}
/*
- * In daemon mode, check the ownership. If in
- * debug mode, ignore ownership if we're root.
+ * Refuse to open sockets not owned by us.
*/
- if ((debug_flag == 0) || (geteuid() != 0)) {
-
- /*
- * Refuse to open sockets not owned by us.
- */
- if (buf.st_uid != geteuid()) {
- radlog(L_ERR, "We do not own %s", path);
- return -1;
- }
-
- /*
- * In debug mode as root, leave the file
- * there. Otherwise, it will be owned by
- * "root", which makes it difficult to
- * open the file as user "radiusd".
- */
- if (unlink(path) < 0) {
- radlog(L_ERR, "Failed to delete %s: %s",
- path, strerror(errno));
- return -1;
- }
+ if (buf.st_uid != geteuid()) {
+ radlog(L_ERR, "We do not own %s", path);
+ return -1;
+ }
+
+ if (unlink(path) < 0) {
+ radlog(L_ERR, "Failed to delete %s: %s",
+ path, strerror(errno));
+ return -1;
}
}
/*
- * Delete the socket for safety. If the server isn't running,
- * the socket shouldn't exist.
- */
-static void command_socket_free(rad_listen_t *listener)
-{
- fr_command_socket_t *sock = listener->data;
-
- if (sock->path) unlink(sock->path);
-}
-
-/*
* Send an authentication response packet
*/
static int command_domain_send(UNUSED rad_listen_t *listener,
#endif
#ifdef WITH_COMMAND_SOCKET
- /* Unix domain command socket */
- { command_socket_parse, command_socket_free,
+ /* TCP command socket */
+ { command_socket_parse, NULL,
command_domain_accept, command_domain_send,
command_socket_print, command_socket_encode, command_socket_decode },
#endif
{ "group", PW_TYPE_STRING_PTR, 0, &gid_name, NULL },
#endif
{ "chroot", PW_TYPE_STRING_PTR, 0, &chroot_dir, NULL },
- { "libdir", PW_TYPE_STRING_PTR, 0, &radlib_dir, "${prefix}/lib"},
{ "allow_core_dumps", PW_TYPE_BOOLEAN, 0, &allow_core_dumps, "no" },
{ NULL, -1, 0, NULL, NULL }
#endif
if (chroot_dir) {
- DEBUG("Performing chroot to %s", chroot_dir);
if (chroot(chroot_dir) < 0) {
fprintf(stderr, "%s: Failed to perform chroot %s: %s",
progname, chroot_dir, strerror(errno));
if (uid_name) {
doing_setuid = TRUE;
- DEBUG("Switching to user %s group %s",
- uid_name, gid_name ? gid_name : "");
fr_suid_down();
}
#endif
}
if (chroot_dir) {
- DEBUG("Changing current working directory to %s", radlog_dir);
if (chdir(radlog_dir) < 0) {
radlog(L_ERR, "Failed to 'chdir %s' after chroot: %s",
radlog_dir, strerror(errno));
virtual_servers_free(0);
/*
- * Close sockets before free'ing the configuration. This
- * allows us to removed the control socket before
- * exiting.
- */
- listen_free(&mainconfig.listen);
-
- /*
* Free all of the cached configurations.
*/
for (cc = cs_cache; cc != NULL; cc = next) {
* structures.
*/
realms_free();
+ listen_free(&mainconfig.listen);
dict_free();
return 0;