mirror of https://git.kore.io/kore.git
Gunk the default runas/chroot values.
Fatal in the config setup if running without skip_{chroot,runas} and no values specified.
This commit is contained in:
parent
e47df37230
commit
d8ccf3c7bf
|
@ -68,9 +68,6 @@ extern int daemon(int, int);
|
|||
#define KORE_PIDFILE_DEFAULT "kore.pid"
|
||||
#define KORE_DEFAULT_CIPHER_LIST "ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!kRSA:!kDSA"
|
||||
|
||||
#define KORE_DEFAULT_USER "nobody"
|
||||
#define KORE_DEFAULT_CHROOT "/var/empty"
|
||||
|
||||
#if defined(KORE_DEBUG)
|
||||
#define kore_debug(fmt, ...) \
|
||||
if (kore_debug) \
|
||||
|
|
|
@ -141,14 +141,14 @@ kore_parse_config(void)
|
|||
fatal("no listeners defined");
|
||||
|
||||
if (skip_chroot != 1 && chroot_path == NULL) {
|
||||
chroot_path = kore_strdup(KORE_DEFAULT_CHROOT);
|
||||
fatal("missing a chroot path");
|
||||
}
|
||||
if (getuid() != 0 && skip_chroot == 0) {
|
||||
fatal("cannot chroot, use -n to skip it");
|
||||
}
|
||||
|
||||
if (skip_runas != 1 && runas_user == NULL) {
|
||||
runas_user = kore_strdup(KORE_DEFAULT_USER);
|
||||
fatal("missing runas user");
|
||||
}
|
||||
if (getuid() != 0 && skip_runas == 0) {
|
||||
fatal("cannot drop privileges, use -p to skip it");
|
||||
|
|
Loading…
Reference in New Issue