START=60
+USE_PROCD=1
+
ZNC_CONFIG_PATH=/tmp/etc/znc
PID_FILE=${ZNC_CONFIG_PATH}/znc.pid
ZNC_CONFIG=${ZNC_CONFIG_PATH}/configs/znc.conf
RUNAS_USER=
RUNAS_GROUP=
-RUNAS_SHELL=
add_param() {
echo "$1 = $2" >> $ZNC_CONFIG
config_get znc_config_path "$znc" znc_config_path
- config_get RUNAS_USER "$znc" runas_user
- config_get RUNAS_GROUP "$znc" runas_group
- config_get RUNAS_SHELL "$znc" runas_shell
+ config_get RUNAS_USER "$znc" runas_user znc
+ config_get RUNAS_GROUP "$znc" runas_group znc
if [ "${znc_config_path}" ]
then
config_list_foreach "$znc" listener "add_param Listener"
config_list_foreach "$znc" module "add_param LoadModule"
-
- add_param LoadModule "droproot ${RUNAS_USER:-nobody} ${RUNAS_GROUP:-nogroup}"
fi
}
echo "</User>" >> $ZNC_CONFIG
}
-
-start() {
+start_service() {
config_load znc
config_foreach znc_global znc
- if [ "$DISABLED" -eq 1 ]; then
- return 0
- fi
+ [ "$DISABLED" -eq 0 ] || return 0
if [ "$EXTERNAL_CONFIG" -eq 0 ]
then
config_foreach add_listener listener
config_foreach add_user user
- chown -hR ${RUNAS_USER:-nobody}:${RUNAS_GROUP:-nogroup} ${ZNC_CONFIG_PATH}
- fi
-
- if [ "$EXTERNAL_CONFIG" -eq 1 -a "$RUNAS_USER" ]
- then
- local SU=$(which su)
- if [ "$SU" ]
- then
- chown -hR ${RUNAS_USER:-nobody}:${RUNAS_GROUP:-nogroup} ${ZNC_CONFIG_PATH}
- $SU ${RUNAS_SHELL:+s $RUNAS_SHELL} -c "/usr/bin/znc -d$ZNC_CONFIG_PATH >/dev/null &" $RUNAS_USER
- else
- logger -s -t ZNC -p daemon.err "Could not run ZNC as user $RUNAS_USER: su not found."
- exit 1
- fi
- else
- /usr/bin/znc -d$ZNC_CONFIG_PATH >/dev/null &
fi
-}
-stop() {
- if [ -f "$PID_FILE" ]
- then
- kill $(cat "$PID_FILE")
- else
- killall znc
- fi
+ chown -hR ${RUNAS_USER}:${RUNAS_GROUP} ${ZNC_CONFIG_PATH} || {
+ logger -s -t ZNC -p daemon.err "Invalid UID/GID. Aborting startup"
+ exit 1
+ }
+
+ procd_open_instance
+ procd_set_param file /etc/config/znc
+ [ "$EXTERNAL_CONFIG" -eq 1 ] && procd_set_param file "${ZNC_CONFIG}/configs/znc.conf"
+ procd_set_param command /usr/bin/znc
+ procd_append_param command -f -d$ZNC_CONFIG_PATH
+ procd_set_param user ${RUNAS_USER}
+ procd_set_param respawn
+ procd_close_instance
}
-
+++ /dev/null
---- /dev/null
-+++ b/modules/droproot.cpp
-@@ -0,0 +1,144 @@
-+/*
-+ * droproot.cpp
-+ *
-+ * Copyright (c) 2009 Vadtec (vadtec@vadtec.net)
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License version 2 as published
-+ * by the Free Software Foundation.
-+ *
-+ * Copyright (C) 2004-2012 See the AUTHORS file for details.
-+ *
-+ * This program is free software; you can redistribute it and/or modify it
-+ * under the terms of the GNU General Public License version 2 as published
-+ * by the Free Software Foundation.
-+ */
-+
-+#include <znc/znc.h>
-+#include <znc/User.h>
-+#include <pwd.h>
-+#include <grp.h>
-+
-+class CDroproot : public CModule {
-+
-+public:
-+ MODCONSTRUCTOR(CDroproot) {
-+ }
-+
-+ virtual ~CDroproot() {
-+ }
-+
-+ uid_t GetUser(const CString& sUser, CString& sMessage) {
-+ uid_t ret = sUser.ToUInt();
-+
-+ if (ret != 0)
-+ return ret;
-+
-+ struct passwd *pUser = getpwnam(sUser.c_str());
-+
-+ if (!pUser) {
-+ sMessage = "User [" + sUser + "] not found!";
-+ return 0;
-+ }
-+
-+ return pUser->pw_uid;
-+ }
-+
-+ gid_t GetGroup(const CString& sGroup, CString& sMessage) {
-+ gid_t ret = sGroup.ToUInt();
-+
-+ if (ret != 0)
-+ return ret;
-+
-+ struct group *pGroup = getgrnam(sGroup.c_str());
-+
-+ if (!pGroup) {
-+ sMessage = "Group [" + sGroup + "] not found!";
-+ return 0;
-+ }
-+
-+ return pGroup->gr_gid;
-+ }
-+
-+ virtual bool OnLoad(const CString& sArgs, CString& sMessage) {
-+ CString sUser = sArgs.Token(0);
-+ CString sGroup = sArgs.Token(1, true);
-+
-+ if (sUser.empty() || sGroup.empty()) {
-+ sMessage = "Usage: LoadModule = Droproot <uid> <gid>";
-+ return false;
-+ }
-+
-+ m_user = GetUser(sUser, sMessage);
-+
-+ if (m_user == 0) {
-+ sMessage
-+ = "Error: Cannot run as root, check your config file | Usage: LoadModule = Droproot <uid> <gid>";
-+ return false;
-+ }
-+
-+ m_group = GetGroup(sGroup, sMessage);
-+
-+ if (m_group == 0) {
-+ sMessage
-+ = "Error: Cannot run as root, check your config file | Usage: LoadModule = Droproot <uid> <gid>";
-+ return false;
-+ }
-+
-+ return true;
-+ }
-+
-+ virtual bool OnBoot() {
-+ int u, eu, g, eg, sg;
-+
-+ if ((geteuid() == 0) || (getuid() == 0) || (getegid() == 0) || (getgid()
-+ == 0)) {
-+
-+ CUtils::PrintAction("Dropping root permissions");
-+
-+ // Clear all the supplementary groups
-+ sg = setgroups(0, NULL);
-+
-+ if (sg < 0) {
-+ CUtils::PrintStatus(false,
-+ "Could not remove supplementary groups! ["
-+ + CString(strerror(errno)) + "]");
-+
-+ return false;
-+ }
-+
-+ // Set the group (if we are root, this sets all three group IDs)
-+ g = setgid(m_group);
-+ eg = setegid(m_group);
-+
-+ if ((g < 0) || (eg < 0)) {
-+ CUtils::PrintStatus(false, "Could not switch group id! ["
-+ + CString(strerror(errno)) + "]");
-+
-+ return false;
-+ }
-+
-+ // and set the user (if we are root, this sets all three user IDs)
-+ u = setuid(m_user);
-+ eu = seteuid(m_user);
-+
-+ if ((u < 0) || (eu < 0)) {
-+ CUtils::PrintStatus(false, "Could not switch user id! ["
-+ + CString(strerror(errno)) + "]");
-+
-+ return false;
-+ }
-+
-+ CUtils::PrintStatus(true);
-+
-+ return true;
-+ }
-+
-+ return true;
-+ }
-+
-+protected:
-+ uid_t m_user;
-+ gid_t m_group;
-+};
-+
-+GLOBALMODULEDEFS(CDroproot, "Allows ZNC to drop root privileges and run as an un-privileged user.")
projects / feed / packages.git / commitdiff