- #0003363 patched by adrianp, changing IRC_UID and IRC_GID into

defines IRC_USER, IRC_GROUP which is a string specifiying what user name/ group name that should be changed into, instead of a hardcoded gid/uid. This should make it easier for packaged binary releases to work (even though this probably means Debian will take us in, ick .. Can't we pull a new fight with debian-legal again?)
2026-06-29 19:06:38 +02:00 · 2007-06-17 12:35:17 +00:00
parent 920291f4ba
commit 002b4478ee
5 changed files with 62 additions and 31 deletions
@@ -1781,3 +1781,9 @@ MOTDs
  win32 and not do ./module for it
 - #0001740 reported by Trocotronic, making the IRCd send ERROR : to all
  links with possible reason for RESTART; like /die does it.
+- #0003363 patched by adrianp, changing IRC_UID and IRC_GID into 
+  defines IRC_USER, IRC_GROUP which is a string specifiying what user name/
+  group name that should be changed into, instead of a hardcoded gid/uid.
+  This should make it easier for packaged binary releases to work (even
+  though this probably means Debian will take us in, ick .. Can't we pull
+  a new fight with debian-legal again?)
@@ -214,28 +214,29 @@
 /* CHROOTDIR
 *
 * This enables running the IRCd chrooted (requires initial root privileges,
- * but will be dropped to IRC_UID/IRC_GID privileges if those are defined).
+ * but will be dropped to IRC_USER/IRC_GROUP privileges if those are defined).
 *
 * The directory to chroot to is simply DPATH (which is set via ./Config).
 * (This may effect the PATH locations above, though you can symlink it)
 *
- * Usually you only simply need to enable this, and set IRC_UID and IRC_GID,
- * you don't need to create a special chroot environment.. UnrealIRCd will
- * do that by itself (Unreal will create /dev/random, etc. etc.).
+ * Usually you only simply need to enable this, and set IRC_USER and 
+ * IRC_GROUP, you don't need to create a special chroot environment.. 
+ * UnrealIRCd will do that by itself (Unreal will create /dev/random, 
+ * etc. etc.).
 *
 * Change to '#define CHROOTDIR' to enable...
 */
 /* #define CHROOTDIR    */

 /*
- * IRC_UID
+ * IRC_USER
 *
 * If you start the server as root but wish to have it run as another user,
- * define IRC_UID to that UID.  This should only be defined if you are running
- * as root and even then perhaps not.
+ * define IRC_USER to that user name.  This should only be defined if you 
+ * are running as root and even then perhaps not.
 */
-/* #define IRC_UID <uid> */
-/* #define IRC_GID <uid> */
+/* #define IRC_USER  "<user name>" */
+/* #define IRC_GROUP "<group name>" */


 /* SHOW_INVISIBLE_LUSERS
@@ -452,8 +453,8 @@
 #define	CONFIGFILE CPATH
 #define	IRCD_PIDFILE PPATH

-#if defined(CHROOTDIR) && !defined(IRC_UID)
-#error "ERROR: It makes no sense to define CHROOTDIR but not IRC_UID and IRC_GID! Please define IRC_UID and IRC_GID properly as the uid/gid to change to."
+#if defined(CHROOTDIR) && !defined(IRC_USER)
+#error "ERROR: It makes no sense to define CHROOTDIR but not IRC_USER and IRC_GROUP! Please define IRC_USER and IRC_GROUP properly as the user/group to change to."
 #endif

 #ifdef	__osf__
@@ -37,6 +37,7 @@ Computing Center and Jarkko Oikarinen";
 #ifndef _WIN32
 #include <sys/file.h>
 #include <pwd.h>
+#include <grp.h>
 #include <sys/time.h>
 #else
 #include <io.h>
@@ -97,6 +98,10 @@ extern MODVAR aMotd *botmotd;
 extern MODVAR aMotd *smotd;
 extern MODVAR ConfigFile *conf;
 MODVAR MemoryInfo StatsZ;
+#ifndef _WIN32
+uid_t irc_uid = 0;
+gid_t irc_gid = 0; 
+#endif

 int  R_do_dns, R_fin_dns, R_fin_dnsc, R_fail_dns, R_do_id, R_fin_id, R_fail_id;

@@ -1015,6 +1020,8 @@ int InitwIRCD(int argc, char *argv[])
 	uid_t uid, euid;
 	gid_t gid, egid;
 	TS   delay = 0;
+	struct passwd *pw;
+	struct group *gr;
 #endif
 #ifdef HAVE_PSTAT
 	union pstun pstats;
@@ -1634,7 +1641,7 @@ int InitwIRCD(int argc, char *argv[])
 	R_fin_id = strlen(REPORT_FIN_ID);
 	R_fail_id = strlen(REPORT_FAIL_ID);

-#if !defined(IRC_UID) && !defined(_WIN32)
+#if !defined(IRC_USER) && !defined(_WIN32)
 	if ((uid != euid) && !euid)
 	{
 		(void)fprintf(stderr,
@@ -1643,17 +1650,27 @@ int InitwIRCD(int argc, char *argv[])
 	}
 #endif

-#if defined(IRC_UID) && defined(IRC_GID)
+#if defined(IRC_USER) && defined(IRC_GROUP)
 	if ((int)getuid() == 0)
 	{
-		if ((IRC_UID == 0) || (IRC_GID == 0))
-		{
-			(void)fprintf(stderr,
-			    "ERROR: SETUID and SETGID have not been set properly"
-			    "\nPlease read your documentation\n(HINT: IRC_UID and IRC_GID in include/config.h can not be 0)\n");
-			exit(-1);
-		}
-		else
+ 
+ 		pw = getpwnam(IRC_USER);
+ 		gr = getgrnam(IRC_GROUP);
+ 
+ 		if ((pw == NULL) || (gr == NULL)) {
+ 			fprintf(stderr, "ERROR: Unable to change to specified user or group: %s\n", strerror(errno));
+ 			exit(-1);
+ 		} else {
+			irc_uid = pw->pw_uid;
+ 			irc_gid = gr->gr_gid;
+ 		}
+ 
+ 		if ((irc_uid == 0) || (irc_gid == 0)) {
+ 			(void)fprintf(stderr,
+  			    "ERROR: SETUID and SETGID have not been set properly"
+ 			    "\nPlease read your documentation\n(HINT: IRC_USER and IRC_GROUP in include/config.h cannot be root/wheel)\n");
+  			exit(-1);
+  		} else {
 		{
 			/*
 			 * run as a specified user 
@@ -1662,17 +1679,17 @@ int InitwIRCD(int argc, char *argv[])
 			(void)fprintf(stderr,
 			    "WARNING: ircd invoked as root\n");
 			(void)fprintf(stderr, "         changing to uid %d\n",
-			    IRC_UID);
+			    irc_uid);
 			(void)fprintf(stderr, "         changing to gid %d\n",
-			    IRC_GID);
-			if (setgid(IRC_GID))
+			    irc_gid);
+			if (setgid(irc_gid))
 			{
 				fprintf(stderr,
 				    "ERROR: Unable to change group: %s\n",
 				    strerror(errno));
 				exit(-1);
 			}
-			if (setuid(IRC_UID))
+			if (setuid(irc_uid))
 			{
 				fprintf(stderr,
 				    "ERROR: Unable to change userid: %s\n",
@@ -37,6 +37,8 @@ static char sccsid[] = "@(#)support.c	2.21 4/13/94 1990, 1991 Armin Gruner;\
 #ifdef _WIN32
 #include <io.h>
 #else
+extern uid_t irc_uid;
+extern gid_t irc_gid;
 #include <sys/socket.h>
 #include <string.h>
 #include <utime.h>
@@ -1783,9 +1785,9 @@ int unreal_copyfile(char *src, char *dest)
 	close(srcfd);
 	close(destfd);
 	unreal_setfilemodtime(dest, mtime);
-#if defined(IRC_UID) && defined(IRC_GID)
+#if defined(IRC_USER) && defined(IRC_GROUP)
 	if (!loop.ircd_booted)
-		chown(dest, IRC_UID, IRC_GID);
+		chown(dest, irc_uid, irc_gid);
 #endif
 	return 1;
 fail:
@@ -29,6 +29,11 @@
 extern char *SSLKeyPasswd;
 #endif

+#ifndef _WIN32
+extern uid_t irc_uid;
+extern gid_t irc_gid;
+#endif
+
 CURLM *multihandle;

 /* Stores information about the async transfer.
@@ -184,9 +189,9 @@ char *download_file(char *url, char **error, char *bind_ip)
 	curl_easy_setopt(curl, CURLOPT_ERRORBUFFER, errorbuf);
 	res = curl_easy_perform(curl);
 	fclose(fd);
-#if defined(IRC_UID) && defined(IRC_GID)
+#if defined(IRC_USER) && defined(IRC_GROUP)
 	if (!loop.ircd_booted)
-		chown(tmp, IRC_UID, IRC_GID);
+		chown(tmp, irc_uid, irc_gid);
 #endif
 	if (file)
 		free(file);
@@ -340,9 +345,9 @@ void url_do_transfers_async(void)
 			curl_easy_getinfo(easyhand, CURLINFO_EFFECTIVE_URL, &url);
 			curl_easy_getinfo(easyhand, CURLINFO_FILETIME, &last_mod);
 			fclose(handle->fd);
-#if defined(IRC_UID) && defined(IRC_GID)
+#if defined(IRC_USER) && defined(IRC_GROUP)
 			if (!loop.ircd_booted)
-				chown(handle->filename, IRC_UID, IRC_GID);
+				chown(handle->filename, irc_uid, irc_gid);
 #endif
 			if (msg->data.result == CURLE_OK)
 			{