X-Git-Url: https://git.enpas.org/?a=blobdiff_plain;ds=sidebyside;f=plugins%2Fmod_posix.lua;fp=plugins%2Fmod_posix.lua;h=5f7dfc5b1884e9c8b857b851c1aa43764b936c4f;hb=b155bce5da7c12fe5c34366c1197978f49d34239;hp=83b8122e839834980444d836bc1978944c2a8451;hpb=d0c24dc11c8acf383d45fcf4ef49917f4d0f3adc;p=prosody.git diff --git a/plugins/mod_posix.lua b/plugins/mod_posix.lua index 83b8122e..5f7dfc5b 100644 --- a/plugins/mod_posix.lua +++ b/plugins/mod_posix.lua @@ -23,12 +23,39 @@ local prosody = _G.prosody; module.host = "*"; -- we're a global module +-- Allow switching away from root, some people like strange ports. +module:add_event_hook("server-started", function () + local uid = module:get_option("setuid"); + local gid = module:get_option("setgid"); + if gid then + local success, msg = pposix.setgid(gid); + if success then + module:log("debug", "Changed group to "..gid.." successfully."); + else + module:log("error", "Failed to change group to "..gid..". Error: "..msg); + prosody.shutdown("Failed to change group to "..gid); + end + end + if uid then + local success, msg = pposix.setuid(uid); + if success then + module:log("debug", "Changed user to "..uid.." successfully."); + else + module:log("error", "Failed to change user to "..uid..". Error: "..msg); + prosody.shutdown("Failed to change user to "..uid); + end + end + end); + -- Don't even think about it! module:add_event_hook("server-starting", function () - if pposix.getuid() == 0 and not module:get_option("run_as_root") then - module:log("error", "Danger, Will Robinson! Prosody doesn't need to be run as root, so don't do it!"); - module:log("error", "For more information on running Prosody as root, see http://prosody.im/doc/root"); - prosody.shutdown("Refusing to run as root"); + local suid = module:get_option("setuid"); + if not suid or suid == 0 or suid == "root" then + if pposix.getuid() == 0 and not module:get_option("run_as_root") then + module:log("error", "Danger, Will Robinson! Prosody doesn't need to be run as root, so don't do it!"); + module:log("error", "For more information on running Prosody as root, see http://prosody.im/doc/root"); + prosody.shutdown("Refusing to run as root"); + end end end);