aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGuilhem Moulin <guilhem@fripost.org>2021-02-24 12:56:28 +0100
committerGuilhem Moulin <guilhem@fripost.org>2021-02-24 12:59:44 +0100
commit016c9611970c0667ad02cb1cf31834f2325b1575 (patch)
tree5c596a5878ba64c9a2790ce0a22eb5af5cb9ac42
parent3a527c2159cdd23f489970f935edbccc37da1901 (diff)
lacme: When getpwnam()/getgrnam()'s errno is 0, exclude it from error messages.
-rw-r--r--Changelog2
-rwxr-xr-xlacme12
2 files changed, 8 insertions, 6 deletions
diff --git a/Changelog b/Changelog
index b7459fd..8b90177 100644
--- a/Changelog
+++ b/Changelog
@@ -5,6 +5,8 @@ lacme (0.8.1) upstream;
- lacme: in the [accountd] config, let lacme-accountd(1) do the
%-expansion for 'config', not lacme(8) when building the command.
- lacme-accountd: don't log debug messages unless --debug is set.
+ - lacme: when getpwnam()/getgrnam()'s errno is 0, exclude it from error
+ messages.
-- Guilhem Moulin <guilhem@fripost.org> Mon, 22 Feb 2021 12:04:28 +0100
diff --git a/lacme b/lacme
index 9691888..a1e6b10 100755
--- a/lacme
+++ b/lacme
@@ -240,7 +240,7 @@ sub drop_privileges($$$) {
# set effective and real gid; also set the list of supplementary gids to that single gid
if ($group ne '') {
- my $gid = getgrnam($group) // die "getgrnam($group): $!";
+ my $gid = getgrnam($group) // die "getgrnam($group)", ($! ? ": $!" : "\n");
$) = "$gid $gid";
die "setgroups: $!" if $@;
POSIX::setgid($gid) or die "setgid: $!";
@@ -249,7 +249,7 @@ sub drop_privileges($$$) {
# set effective and real uid
if ($user ne '') {
- my $uid = getpwnam($user) // die "getpwnam($user): $!";
+ my $uid = getpwnam($user) // die "getpwnam($user)", ($! ? ": $!" : "\n");
POSIX::setuid($uid) or die "setuid: $!";
die "Couldn't setuid/seteuid" unless $< == $uid and $> == $uid; # safety check
}
@@ -351,7 +351,7 @@ sub spawn_webserver() {
my $tmpdir = File::Temp::->newdir(CLEANUP => 1, TMPDIR => 1, TEMPLATE => "acme-challenge.XXXXXXXXXX") // die;
chmod 0755, $tmpdir or die "chmod: $!";
if ((my $username = $CONFIG->{client}->{user}) ne '') {
- my $uid = getpwnam($username) // die "getpwnam($username): $!";
+ my $uid = getpwnam($username) // die "getpwnam($username)", ($! ? ": $!" : "\n");
chown($uid, -1, $tmpdir) or die "chown: $!";
}
@@ -849,10 +849,10 @@ elsif ($COMMAND eq 'newOrder' or $COMMAND eq 'new-cert') {
if (defined $conf->{chown}) {
my ($user, $group) = split /:/, $conf->{chown}, 2;
- my $uid = getpwnam($user) // die "getpwnam($user): $!";
- my $gid = defined $group ? (getgrnam($group) // die "getgrnam($group): $!") : -1;
+ my $uid = getpwnam($user) // die "getpwnam($user)", ($! ? ": $!" : "\n");
+ my $gid = getgrnam($group) // die "getgrnam($group)", ($! ? ": $!" : "\n") if defined $group;
foreach (grep defined, @$conf{qw/certificate certificate-chain/}) {
- chown($uid, $gid, $_) or die "chown: $!";
+ chown($uid, $gid // -1, $_) or die "chown: $!";
}
}
if (defined $conf->{chmod}) {