From 074db536b30318ec021e52dfe9aa228398bca180 Mon Sep 17 00:00:00 2001 From: Guy Helmer Date: Thu, 5 Jan 2012 22:48:36 +0000 Subject: [PATCH] Allow daemon(8) to run pidfile_open() before relenquishing privileges so pid files can be written in /var/run when started as root. I do not expect this to cause any security issues, but if anyone objects it could be easily reverted. PR: bin/159568 MFC after: 4 weeks --- usr.sbin/daemon/daemon.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/usr.sbin/daemon/daemon.c b/usr.sbin/daemon/daemon.c index 540ebf35df7e..8b25800707df 100644 --- a/usr.sbin/daemon/daemon.c +++ b/usr.sbin/daemon/daemon.c @@ -79,9 +79,6 @@ main(int argc, char *argv[]) if (argc == 0) usage(); - if (user != NULL) - restrict_process(user); - /* * Try to open the pidfile before calling daemon(3), * to be able to report the error intelligently @@ -97,6 +94,9 @@ main(int argc, char *argv[]) } } + if (user != NULL) + restrict_process(user); + if (daemon(nochdir, noclose) == -1) err(1, NULL);