Chrooting and user substituting are removed. It can be done within systemd unit.

2022-03-20 18:28:20 +04:00 · 2022-03-20 18:28:20 +04:00 · 5037a6103f
commit 5037a6103f
parent b2aec04023
2 changed files with 0 additions and 40 deletions
--- a/cmd/dwelling-upload/main.go
+++ b/cmd/dwelling-upload/main.go
@ -11,34 +11,12 @@ import (
 	"log"
 	"os"
 	"os/signal"
 	"os/user"
 	"strconv"
 	"syscall"
 )
 var configPath *string = flag.String("conf", "config.yaml", "path to configuration file")
 var logToStdout *bool = flag.Bool("log-stdout", false, "write logs to stdout")
 func substituteUser(username string) error {
 	u, err := user.Lookup(username)
 	if err != nil {
 		return err
 	}
 	uid, err := strconv.Atoi(u.Uid)
 	if err != nil {
 		return err
 	}
 	if os.Getuid() != uid {
 		if err := syscall.Setuid(uid); err != nil {
 			return err
 		}
 	}
 	return nil
 }
 func main() {
 	flag.Parse()
@ -53,16 +31,6 @@ func main() {
 		}
 	}()
 	if config.Chroot != "" {
 		if err := syscall.Chroot(config.Chroot); err != nil {
 			log.Fatalln("failed to chroot:", err)
 		}
 	}
 	if err := substituteUser(config.User); err != nil {
 		log.Fatalf("failed to change user to %s: %s", config.User, err)
 	}
 	if *logToStdout {
 		config.Log.ToStdout = true
 	}
--- a/configs/config.yaml
+++ b/configs/config.yaml
@ -5,14 +5,6 @@ listen_on: "unix /tmp/dwelling-upload.sock"
 # Salt for hash of uploaded files.
 # Aim is to make links bruteforcing useless.
 hash_salt: "iyP3oZWHI3xO3XBF7s78Vg"
 # User a program runs as. Make sure that all
 # paths are accessible by that user.
 user: "dwupload"
 # Chroot directory. No chrooting if empty.
 # Make sure all directories are created within
 # chroot directory. All paths becomes related
 # to chroot.
 chroot: ""
 # Logging options.
 log:
  # Output messages to stdout as well as to theirs files.