Commit 1dc3e3c4 authored by Kurt Zeilenga's avatar Kurt Zeilenga
Browse files

Add basic and EXPERIMENTAL chroot() support.

parent 3553f9aa
#! /bin/sh
# $OpenLDAP$
# from OpenLDAP: pkg/ldap/configure.in,v 1.297 2000/05/10 18:07:03 kurt Exp
# from OpenLDAP: pkg/ldap/configure.in,v 1.298 2000/05/10 20:48:23 hyc Exp
# Copyright 1998-2000 The OpenLDAP Foundation. All Rights Reserved.
#
......@@ -2556,7 +2556,7 @@ if test $ol_enable_spasswd = yes ; then
if test $ol_with_cyrus_sasl = no ; then
{ echo "configure: error: options require --with-cyrus-sasl" 1>&2; exit 1; }
fi
ol_with_cyrus_sasl=yes
ol_link_spasswd=yes
fi
echo "$ac_t""done" 1>&6
......@@ -15480,6 +15480,7 @@ fi
for ac_func in \
bcopy \
closesocket \
chroot \
endgrent \
endpwent \
flock \
......@@ -15528,12 +15529,12 @@ for ac_func in \
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
echo "configure:15532: checking for $ac_func" >&5
echo "configure:15533: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 15537 "configure"
#line 15538 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
......@@ -15557,7 +15558,7 @@ f = $ac_func;
; return 0; }
EOF
if { (eval echo configure:15561: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:15562: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
......@@ -15585,12 +15586,12 @@ done
for ac_func in getopt tempnam
do
echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
echo "configure:15589: checking for $ac_func" >&5
echo "configure:15590: checking for $ac_func" >&5
if eval "test \"\${ac_cv_func_$ac_func+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 15594 "configure"
#line 15595 "configure"
#include "confdefs.h"
/* System header to define __stub macros and hopefully few prototypes,
which can conflict with char $ac_func(); below. */
......@@ -15614,7 +15615,7 @@ f = $ac_func;
; return 0; }
EOF
if { (eval echo configure:15618: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:15619: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
eval "ac_cv_func_$ac_func=yes"
else
......@@ -15651,13 +15652,13 @@ fi
# Check Configuration
echo $ac_n "checking declaration of sys_errlist""... $ac_c" 1>&6
echo "configure:15655: checking declaration of sys_errlist" >&5
echo "configure:15656: checking declaration of sys_errlist" >&5
if eval "test \"\${ol_cv_dcl_sys_errlist+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 15661 "configure"
#line 15662 "configure"
#include "confdefs.h"
#include <stdio.h>
......@@ -15670,7 +15671,7 @@ int main() {
char *c = (char *) *sys_errlist
; return 0; }
EOF
if { (eval echo configure:15674: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
if { (eval echo configure:15675: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
rm -rf conftest*
ol_cv_dcl_sys_errlist=yes
ol_cv_have_sys_errlist=yes
......@@ -15693,20 +15694,20 @@ EOF
echo $ac_n "checking existence of sys_errlist""... $ac_c" 1>&6
echo "configure:15697: checking existence of sys_errlist" >&5
echo "configure:15698: checking existence of sys_errlist" >&5
if eval "test \"\${ol_cv_have_sys_errlist+set}\" = set"; then
echo $ac_n "(cached) $ac_c" 1>&6
else
cat > conftest.$ac_ext <<EOF
#line 15703 "configure"
#line 15704 "configure"
#include "confdefs.h"
#include <errno.h>
int main() {
char *c = (char *) *sys_errlist
; return 0; }
EOF
if { (eval echo configure:15710: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
if { (eval echo configure:15711: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
rm -rf conftest*
ol_cv_have_sys_errlist=yes
else
......
......@@ -2122,6 +2122,7 @@ fi
AC_CHECK_FUNCS( \
bcopy \
closesocket \
chroot \
endgrent \
endpwent \
flock \
......
......@@ -127,6 +127,9 @@
/* Define if you have the bcopy function. */
#undef HAVE_BCOPY
/* Define if you have the chroot function. */
#undef HAVE_CHROOT
/* Define if you have the closesocket function. */
#undef HAVE_CLOSESOCKET
......
......@@ -139,6 +139,9 @@ int main( int argc, char **argv )
char *username = NULL;
char *groupname = NULL;
#endif
#if defined(HAVE_CHROOT)
char *sandbox = NULL;
#endif
#ifdef LOG_LOCAL4
int syslogUser = DEFAULT_SYSLOG_USER;
#endif
......@@ -190,6 +193,9 @@ int main( int argc, char **argv )
while ( (i = getopt( argc, argv,
"d:f:h:s:"
#ifdef HAVE_CHROOT
"r:"
#endif
#ifdef LOG_LOCAL4
"l:"
#endif
......@@ -252,6 +258,13 @@ int main( int argc, char **argv )
break;
#endif
#ifdef HAVE_CHROOT
case 'r':
if( sandbox ) free(sandbox);
sandbox = ch_strdup( optarg );
break;
#endif
#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
case 'u': /* user name */
if( username ) free(username);
......@@ -301,6 +314,14 @@ int main( int argc, char **argv )
goto stop;
}
#if defined(HAVE_CHROOT)
if ( sandbox && chroot( sandbox ) ) {
perror("chroot");
rc = 1;
goto stop;
}
#endif
#if defined(HAVE_SETUID) && defined(HAVE_SETGID)
if ( username != NULL || groupname != NULL ) {
slap_init_user( username, groupname );
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment