# HG changeset patch
# User Ivo Smits <Ivo@UCIS.nl>
# Date 1369869143 -7200
# Node ID b4de2326e9f73765b8626fa518245d0bfdab8807
# Parent  f80422b612ab6e3c30dc0ea9f7f57aba034d385c
Added chroot support

diff -r f80422b612ab -r b4de2326e9f7 src/common.c
--- a/src/common.c	Fri May 24 17:14:51 2013 +0200
+++ b/src/common.c	Thu May 30 01:12:23 2013 +0200
@@ -263,14 +263,20 @@
 
 static int drop_privileges() {
 	char* envval;
+	struct passwd *pw = NULL;
 	if (envval = getconf("SETUID")) {
+		pw = getpwnam(envval);
+		if (!pw) return errorexitp("getpwnam");
+	}
+	if (envval = getconf("CHROOT")) {
+		if (chroot(envval)) return errorexitp("chroot");
+		if (chdir("/")) return errorexitp("chdir /");
+	}
+	if (pw) {
 		if (setgroups(0, NULL) == -1) return errorexitp("setgroups");
-		struct passwd *pw = getpwnam(envval);
-		if (!pw) return errorexitp("getpwnam");
 		if (setgid(pw->pw_gid) == -1) return errorexitp("setgid");
 		if (setuid(pw->pw_uid) == -1) return errorexitp("setuid");
 	}
-	chdir("/");
 }
 
 static void qtsendnetworkpacket(struct qtsession* session, char* msg, int len) {