dovecot: Move POSIX capabilities dropping into separate function.
dovecot at dovecot.org
dovecot at dovecot.org
Wed Jun 20 15:15:17 EEST 2007
details: http://hg.dovecot.org/dovecot/rev/4f22660ffd33
changeset: 5789:4f22660ffd33
user: Andrey Panin <pazke at donpac.ru>
date: Wed Jun 20 14:08:27 2007 +0400
description:
Move POSIX capabilities dropping into separate function.
diffstat:
4 files changed, 48 insertions(+), 26 deletions(-)
src/master/Makefile.am | 2 ++
src/master/capabilities-posix.c | 30 ++++++++++++++++++++++++++++++
src/master/capabilities.h | 14 ++++++++++++++
src/master/main.c | 28 ++--------------------------
diffs (130 lines):
diff -r bdb16967be64 -r 4f22660ffd33 src/master/Makefile.am
--- a/src/master/Makefile.am Sun Jun 10 12:58:06 2007 +0400
+++ b/src/master/Makefile.am Wed Jun 20 14:08:27 2007 +0400
@@ -21,6 +21,7 @@ dovecot_SOURCES = \
dovecot_SOURCES = \
auth-process.c \
askpass.c \
+ capabilities-posix.c \
dict-process.c \
log.c \
login-process.c \
@@ -33,6 +34,7 @@ noinst_HEADERS = \
noinst_HEADERS = \
auth-process.h \
askpass.h \
+ capabilities.h \
dict-process.h \
common.h \
log.h \
diff -r bdb16967be64 -r 4f22660ffd33 src/master/capabilities-posix.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/master/capabilities-posix.c Wed Jun 20 14:08:27 2007 +0400
@@ -0,0 +1,30 @@
+#include "common.h"
+#include "capabilities.h"
+
+#ifdef HAVE_LIBCAP
+
+#include <sys/capability.h>
+
+void drop_capabilities(void)
+{
+ /* the capabilities that we *need* in order to operate */
+ static cap_value_t suidcaps[] = {
+ CAP_CHOWN,
+ CAP_SYS_CHROOT,
+ CAP_SETUID,
+ CAP_SETGID,
+ CAP_NET_BIND_SERVICE
+ };
+ cap_t caps;
+
+ caps = cap_init();
+ cap_clear(caps);
+ cap_set_flag(caps, CAP_PERMITTED,
+ sizeof(suidcaps) / sizeof(cap_value_t), suidcaps, CAP_SET);
+ cap_set_flag(caps, CAP_EFFECTIVE,
+ sizeof(suidcaps) / sizeof(cap_value_t), suidcaps, CAP_SET);
+ cap_set_proc(caps);
+ cap_free(caps);
+}
+
+#endif
diff -r bdb16967be64 -r 4f22660ffd33 src/master/capabilities.h
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/master/capabilities.h Wed Jun 20 14:08:27 2007 +0400
@@ -0,0 +1,14 @@
+#ifndef __CAPABILITIES_H__
+#define __CAPABILITIES_H__
+
+#if defined(HAVE_LIBCAP)
+
+void drop_capabilities(void);
+
+#else
+
+static inline void drop_capabilities(void) {}
+
+#endif
+
+#endif /* __CAPABILITIES_H__ */
diff -r bdb16967be64 -r 4f22660ffd33 src/master/main.c
--- a/src/master/main.c Sun Jun 10 12:58:06 2007 +0400
+++ b/src/master/main.c Wed Jun 20 14:08:27 2007 +0400
@@ -10,6 +10,7 @@
#include "askpass.h"
#include "auth-process.h"
+#include "capabilities.h"
#include "dict-process.h"
#include "login-process.h"
#include "mail-process.h"
@@ -24,9 +25,6 @@
#include <syslog.h>
#include <sys/stat.h>
#include <sys/wait.h>
-#ifdef HAVE_LIBCAP
-#include <sys/capability.h>
-#endif
const char *process_names[PROCESS_TYPE_MAX] = {
"unknown",
@@ -38,18 +36,6 @@ const char *process_names[PROCESS_TYPE_M
"ssl-build-param",
"dict"
};
-
-/* the capabilities that we *need* in order to operate */
-#ifdef HAVE_LIBCAP
-cap_t caps;
-cap_value_t suidcaps[] = {
- CAP_CHOWN,
- CAP_SYS_CHROOT,
- CAP_SETUID,
- CAP_SETGID,
- CAP_NET_BIND_SERVICE
-};
-#endif
static const char *configfile = SYSCONFDIR "/" PACKAGE ".conf";
static const char *env_tz;
@@ -607,17 +593,7 @@ static void main_init(bool log_error)
i_fatal("This is Dovecot's fatal log");
}
-#ifdef HAVE_LIBCAP
- /* drop capabilities that we don't need, be very restrictive. */
- caps = cap_init();
- cap_clear(caps);
- cap_set_flag(caps, CAP_PERMITTED,
- sizeof(suidcaps) / sizeof(cap_value_t), suidcaps, CAP_SET);
- cap_set_flag(caps, CAP_EFFECTIVE,
- sizeof(suidcaps) / sizeof(cap_value_t), suidcaps, CAP_SET);
- cap_set_proc(caps);
- cap_free(caps);
-#endif
+ drop_capabilities();
lib_signals_init();
lib_signals_set_handler(SIGINT, TRUE, sig_die, NULL);
More information about the dovecot-cvs
mailing list