From 03809024fddcb94a020f2f6d9eb8dff8210e3b21 Mon Sep 17 00:00:00 2001
From: Donald Sharp <sharpd@cumulusnetworks.com>
Date: Fri, 9 Sep 2016 16:01:27 -0400
Subject: [PATCH 1/2] bgpd: Fix startup a bit more

There were several issues here.  The zprivs_init is being
called *before* the cli is read in to influence the user
we are running as.  This needs to be rectified.  Additionally
we need to move the log creation till after cli arguments
are read.

Signed-off-by: Donald Sharp <sharpd@cumulusnetworks.com>
---
 bgpd/bgp_main.c | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c
index 20fa138ce8..54e7329772 100644
--- a/bgpd/bgp_main.c
+++ b/bgpd/bgp_main.c
@@ -415,13 +415,6 @@ main (int argc, char **argv)
   /* Preserve name of myself. */
   progname = ((p = strrchr (argv[0], '/')) ? ++p : argv[0]);
 
-  zlog_default = openzlog (progname, ZLOG_BGP, 0,
-			   LOG_CONS|LOG_NDELAY|LOG_PID, LOG_DAEMON);
-  zprivs_init (&bgpd_privs);
-#if defined(HAVE_CUMULUS)
-  zlog_set_level (NULL, ZLOG_DEST_SYSLOG, zlog_default->default_lvl);
-#endif
-
   /* BGP master init. */
   bgp_master_init ();
 
@@ -502,6 +495,12 @@ main (int argc, char **argv)
 	}
     }
 
+  zlog_default = openzlog (progname, ZLOG_BGP, 0,
+			   LOG_CONS|LOG_NDELAY|LOG_PID, LOG_DAEMON);
+  zprivs_init (&bgpd_privs);
+#if defined(HAVE_CUMULUS)
+  zlog_set_level (NULL, ZLOG_DEST_SYSLOG, zlog_default->default_lvl);
+#endif
 
   /* Initializations. */
   srandom (time (NULL));

From a008f49a85c3891eb4ac469346bec24036fd0e87 Mon Sep 17 00:00:00 2001
From: Lou Berger <lberger@labn.net>
Date: Tue, 6 Sep 2016 10:52:31 -0400
Subject: [PATCH 2/2] bgpd: Add flag to not change e{u,g}id on startup and run
 as unprivileged user

* bgp_main.c: add -S / --skip_runas flag to not change effective user/group
  on start up.  Enables bgpd to be run by unprivileged user.
---
 bgpd/bgp_main.c | 19 ++++++++++++++++---
 doc/bgpd.8      |  5 ++++-
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/bgpd/bgp_main.c b/bgpd/bgp_main.c
index 54e7329772..5ef8154faf 100644
--- a/bgpd/bgp_main.c
+++ b/bgpd/bgp_main.c
@@ -68,6 +68,7 @@ static const struct option longopts[] =
   { "no_kernel",   no_argument,       NULL, 'n'},
   { "user",        required_argument, NULL, 'u'},
   { "group",       required_argument, NULL, 'g'},
+  { "skip_runas",  no_argument,       NULL, 'S'},
   { "version",     no_argument,       NULL, 'v'},
   { "dryrun",      no_argument,       NULL, 'C'},
   { "help",        no_argument,       NULL, 'h'},
@@ -163,6 +164,7 @@ redistribution between different routing protocols.\n\n\
 -n, --no_kernel    Do not install route to kernel.\n\
 -u, --user         User to run as\n\
 -g, --group        Group to run as\n\
+-S, --skip_runas   Skip user and group run as\n\
 -v, --version      Print program version\n\
 -C, --dryrun       Check configuration for validity and exit\n\
 -h, --help         Display this help and exit\n\
@@ -200,9 +202,12 @@ sigint (void)
   zlog_notice ("Terminating on signal");
 
   if (! retain_mode)
-    bgp_terminate ();
+    {
+      bgp_terminate ();
+      if (bgpd_privs.user)      /* NULL if skip_runas flag set */
+        zprivs_terminate (&bgpd_privs);
+    }
 
-  zprivs_terminate (&bgpd_privs);
   bgp_exit (0);
 
   exit (0);
@@ -408,6 +413,7 @@ main (int argc, char **argv)
   char *progname;
   struct thread thread;
   int tmp_port;
+  int skip_runas = 0;
 
   /* Set umask before anything for security */
   umask (0027);
@@ -421,7 +427,7 @@ main (int argc, char **argv)
   /* Command line argument treatment. */
   while (1) 
     {
-      opt = getopt_long (argc, argv, "df:i:z:hp:l:A:P:rnu:g:vC", longopts, 0);
+      opt = getopt_long (argc, argv, "df:i:z:hp:l:A:P:rnu:g:vCS", longopts, 0);
     
       if (opt == EOF)
 	break;
@@ -479,6 +485,9 @@ main (int argc, char **argv)
 	case 'g':
 	  bgpd_privs.group = optarg;
 	  break;
+	case 'S':   /* skip run as = override bgpd_privs */
+          skip_runas = 1;
+	  break;
 	case 'v':
 	  print_version (progname);
 	  exit (0);
@@ -497,7 +506,11 @@ main (int argc, char **argv)
 
   zlog_default = openzlog (progname, ZLOG_BGP, 0,
 			   LOG_CONS|LOG_NDELAY|LOG_PID, LOG_DAEMON);
+
+  if (skip_runas)
+    memset (&bgpd_privs, 0, sizeof (bgpd_privs));
   zprivs_init (&bgpd_privs);
+
 #if defined(HAVE_CUMULUS)
   zlog_set_level (NULL, ZLOG_DEST_SYSLOG, zlog_default->default_lvl);
 #endif
diff --git a/doc/bgpd.8 b/doc/bgpd.8
index 67143c2c59..7e90eaec5b 100644
--- a/doc/bgpd.8
+++ b/doc/bgpd.8
@@ -6,7 +6,7 @@ software
 .SH SYNOPSIS
 .B bgpd
 [
-.B \-dhrv
+.B \-dhrSv
 ] [
 .B \-f
 .I config-file
@@ -74,6 +74,9 @@ Specify the user to run as. Default is \fIquagga\fR.
 \fB\-r\fR, \fB\-\-retain\fR 
 When the program terminates, retain routes added by \fBbgpd\fR.
 .TP
+\fB\-S\fR, \fB\-\-skip_runas\fR
+Skip setting the process effective user and group.
+.TP
 \fB\-v\fR, \fB\-\-version\fR
 Print the version and exit.
 .SH FILES