diff --git a/main.cpp b/main.cpp index da36dbd1e9dda51efcff5f61ee57d26dce774ce5..536665d89e17d84f8a32eb3521400870025cc361 100644 --- a/main.cpp +++ b/main.cpp @@ -22,6 +22,7 @@ #include "include/command.h" #define COMM_SOCK_PATH "/var/run/ecklm-dns/" +#define RUNNING_USER "dnsuser" logger log_on_demand; bool verbose = false; @@ -97,7 +98,12 @@ int main(int argc, char *argv[]) if(verbose) log_on_demand(LOG_DEBUG, "Current working directory is %s.", working_dir); - struct passwd *new_uid = getpwnam("dnsuser"); + passwd *new_uid = getpwnam(RUNNING_USER); + if(new_uid == NULL) + { + log_on_demand(LOG_ERR, "There is no such user as %s.", RUNNING_USER); + exit(EXIT_FAILURE); + } if(chroot(working_dir) < 0) { @@ -183,7 +189,11 @@ int main(int argc, char *argv[]) void print_help() { printf(R"(Usage: Runs in foreground mode by default. -For more info look at the man page. +There must be a working directory which needs to be available +through the whole life of the process and to which the process will chroot. +Therefore and some other reason the server must be run with root privileges. + +In daemon mode, the working directory must contain the dns.db file. Options: -d Run as daemon @@ -191,7 +201,7 @@ Options: -s Statistics from daemon -k Kill daemon -w workind_dir Set working directory. Absolute path needed. - If not the actual PWD will be used. + If not set, the actual PWD will be used. -v Verbose -h help )");