#include "log.h"
#include "caps.h"
+#ifdef HAVE_GETUID
+
/* Drop root rights when called SUID root */
void pa_drop_root(void) {
uid_t uid = getuid();
if (uid == 0 || geteuid() != 0)
return;
-
-/* pa_log(__FILE__": dropping root rights.\n"); */
-
+
+ pa_log_info(__FILE__": dropping root rights.\n");
+
+#if defined(HAVE_SETRESUID)
+ setresuid(uid, uid, uid);
+#elif defined(HAVE_SETREUID)
setreuid(uid, uid);
+#else
+ setuid(uid);
+ seteuid(uid);
+#endif
+}
+
+#else
-/* setuid(uid);
- seteuid(uid);*/
+void pa_drop_root(void) {
}
+#endif
+
#ifdef HAVE_SYS_CAPABILITY_H
/* Limit capabilities set to CAPSYS_NICE */
if (cap_set_proc(caps) < 0)
goto fail;
-/* pa_log(__FILE__": dropped capabilities successfully.\n"); */
+ pa_log_info(__FILE__": dropped capabilities successfully.\n");
r = 0;