void
ns_os_minprivs(void) {
#ifdef HAVE_SYS_PRCTL_H
linux_keepcaps();
#endif
#ifdef HAVE_LINUXTHREADS
ns_os_changeuser(); /* Call setuid() before threads are started */
#endif
#if defined(HAVE_LINUX_CAPABILITY_H) && defined(HAVE_LINUXTHREADS)
linux_minprivs();
#endif
}
void ns_os_changeuser (void)
{
char strbuf[ISC_STRERRORSIZE];
if (runas_pw == NULL || done_setuid)
return;
done_setuid = ISC_TRUE;
#ifdef HAVE_LINUXTHREADS
#ifdef HAVE_LINUX_CAPABILITY_H
if (!non_root_caps)
ns_main_earlyfatal ("-u with Linux threads not supported: "
"requires kernel support for " "prctl(PR_SET_KEEPCAPS)");
#else
ns_main_earlyfatal ("-u with Linux threads not supported: "
"no capabilities support or capabilities " "disabled at build time");
#endif
#endif
if (setgid (runas_pw->pw_gid) < 0)
{
isc__strerror (errno, strbuf, sizeof (strbuf));
ns_main_earlyfatal ("setgid(): %s", strbuf);
}
if (setuid (runas_pw->pw_uid) < 0)
{
isc__strerror (errno, strbuf, sizeof (strbuf));
ns_main_earlyfatal ("setuid(): %s", strbuf);
}
#if defined(HAVE_SYS_PRCTL_H) && defined(PR_SET_DUMPABLE)
/*
* Restore the ability of named to drop core after the setuid()
* call has disabled it.
*/
if (prctl (PR_SET_DUMPABLE, 1, 0, 0, 0) < 0)
{
isc__strerror (errno, strbuf, sizeof (strbuf));
ns_main_earlywarning ("prctl(PR_SET_DUMPABLE) failed: %s", strbuf);
}
#endif
#if defined(HAVE_LINUX_CAPABILITY_H) && !defined(HAVE_LINUXTHREADS)
linux_minprivs ();
#endif
}