Added better runfile ownership and security

Added better runfile ownership and security. pid & cache file are now stored in /var/run/smradius by default and the log file is stored in /var/log/smradius by default . user= and group= will apply to both of these now.

Added better runfile ownership and security
7c7d9767 · Nigel Kukard · d093df3b · 7c7d9767 · 7c7d9767 · 7c7d9767
Commit 7c7d9767 authored 14 years ago by Nigel Kukard
--- a/INSTALL
+++ b/INSTALL
@@ -19,3 +19,13 @@ Installing SMRadius.



+
+1. Setup system dirs
+
+mkdir /var/log/smradius
+mkdir /var/run/smradius
+
+If you are running smradius as an unpriv user, then ...
+chown smradius.smradius /var/log/smradius /var/run/smradius
+
+
--- a/UPGRADING
+++ b/UPGRADING
@@ -2,6 +2,13 @@
 2011-01-11:
 	Move configuration file item "use_packet_timestamp=" to "[radius]" section

+	mkdir /var/log/smradius
+	mkdir /var/run/smradius
+
+	If you are running smradius as an unpriv user, then ...
+	chown smradius.smradius /var/log/smradius /var/run/smradius
+
+
 ---

 r574:

--- a/smradiusd
+++ b/smradiusd
@@ -68,12 +68,13 @@ sub configure {
 	# Set defaults
 	my $cfg;
 	$cfg->{'config_file'} = "/etc/smradiusd.conf";
+	$cfg->{'cache_file'} = '/var/run/smradius/cache';

 	$server->{'timeout'} = 120;
 	$server->{'background'} = "yes";
-	$server->{'pid_file'} = "/var/run/smradiusd.pid";
+	$server->{'pid_file'} = "/var/run/smradius/smradiusd.pid";
 	$server->{'log_level'} = 2;
-	$server->{'log_file'} = "/var/log/smradiusd.log";
+	$server->{'log_file'} = "/var/log/smradius/smradiusd.log";

 	$server->{'host'} = "*";
 	$server->{'port'} = [ 1812, 1813 ];
@@ -293,6 +294,12 @@ sub configure {
 		}
 	}

+	# Check if the user specified a cache_file in the config
+	if (defined($config{'server'}{'cache_file'})) {
+		$cfg->{'cache_file'} = $config{'server'}{'cache_file'};
+	}
+
+
 	# Save our config and stuff
 	$self->{'config'} = $cfg;
 	$self->{'cmdline'} = $cmdline;
@@ -348,7 +355,12 @@ sub post_configure_hook {

 	$self->log(LOG_INFO,"[SMRADIUS] Initializing system modules.");
 	# Init caching engine
-	awitpt::cache::Init($self);
+	awitpt::cache::Init($self,{
+		'cache_file' => $self->{'config'}{'cache_file'},
+		'cache_file_user' => $self->{'server'}->{'user'},
+		'cache_file_group' => $self->{'server'}->{'group'}
+	});
+
 	$self->log(LOG_INFO,"[SMRADIUS] System modules initialized.");

 }

--- a/smradiusd.conf
+++ b/smradiusd.conf
@@ -8,7 +8,11 @@
 #group=

 # Filename to store pid of parent process
-#pid_file=/var/run/smradiusd.pid
+#pid_file=/var/run/smradius/smradiusd.pid
+
+# Cache file
+#cache_file=/var/run/smradius/cache
+

 # Uncommenting the below option will prevent awradiusd going into the background
 #background=no