[vdr] [PATCH] su

Ludwig Nussel ludwig.nussel at gmx.de
Fri Dec 30 19:28:17 CET 2005


Klaus Schmidinger wrote:
> Ludwig Nussel wrote:
> >I've updated the switch user patch. The user to switch to is a build
> >time define now to prevent vdr vom accidently running under the
> >wrong uid. Patches for 1.2.6 and 1.3.17 attached.
> 
> I'm just looking through this for the next VDR version.
> 
> >Index: vdr-1.3.17/Makefile
> >===================================================================
> >--- vdr-1.3.17.orig/Makefile
> >+++ vdr-1.3.17/Makefile
> >@@ -73,7 +73,18 @@ DEFINES += -DPLUGINDIR=\"$(PLUGINLIBDIR)
> > 
> > ifdef VFAT
> > # for people who want their video directory on a VFAT partition
> >-DEFINES += -DVFAT
> >+DEFINES += -DVFALDT
> 
> What's the meaning of this?
> I can't see any place where VFALDT is actually used.

Looks like garbage :-)

> >+endif
> >+
> >+ifdef VDR_USER
> >+DEFINES += -DVDR_USER=\"$(VDR_USER)\"
> >+ifdef VDR_GROUP
> >+DEFINES += -DVDR_GROUP=\"$(VDR_GROUP)\"
> >+endif
> 
> Is it really necessary to have VDR_USER _and_ VDR_GROUP separately?
> I'd say VDR_USER should suffice.

I actually don't use it myself either. The primary+supplementary
groups of the user are used then.

> >+ifdef WITH_CAPABILITIES
> >+DEFINES += -DWITH_CAPABILITIES
> >+LIBS += -lcap
> >+endif
> 
> I assume this means there are systems that don't provide this.
> Is there a runtime method to determine the presence of this?

Well, you need the definitions at compile time. It's not really
necessary to use libcap though, the interface is clumsy anyways. You
could do the syscall yourself as well. I just didn't bother changing
it as noone requested it and libcap works for me :-)

> >===================================================================
> >--- vdr-1.3.17.orig/vdr.c
> >+++ vdr-1.3.17/vdr.c
> >...
> > int main(int argc, char *argv[])
> > {
> > #ifdef _CS_GNU_LIBPTHREAD_VERSION
> >@@ -253,6 +365,23 @@ int main(int argc, char *argv[])
> >           }
> >         }
> > 
> >+#ifdef VDR_USER
> >+# ifndef VDR_GROUP
> >+#  define VDR_GROUP NULL
> >+# endif
> >+
> >+  if(set_keepcaps() != 0)
> >+    return 2;
> >+
> >+  if (su(VDR_USER, VDR_GROUP) != 0)
> >+    return 2;
> >+
> >+  if(set_nokeepcaps() != 0)
> >+    return 2;
> >+
> >+  set_cap_sys_time();
> >+#endif
> 
> Am I missing something here, or is the su() call always done,
> no matter under which user ID VDR has been started?
> Shouldn't this only be done if it was started as 'root'?

That was basically the case when I used command line switches. I had
problems with some plugins (don't remember which exactly) as they
already created some fixed files as the invoking use e.g. when you
ran --help and then prevented start of vdr later. Yeah, all
horrible. Maybe that kind of things get sorted if you include the
patch though.

cu
Ludwig

-- 
(o_  Ludwig.Nussel at gmx.de
//\
V_/_ PGP Key ID: FF8135CE



More information about the vdr mailing list