From 88f0cd597773fe896f9a144088c717f05b19b90f Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@anytun.org>
Date: Wed, 28 Jan 2009 23:46:40 +0000
Subject: droping privileges without chroot is now possible

---
 src/uanytun.c | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

(limited to 'src/uanytun.c')

diff --git a/src/uanytun.c b/src/uanytun.c
index d1919d6..48cc020 100644
--- a/src/uanytun.c
+++ b/src/uanytun.c
@@ -341,6 +341,11 @@ int main(int argc, char* argv[])
     exit(ret);
   }
 
+  priv_info_t priv;
+  if(opt.username_)
+    if(priv_init(&priv, opt.username_, opt.groupname_))
+      exit(-1);
+
 #ifndef NO_CRYPT
 #ifndef USE_SSL_CRYPTO
   ret = init_libgcrypt();
@@ -395,8 +400,13 @@ int main(int argc, char* argv[])
     }
   }
 
-  if(opt.chroot_)
-    chrootAndDrop("/var/run/", "nobody");
+  if(opt.chroot_dir_)
+    if(do_chroot(opt.chroot_dir_))
+      exit(-1);
+  if(opt.username_)
+    if(priv_drop(&priv))
+      exit(-1);
+  
   if(opt.daemonize_) {
     pid_t oldpid = getpid();
     daemonize();
-- 
cgit v1.2.3