4 * uAnytun is a tiny implementation of SATP. Unlike Anytun which is a full
5 * featured implementation uAnytun has no support for multiple connections
6 * or synchronisation. It is a small single threaded implementation intended
7 * to act as a client on small platforms.
8 * The secure anycast tunneling protocol (satp) defines a protocol used
9 * for communication between any combination of unicast and anycast
10 * tunnel endpoints. It has less protocol overhead than IPSec in Tunnel
11 * mode and allows tunneling of every ETHER TYPE protocol (e.g.
12 * ethernet, ip, arp ...). satp directly includes cryptography and
13 * message authentication based on the methodes used by SRTP. It is
14 * intended to deliver a generic, scaleable and secure solution for
15 * tunneling and relaying of packets of any protocol.
18 * Copyright (C) 2007-2008 Christian Pointner <equinox@anytun.org>
20 * This file is part of uAnytun.
22 * uAnytun is free software: you can redistribute it and/or modify
23 * it under the terms of the GNU General Public License as published by
24 * the Free Software Foundation, either version 3 of the License, or
27 * uAnytun is distributed in the hope that it will be useful,
28 * but WITHOUT ANY WARRANTY; without even the implied warranty of
29 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
30 * GNU General Public License for more details.
32 * You should have received a copy of the GNU General Public License
33 * along with uAnytun. If not, see <http://www.gnu.org/licenses/>.
36 #ifndef UANYTUN_daemon_h_INCLUDED
37 #define UANYTUN_daemon_h_INCLUDED
47 struct priv_info_struct {
51 typedef struct priv_info_struct priv_info_t;
53 int priv_init(priv_info_t* priv, const char* username, const char* groupname)
61 priv->pw_ = getpwnam(username);
63 log_printf(ERROR, "unkown user %s", username);
68 priv->gr_ = getgrnam(groupname);
70 priv->gr_ = getgrgid(priv->pw_->pw_gid);
73 log_printf(ERROR, "unkown group %s", groupname);
80 int priv_drop(priv_info_t* priv)
82 if(!priv || !priv->pw_ || !priv->gr_) {
83 log_printf(ERROR, "privileges not initialized properly");
87 if(setgid(priv->gr_->gr_gid)) {
88 log_printf(ERROR, "setgid('%s') failed: %s", priv->gr_->gr_name, strerror(errno));
93 gr_list[0] = priv->gr_->gr_gid;
94 if(setgroups (1, gr_list)) {
95 log_printf(ERROR, "setgroups(['%s']) failed: %s", priv->gr_->gr_name, strerror(errno));
99 if(setuid(priv->pw_->pw_uid)) {
100 log_printf(ERROR, "setuid('%s') failed: %s", priv->pw_->pw_name, strerror(errno));
104 log_printf(NOTICE, "dropped privileges to %s:%s", priv->pw_->pw_name, priv->gr_->gr_name);
109 int do_chroot(const char* chrootdir)
112 log_printf(ERROR, "this programm has to be run as root in order to run in a chroot");
116 if(chroot(chrootdir)) {
117 log_printf(ERROR, "can't chroot to %s: %s", chrootdir, strerror(errno));
120 log_printf(NOTICE, "we are in chroot jail (%s) now", chrootdir);
122 log_printf(ERROR, "can't change to /: %s", strerror(errno));
133 log_printf(ERROR, "daemonizing failed at fork(): %s, exitting", strerror(errno));
141 log_printf(ERROR, "daemonizing failed at setsid(): %s, exitting", strerror(errno));
147 log_printf(ERROR, "daemonizing failed at fork(): %s, exitting", strerror(errno));
152 if ((chdir("/")) < 0) {
153 log_printf(ERROR, "daemonizing failed at chdir(): %s, exitting", strerror(errno));
158 for (fd=0;fd<=2;fd++) // close all file descriptors
160 fd = open("/dev/null",O_RDWR); // stdin
162 log_printf(WARNING, "can't open stdin (chroot and no link to /dev/null?)");
164 if(dup(fd) == -1) // stdout
165 log_printf(WARNING, "can't open stdout");
166 if(dup(fd) == -1) // stderr
167 log_printf(WARNING, "can't open stderr");