diff --git a/bin/pveproxy b/bin/pveproxy index 4cc24382..8c2150f7 100755 --- a/bin/pveproxy +++ b/bin/pveproxy @@ -6,7 +6,6 @@ delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; use strict; use warnings; -use English; use PVE::SafeSyslog; use PVE::Daemon; @@ -44,21 +43,13 @@ my %daemon_options = ( restart_on_error => 5, stop_wait_time => 15, leave_children_open_on_reload => 1, + setuid => 'www-data', + setgid => 'www-data', run_dir => '/var/run/pveproxy', ); my $daemon = __PACKAGE__->new('pveproxy', $cmdline, %daemon_options); -# run as www-data -my $gid = getgrnam('www-data') || die "getgrnam failed - $!\n"; -POSIX::setgid($gid) || die "setgid $gid failed - $!\n"; -$EGID = "$gid $gid"; # this calls setgroups -my $uid = getpwnam('www-data') || die "getpwnam failed - $!\n"; -POSIX::setuid($uid) || die "setuid $uid failed - $!\n"; - -# just to be sure -die "detected strange uid/gid\n" if !($UID == $uid && $EUID == $uid && $GID eq "$gid $gid" && $EGID eq "$gid $gid"); - sub add_dirs { my ($result_hash, $alias, $subdir) = @_; diff --git a/bin/spiceproxy b/bin/spiceproxy index 7adb9326..b99f8773 100755 --- a/bin/spiceproxy +++ b/bin/spiceproxy @@ -10,7 +10,6 @@ delete @ENV{qw(IFS CDPATH ENV BASH_ENV)}; use strict; use warnings; -use English; use PVE::SafeSyslog; use PVE::Daemon; @@ -36,20 +35,13 @@ my %daemon_options = ( restart_on_error => 5, stop_wait_time => 15, leave_children_open_on_reload => 1, + setuid => 'www-data', + setgid => 'www-data', run_dir => '/var/run/pveproxy', ); my $daemon = __PACKAGE__->new('spiceproxy', $cmdline, %daemon_options); -my $gid = getgrnam('www-data') || die "getgrnam failed - $!\n"; -POSIX::setgid($gid) || die "setgid $gid failed - $!\n"; -$EGID = "$gid $gid"; # this calls setgroups -my $uid = getpwnam('www-data') || die "getpwnam failed - $!\n"; -POSIX::setuid($uid) || die "setuid $uid failed - $!\n"; - -# just to be sure -die "detected strange uid/gid\n" if !($UID == $uid && $EUID == $uid && $GID eq "$gid $gid" && $EGID eq "$gid $gid"); - sub init { my ($self) = @_;