mirror of
https://git.rwth-aachen.de/acs/public/villas/node/
synced 2025-03-09 00:00:00 +01:00
removed priviledge dropping to make code simpler
git-svn-id: https://zerberus.eonerc.rwth-aachen.de:8443/svn/s2ss/trunk@121 8ec27952-4edc-4aab-86aa-e87bb2611832
This commit is contained in:
parent
c9b599de4b
commit
5dbd9667ee
4 changed files with 7 additions and 42 deletions
|
@ -35,6 +35,7 @@ Install these via:
|
|||
|
||||
$ sudo yum install iproute2
|
||||
or:
|
||||
|
||||
$ sudo apt-get install iproute2
|
||||
|
||||
## Configuration
|
||||
|
@ -45,9 +46,6 @@ See [configuration](Configuration.md) for more information.
|
|||
|
||||
The S2SS server (`server`) expects the path to a configuration file as a single argument.
|
||||
|
||||
The server requires root privileges during the startup.
|
||||
Afterwards privileges can be dropped by using the `user` and `group` settings in the config file.
|
||||
|
||||
Usage: ./server CONFIG
|
||||
CONFIG is a required path to a configuration file
|
||||
|
||||
|
@ -55,6 +53,12 @@ Afterwards privileges can be dropped by using the `user` and `group` settings in
|
|||
Copyright 2014, Institute for Automation of Complex Power Systems, EONERC
|
||||
Steffen Vogel <stvogel@eonerc.rwth-aachen.de>
|
||||
|
||||
The server requires root privileges for:
|
||||
|
||||
- Enable the realtime fifo scheduler
|
||||
- Increase the task priority
|
||||
- Configure the network emulator (netem)
|
||||
- Change the SMP affinity of threads and network interrupts
|
||||
|
||||
### Examples
|
||||
|
||||
|
|
|
@ -5,9 +5,6 @@ name = "s2ss"; # The name of this node
|
|||
affinity = 0x02; # Mask of cores the server should run on
|
||||
priority = 50; # Scheduler priority for the server
|
||||
|
||||
user = "acs-admin"; # Drop privileges after initialization
|
||||
group = "acs-admin";
|
||||
|
||||
nodes = {
|
||||
acs = {
|
||||
id = 1, # Device ID
|
||||
|
|
|
@ -69,30 +69,6 @@ int config_parse_global(config_setting_t *cfg, struct settings *set)
|
|||
config_setting_lookup_int(cfg, "priority", &set->priority);
|
||||
config_setting_lookup_int(cfg, "protocol", &set->protocol);
|
||||
|
||||
const char *user = NULL;
|
||||
const char *group = NULL;
|
||||
|
||||
config_setting_lookup_string(cfg, "user", &user);
|
||||
config_setting_lookup_string(cfg, "group", &group);
|
||||
|
||||
/* Lookup uid and gid */
|
||||
if (user) {
|
||||
struct passwd *pw = getpwnam(user);
|
||||
if (!pw)
|
||||
error("Unknown username: '%s'", user);
|
||||
|
||||
set->uid = pw->pw_uid;
|
||||
set->gid = pw->pw_gid;
|
||||
}
|
||||
|
||||
if (group) {
|
||||
struct group *gr = getgrnam(group);
|
||||
if (!gr)
|
||||
error("Unknown group: '%s'", group);
|
||||
|
||||
set->gid = gr->gr_gid;
|
||||
}
|
||||
|
||||
set->cfg = cfg;
|
||||
|
||||
return CONFIG_TRUE;
|
||||
|
|
|
@ -104,9 +104,6 @@ static void stop()
|
|||
node_disconnect(n);
|
||||
}
|
||||
|
||||
if (getuid() != 0)
|
||||
return; /* The following tasks require root privs */
|
||||
|
||||
/* Determine default affinity */
|
||||
FILE * f = fopen("/proc/irq/default_smp_affinity", "r");
|
||||
fscanf(f, "%x", &affinity);
|
||||
|
@ -187,15 +184,6 @@ int main(int argc, char *argv[])
|
|||
/* Connect all nodes and start one thread per path */
|
||||
start();
|
||||
|
||||
/* Process is running as root, drop privileges */
|
||||
if (getuid() == 0) {
|
||||
if (setgid(settings.gid) || setuid(settings.uid))
|
||||
perror("Unable to drop privileges");
|
||||
else
|
||||
debug(3, "Dropped privileges to uid = %u, gid = %u",
|
||||
settings.uid, settings.gid);
|
||||
}
|
||||
|
||||
/* Main thread is sleeping */
|
||||
pause();
|
||||
|
||||
|
|
Loading…
Add table
Reference in a new issue