#include <config.h>
#endif
-/* setresuid() is only available on GNU */
-#define _GNU_SOURCE
-
#include <assert.h>
#include <unistd.h>
#include <errno.h>
#include "log.h"
#include "caps.h"
+#ifdef HAVE_GETUID
+
/* Drop root rights when called SUID root */
void pa_drop_root(void) {
uid_t uid = getuid();
if (uid == 0 || geteuid() != 0)
return;
- /* pa_log(__FILE__": dropping root rights.\n"); */
+ pa_log_info(__FILE__": dropping root rights.\n");
#if defined(HAVE_SETRESUID)
setresuid(uid, uid, uid);
#endif
}
+#else
+
+void pa_drop_root(void) {
+}
+
+#endif
+
#ifdef HAVE_SYS_CAPABILITY_H
/* Limit capabilities set to CAPSYS_NICE */
if (cap_set_proc(caps) < 0)
goto fail;
-/* pa_log(__FILE__": dropped capabilities successfully.\n"); */
+ pa_log_info(__FILE__": dropped capabilities successfully.\n");
r = 0;