Loading src/blogi.cpp +35 −27 Original line number Diff line number Diff line Loading @@ -2673,10 +2673,14 @@ public: blogi::Blogi blg(getServerSockets(),debug); #ifndef Windows if(!debug){ // Only drop privileges if we were started as root. When the // service is launched directly as the blogi user (e.g. via // setuidgid) there is nothing to drop and getpwnam_r would // needlessly fail in minimal rootfs setups. if(getuid()==0){ struct passwd pwd_storage; char buffer[1024]; struct passwd *result = NULL; int s; const char *username = "blogi"; Loading @@ -2686,6 +2690,7 @@ public: seteuid(pwd_storage.pw_uid); setegid(pwd_storage.pw_gid); } }else{ blg.threads=2; } Loading Loading @@ -2756,12 +2761,9 @@ int main(int argc, char* argv[]) { sigaction (SIGPIPE, &SignalAction, nullptr); if(debug==0){ if(getuid()!=0){ libhttppp::HTTPException e; e[libhttppp::HTTPException::Critical] << "must be run as root!"; throw e; } if(getuid()==0){ // Running as root: set up logfiles, optionally daemonize, and // let HttpConD drop privileges to the blogi user afterwards. logFiles("/var/log/blogi/access.log",STDOUT_FILENO); logFiles("/var/log/blogi/error.log",STDERR_FILENO); Loading @@ -2778,6 +2780,12 @@ int main(int argc, char* argv[]) { }else{ HttpConD blogiD(false); } }else{ // Started directly as an unprivileged user (e.g. the blogi user // via setuidgid). Run in the foreground and log to stdout/stderr, // which the supervisor (systemd-nspawn) captures to the journal. HttpConD blogiD(false); } }else{ HttpConD blogiD(true); } Loading Loading
src/blogi.cpp +35 −27 Original line number Diff line number Diff line Loading @@ -2673,10 +2673,14 @@ public: blogi::Blogi blg(getServerSockets(),debug); #ifndef Windows if(!debug){ // Only drop privileges if we were started as root. When the // service is launched directly as the blogi user (e.g. via // setuidgid) there is nothing to drop and getpwnam_r would // needlessly fail in minimal rootfs setups. if(getuid()==0){ struct passwd pwd_storage; char buffer[1024]; struct passwd *result = NULL; int s; const char *username = "blogi"; Loading @@ -2686,6 +2690,7 @@ public: seteuid(pwd_storage.pw_uid); setegid(pwd_storage.pw_gid); } }else{ blg.threads=2; } Loading Loading @@ -2756,12 +2761,9 @@ int main(int argc, char* argv[]) { sigaction (SIGPIPE, &SignalAction, nullptr); if(debug==0){ if(getuid()!=0){ libhttppp::HTTPException e; e[libhttppp::HTTPException::Critical] << "must be run as root!"; throw e; } if(getuid()==0){ // Running as root: set up logfiles, optionally daemonize, and // let HttpConD drop privileges to the blogi user afterwards. logFiles("/var/log/blogi/access.log",STDOUT_FILENO); logFiles("/var/log/blogi/error.log",STDERR_FILENO); Loading @@ -2778,6 +2780,12 @@ int main(int argc, char* argv[]) { }else{ HttpConD blogiD(false); } }else{ // Started directly as an unprivileged user (e.g. the blogi user // via setuidgid). Run in the foreground and log to stdout/stderr, // which the supervisor (systemd-nspawn) captures to the journal. HttpConD blogiD(false); } }else{ HttpConD blogiD(true); } Loading
