From e371817b3437abf8e34475ff2544cb666769ccae Mon Sep 17 00:00:00 2001 From: Omar Polo Date: Tue, 9 Jan 2024 14:15:58 +0000 Subject: [PATCH] fix configtest with chroot The configtest checks try to open the root directories too, operation that can fail when they're expected to be inside a chroot. --- gmid.c | 19 ++++++++++--------- gmid.h | 1 + server.c | 15 ++++++++++++++- 3 files changed, 25 insertions(+), 10 deletions(-) diff --git a/gmid.c b/gmid.c index cb95ad8..d424969 100644 --- a/gmid.c +++ b/gmid.c @@ -320,15 +320,6 @@ main(int argc, char **argv) strlcpy(conf->chroot, chroot, sizeof(conf->chroot)); } - if (conftest) { - if (config_test(conf) == -1) - fatalx("failed to load the configuration"); - fprintf(stderr, "config OK\n"); - if (conftest > 1) - main_print_conf(conf); - return 0; - } - if ((ps = calloc(1, sizeof(*ps))) == NULL) fatal("calloc"); ps->ps_env = conf; @@ -343,6 +334,16 @@ main(int argc, char **argv) sizeof(conf->chroot)); } + if (conftest) { + conf->conftest = 1; + if (config_test(conf) == -1) + fatalx("failed to load the configuration"); + fprintf(stderr, "config OK\n"); + if (conftest > 1) + main_print_conf(conf); + return 0; + } + ps->ps_instances[PROC_SERVER] = conf->prefork; ps->ps_instance = proc_instance; if (title != NULL) diff --git a/gmid.h b/gmid.h index 84b5715..9b4ee4a 100644 --- a/gmid.h +++ b/gmid.h @@ -254,6 +254,7 @@ struct conf { char *log_access; enum log_format log_format; int use_privsep_crypto; + int conftest; struct fcgihead fcgi; struct vhosthead hosts; diff --git a/server.c b/server.c index 9aee9da..b6b1cfb 100644 --- a/server.c +++ b/server.c @@ -1412,12 +1412,25 @@ load_vhosts(struct conf *conf) { struct vhost *h; struct location *l; + char path[PATH_MAX], *p; + int r; TAILQ_FOREACH(h, &conf->hosts, vhosts) { TAILQ_FOREACH(l, &h->locations, locations) { if (*l->dir == '\0') continue; - l->dirfd = open(l->dir, O_RDONLY | O_DIRECTORY); + + p = l->dir; + + if (conf->conftest && *conf->chroot != '\0') { + r = snprintf(path, sizeof(path), "%s/%s", + conf->chroot, l->dir); + if (r < 0 || (size_t)r >= sizeof(path)) + fatalx("path too long: %s", l->dir); + p = path; + } + + l->dirfd = open(p, O_RDONLY | O_DIRECTORY); if (l->dirfd == -1) fatal("open %s for domain %s", l->dir, h->domain);