diff --git a/src/daemon/caps.c b/src/daemon/caps.c index 375938805..36b76a90a 100644 --- a/src/daemon/caps.c +++ b/src/daemon/caps.c @@ -36,10 +36,6 @@ #include #endif -#ifdef HAVE_SYS_PRCTL_H -#include -#endif - #include "caps.h" /* Glibc <= 2.2 has broken unistd.h */ @@ -78,17 +74,20 @@ void pa_drop_root(void) { pa_assert_se(getegid() == gid); #endif -#ifdef HAVE_SYS_PRCTL_H - pa_assert_se(prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0) == 0); -#endif + if (uid != 0) + pa_drop_caps(); +} +void pa_drop_caps(void) { #ifdef HAVE_SYS_CAPABILITY_H - if (uid != 0) { - cap_t caps; - pa_assert_se(caps = cap_init()); - pa_assert_se(cap_clear(caps) == 0); - pa_assert_se(cap_set_proc(caps) == 0); - pa_assert_se(cap_free(caps) == 0); - } + cap_t caps; + pa_assert_se(caps = cap_init()); + pa_assert_se(cap_clear(caps) == 0); + pa_assert_se(cap_set_proc(caps) == 0); + pa_assert_se(cap_free(caps) == 0); +#else + pa_log_warn("Normally all extra capabilities would be dropped now, but " + "that's impossible because this Pulseaudio was built without " + "libcap support."); #endif } diff --git a/src/daemon/caps.h b/src/daemon/caps.h index 5d0ee62e0..e9cd7cb36 100644 --- a/src/daemon/caps.h +++ b/src/daemon/caps.h @@ -26,4 +26,6 @@ void pa_drop_root(void); +void pa_drop_caps(void); + #endif diff --git a/src/daemon/main.c b/src/daemon/main.c index f7b102d4d..c18524ffb 100644 --- a/src/daemon/main.c +++ b/src/daemon/main.c @@ -251,6 +251,8 @@ static int change_user(void) { return -1; } + pa_drop_caps(); + pa_set_env("USER", PA_SYSTEM_USER); pa_set_env("USERNAME", PA_SYSTEM_USER); pa_set_env("LOGNAME", PA_SYSTEM_USER); @@ -266,7 +268,7 @@ static int change_user(void) { if (!getenv("PULSE_STATE_PATH")) pa_set_env("PULSE_STATE_PATH", PA_SYSTEM_STATE_PATH); - pa_log_info(_("Successfully dropped root privileges.")); + pa_log_info(_("Successfully changed user to \"" PA_SYSTEM_USER "\".")); return 0; }