kore

An easy to use, scalable and secure web application framework for writing web APIs in C.
Commits | Files | Refs | README | LICENSE | git clone https://git.kore.io/kore.git

commit afeb213260afbdc56b2a46df12b92a9c71db6f2c
parent 8a3f49d1645dc6d2041da0d6cf73d9eb91f2c47d
Author: Joris Vink <joris@coders.se>
Date:   Mon, 18 Nov 2013 00:42:57 +0100

Kore no longer requires root to be started.

Diffstat:
includes/kore.h | 1+
modules/example/module.conf | 11+++++++----
src/config.c | 3+++
src/kore.c | 11++++++-----
src/worker.c | 25+++++++++++++++----------
5 files changed, 32 insertions(+), 19 deletions(-)

diff --git a/includes/kore.h b/includes/kore.h @@ -255,6 +255,7 @@ struct kore_pool { extern pid_t kore_pid; extern int kore_debug; +extern int skip_chroot; extern char *chroot_path; extern char *runas_user; extern char *kore_module_onload; diff --git a/modules/example/module.conf b/modules/example/module.conf @@ -1,8 +1,9 @@ # Example Kore configuration # Server configuration. -bind 127.0.0.1 443 -bind ::1 443 +#bind 127.0.0.1 443 +#bind ::1 443 +bind 10.211.55.3 4443 # The path worker processes will chroot into after starting. chroot /home/joris/src/kore @@ -20,6 +21,7 @@ workers 4 # Store the main process its pid in this file. #pidfile /var/run/kore.pid +pidfile kore.pid # The onload function is called everytime the module is loaded or reloaded. #onload myinit @@ -91,10 +93,11 @@ ssl_no_compression # handler path module_callback # Example domain that responds to localhost. -domain localhost { +#domain localhost { +domain 10.211.55.3 { certfile cert/server.crt certkey cert/server.key - accesslog /var/log/kore_access.log + accesslog kore_access.log # Static page handlers static /css/style.css serve_style_css diff --git a/src/config.c b/src/config.c @@ -155,6 +155,9 @@ kore_parse_config(void) fatal("missing a username to run as"); if ((pw = getpwnam(runas_user)) == NULL) fatal("user '%s' does not exist", runas_user); + + if (getuid() != 0 && skip_chroot == 0) + fatal("Cannot chroot(), use -n to skip it"); } static int diff --git a/src/kore.c b/src/kore.c @@ -29,6 +29,7 @@ struct passwd *pw = NULL; pid_t kore_pid = -1; u_int16_t cpu_count = 1; int kore_debug = 0; +int skip_chroot = 0; u_int8_t worker_count = 0; char *runas_user = NULL; char *chroot_path = NULL; @@ -46,7 +47,7 @@ static void kore_server_sslstart(void); static void usage(void) { - fprintf(stderr, "Usage: kore [-c config] [-d]\n"); + fprintf(stderr, "Usage: kore [-c config] [-dn]\n"); exit(1); } @@ -56,10 +57,7 @@ main(int argc, char *argv[]) int ch; struct listener *l; - if (getuid() != 0) - fatal("kore must be started as root"); - - while ((ch = getopt(argc, argv, "c:d")) != -1) { + while ((ch = getopt(argc, argv, "c:dn")) != -1) { switch (ch) { case 'c': config_file = optarg; @@ -71,6 +69,9 @@ main(int argc, char *argv[]) printf("kore not compiled with debug support\n"); #endif break; + case 'n': + skip_chroot = 1; + break; default: usage(); } diff --git a/src/worker.c b/src/worker.c @@ -178,19 +178,24 @@ kore_worker_entry(struct kore_worker *kw) worker = kw; - if (chroot(chroot_path) == -1) - fatal("cannot chroot(): %s", errno_s); - if (chdir("/") == -1) - fatal("cannot chdir(): %s", errno_s); - if (setgroups(1, &pw->pw_gid) || + if (skip_chroot == 0) { + if (chroot(chroot_path) == -1) + fatal("cannot chroot(): %s", errno_s); + if (chdir("/") == -1) + fatal("cannot chdir(): %s", errno_s); + } + + if (getuid() != pw->pw_uid) { + if (setgroups(1, &pw->pw_gid) || #ifdef __MACH__ - setgid(pw->pw_gid) || setegid(pw->pw_gid) || - setuid(pw->pw_uid) || seteuid(pw->pw_uid)) + setgid(pw->pw_gid) || setegid(pw->pw_gid) || + setuid(pw->pw_uid) || seteuid(pw->pw_uid)) #else - setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || - setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) + setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) || + setresuid(pw->pw_uid, pw->pw_uid, pw->pw_uid)) #endif - fatal("unable to drop privileges"); + fatal("unable to drop privileges"); + } snprintf(buf, sizeof(buf), "kore [wrk %d]", kw->id); kore_platform_proctitle(buf);