void/ZeroTierOne
2
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-06 20:43:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fix chown on /var/lib/zerotier-one

Browse source
This commit is contained in:
Tsukasa Hiiragi 2016-11-08 16:50:32 +02:00
parent 360c84e035
commit 8e76363ccf
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
osdep/LinuxDropPrivileges.cpp
View file

@ -102,6 +102,8 @@ void dropPrivileges(std::string homeDir) {
return; return;
} }
createOwnedHomedir(homeDir, targetUser);
if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_NET_RAW, 0, 0) < 0) { if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_NET_RAW, 0, 0) < 0) {
// Kernel has no support for ambient capabilities. // Kernel has no support for ambient capabilities.
notDropping(homeDir); notDropping(homeDir);
@ -113,8 +115,6 @@ void dropPrivileges(std::string homeDir) {
return; return;
} }
createOwnedHomedir(homeDir, targetUser);
if (setCapabilities((1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID) | (1 << CAP_SETGID)) < 0) { if (setCapabilities((1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID) | (1 << CAP_SETGID)) < 0) {
fprintf(stderr, "ERROR: failed to set capabilities (not running as real root?)\n"); fprintf(stderr, "ERROR: failed to set capabilities (not running as real root?)\n");
exit(1); exit(1);