Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/mumble-voip/mumble.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/murmur/UnixMurmur.cpp2
-rw-r--r--src/murmur/main.cpp46
2 files changed, 28 insertions, 20 deletions
diff --git a/src/murmur/UnixMurmur.cpp b/src/murmur/UnixMurmur.cpp
index 773701c97..3dc9c0814 100644
--- a/src/murmur/UnixMurmur.cpp
+++ b/src/murmur/UnixMurmur.cpp
@@ -255,7 +255,7 @@ void UnixMurmur::setuid() {
void UnixMurmur::initialcap() {
#ifdef Q_OS_LINUX
- cap_value_t caps[] = {CAP_NET_ADMIN, CAP_SETUID, CAP_SETGID, CAP_SYS_RESOURCE, CAP_DAC_OVERRIDE };
+ cap_value_t caps[] = {CAP_NET_ADMIN, CAP_SETUID, CAP_SETGID, CAP_CHOWN, CAP_SYS_RESOURCE, CAP_DAC_OVERRIDE };
if (! bRoot)
return;
diff --git a/src/murmur/main.cpp b/src/murmur/main.cpp
index 5a4810d35..695f8cc63 100644
--- a/src/murmur/main.cpp
+++ b/src/murmur/main.cpp
@@ -273,6 +273,33 @@ int main(int argc, char **argv) {
Meta::mp.read(inifile);
+ // need to open log file early so log dir can be root owned:
+ // http://article.gmane.org/gmane.comp.security.oss.general/4404
+ if (detach && ! Meta::mp.qsLogfile.isEmpty()) {
+ qfLog = new QFile(Meta::mp.qsLogfile);
+ if (! qfLog->open(QIODevice::WriteOnly | QIODevice::Append | QIODevice::Text)) {
+ delete qfLog;
+ qfLog = NULL;
+#ifdef Q_OS_UNIX
+ fprintf(stderr, "murmurd: failed to open logfile %s: no logging will be done\n",qPrintable(Meta::mp.qsLogfile));
+#else
+ qWarning("Failed to open logfile %s. Will not detach.",qPrintable(Meta::mp.qsLogfile));
+ detach = false;
+#endif
+ } else {
+ qfLog->setTextModeEnabled(true);
+ QFileInfo qfi(*qfLog);
+ Meta::mp.qsLogfile = qfi.absoluteFilePath();
+#ifdef Q_OS_UNIX
+ if (Meta::mp.uiUid != 0 && fchown(qfLog->handle(), Meta::mp.uiUid, Meta::mp.uiGid) == -1) {
+ qFatal("can't change log file owner to %d %d:%d - %s", qfLog->handle(), Meta::mp.uiUid, Meta::mp.uiGid, strerror(errno));
+ }
+#endif
+ }
+ } else {
+ detach = false;
+ }
+
#ifdef Q_OS_UNIX
unixhandler.setuid();
#endif
@@ -318,25 +345,6 @@ int main(int argc, char **argv) {
}
}
- if (detach && ! Meta::mp.qsLogfile.isEmpty()) {
- qfLog = new QFile(Meta::mp.qsLogfile);
- if (! qfLog->open(QIODevice::WriteOnly | QIODevice::Append | QIODevice::Text)) {
- delete qfLog;
- qfLog = NULL;
-#ifdef Q_OS_UNIX
- fprintf(stderr, "murmurd: failed to open logfile %s: no logging will be done\n",qPrintable(Meta::mp.qsLogfile));
-#else
- qWarning("Failed to open logfile %s. Will not detach.",qPrintable(Meta::mp.qsLogfile));
- detach = false;
-#endif
- } else {
- qfLog->setTextModeEnabled(true);
- QFileInfo qfi(*qfLog);
- Meta::mp.qsLogfile = qfi.absoluteFilePath();
- }
- } else {
- detach = false;
- }
#ifdef Q_OS_UNIX
if (detach) {
if (fork() != 0) {
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-02 16:35:21 +0300