(RADIATOR) Switch to non root id and logfile ownership
Markus Moeller
huaraz at moeller.plus.com
Thu Feb 21 14:18:44 CST 2008
I think I mentioned before that I get access problems when starting as root and switch the user id. If I user variables in the logfile name it is very difficult to make sure at each restart that the files is first created with the right ownership. I patched Util.pm to check the file ownership and change it when required before attempting to write to it.
Do you see a problem with it ?
Markus
--- Radiator-4.0/Radius/Util.pm Wed Feb 20 05:57:11 2008
+++ Util.pm Thu Feb 21 15:21:36 2008
@@ -599,6 +599,26 @@
# mkpath can die
eval {mkpath(dirname($filename), 0, 0755)}
unless -d dirname($filename);
+ # Make sure the log file ownership is in line with uid and gid
+ if ( defined $main::config->{Group} || defined $main::config->{User} ) {
+ my $tf = ">>$filename";
+ if ( ! -e $filename ) {
+ open(FILE, $tf) || return;
+ close(FILE) || return;
+ }
+ my $fuid = (stat($filename))[4];
+ my $fgid = (stat($filename))[5];
+ my $gid = (getgrnam($main::config->{Group}))[2]
+ if ($main::config->{Group} !~ /^\d+$/);
+ my $uid = (getpwnam($main::config->{User}))[2]
+ if ($main::config->{User} !~ /^\d+$/);
+ if ( defined $gid && $gid != $fgid ) {
+ chown(-1,$gid,$filename);
+ }
+ if ( defined $uid && $uid != $fuid ) {
+ chown($uid,-1,$filename);
+ }
+ }
$filename = ">>$filename";
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.open.com.au/pipermail/radiator/attachments/20080221/8ebff966/attachment.html>
More information about the radiator
mailing list