now that we drop privs more thoroughly, switch_id() is no longer

idempotent. so now we remember if we've succeeded, and if so we don't even try. svn:r17204
2024-11-27 22:03:31 +01:00 · 2008-11-07 04:34:47 +00:00 · 2008-11-07 04:34:47 +00:00 · 14773f42a7
commit 14773f42a7
parent 7c65792500
2 changed files with 5 additions and 2 deletions
--- a/src/common/compat.c
+++ b/src/common/compat.c
@ -1026,9 +1026,13 @@ switch_id(const char *user)
  struct passwd *pw = NULL;
  uid_t old_uid;
  gid_t old_gid;
+  static int have_already_switched_id = 0;

  tor_assert(user);

+  if (have_already_switched_id)
+    return 0;
+
  /* Log the initial credential state */
  if (log_credential_status())
    return -1;
@ -1117,6 +1121,7 @@ switch_id(const char *user)
    return -1;
  }

+  have_already_switched_id = 1; /* mark success so we never try again */
  return 0;

 #else
--- a/src/or/config.c
+++ b/src/or/config.c
@ -1084,8 +1084,6 @@ options_act_reversible(or_options_t *old_options, char **msg)

  /* Setuid/setgid as appropriate */
  if (options->User) {
-    /* XXXX021 We should only do this the first time through, not on
-     * every setconf. */
    if (switch_id(options->User) != 0) {
      /* No need to roll back, since you can't change the value. */
      *msg = tor_strdup("Problem with User value. See logs for details.");