From owner-svn-src-all@FreeBSD.ORG Thu Jan 5 22:48:36 2012 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B437C106566B; Thu, 5 Jan 2012 22:48:36 +0000 (UTC) (envelope-from ghelmer@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id A29C58FC18; Thu, 5 Jan 2012 22:48:36 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q05MmaPD059873; Thu, 5 Jan 2012 22:48:36 GMT (envelope-from ghelmer@svn.freebsd.org) Received: (from ghelmer@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q05MmaZk059871; Thu, 5 Jan 2012 22:48:36 GMT (envelope-from ghelmer@svn.freebsd.org) Message-Id: <201201052248.q05MmaZk059871@svn.freebsd.org> From: Guy Helmer Date: Thu, 5 Jan 2012 22:48:36 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r229667 - head/usr.sbin/daemon X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Jan 2012 22:48:36 -0000 Author: ghelmer Date: Thu Jan 5 22:48:36 2012 New Revision: 229667 URL: http://svn.freebsd.org/changeset/base/229667 Log: Allow daemon(8) to run pidfile_open() before relenquishing privileges so pid files can be written in /var/run when started as root. I do not expect this to cause any security issues, but if anyone objects it could be easily reverted. PR: bin/159568 MFC after: 4 weeks Modified: head/usr.sbin/daemon/daemon.c Modified: head/usr.sbin/daemon/daemon.c ============================================================================== --- head/usr.sbin/daemon/daemon.c Thu Jan 5 22:31:25 2012 (r229666) +++ head/usr.sbin/daemon/daemon.c Thu Jan 5 22:48:36 2012 (r229667) @@ -79,9 +79,6 @@ main(int argc, char *argv[]) if (argc == 0) usage(); - if (user != NULL) - restrict_process(user); - /* * Try to open the pidfile before calling daemon(3), * to be able to report the error intelligently @@ -97,6 +94,9 @@ main(int argc, char *argv[]) } } + if (user != NULL) + restrict_process(user); + if (daemon(nochdir, noclose) == -1) err(1, NULL);