src/daemon.hpp

   1 /*
   2  *  anytun
   3  *
   4  *  The secure anycast tunneling protocol (satp) defines a protocol used
   5  *  for communication between any combination of unicast and anycast
   6  *  tunnel endpoints.  It has less protocol overhead than IPSec in Tunnel
   7  *  mode and allows tunneling of every ETHER TYPE protocol (e.g.
   8  *  ethernet, ip, arp ...). satp directly includes cryptography and
   9  *  message authentication based on the methodes used by SRTP.  It is
  10  *  intended to deliver a generic, scaleable and secure solution for
  11  *  tunneling and relaying of packets of any protocol.
  12  *
  13  *
  14  *  Copyright (C) 2007-2008 Othmar Gsenger, Erwin Nindl,
  15  *                          Christian Pointner <satp@wirdorange.org>
  16  *
  17  *  This file is part of Anytun.
  18  *
  19  *  Anytun is free software: you can redistribute it and/or modify
  20  *  it under the terms of the GNU General Public License version 3 as
  21  *  published by the Free Software Foundation.
  22  *
  23  *  Anytun is distributed in the hope that it will be useful,
  24  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  25  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  26  *  GNU General Public License for more details.
  27  *
  28  *  You should have received a copy of the GNU General Public License
  29  *  along with anytun.  If not, see <http://www.gnu.org/licenses/>.
  30  */
  31
  32 #ifndef _DAEMON_HPP
  33 #define _DAEMON_HPP
  34 #ifndef NODAEMON
  35
  36 #include <poll.h>
  37 #include <fcntl.h>
  38 #include <pwd.h>
  39 #include <grp.h>
  40 #include <sys/wait.h>
  41 #include <sys/stat.h>
  42 #include <unistd.h>
  43
  44 void chrootAndDrop(std::string const& chrootdir, std::string const& username)
  45 {
  46   if (getuid() != 0)
  47   {
  48     std::cerr << "this programm has to be run as root in order to run in a chroot" << std::endl;
  49     exit(-1);
  50   }
  51
  52   struct passwd *pw = getpwnam(username.c_str());
  53   if(pw) {
  54     if(chroot(chrootdir.c_str()))
  55     {
  56       std::cerr << "can't chroot to " << chrootdir << std::endl;
  57       exit(-1);
  58     }
  59     cLog.msg(Log::PRIO_NOTICE) << "we are in chroot jail (" << chrootdir << ") now" << std::endl;
  60     if(chdir("/"))
  61     {
  62       std::cerr << "can't change to /" << std::endl;
  63       exit(-1);
  64     }
  65     if (initgroups(pw->pw_name, pw->pw_gid) || setgid(pw->pw_gid) || setuid(pw->pw_uid))
  66     {
  67       std::cerr << "can't drop to user " << username << " " << pw->pw_uid << ":" << pw->pw_gid << std::endl;
  68       exit(-1);
  69     }
  70     cLog.msg(Log::PRIO_NOTICE) << "dropped user to " << username << " " << pw->pw_uid << ":" << pw->pw_gid << std::endl;
  71   }
  72   else
  73   {
  74     std::cerr << "unknown user " << username << std::endl;
  75     exit(-1);
  76   }
  77 }
  78
  79 void daemonize()
  80 {
  81   pid_t pid;
  82
  83   pid = fork();
  84   if(pid) exit(0);
  85   setsid();
  86   pid = fork();
  87   if(pid) exit(0);
  88
  89 //  std::cout << "running in background now..." << std::endl;
  90
  91   int fd;
  92 //  for (fd=getdtablesize();fd>=0;--fd) // close all file descriptors
  93   for (fd=0;fd<=2;fd++) // close all file descriptors
  94     close(fd);
  95   fd = open("/dev/null",O_RDWR);        // stdin
  96   if(fd == -1)
  97     cLog.msg(Log::PRIO_WARNING) << "can't open stdin (chroot and no link to /dev/null?)";
  98   else {
  99     if(dup(fd) == -1)   // stdout
 100       cLog.msg(Log::PRIO_WARNING) << "can't open stdout";
 101     if(dup(fd) == -1)   // stderr
 102       cLog.msg(Log::PRIO_WARNING) << "can't open stderr";
 103   }
 104   umask(027);
 105 }
 106 #endif
 107 #endif
 108