2 void chrootAndDrop(std::string
const& chrootdir
, std::string
const& username
)
6 std::cerr
<< "this programm has to be run as root in order to run in a chroot" << std::endl
;
10 struct passwd
*pw
= getpwnam(username
.c_str());
12 if(chroot(chrootdir
.c_str()))
14 std::cerr
<< "can't chroot to " << chrootdir
<< std::endl
;
17 cLog
.msg(Log::PRIO_NOTICE
) << "we are in chroot jail (" << chrootdir
<< ") now" << std::endl
;
19 if (initgroups(pw
->pw_name
, pw
->pw_gid
) || setgid(pw
->pw_gid
) || setuid(pw
->pw_uid
))
21 std::cerr
<< "can't drop to user " << username
<< " " << pw
->pw_uid
<< ":" << pw
->pw_gid
<< std::endl
;
24 cLog
.msg(Log::PRIO_NOTICE
) << "dropped user to " << username
<< " " << pw
->pw_uid
<< ":" << pw
->pw_gid
<< std::endl
;
28 std::cerr
<< "unknown user " << username
<< std::endl
;
43 // std::cout << "running in background now..." << std::endl;
46 // for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors
47 for (fd
=0;fd
<=2;fd
++) // close all file descriptors
49 fd
=open("/dev/null",O_RDWR
); // stdin