From 016c9611970c0667ad02cb1cf31834f2325b1575 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Wed, 24 Feb 2021 12:56:28 +0100
Subject: lacme: When getpwnam()/getgrnam()'s errno is 0, exclude it from error
 messages.

---
 Changelog |  2 ++
 lacme     | 12 ++++++------
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/Changelog b/Changelog
index b7459fd..8b90177 100644
--- a/Changelog
+++ b/Changelog
@@ -5,6 +5,8 @@ lacme (0.8.1) upstream;
  - lacme: in the [accountd] config, let lacme-accountd(1) do the
    %-expansion for 'config', not lacme(8) when building the command.
  - lacme-accountd: don't log debug messages unless --debug is set.
+ - lacme: when getpwnam()/getgrnam()'s errno is 0, exclude it from error
+   messages.
 
  -- Guilhem Moulin <guilhem@fripost.org>  Mon, 22 Feb 2021 12:04:28 +0100
 
diff --git a/lacme b/lacme
index 9691888..a1e6b10 100755
--- a/lacme
+++ b/lacme
@@ -240,7 +240,7 @@ sub drop_privileges($$$) {
 
     # set effective and real gid; also set the list of supplementary gids to that single gid
     if ($group ne '') {
-        my $gid = getgrnam($group) // die "getgrnam($group): $!";
+        my $gid = getgrnam($group) // die "getgrnam($group)", ($! ? ": $!" : "\n");
         $) = "$gid $gid";
         die "setgroups: $!" if $@;
         POSIX::setgid($gid) or die "setgid: $!";
@@ -249,7 +249,7 @@ sub drop_privileges($$$) {
 
     # set effective and real uid
     if ($user ne '') {
-        my $uid = getpwnam($user) // die "getpwnam($user): $!";
+        my $uid = getpwnam($user) // die "getpwnam($user)", ($! ? ": $!" : "\n");
         POSIX::setuid($uid) or die "setuid: $!";
         die "Couldn't setuid/seteuid" unless $< == $uid and $> == $uid; # safety check
     }
@@ -351,7 +351,7 @@ sub spawn_webserver() {
     my $tmpdir = File::Temp::->newdir(CLEANUP => 1, TMPDIR => 1, TEMPLATE => "acme-challenge.XXXXXXXXXX") // die;
     chmod 0755, $tmpdir or die "chmod: $!";
     if ((my $username = $CONFIG->{client}->{user}) ne '') {
-        my $uid = getpwnam($username) // die "getpwnam($username): $!";
+        my $uid = getpwnam($username) // die "getpwnam($username)", ($! ? ": $!" : "\n");
         chown($uid, -1, $tmpdir) or die "chown: $!";
     }
 
@@ -849,10 +849,10 @@ elsif ($COMMAND eq 'newOrder' or $COMMAND eq 'new-cert') {
 
         if (defined $conf->{chown}) {
             my ($user, $group) = split /:/, $conf->{chown}, 2;
-            my $uid = getpwnam($user) // die "getpwnam($user): $!";
-            my $gid = defined $group ? (getgrnam($group) // die "getgrnam($group): $!") : -1;
+            my $uid = getpwnam($user) // die "getpwnam($user)", ($! ? ": $!" : "\n");
+            my $gid = getgrnam($group) // die "getgrnam($group)", ($! ? ": $!" : "\n") if defined $group;
             foreach (grep defined, @$conf{qw/certificate certificate-chain/}) {
-                chown($uid, $gid, $_) or die "chown: $!";
+                chown($uid, $gid // -1, $_) or die "chown: $!";
             }
         }
         if (defined $conf->{chmod}) {
-- 
cgit v1.2.3