Handle if the FICS is installed system-wide

2 files changed, 16 insertions, 2 deletions

diff --git a/FICS/fics_addplayer.c b/FICS/fics_addplayer.c
index 18d42c4..c37ca63 100644
--- a/FICS/fics_addplayer.c
+++ b/FICS/fics_addplayer.c
@@ -42,6 +42,7 @@
 #include "fics_getsalt.h"
 #include "ficsmain.h"
 #include "playerdb.h"
+#include "prep_dir_for_privdrop.h"
 #include "settings.h"
 #include "utils.h"
 
@@ -136,6 +137,16 @@ main(int argc, char *argv[])
 	settings_init();
 	settings_read_conf(FICS_SETTINGS);
 
+	if (strncmp(FICS_PREFIX, "/home", 5) == 0) {
+		if (is_super_user())
+			errx(1, "Do not run as root");
+	} else {
+		if (!is_super_user())
+			errx(1, "Need root privileges");
+		else if (drop_root_privileges(FICS_PREFIX) == -1)
+			errx(1, "Privdrop failed");
+	}
+
 	player_init(0);
 	p = player_new();
 
diff --git a/FICS/ficsmain.c b/FICS/ficsmain.c
index bf5aafb..36055b8 100644
--- a/FICS/ficsmain.c
+++ b/FICS/ficsmain.c
@@ -298,9 +298,12 @@ main(int argc, char *argv[])
 	settings_init();
 	settings_read_conf(FICS_SETTINGS);
 
-	if (is_super_user()) {
-		if (strncmp(FICS_PREFIX, "/home", 5) == 0)
+	if (strncmp(FICS_PREFIX, "/home", 5) == 0) {
+		if (is_super_user())
 			errx(1, "Do not run as root");
+	} else {
+		if (!is_super_user())
+			errx(1, "Need root privileges");
 		else if (read_the_group_permissions_file("/etc/group") != 0)
 			errx(1, "Failed to read the group permissions file");
 		else if (fics_addgroup(settings_get("sysgroup")) != 0)