From ec173685a453bde9f6f024e04a5ed5da897210ab Mon Sep 17 00:00:00 2001
From: Markus Uhlin <markus@nifty-networks.net>
Date: Sun, 2 Nov 2025 18:59:43 +0100
Subject: Handle if the FICS is installed system-wide

---
 FICS/fics_addplayer.c | 11 +++++++++++
 FICS/ficsmain.c       |  7 +++++--
 2 files changed, 16 insertions(+), 2 deletions(-)

(limited to 'FICS')

diff --git a/FICS/fics_addplayer.c b/FICS/fics_addplayer.c
index 18d42c4..c37ca63 100644
--- a/FICS/fics_addplayer.c
+++ b/FICS/fics_addplayer.c
@@ -42,6 +42,7 @@
 #include "fics_getsalt.h"
 #include "ficsmain.h"
 #include "playerdb.h"
+#include "prep_dir_for_privdrop.h"
 #include "settings.h"
 #include "utils.h"
 
@@ -136,6 +137,16 @@ main(int argc, char *argv[])
 	settings_init();
 	settings_read_conf(FICS_SETTINGS);
 
+	if (strncmp(FICS_PREFIX, "/home", 5) == 0) {
+		if (is_super_user())
+			errx(1, "Do not run as root");
+	} else {
+		if (!is_super_user())
+			errx(1, "Need root privileges");
+		else if (drop_root_privileges(FICS_PREFIX) == -1)
+			errx(1, "Privdrop failed");
+	}
+
 	player_init(0);
 	p = player_new();
 
diff --git a/FICS/ficsmain.c b/FICS/ficsmain.c
index bf5aafb..36055b8 100644
--- a/FICS/ficsmain.c
+++ b/FICS/ficsmain.c
@@ -298,9 +298,12 @@ main(int argc, char *argv[])
 	settings_init();
 	settings_read_conf(FICS_SETTINGS);
 
-	if (is_super_user()) {
-		if (strncmp(FICS_PREFIX, "/home", 5) == 0)
+	if (strncmp(FICS_PREFIX, "/home", 5) == 0) {
+		if (is_super_user())
 			errx(1, "Do not run as root");
+	} else {
+		if (!is_super_user())
+			errx(1, "Need root privileges");
 		else if (read_the_group_permissions_file("/etc/group") != 0)
 			errx(1, "Failed to read the group permissions file");
 		else if (fics_addgroup(settings_get("sysgroup")) != 0)
-- 
cgit v1.2.3