make sure we setuid() before launching threads, improving the error message (which...

git-svn-id: svn://svn.powerdns.com/pdns/trunk/pdns@1523 d19b8d6e-7fed-0310-83ef-9ca221ded41b

diff --git a/pdns/pdns_recursor.cc b/pdns/pdns_recursor.cc
index e38e6c70758cef24d958ac93bd487c991bc01572..8a3512993a3bb79411dda917c271f7847fc15b56 100644 (file)
--- a/pdns/pdns_recursor.cc
+++ b/pdns/pdns_recursor.cc
@@ -1648,7 +1648,26 @@ int serviceMain(int argc, char*argv[])
   signal(SIGPIPE,SIG_IGN);
   writePid();
 #endif
-  makeControlChannelSocket();        
+  makeControlChannelSocket();
+  
+  int newgid=0;
+  if(!::arg()["setgid"].empty())
+    newgid=Utility::makeGidNumeric(::arg()["setgid"]);
+  int newuid=0;
+  if(!::arg()["setuid"].empty())
+    newuid=Utility::makeUidNumeric(::arg()["setuid"]);
+
+#ifndef WIN32
+  if (!::arg()["chroot"].empty()) {
+    if (chroot(::arg()["chroot"].c_str())<0 || chdir("/") < 0) {
+      L<<Logger::Error<<"Unable to chroot to '"+::arg()["chroot"]+"': "<<strerror (errno)<<", exiting"<<endl;
+      exit(1);
+    }
+  }
+
+  Utility::dropPrivs(newuid, newgid);
+  
+  
   g_numThreads = ::arg().asNum("threads");
   
   makeThreadPipes();
@@ -1725,23 +1744,7 @@ try
     t_fdm->addReadFD(i->first, i->second);
   
   if(!t_id) {
-    int newgid=0;
-    if(!::arg()["setgid"].empty())
-      newgid=Utility::makeGidNumeric(::arg()["setgid"]);
-    int newuid=0;
-    if(!::arg()["setuid"].empty())
-      newuid=Utility::makeUidNumeric(::arg()["setuid"]);
-  
-#ifndef WIN32
-    if (!::arg()["chroot"].empty()) {
-      if (chroot(::arg()["chroot"].c_str())<0 || chdir("/") < 0) {
-        L<<Logger::Error<<"Unable to chroot to '"+::arg()["chroot"]+"': "<<strerror (errno)<<", exiting"<<endl;
-        exit(1);
-      }
-    }
-  
-    Utility::dropPrivs(newuid, newgid);
-  
+    
     t_fdm->addReadFD(s_rcc.d_fd, handleRCC); // control channel
   }
 #endif