[Telepathy-commits] [telepathy-stream-engine/master] Use setrlimit RTPRIO to allow changing the priority after root privs have been dropped

[Olivier Crête]

---
 src/stream-engine-main.c |   42 ++++++++++++++++++++++++++++--------------
 1 files changed, 28 insertions(+), 14 deletions(-)

diff --git a/src/stream-engine-main.c b/src/stream-engine-main.c
index 6d944ad..937a8d3 100644
--- a/src/stream-engine-main.c
+++ b/src/stream-engine-main.c
@@ -24,6 +24,8 @@
 #ifdef USE_REALTIME
 #include <sched.h>
 #include <sys/mman.h>
+#include <sys/resource.h>
+#include <sys/time.h>
 #endif /* USE_REALTIME */
 
 #include <signal.h>
@@ -70,21 +72,11 @@ gboolean forced_exit_in_progress = FALSE;
 #define PRIORITY_DELTA 1
 
 static void
-set_realtime (const char *argv0, int policy) {
-  int orig_uid, orig_euid;
+set_realtime (int policy) {
   int prio_policy;
   int prio_delta = PRIORITY_DELTA;
   struct sched_param schedp;
 
-  /* get original uid */
-  orig_uid = getuid();
-  orig_euid = geteuid();
-  /* set uid to root */
-  if (setreuid(orig_uid, 0) == -1) {
-    perror("setreuid()");
-    g_warning("unable to setreuid(,0), maybe you should: \n");
-    g_warning("\tchown root %s ; chmod u+s %s\n", argv0, argv0);
-  }
   /* set scheduling parameters, scheduler either SCHED_RR or SCHED_FIFO */
   switch (policy) {
     case 1:
@@ -107,8 +99,6 @@ set_realtime (const char *argv0, int policy) {
   /*if (mlockall(MCL_CURRENT|MCL_FUTURE) == -1) {
     perror("mlockall()");
   }*/
-  /* restore original uid */
-  setreuid(orig_uid, orig_euid);
 }
 #endif /* USE_REALTIME */
 
@@ -226,6 +216,28 @@ watchdog_bite (int sig G_GNUC_UNUSED)
 int main(int argc, char **argv)
 {
 
+#ifdef USE_REALTIME
+  {
+    int uid;
+    struct rlimit rl;
+
+    rl.rlim_max = 9;
+    rl.rlim_cur = 9;
+
+
+    if (setrlimit(RLIMIT_RTPRIO, &rl) < 0)
+      g_error("setrlimit: %s", strerror (errno));
+
+    uid = getuid();
+    if (uid != 0 && geteuid() == 0) {
+      g_assert(setresuid(uid, uid, uid) >= 0);
+      g_assert(getuid() == uid);
+      g_assert(geteuid() == uid);
+    }
+  }
+
+#endif
+
   gst_init (&argc, &argv);
   gtk_init (&argc, &argv);
 
@@ -239,6 +251,7 @@ int main(int argc, char **argv)
   signal (SIGBUS, got_sigbus);
   signal (SIGUSR1, got_sigusr1);
 
+
 #ifdef USE_REALTIME
   {
     int rt_mode;
@@ -254,7 +267,7 @@ int main(int argc, char **argv)
     if (rt_env != NULL) {
       if ((rt_mode = atoi(rt_env))) {
         g_debug("realtime scheduling enabled");
-        set_realtime(argv[0], rt_mode);
+        set_realtime(rt_mode);
       } else {
         g_debug("realtime scheduling disabled");
       }
@@ -264,6 +277,7 @@ int main(int argc, char **argv)
   }
 #endif /* USE_REALTIME */
 
+
   {
     GLogLevelFlags fatal_mask;
 
-- 
1.5.6.5