From: Brent Cook <[email protected]>
The idea here is to make it easier for a sysadmin to diagnose a privilege
separation path problem without looking at the source code. Otherwise, privsep
failers are pretty cryptic.
Maybe its better to make fatal() variadic instead?
---
src/usr.sbin/ntpd/ntp.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
diff --git a/src/usr.sbin/ntpd/ntp.c b/src/usr.sbin/ntpd/ntp.c
index f7478b0..c2d1fd2 100644
--- a/src/usr.sbin/ntpd/ntp.c
+++ b/src/usr.sbin/ntpd/ntp.c
@@ -121,10 +121,15 @@ ntp_main(int pipe_prnt[2], int fd_ctl, struct ntpd_conf
*nconf,
ntp_dns(pipe_dns, nconf, pw);
close(pipe_dns[1]);
- if (stat(pw->pw_dir, &stb) == -1)
- fatal("stat");
- if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0)
- fatalx("bad privsep dir permissions");
+ if (stat(pw->pw_dir, &stb) == -1) {
+ log_warn("privsep dir %s could not be opened", pw->pw_dir);
+ exit(1);
+ }
+ if (stb.st_uid != 0 || (stb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
+ log_warnx("bad privsep dir %s permissions: %o",
+ pw->pw_dir, stb.st_mode);
+ exit(1);
+ }
if (chroot(pw->pw_dir) == -1)
fatal("chroot");
if (chdir("/") == -1)
--
1.9.1
