Add a function to drop privileges.

[apps/pfixtools.git] / daemon.c

diff --git a/daemon.c b/daemon.c
index 64f9c68..1c74ed3 100644 (file)
--- a/daemon.c
+++ b/daemon.c
@@ -33,8 +33,10 @@
  * Copyright © 2007 Pierre Habouzit
  */
 
-#include <sys/un.h>
 #include <fcntl.h>
+#include <grp.h>
+#include <pwd.h>
+#include <sys/un.h>
 
 #include "common.h"
 #include "daemon.h"
@@ -57,7 +59,7 @@ static int setnonblock(int sock)
 }
 
 
-int tcp_listen(const struct sockaddr *addr, socklen_t len)
+int tcp_listen_nonblock(const struct sockaddr *addr, socklen_t len)
 {
     int sock;
 
@@ -127,3 +129,50 @@ int accept_nonblock(int fd)
 
     return sock;
 }
+
+int daemon_detach(void)
+{
+    pid_t pid;
+
+    close(STDIN_FILENO);
+    close(STDOUT_FILENO);
+    close(STDERR_FILENO);
+
+    open("/dev/null", O_RDWR);
+    open("/dev/null", O_RDWR);
+    open("/dev/null", O_RDWR);
+
+    pid = fork();
+    if (pid < 0)
+        return -1;
+    if (pid)
+        exit(0);
+
+    setsid();
+    return 0;
+}
+
+int drop_privilegies(const char *user, const char *group)
+{
+    if (!geteuid()) {
+        struct passwd *pw;
+        struct group *gr;
+
+        if (group) {
+            gr = getgrnam(group);
+            if (!gr)
+                return -1;
+            setgid(gr->gr_gid);
+        }
+
+        pw = getpwnam(user);
+        if (!pw)
+            return -1;
+        if (!group) {
+            setgid(pw->pw_gid);
+        }
+        setuid(pw->pw_uid);
+    }
+
+    return 0;
+}