diff options
| author | Takashi Sato <takashi@apache.org> | 2014-08-11 05:04:21 +0200 |
|---|---|---|
| committer | Takashi Sato <takashi@apache.org> | 2014-08-11 05:04:21 +0200 |
| commit | 4e5e8a3b0bb4fd71ea338b8499c839ac2d146206 (patch) | |
| tree | 3873902e0cfae6725fa4c211cdc7bb5b128a8f94 /modules/arch | |
| parent | PR56832 -- mod_ratelimit reports at ERROR level everytime a lower-level filter (diff) | |
| download | apache2-4e5e8a3b0bb4fd71ea338b8499c839ac2d146206.tar.xz apache2-4e5e8a3b0bb4fd71ea338b8499c839ac2d146206.zip | |
unixd_drop_privileges and ap_unixd_setup_child are almost the same,
so let's remove the redundant code.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1617196 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'modules/arch')
| -rw-r--r-- | modules/arch/unix/mod_unixd.c | 58 |
1 files changed, 5 insertions, 53 deletions
diff --git a/modules/arch/unix/mod_unixd.c b/modules/arch/unix/mod_unixd.c index 1baa278c3f..10b9b17034 100644 --- a/modules/arch/unix/mod_unixd.c +++ b/modules/arch/unix/mod_unixd.c @@ -134,10 +134,14 @@ static int set_group_privs(void) return 0; } - static int unixd_drop_privileges(apr_pool_t *pool, server_rec *s) { + return ap_unixd_setup_child(); +} + +AP_DECLARE(int) ap_unixd_setup_child(void) +{ int rv = set_group_privs(); if (rv) { @@ -326,58 +330,6 @@ unixd_pre_config(apr_pool_t *pconf, apr_pool_t *plog, return OK; } -AP_DECLARE(int) ap_unixd_setup_child(void) -{ - if (set_group_privs()) { - return -1; - } - - if (NULL != ap_unixd_config.chroot_dir) { - if (geteuid()) { - ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL, APLOGNO(02164) - "Cannot chroot when not started as root"); - return -1; - } - if (chdir(ap_unixd_config.chroot_dir) != 0) { - ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL, APLOGNO(02165) - "Can't chdir to %s", ap_unixd_config.chroot_dir); - return -1; - } - if (chroot(ap_unixd_config.chroot_dir) != 0) { - ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL, APLOGNO(02166) - "Can't chroot to %s", ap_unixd_config.chroot_dir); - return -1; - } - if (chdir("/") != 0) { - ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL, APLOGNO(02167) - "Can't chdir to new root"); - return -1; - } - } - - /* Only try to switch if we're running as root */ - if (!geteuid() && ( -#ifdef _OSD_POSIX - os_init_job_environment(NULL, ap_unixd_config.user_name, ap_exists_config_define("DEBUG")) != 0 || -#endif - setuid(ap_unixd_config.user_id) == -1)) { - ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL, APLOGNO(02168) - "setuid: unable to change to uid: %ld", - (long) ap_unixd_config.user_id); - return -1; - } -#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) - /* this applies to Linux 2.4+ */ - if (ap_coredumpdir_configured) { - if (prctl(PR_SET_DUMPABLE, 1)) { - ap_log_error(APLOG_MARK, APLOG_ALERT, errno, NULL, APLOGNO(02169) - "set dumpable failed - this child will not coredump" - " after software errors"); - } - } -#endif - return 0; -} static void unixd_dump_config(apr_pool_t *p, server_rec *s) { |