group *gr;
gr = getgrnam(rungroup); gr = getgrnam(rungroup);
if (!gr) { if (!gr) {
@ -1959,7 +1965,7 @@ int main(int argc, char *argv[])
ast_verbose("Running as group '%s'\n", rungroup); ast_verbose("Running as group '%s'\n", rungroup);
} }
if (runuser) { if (!is_child_of_nonroot && runuser) {
struct passwd *pw; struct passwd *pw;
pw = getpwnam(runuser); pw = getpwnam(runuser);
if (!pw) { if (!pw) {
@ -1970,6 +1976,7 @@ int main(int argc, char *argv[])
ast_log(LOG_WARNING, "Unable to setuid to %d (%s)\n", pw->pw_uid, runuser); ast_log(LOG_WARNING, "Unable to setuid to %d (%s)\n", pw->pw_uid, runuser);
exit(1); exit(1);
} }
setenv("ASTERISK_ALREADY_NONROOT","yes",1);
if (option_verbose) if (option_verbose)
ast_verbose("Running as user '%s'\n", runuser); ast_verbose("Running as user '%s'\n", runuser);
} }

Write Preview
Loading…
Cancel
Save