summaryrefslogtreecommitdiff
path: root/src/daemon.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/daemon.h')
-rw-r--r--src/daemon.h107
1 files changed, 107 insertions, 0 deletions
diff --git a/src/daemon.h b/src/daemon.h
new file mode 100644
index 0000000..085f563
--- /dev/null
+++ b/src/daemon.h
@@ -0,0 +1,107 @@
+/*
+ * ľAnytun
+ *
+ * ľAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
+ * featured implementation ľAnytun has no support for multiple connections
+ * or synchronisation. It is a small single threaded implementation intended
+ * to act as a client on small platforms.
+ * The secure anycast tunneling protocol (satp) defines a protocol used
+ * for communication between any combination of unicast and anycast
+ * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
+ * mode and allows tunneling of every ETHER TYPE protocol (e.g.
+ * ethernet, ip, arp ...). satp directly includes cryptography and
+ * message authentication based on the methodes used by SRTP. It is
+ * intended to deliver a generic, scaleable and secure solution for
+ * tunneling and relaying of packets of any protocol.
+ *
+ *
+ * Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
+ *
+ * This file is part of ľAnytun.
+ *
+ * ľAnytun is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License version 3 as
+ * published by the Free Software Foundation.
+ *
+ * ľAnytun is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with ľAnytun. If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#ifndef _DAEMON_H_
+#define _DAEMON_H_
+
+#include <poll.h>
+#include <fcntl.h>
+#include <pwd.h>
+#include <grp.h>
+#include <sys/wait.h>
+#include <sys/stat.h>
+#include <unistd.h>
+
+void chrootAndDrop(const char* chrootdir, const char* username)
+{
+ if (getuid() != 0)
+ {
+ fprintf(stderr, "this programm has to be run as root in order to run in a chroot\n");
+ exit(-1);
+ }
+
+ struct passwd *pw = getpwnam(username);
+ if(pw) {
+ if(chroot(chrootdir))
+ {
+ fprintf(stderr, "can't chroot to %s\n", chrootdir);
+ exit(-1);
+ }
+ log_printf(NOTICE, "we are in chroot jail (%s) now\n", chrootdir);
+ if(chdir("/"))
+ {
+ fprintf(stderr, "can't change to /\n");
+ exit(-1);
+ }
+ if (initgroups(pw->pw_name, pw->pw_gid) || setgid(pw->pw_gid) || setuid(pw->pw_uid))
+ {
+ fprintf(stderr, "can't drop to user %s %d:%d\n", username, pw->pw_uid, pw->pw_gid);
+ exit(-1);
+ }
+ log_printf(NOTICE, "dropped user to %s %d:%d\n", username, pw->pw_uid, pw->pw_gid);
+ }
+ else
+ {
+ fprintf(stderr, "unknown user %s\n", username);
+ exit(-1);
+ }
+}
+
+void daemonize()
+{
+ pid_t pid;
+
+ pid = fork();
+ if(pid) exit(0);
+ setsid();
+ pid = fork();
+ if(pid) exit(0);
+
+ int fd;
+ for (fd=0;fd<=2;fd++) // close all file descriptors
+ close(fd);
+ fd = open("/dev/null",O_RDWR); // stdin
+ if(fd == -1)
+ log_printf(WARNING, "can't open stdin (chroot and no link to /dev/null?)");
+ else {
+ if(dup(fd) == -1) // stdout
+ log_printf(WARNING, "can't open stdout");
+ if(dup(fd) == -1) // stderr
+ log_printf(WARNING, "can't open stderr");
+ }
+ umask(027);
+}
+
+#endif
+