prosody
86b12ae8d427
util/startup.lua
Software / code / prosody
Comparison
util/startup.lua @ 8672:86b12ae8d427
util.startup: Expose user switching information via prosody global object
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Thu, 22 Mar 2018 22:35:27 +0000 |
| parent | 8667:a05d36075c6a |
| child | 8673:6aeed79d9283 |
comparison
equal
deleted
inserted
replaced
| 8671:a4899174a894 | 8672:86b12ae8d427 |
|---|---|
| 362 function startup.switch_user() | 362 function startup.switch_user() |
| 363 -- Switch away from root and into the prosody user -- | 363 -- Switch away from root and into the prosody user -- |
| 364 -- NOTE: This function is only used by prosodyctl. | 364 -- NOTE: This function is only used by prosodyctl. |
| 365 -- The prosody process is built with the assumption that | 365 -- The prosody process is built with the assumption that |
| 366 -- it is already started as the appropriate user. | 366 -- it is already started as the appropriate user. |
| 367 local switched_user, current_uid; | |
| 368 | 367 |
| 369 local want_pposix_version = "0.4.0"; | 368 local want_pposix_version = "0.4.0"; |
| 370 local have_pposix, pposix = pcall(require, "util.pposix"); | 369 local have_pposix, pposix = pcall(require, "util.pposix"); |
| 371 | 370 |
| 372 if have_pposix and pposix then | 371 if have_pposix and pposix then |
| 373 if pposix._VERSION ~= want_pposix_version then | 372 if pposix._VERSION ~= want_pposix_version then |
| 374 print(string.format("Unknown version (%s) of binary pposix module, expected %s", | 373 print(string.format("Unknown version (%s) of binary pposix module, expected %s", |
| 375 tostring(pposix._VERSION), want_pposix_version)); | 374 tostring(pposix._VERSION), want_pposix_version)); |
| 376 os.exit(1); | 375 os.exit(1); |
| 377 end | 376 end |
| 378 current_uid = pposix.getuid(); | 377 prosody.current_uid = pposix.getuid(); |
| 379 local arg_root = arg[1] == "--root"; | 378 local arg_root = arg[1] == "--root"; |
| 380 if arg_root then table.remove(arg, 1); end | 379 if arg_root then table.remove(arg, 1); end |
| 381 if current_uid == 0 and config.get("*", "run_as_root") ~= true and not arg_root then | 380 if prosody.current_uid == 0 and config.get("*", "run_as_root") ~= true and not arg_root then |
| 382 -- We haz root! | 381 -- We haz root! |
| 383 local desired_user = config.get("*", "prosody_user") or "prosody"; | 382 local desired_user = config.get("*", "prosody_user") or "prosody"; |
| 384 local desired_group = config.get("*", "prosody_group") or desired_user; | 383 local desired_group = config.get("*", "prosody_group") or desired_user; |
| 385 local ok, err = pposix.setgid(desired_group); | 384 local ok, err = pposix.setgid(desired_group); |
| 386 if ok then | 385 if ok then |
| 388 end | 387 end |
| 389 if ok then | 388 if ok then |
| 390 ok, err = pposix.setuid(desired_user); | 389 ok, err = pposix.setuid(desired_user); |
| 391 if ok then | 390 if ok then |
| 392 -- Yay! | 391 -- Yay! |
| 393 switched_user = true; | 392 prosody.switched_user = true; |
| 394 end | 393 end |
| 395 end | 394 end |
| 396 if not switched_user then | 395 if not prosody.switched_user then |
| 397 -- Boo! | 396 -- Boo! |
| 398 print("Warning: Couldn't switch to Prosody user/group '"..tostring(desired_user).."'/'"..tostring(desired_group).."': "..tostring(err)); | 397 print("Warning: Couldn't switch to Prosody user/group '"..tostring(desired_user).."'/'"..tostring(desired_group).."': "..tostring(err)); |
| 399 else | 398 else |
| 400 -- Make sure the Prosody user can read the config | 399 -- Make sure the Prosody user can read the config |
| 401 local conf, err, errno = io.open(prosody.config_file); | 400 local conf, err, errno = io.open(prosody.config_file); |
