Diff

prosodyctl @ 8277:57c5dd08ff0a

prosodyctl: Abort and warn if the config can't be opened after dropping root privileges (fixes #990)
author Kim Alvefur <zash@zash.se>
date Wed, 27 Sep 2017 15:37:10 +0200
parent 8276:5ebad58b2548
child 8285:433b2a41351f
child 8419:57610304e30d
line wrap: on
line diff
--- a/prosodyctl	Wed Sep 27 15:33:29 2017 +0200
+++ b/prosodyctl	Wed Sep 27 15:37:10 2017 +0200
@@ -164,6 +164,17 @@
 		if not switched_user then
 			-- Boo!
 			print("Warning: Couldn't switch to Prosody user/group '"..tostring(desired_user).."'/'"..tostring(desired_group).."': "..tostring(err));
+		else
+			-- Make sure the Prosody user can read the config
+			local conf, err, errno = io.open(ENV_CONFIG);
+			if conf then
+				conf:close();
+			else
+				print("The config file is not readable by the '"..desired_user.."' user.");
+				print("Prosody will not be able to read it.");
+				print("Error was "..err);
+				os.exit(1);
+			end
 		end
 	end