From 3e2f632da3f520c894058f571c0911f3aa15cc71 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Wed, 27 Sep 2017 15:37:10 +0200 Subject: prosodyctl: Abort and warn if the config can't be opened after dropping root privileges (fixes #990) --- prosodyctl | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/prosodyctl b/prosodyctl index 379ccf46..eaccf1d9 100755 --- a/prosodyctl +++ b/prosodyctl @@ -164,6 +164,17 @@ if have_pposix and pposix then if not switched_user then -- Boo! print("Warning: Couldn't switch to Prosody user/group '"..tostring(desired_user).."'/'"..tostring(desired_group).."': "..tostring(err)); + else + -- Make sure the Prosody user can read the config + local conf, err, errno = io.open(ENV_CONFIG); + if conf then + conf:close(); + else + print("The config file is not readable by the '"..desired_user.."' user."); + print("Prosody will not be able to read it."); + print("Error was "..err); + os.exit(1); + end end end -- cgit v1.2.3