# HG changeset patch # User Matthew Wild # Date 1248347081 -3600 # Node ID 80d3d95aa83c04aed491417ab76cff82d72cc66f # Parent 43cf3d027455debb39c8d56151935827ea122e29# Parent 4cdf9cefa0bcdc3dd45ccf664bb8fa9bf8340fc3 Merge with 0.5 diff -r 43cf3d027455 -r 80d3d95aa83c net/server.lua --- a/net/server.lua Thu Jul 23 01:38:52 2009 +0100 +++ b/net/server.lua Thu Jul 23 12:04:41 2009 +0100 @@ -189,7 +189,13 @@ end end if not ssl then - out_put("server.lua: ", "ssl not enabled on ", serverport); + sslctx = false; + if startssl then + out_error( "server.lua: Cannot start ssl on port: ", serverport ) + return nil, "Cannot start ssl, see log for details" + else + out_put("server.lua: ", "ssl not enabled on ", serverport); + end end local accept = socket.accept @@ -689,6 +695,7 @@ return nil, "no server found on port '" .. tostring( port ) "'" end handler.close( ) + _server[ port ] = nil return true end diff -r 43cf3d027455 -r 80d3d95aa83c plugins/mod_console.lua --- a/plugins/mod_console.lua Thu Jul 23 01:38:52 2009 +0100 +++ b/plugins/mod_console.lua Thu Jul 23 12:04:41 2009 +0100 @@ -14,7 +14,7 @@ local hosts = prosody.hosts; local connlisteners_register = require "net.connlisteners".register; -local console_listener = { default_port = 5582; default_mode = "*l"; }; +local console_listener = { default_port = 5582; default_mode = "*l"; default_interface = "127.0.0.1" }; require "util.iterators"; local jid_bare = require "util.jid".bare; diff -r 43cf3d027455 -r 80d3d95aa83c plugins/mod_posix.lua --- a/plugins/mod_posix.lua Thu Jul 23 01:38:52 2009 +0100 +++ b/plugins/mod_posix.lua Thu Jul 23 12:04:41 2009 +0100 @@ -7,7 +7,7 @@ -- -local want_pposix_version = "0.3.0"; +local want_pposix_version = "0.3.1"; local pposix = assert(require "util.pposix"); if pposix._VERSION ~= want_pposix_version then module:log("warn", "Unknown version (%s) of binary pposix module, expected %s", tostring(pposix._VERSION), want_pposix_version); end diff -r 43cf3d027455 -r 80d3d95aa83c prosody --- a/prosody Thu Jul 23 01:38:52 2009 +0100 +++ b/prosody Thu Jul 23 12:04:41 2009 +0100 @@ -222,10 +222,7 @@ net_activate_ports("s2s", "xmppserver", {5269}, "tcp"); net_activate_ports("component", "xmppcomponent", {}, "tcp"); net_activate_ports("legacy_ssl", "xmppclient", {}, "ssl"); - - if cl.get("console") then - cl.start("console", { interface = config.get("*", "core", "console_interface") or "127.0.0.1" }) - end + net_activate_ports("console", "console", {5582}, "tcp"); prosody.start_time = os.time(); end diff -r 43cf3d027455 -r 80d3d95aa83c prosodyctl --- a/prosodyctl Thu Jul 23 01:38:52 2009 +0100 +++ b/prosodyctl Thu Jul 23 12:04:41 2009 +0100 @@ -66,19 +66,28 @@ -- Switch away from root and into the prosody user -- local switched_user, current_uid; + +local want_pposix_version = "0.3.1"; local ok, pposix = pcall(require, "util.pposix"); + if ok and pposix then + if pposix._VERSION ~= want_pposix_version then print(string.format("Unknown version (%s) of binary pposix module, expected %s", tostring(pposix._VERSION), want_pposix_version)); return; end current_uid = pposix.getuid(); if current_uid == 0 then -- We haz root! local desired_user = config.get("*", "core", "prosody_user") or "prosody"; - local ok, err = pposix.setuid(desired_user); + local desired_group = config.get("*", "core", "prosody_group") or desired_user; + local ok, err = pposix.setgid(desired_group); if ok then - -- Yay! - switched_user = true; - else + ok, err = pposix.setuid(desired_user); + if ok then + -- Yay! + switched_user = true; + end + end + if not switched_user then -- Boo! - print("Warning: Couldn't switch to Prosody user '"..tostring(desired_user).."': "..tostring(err)); + print("Warning: Couldn't switch to Prosody user/group '"..tostring(desired_user).."'/'"..tostring(desired_group).."': "..tostring(err)); end end else diff -r 43cf3d027455 -r 80d3d95aa83c util-src/pposix.c --- a/util-src/pposix.c Thu Jul 23 01:38:52 2009 +0100 +++ b/util-src/pposix.c Thu Jul 23 12:04:41 2009 +0100 @@ -13,7 +13,7 @@ * POSIX support functions for Lua */ -#define MODULE_VERSION "0.3.0" +#define MODULE_VERSION "0.3.1" #include #include @@ -25,6 +25,7 @@ #include #include +#include #include #include @@ -291,6 +292,64 @@ return 2; } +int lc_setgid(lua_State* L) +{ + int gid = -1; + if(lua_gettop(L) < 1) + return 0; + if(!lua_isnumber(L, 1) && lua_tostring(L, 1)) + { + /* Passed GID is actually a string, so look up the GID */ + struct group *g; + g = getgrnam(lua_tostring(L, 1)); + if(!g) + { + lua_pushboolean(L, 0); + lua_pushstring(L, "no-such-group"); + return 2; + } + gid = g->gr_gid; + } + else + { + gid = lua_tonumber(L, 1); + } + + if(gid>-1) + { + /* Ok, attempt setgid */ + errno = 0; + if(setgid(gid)) + { + /* Fail */ + lua_pushboolean(L, 0); + switch(errno) + { + case EINVAL: + lua_pushstring(L, "invalid-gid"); + break; + case EPERM: + lua_pushstring(L, "permission-denied"); + break; + default: + lua_pushstring(L, "unknown-error"); + } + return 2; + } + else + { + /* Success! */ + lua_pushboolean(L, 1); + return 1; + } + } + + /* Seems we couldn't find a valid GID to switch to */ + lua_pushboolean(L, 0); + lua_pushstring(L, "invalid-gid"); + return 2; +} + /* Like POSIX's setrlimit()/getrlimit() API functions. * * Syntax: @@ -420,9 +479,13 @@ lua_pushcfunction(L, lc_getuid); lua_setfield(L, -2, "getuid"); + lua_pushcfunction(L, lc_getgid); + lua_setfield(L, -2, "getgid"); lua_pushcfunction(L, lc_setuid); lua_setfield(L, -2, "setuid"); + lua_pushcfunction(L, lc_setgid); + lua_setfield(L, -2, "setgid"); lua_pushcfunction(L, lc_setrlimit); lua_setfield(L, -2, "setrlimit");