Allow daemon(8) to run pidfile_open() before relenquishing privileges

so pid files can be written in /var/run when started as root. I do not expect this to cause any security issues, but if anyone objects it could be easily reverted. PR: bin/159568 MFC after: 4 weeks
2012-01-05 22:48:36 +00:00 · 2012-01-05 22:48:36 +00:00 · 074db536b3
commit 074db536b3
parent 1e96ae8193
1 changed files with 3 additions and 3 deletions
--- a/usr.sbin/daemon/daemon.c
+++ b/usr.sbin/daemon/daemon.c
@ -79,9 +79,6 @@ main(int argc, char *argv[])
 	if (argc == 0)
 		usage();

-	if (user != NULL)
-		restrict_process(user);
-
 	/*
 	 * Try to open the pidfile before calling daemon(3),
 	 * to be able to report the error intelligently
@ -97,6 +94,9 @@ main(int argc, char *argv[])
 		}
 	}

+   if (user != NULL)
+             restrict_process(user);
+
 	if (daemon(nochdir, noclose) == -1)
 		err(1, NULL);