X-Git-Url: http://git.madism.org/?a=blobdiff_plain;f=main-postlicyd.c;fp=main-postlicyd.c;h=f9b96f5b89f255bb417c85a4c5e5dd2bd32e5a10;hb=a73d0a8f6e71ff1637cacf7dc6cbd622aeddbec4;hp=4cf059b327dcbcc8bff638675b9564a40bae9446;hpb=93ab2b3dc7658be50317765792a8720c54b29807;p=apps%2Fpfixtools.git diff --git a/main-postlicyd.c b/main-postlicyd.c index 4cf059b..f9b96f5 100644 --- a/main-postlicyd.c +++ b/main-postlicyd.c @@ -41,6 +41,9 @@ #include "tokens.h" #define DAEMON_NAME "postlicyd" +#define DEFAULT_PORT 10000 +#define RUNAS_USER "nobody" +#define RUNAS_GROUP "nogroup" enum smtp_state { SMTP_UNKNOWN, @@ -247,6 +250,7 @@ void usage(void) fputs("usage: "DAEMON_NAME" [options] config\n" "\n" "Options:\n" + " -l port to listen to\n" " -p file to write our pid to\n" , stderr); } @@ -255,14 +259,22 @@ void usage(void) int main(int argc, char *argv[]) { + struct sockaddr_in addr = { + .sin_family = AF_INET, + .sin_addr = { htonl(INADDR_LOOPBACK) }, + }; const char *pidfile = NULL; + int port = DEFAULT_PORT; int sock = -1; - for (int c = 0; (c = getopt(argc, argv, "h" "p:")) >= 0; ) { + for (int c = 0; (c = getopt(argc, argv, "h" "l:p:")) >= 0; ) { switch (c) { case 'p': pidfile = optarg; break; + case 'l': + port = atoi(optarg); + break; default: usage(); return EXIT_FAILURE; @@ -279,6 +291,11 @@ int main(int argc, char *argv[]) return EXIT_FAILURE; } + if (drop_privileges(RUNAS_USER, RUNAS_GROUP) < 0) { + syslog(LOG_CRIT, "unable to drop privileges"); + return EXIT_FAILURE; + } + if (daemon_detach() < 0) { syslog(LOG_CRIT, "unable to fork"); return EXIT_FAILURE; @@ -286,6 +303,11 @@ int main(int argc, char *argv[]) pidfile_refresh(); + addr.sin_port = htons(port); + sock = tcp_listen((struct sockaddr *)&addr, sizeof(addr)); + if (sock < 0) + return EXIT_FAILURE; + while (!sigint) { int fd = accept(sock, NULL, 0); if (fd < 0) {