Make daemons call setgid() *before* setuid() because doing it the other way around doesn't appear to work, at least on Linux.

2012-08-08 23:17:51 -04:00 · 2012-08-08 23:17:51 -04:00 · f29d8e0d5a
commit f29d8e0d5a
parent 4fd3f43ad2
1 changed files with 13 additions and 13 deletions
--- a/lib/daemon.php
+++ b/lib/daemon.php
@ -124,19 +124,6 @@ class Daemon

    function changeUser()
    {
-        $username = common_config('daemon', 'user');
-
-        if ($username) {
-            $user_info = posix_getpwnam($username);
-            if (!$user_info) {
-                common_log(LOG_WARNING,
-                           'Ignoring unknown user for daemon: ' . $username);
-            } else {
-                common_log(LOG_INFO, "Setting user to " . $username);
-                posix_setuid($user_info['uid']);
-            }
-        }
-
        $groupname = common_config('daemon', 'group');

        if ($groupname) {
@ -149,6 +136,19 @@ class Daemon
                posix_setgid($group_info['gid']);
            }
        }
+
+        $username = common_config('daemon', 'user');
+
+        if ($username) {
+            $user_info = posix_getpwnam($username);
+            if (!$user_info) {
+                common_log(LOG_WARNING,
+                           'Ignoring unknown user for daemon: ' . $username);
+            } else {
+                common_log(LOG_INFO, "Setting user to " . $username);
+                posix_setuid($user_info['uid']);
+            }
+        }
    }

    function runOnce()