Improve error message for setgroups/initgroups/setuid

author Gunnar Beutner <gunnar@beutner.name>

Mon, 9 Feb 2015 13:58:20 +0000 (14:58 +0100)

committer Gunnar Beutner <gunnar@beutner.name>

Mon, 9 Feb 2015 13:58:20 +0000 (14:58 +0100)
author Gunnar Beutner <gunnar@beutner.name>
Mon, 9 Feb 2015 13:58:20 +0000 (14:58 +0100)
committer Gunnar Beutner <gunnar@beutner.name>
Mon, 9 Feb 2015 13:58:20 +0000 (14:58 +0100)
diff --git a/icinga-app/icinga.cpp b/icinga-app/icinga.cpp

index 85346a825a5c6f28241aecf2d9ea6d1d0cbe4b27..f6797b0ae94af19a99707ede3d358cca7fc39667 100644 (file)
--- a/icinga-app/icinga.cpp
+++ b/icinga-app/icinga.cpp
@@ -362,6 +362,7 @@ int Main(void)
                         }
                 } else if (command && command->GetImpersonationLevel() == ImpersonateIcinga) {
                         String group = Application::GetRunAsGroup();
+                       String user = Application::GetRunAsUser();
         
                         errno = 0;
                         struct group *gr = getgrnam(group.CStr());
@@ -382,6 +383,8 @@ int Main(void)
                                 if (!vm.count("reload-internal") && setgroups(0, NULL) < 0) {
                                         Log(LogCritical, "cli")
                                             << "setgroups() failed with error code " << errno << ", \"" << Utility::FormatErrorNumber(errno) << "\"";
+                                       Log(LogCritical, "cli")
+                                           << "Please re-run this command as a privileged user or using the \"" << user << "\" account.";
                                         return EXIT_FAILURE;
                                 }
         
@@ -392,8 +395,6 @@ int Main(void)
                                 }
                         }
         
-                       String user = Application::GetRunAsUser();
-       
                         errno = 0;
                         struct passwd *pw = getpwnam(user.CStr());
         
@@ -414,12 +415,16 @@ int Main(void)
                                 if (!vm.count("reload-internal") && initgroups(user.CStr(), pw->pw_gid) < 0) {
                                         Log(LogCritical, "cli")
                                             << "initgroups() failed with error code " << errno << ", \"" << Utility::FormatErrorNumber(errno) << "\"";
+                                       Log(LogCritical, "cli")
+                                           << "Please re-run this command as a privileged user or using the \"" << user << "\" account.";
                                         return EXIT_FAILURE;
                                 }
         
                                 if (setuid(pw->pw_uid) < 0) {
                                         Log(LogCritical, "cli")
                                             << "setuid() failed with error code " << errno << ", \"" << Utility::FormatErrorNumber(errno) << "\"";
+                                       Log(LogCritical, "cli")
+                                           << "Please re-run this command as a privileged user or using the \"" << user << "\" account.";
                                         return EXIT_FAILURE;
                                 }
                         }
author	Gunnar Beutner <gunnar@beutner.name>
	Mon, 9 Feb 2015 13:58:20 +0000 (14:58 +0100)
committer	Gunnar Beutner <gunnar@beutner.name>
	Mon, 9 Feb 2015 13:58:20 +0000 (14:58 +0100)