1
0
Fork 0
mirror of https://git.rwth-aachen.de/acs/public/villas/node/ synced 2025-03-09 00:00:00 +01:00

removed priviledge dropping to make code simpler

git-svn-id: https://zerberus.eonerc.rwth-aachen.de:8443/svn/s2ss/trunk@121 8ec27952-4edc-4aab-86aa-e87bb2611832
This commit is contained in:
Steffen Vogel 2014-07-04 09:44:05 +00:00
parent c9b599de4b
commit 5dbd9667ee
4 changed files with 7 additions and 42 deletions

View file

@ -35,6 +35,7 @@ Install these via:
$ sudo yum install iproute2
or:
$ sudo apt-get install iproute2
## Configuration
@ -45,9 +46,6 @@ See [configuration](Configuration.md) for more information.
The S2SS server (`server`) expects the path to a configuration file as a single argument.
The server requires root privileges during the startup.
Afterwards privileges can be dropped by using the `user` and `group` settings in the config file.
Usage: ./server CONFIG
CONFIG is a required path to a configuration file
@ -55,6 +53,12 @@ Afterwards privileges can be dropped by using the `user` and `group` settings in
Copyright 2014, Institute for Automation of Complex Power Systems, EONERC
Steffen Vogel <stvogel@eonerc.rwth-aachen.de>
The server requires root privileges for:
- Enable the realtime fifo scheduler
- Increase the task priority
- Configure the network emulator (netem)
- Change the SMP affinity of threads and network interrupts
### Examples

View file

@ -5,9 +5,6 @@ name = "s2ss"; # The name of this node
affinity = 0x02; # Mask of cores the server should run on
priority = 50; # Scheduler priority for the server
user = "acs-admin"; # Drop privileges after initialization
group = "acs-admin";
nodes = {
acs = {
id = 1, # Device ID

View file

@ -69,30 +69,6 @@ int config_parse_global(config_setting_t *cfg, struct settings *set)
config_setting_lookup_int(cfg, "priority", &set->priority);
config_setting_lookup_int(cfg, "protocol", &set->protocol);
const char *user = NULL;
const char *group = NULL;
config_setting_lookup_string(cfg, "user", &user);
config_setting_lookup_string(cfg, "group", &group);
/* Lookup uid and gid */
if (user) {
struct passwd *pw = getpwnam(user);
if (!pw)
error("Unknown username: '%s'", user);
set->uid = pw->pw_uid;
set->gid = pw->pw_gid;
}
if (group) {
struct group *gr = getgrnam(group);
if (!gr)
error("Unknown group: '%s'", group);
set->gid = gr->gr_gid;
}
set->cfg = cfg;
return CONFIG_TRUE;

View file

@ -104,9 +104,6 @@ static void stop()
node_disconnect(n);
}
if (getuid() != 0)
return; /* The following tasks require root privs */
/* Determine default affinity */
FILE * f = fopen("/proc/irq/default_smp_affinity", "r");
fscanf(f, "%x", &affinity);
@ -187,15 +184,6 @@ int main(int argc, char *argv[])
/* Connect all nodes and start one thread per path */
start();
/* Process is running as root, drop privileges */
if (getuid() == 0) {
if (setgid(settings.gid) || setuid(settings.uid))
perror("Unable to drop privileges");
else
debug(3, "Dropped privileges to uid = %u, gid = %u",
settings.uid, settings.gid);
}
/* Main thread is sleeping */
pause();