A fix (bug #2631: mlockall called after dropping root permissions).

3c85a363 · ram@gw.mysql.r18.ru · f7bc60e0 · 3c85a363
Commit 3c85a363 authored Sep 03, 2004 by ram@gw.mysql.r18.ru
Hide whitespace changes
Inline Side-by-side

Showing with 86 additions and 36 deletions

sql/mysqld.cc sql/mysqld.cc +86 -36

No files found.
--- a/sql/mysqld.cc
+++ b/sql/mysqld.cc
@@ -414,6 +414,7 @@ char mysql_real_data_home[FN_REFLEN],
     max_sort_char,*mysqld_user,*mysqld_chroot, *opt_init_file;
 char *language_ptr= language;
 char mysql_data_home_buff[2], *mysql_data_home=mysql_real_data_home;
+struct passwd *user_info;
 #ifndef EMBEDDED_LIBRARY
 bool mysql_embedded=0;
 #else
@@ -1028,27 +1029,26 @@ static void set_ports()
  }
 }
-/* Change to run as another user if started with --user */
-static void set_user(const char *user)
+static struct passwd *check_user(const char *user)
 {
-#if !defined(__WIN__) && !defined(OS2) && !defined(__NETWARE__)
+#if !defined(__WIN__) && !defined(OS2) && !defined(__NETWARE__) 
-  struct passwd *ent;
+  struct passwd *user_info;
  uid_t user_id= geteuid();
-  // don't bother if we aren't superuser
+  // Don't bother if we aren't superuser
  if (user_id)
  {
    if (user)
    {
-      /* Don't give a warning, if real user is same as given with --user */
+      // Don't give a warning, if real user is same as given with --user
-      struct passwd *user_info= getpwnam(user);
+      user_info= getpwnam(user);
      if ((!user_info || user_id != user_info->pw_uid) &&
-	  global_system_variables.log_warnings)
+          global_system_variables.log_warnings)
-	fprintf(stderr,
+        fprintf(stderr,
-		"Warning: One can only use the --user switch if running as root\n");
+	        "Warning: One can only use the --user switch if running as root\n");
    }
-    return;
+    return NULL;
  }
  if (!user)
  {
@@ -1057,38 +1057,52 @@ static void set_user(const char *user)
      fprintf(stderr,"Fatal error: Please read \"Security\" section of the manual to find out how to run mysqld as root!\n");
      unireg_abort(1);
    }
-    return;
+    return NULL;
  }
  if (!strcmp(user,"root"))
-    return;				// Avoid problem with dynamic libraries
+    return NULL;             // Avoid problem with dynamic libraries
+  if (!(user_info= getpwnam(user)))
-  uid_t uid;
-  if (!(ent = getpwnam(user)))
  {
-    // allow a numeric uid to be used
+    // Allow a numeric uid to be used
    const char *pos;
-    for (pos=user; isdigit(*pos); pos++) ;
+    for (pos= user; isdigit(*pos); pos++);
-    if (*pos)					// Not numeric id
+    if (*pos)                // Not numeric id
-    {
+      goto err;
-      fprintf(stderr,"Fatal error: Can't change to run as user '%s' ;  Please check that the user exists!\n",user);
+    if (!(user_info= getpwuid(atoi(user))))
-      unireg_abort(1);
+      goto err;
-    }
+    else
-    uid=atoi(user);				// Use numberic uid
+      return user_info;
  }
  else
  {
+    return user_info;
+  }
+err:
+  fprintf(stderr,
+          "Fatal error: Can't change to run as user '%s'.  Please check that the user exists!\n",
+	  user);
+  unireg_abort(1);
+  return NULL;	  
+#else
+  return NULL;  
+#endif  
+}
+static void set_user(const char *user, struct passwd *user_info)
+{
+#if !defined(__WIN__) && !defined(OS2) && !defined(__NETWARE__)
+  DBUG_ASSERT(user_info);
 #ifdef HAVE_INITGROUPS
-    initgroups((char*) user,ent->pw_gid);
+  initgroups((char*) user, user_info->pw_gid);
 #endif
-    if (setgid(ent->pw_gid) == -1)
+  if (setgid(user_info->pw_gid) == -1)
-    {
+  {
-      sql_perror("setgid");
+    sql_perror("setgid");
-      unireg_abort(1);
+    unireg_abort(1);
-    }
-    uid=ent->pw_uid;
  }
+  if (setuid(user_info->pw_uid) == -1)
-  if (setuid(uid) == -1)
  {
    sql_perror("setuid");
    unireg_abort(1);
@@ -1096,6 +1110,24 @@ static void set_user(const char *user)
 #endif
 }
+static void set_effective_user(struct passwd *user_info)
+{
+#if !defined(__WIN__) && !defined(OS2) && !defined(__NETWARE__)
+  DBUG_ASSERT(user_info);
+  if (setegid(user_info->pw_gid) == -1)
+  {
+    sql_perror("setegid");
+    unireg_abort(1);
+  }  
+  if (seteuid(user_info->pw_uid) == -1)
+  {
+    sql_perror("seteuid");
+    unireg_abort(1);
+  }
+#endif
+}
 /* Change root user if started with  --chroot */
 static void set_root(const char *path)
@@ -1171,7 +1203,18 @@ static void server_init(void)
      unireg_abort(1);
    }
  }
-  set_user(mysqld_user);		// Works also with mysqld_user==NULL
+  if ((user_info= check_user(mysqld_user)))
+  {
+#if defined(HAVE_MLOCKALL) && defined(MCL_CURRENT)
+    if (locked_in_memory && !getuid())
+      set_effective_user(user_info);
+    else
+      set_user(mysqld_user, user_info);
+#else
+    set_user(mysqld_user, user_info);
+#endif
+  }
 #ifdef __NT__
  /* create named pipe */
@@ -2466,8 +2509,13 @@ You should consider changing lower_case_table_names to 1 or 2",
  }
  ha_key_cache();
 #if defined(HAVE_MLOCKALL) && defined(MCL_CURRENT)
-  if (locked_in_memory && !geteuid())
+  if (locked_in_memory && !getuid())
  {
+    if (seteuid(0) == -1)
+    {                        // this should never happen
+      sql_perror("seteuid");
+      unireg_abort(1);
+    }
    if (mlockall(MCL_CURRENT))
    {
      if (global_system_variables.log_warnings)
@@ -2475,6 +2523,8 @@ You should consider changing lower_case_table_names to 1 or 2",
    }
    else
      locked_in_memory=1;
+    if (user_info)
+      set_user(mysqld_user, user_info);
  }
 #else
  locked_in_memory=0;