From 492e56a0984cd75150719353567233afb3c1a409 Mon Sep 17 00:00:00 2001 From: Jan Eitzinger Date: Fri, 8 Nov 2024 19:23:54 +0100 Subject: [PATCH] Put privilege drop to previous location --- cmd/cc-backend/main.go | 7 ------- cmd/cc-backend/server.go | 8 ++++++++ 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/cmd/cc-backend/main.go b/cmd/cc-backend/main.go index bb72f69..1fc6ae4 100644 --- a/cmd/cc-backend/main.go +++ b/cmd/cc-backend/main.go @@ -212,13 +212,6 @@ func main() { serverStart() }() - // Because this program will want to bind to a privileged port (like 80), the listener must - // be established first, then the user can be changed, and after that, - // the actual http server can be started. - if err := runtimeEnv.DropPrivileges(config.Keys.Group, config.Keys.User); err != nil { - log.Fatalf("error while preparing server start: %s", err.Error()) - } - wg.Add(1) sigs := make(chan os.Signal, 1) signal.Notify(sigs, syscall.SIGINT, syscall.SIGTERM) diff --git a/cmd/cc-backend/server.go b/cmd/cc-backend/server.go index bc20fcf..3c6fa55 100644 --- a/cmd/cc-backend/server.go +++ b/cmd/cc-backend/server.go @@ -27,6 +27,7 @@ import ( "github.com/ClusterCockpit/cc-backend/internal/graph/generated" "github.com/ClusterCockpit/cc-backend/internal/routerConfig" "github.com/ClusterCockpit/cc-backend/pkg/log" + "github.com/ClusterCockpit/cc-backend/pkg/runtimeEnv" "github.com/ClusterCockpit/cc-backend/web" "github.com/gorilla/handlers" "github.com/gorilla/mux" @@ -298,6 +299,13 @@ func serverStart() { } else { fmt.Printf("HTTP server listening at %s...", config.Keys.Addr) } + // + // Because this program will want to bind to a privileged port (like 80), the listener must + // be established first, then the user can be changed, and after that, + // the actual http server can be started. + if err := runtimeEnv.DropPrivileges(config.Keys.Group, config.Keys.User); err != nil { + log.Fatalf("error while preparing server start: %s", err.Error()) + } if err = server.Serve(listener); err != nil && err != http.ErrServerClosed { log.Fatalf("starting server failed: %v", err)