mirror of
https://tildegit.org/solderpunk/molly-brown
synced 2024-05-12 16:06:03 +02:00
Make unprivileged user configurable, thanks nervuri! (see issue #16)
This commit is contained in:
parent
c0c67f7ba6
commit
182e58ffe3
|
@ -395,6 +395,9 @@ facility.
|
||||||
chroot happens immediately after reading the config file. All other
|
chroot happens immediately after reading the config file. All other
|
||||||
paths specified in the config file (e.g. `DocBase`, `KeyPath`,
|
paths specified in the config file (e.g. `DocBase`, `KeyPath`,
|
||||||
`AccessLog`) must be specified relative to `ChrootDir`.
|
`AccessLog`) must be specified relative to `ChrootDir`.
|
||||||
|
* `UnprivUsername`: The username of an unprivileged user on the system
|
||||||
|
which MollyBrown will change setuid() to if started by the superuser
|
||||||
|
or when run as a setuid binary (default value "nobody").
|
||||||
|
|
||||||
## .molly files
|
## .molly files
|
||||||
|
|
||||||
|
|
|
@ -17,6 +17,7 @@ type Config struct {
|
||||||
DocBase string
|
DocBase string
|
||||||
HomeDocBase string
|
HomeDocBase string
|
||||||
ChrootDir string
|
ChrootDir string
|
||||||
|
UnprivUsername string
|
||||||
GeminiExt string
|
GeminiExt string
|
||||||
DefaultLang string
|
DefaultLang string
|
||||||
DefaultEncoding string
|
DefaultEncoding string
|
||||||
|
@ -61,6 +62,7 @@ func getConfig(filename string) (Config, error) {
|
||||||
config.DocBase = "/var/gemini/"
|
config.DocBase = "/var/gemini/"
|
||||||
config.HomeDocBase = "users"
|
config.HomeDocBase = "users"
|
||||||
config.ChrootDir = ""
|
config.ChrootDir = ""
|
||||||
|
config.UnprivUsername = "nobody"
|
||||||
config.GeminiExt = "gmi"
|
config.GeminiExt = "gmi"
|
||||||
config.DefaultLang = ""
|
config.DefaultLang = ""
|
||||||
config.DefaultEncoding = ""
|
config.DefaultEncoding = ""
|
||||||
|
|
6
main.go
6
main.go
|
@ -47,13 +47,13 @@ func main() {
|
||||||
uid := os.Getuid()
|
uid := os.Getuid()
|
||||||
nobody_uid := -1
|
nobody_uid := -1
|
||||||
if uid == 0 {
|
if uid == 0 {
|
||||||
nobody_user, err := user.Lookup("nobody")
|
nobody_user, err := user.Lookup(config.UnprivUsername)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal("Running as root but could not lookup UID for user " + "nobody" + ": " + err.Error())
|
log.Fatal("Running as root but could not lookup UID for user " + config.UnprivUsername + ": " + err.Error())
|
||||||
}
|
}
|
||||||
nobody_uid, err = strconv.Atoi(nobody_user.Uid)
|
nobody_uid, err = strconv.Atoi(nobody_user.Uid)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Fatal("Running as root but could not lookup UID fr user " + "nobody" + ": " + err.Error())
|
log.Fatal("Running as root but could not lookup UID for user " + config.UnprivUsername + ": " + err.Error())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue