aboutsummaryrefslogtreecommitdiff
path: root/src/utils.nim
diff options
context:
space:
mode:
authorkitsunyan2018-04-28 20:51:52 +0000
committerkitsunyan2018-04-28 20:51:52 +0000
commit5d6e17e57a41071316dfa9a53cd23c85e85ce53e (patch)
tree734264d260e75daef5a9af06e4003c27fd1fa9ec /src/utils.nim
parent8a3beef91b8d6baebd941d4378e6ebbd0dd70906 (diff)
Print error if chdir, setgroups, setuid, or setgid failed
Diffstat (limited to 'src/utils.nim')
-rw-r--r--src/utils.nim16
1 files changed, 12 insertions, 4 deletions
diff --git a/src/utils.nim b/src/utils.nim
index 7cbf184..b480ce9 100644
--- a/src/utils.nim
+++ b/src/utils.nim
@@ -253,13 +253,17 @@ except:
proc canDropPrivileges*(): bool =
initialUser.isSome
-proc dropPrivileges*() =
+proc dropPrivileges*(): bool =
if initialUser.isSome:
let user = initialUser.unsafeGet
var groups = user.groups.map(x => x.cint)
- discard setgroups(user.groups.len, addr(groups[0]));
- discard setgid((Gid) user.gid)
- discard setuid((Uid) user.uid)
+
+ if setgroups(user.groups.len, addr(groups[0])) < 0:
+ return false
+ if setgid((Gid) user.gid) != 0:
+ return false
+ if setuid((Uid) user.uid) != 0:
+ return false
template replaceExisting(name: string, value: string) =
if cgetenv(name) != nil:
@@ -277,6 +281,10 @@ proc dropPrivileges*() =
discard cunsetenv("SUDO_GID")
discard cunsetenv("PKEXEC_UID")
+ return true
+ else:
+ return true
+
var intSigact: SigAction
intSigact.sa_handler = SIG_DFL
discard sigaction(SIGINT, intSigact)