aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorflorian2014-06-10 14:38:27 +0000
committerWynn Wolf Arbor2020-05-24 12:33:55 +0200
commita042f2ea8835a5f1e6c643d231e5c091e239d28d (patch)
treefce2d0e049e0cf0391024371708abdcdd7db73f2
parent660dbaae4ad1ac9a2fe96efaf13d984db7ee4b89 (diff)
downloadslowcgi-a042f2ea8835a5f1e6c643d231e5c091e239d28d.tar.gz
Implement -u (user to drop privs to) and -p flag (path to chroot to). This allows to run slowcgi non-chrooted with -p /, requested by at least ratchov@ and henning@. Input by many, OK ratchov@ on a previous diff, "looks good" millert@, man page bits tweak and OK schwarze@ (all some time ago); OK henning@
-rw-r--r--slowcgi.817
-rw-r--r--slowcgi.c41
2 files changed, 45 insertions, 13 deletions
diff --git a/slowcgi.8 b/slowcgi.8
index 9f1b4f9..9d26af0 100644
--- a/slowcgi.8
+++ b/slowcgi.8
@@ -1,4 +1,4 @@
-.\" $OpenBSD: slowcgi.8,v 1.8 2014/06/10 14:33:01 florian Exp $
+.\" $OpenBSD: slowcgi.8,v 1.9 2014/06/10 14:38:27 florian Exp $
.\"
.\" Copyright (c) 2013 Florian Obser <florian@openbsd.org>
.\"
@@ -23,7 +23,9 @@
.Sh SYNOPSIS
.Nm
.Op Fl d
+.Op Fl p Ar path
.Op Fl s Ar socket
+.Op Fl u Ar user
.Sh DESCRIPTION
.Nm
is a server which implements the FastCGI Protocol to execute CGI scripts.
@@ -65,9 +67,22 @@ Do not daemonize.
If this option is specified,
.Nm
will run in the foreground and log to stderr.
+.It Fl p Ar path
+.Xr chroot 2
+to
+.Ar path .
+A
+.Ar path
+of
+.Pa /
+effectively disables the chroot.
.It Fl s Ar socket
Create and bind to alternative local socket at
.Ar socket .
+.It Fl u Ar user
+Drop privileges to
+.Ar user
+instead of default user www.
.El
.\" .Sh SEE ALSO
.Sh STANDARDS
diff --git a/slowcgi.c b/slowcgi.c
index 846c1b1..769df03 100644
--- a/slowcgi.c
+++ b/slowcgi.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: slowcgi.c,v 1.32 2014/06/10 14:33:01 florian Exp $ */
+/* $OpenBSD: slowcgi.c,v 1.33 2014/06/10 14:38:27 florian Exp $ */
/*
* Copyright (c) 2013 David Gwynne <dlg@openbsd.org>
* Copyright (c) 2013 Florian Obser <florian@openbsd.org>
@@ -238,7 +238,8 @@ __dead void
usage(void)
{
extern char *__progname;
- fprintf(stderr, "usage: %s [-d] [-s socket]\n", __progname);
+ fprintf(stderr, "usage: %s [-d] [-p path] [-s socket] [-u user]\n",
+ __progname);
exit(1);
}
@@ -255,6 +256,8 @@ main(int argc, char *argv[])
struct passwd *pw;
struct stat sb;
int c, fd;
+ const char *chrootpath = NULL;
+ const char *slowcgi_user = SLOWCGI_USER;
/*
* Ensure we have fds 0-2 open so that we have no fd overlaps
@@ -273,14 +276,20 @@ main(int argc, char *argv[])
}
}
- while ((c = getopt(argc, argv, "ds:")) != -1) {
+ while ((c = getopt(argc, argv, "dp:s:u:")) != -1) {
switch (c) {
case 'd':
debug = 1;
break;
+ case 'p':
+ chrootpath = optarg;
+ break;
case 's':
fcgi_socket = optarg;
break;
+ case 'u':
+ slowcgi_user = optarg;
+ break;
default:
usage();
/* NOTREACHED */
@@ -290,10 +299,6 @@ main(int argc, char *argv[])
if (geteuid() != 0)
errx(1, "need root privileges");
- pw = getpwnam(SLOWCGI_USER);
- if (pw == NULL)
- err(1, "no %s user", SLOWCGI_USER);
-
if (!debug && daemon(1, 0) == -1)
err(1, "daemon");
@@ -304,15 +309,27 @@ main(int argc, char *argv[])
event_init();
+ pw = getpwnam(SLOWCGI_USER);
+ if (pw == NULL)
+ errx(1, "no %s user", SLOWCGI_USER);
+
slowcgi_listen(fcgi_socket, pw);
- if (chroot(pw->pw_dir) == -1)
- lerr(1, "chroot(%s)", pw->pw_dir);
+ lwarnx("slowcgi_user: %s", slowcgi_user);
+ pw = getpwnam(slowcgi_user);
+ if (pw == NULL)
+ errx(1, "no %s user", slowcgi_user);
- if (chdir("/") == -1)
- lerr(1, "chdir(%s)", pw->pw_dir);
+ if (chrootpath == NULL)
+ chrootpath = pw->pw_dir;
- ldebug("chroot: %s", pw->pw_dir);
+ if (chroot(chrootpath) == -1)
+ lerr(1, "chroot(%s)", chrootpath);
+
+ ldebug("chroot: %s", chrootpath);
+
+ if (chdir("/") == -1)
+ lerr(1, "chdir(/)");
if (setgroups(1, &pw->pw_gid) ||
setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) ||