diff options
| -rw-r--r-- | Changelog | 2 | ||||
| -rwxr-xr-x | lacme | 12 |
2 files changed, 8 insertions, 6 deletions
@@ -5,6 +5,8 @@ lacme (0.8.1) upstream; - lacme: in the [accountd] config, let lacme-accountd(1) do the %-expansion for 'config', not lacme(8) when building the command. - lacme-accountd: don't log debug messages unless --debug is set. + - lacme: when getpwnam()/getgrnam()'s errno is 0, exclude it from error + messages. -- Guilhem Moulin <guilhem@fripost.org> Mon, 22 Feb 2021 12:04:28 +0100 @@ -240,7 +240,7 @@ sub drop_privileges($$$) { # set effective and real gid; also set the list of supplementary gids to that single gid if ($group ne '') { - my $gid = getgrnam($group) // die "getgrnam($group): $!"; + my $gid = getgrnam($group) // die "getgrnam($group)", ($! ? ": $!" : "\n"); $) = "$gid $gid"; die "setgroups: $!" if $@; POSIX::setgid($gid) or die "setgid: $!"; @@ -249,7 +249,7 @@ sub drop_privileges($$$) { # set effective and real uid if ($user ne '') { - my $uid = getpwnam($user) // die "getpwnam($user): $!"; + my $uid = getpwnam($user) // die "getpwnam($user)", ($! ? ": $!" : "\n"); POSIX::setuid($uid) or die "setuid: $!"; die "Couldn't setuid/seteuid" unless $< == $uid and $> == $uid; # safety check } @@ -351,7 +351,7 @@ sub spawn_webserver() { my $tmpdir = File::Temp::->newdir(CLEANUP => 1, TMPDIR => 1, TEMPLATE => "acme-challenge.XXXXXXXXXX") // die; chmod 0755, $tmpdir or die "chmod: $!"; if ((my $username = $CONFIG->{client}->{user}) ne '') { - my $uid = getpwnam($username) // die "getpwnam($username): $!"; + my $uid = getpwnam($username) // die "getpwnam($username)", ($! ? ": $!" : "\n"); chown($uid, -1, $tmpdir) or die "chown: $!"; } @@ -849,10 +849,10 @@ elsif ($COMMAND eq 'newOrder' or $COMMAND eq 'new-cert') { if (defined $conf->{chown}) { my ($user, $group) = split /:/, $conf->{chown}, 2; - my $uid = getpwnam($user) // die "getpwnam($user): $!"; - my $gid = defined $group ? (getgrnam($group) // die "getgrnam($group): $!") : -1; + my $uid = getpwnam($user) // die "getpwnam($user)", ($! ? ": $!" : "\n"); + my $gid = getgrnam($group) // die "getgrnam($group)", ($! ? ": $!" : "\n") if defined $group; foreach (grep defined, @$conf{qw/certificate certificate-chain/}) { - chown($uid, $gid, $_) or die "chown: $!"; + chown($uid, $gid // -1, $_) or die "chown: $!"; } } if (defined $conf->{chmod}) { |