Merge branch 'cmaster-next' of ssh://stash.cumulusnetworks.com:7999/quag/quagga into cmaster-next

2025-08-03 15:16:20 +00:00 · 2016-09-09 20:25:24 +00:00 · 2016-09-09 20:25:24 +00:00 · edb5b93119
commit edb5b93119
parent 28b0c6b377 a008f49a85
2 changed files with 26 additions and 11 deletions
--- a/bgpd/bgp_main.c
+++ b/bgpd/bgp_main.c
@ -68,6 +68,7 @@ static const struct option longopts[] =
  { "no_kernel",   no_argument,       NULL, 'n'},
  { "user",        required_argument, NULL, 'u'},
  { "group",       required_argument, NULL, 'g'},
+  { "skip_runas",  no_argument,       NULL, 'S'},
  { "version",     no_argument,       NULL, 'v'},
  { "dryrun",      no_argument,       NULL, 'C'},
  { "help",        no_argument,       NULL, 'h'},
@ -163,6 +164,7 @@ redistribution between different routing protocols.\n\n\
 -n, --no_kernel    Do not install route to kernel.\n\
 -u, --user         User to run as\n\
 -g, --group        Group to run as\n\
+-S, --skip_runas   Skip user and group run as\n\
 -v, --version      Print program version\n\
 -C, --dryrun       Check configuration for validity and exit\n\
 -h, --help         Display this help and exit\n\
@ -200,9 +202,12 @@ sigint (void)
  zlog_notice ("Terminating on signal");

  if (! retain_mode)
-    bgp_terminate ();
+    {
+      bgp_terminate ();
+      if (bgpd_privs.user)      /* NULL if skip_runas flag set */
+        zprivs_terminate (&bgpd_privs);
+    }

-  zprivs_terminate (&bgpd_privs);
  bgp_exit (0);

  exit (0);
@ -408,6 +413,7 @@ main (int argc, char **argv)
  char *progname;
  struct thread thread;
  int tmp_port;
+  int skip_runas = 0;

  /* Set umask before anything for security */
  umask (0027);
@ -415,20 +421,13 @@ main (int argc, char **argv)
  /* Preserve name of myself. */
  progname = ((p = strrchr (argv[0], '/')) ? ++p : argv[0]);

-  zlog_default = openzlog (progname, ZLOG_BGP, 0,
-			   LOG_CONS|LOG_NDELAY|LOG_PID, LOG_DAEMON);
-  zprivs_init (&bgpd_privs);
-#if defined(HAVE_CUMULUS)
-  zlog_set_level (NULL, ZLOG_DEST_SYSLOG, zlog_default->default_lvl);
-#endif
-
  /* BGP master init. */
  bgp_master_init ();

  /* Command line argument treatment. */
  while (1) 
    {
-      opt = getopt_long (argc, argv, "df:i:z:hp:l:A:P:rnu:g:vC", longopts, 0);
+      opt = getopt_long (argc, argv, "df:i:z:hp:l:A:P:rnu:g:vCS", longopts, 0);
    
      if (opt == EOF)
 	break;
@ -486,6 +485,9 @@ main (int argc, char **argv)
 	case 'g':
 	  bgpd_privs.group = optarg;
 	  break;
+	case 'S':   /* skip run as = override bgpd_privs */
+          skip_runas = 1;
+	  break;
 	case 'v':
 	  print_version (progname);
 	  exit (0);
@ -502,6 +504,16 @@ main (int argc, char **argv)
 	}
    }

+  zlog_default = openzlog (progname, ZLOG_BGP, 0,
+			   LOG_CONS|LOG_NDELAY|LOG_PID, LOG_DAEMON);
+
+  if (skip_runas)
+    memset (&bgpd_privs, 0, sizeof (bgpd_privs));
+  zprivs_init (&bgpd_privs);
+
+#if defined(HAVE_CUMULUS)
+  zlog_set_level (NULL, ZLOG_DEST_SYSLOG, zlog_default->default_lvl);
+#endif

  /* Initializations. */
  srandom (time (NULL));
--- a/doc/bgpd.8
+++ b/doc/bgpd.8
@ -6,7 +6,7 @@ software
 .SH SYNOPSIS
 .B bgpd
 [
-.B \-dhrv
+.B \-dhrSv
 ] [
 .B \-f
 .I config-file
@ -74,6 +74,9 @@ Specify the user to run as. Default is \fIquagga\fR.
 \fB\-r\fR, \fB\-\-retain\fR 
 When the program terminates, retain routes added by \fBbgpd\fR.
 .TP
+\fB\-S\fR, \fB\-\-skip_runas\fR
+Skip setting the process effective user and group.
+.TP
 \fB\-v\fR, \fB\-\-version\fR
 Print the version and exit.
 .SH FILES