mirror/openvpn
0
0
Fork 0
mirror of https://github.com/OpenVPN/openvpn.git synced 2024-09-20 12:02:28 +02:00
Code
8c7c6be489
openvpn/plugin/down-root
History
james 5bb8bfea43 Fixed a couple issues in sample plugins auth-pam.c and down-root.c: 
1. Fail gracefully rather than segfault if calloc returns NULL.

2. The openvpn_plugin_abort_v1 function can potentially be called
   with handle == NULL.  Add code to detect this case, and if
   so, avoid dereferencing pointers derived from handle.

(Thanks to David Sommerseth for finding this bug).


git-svn-id: http://svn.openvpn.net/projects/openvpn/branches/BETA21/openvpn@5261 e7ae566f-a301-0410-adde-c780ea21d3b5
2009-12-10 23:50:03 +00:00
..
down-root.c Fixed a couple issues in sample plugins auth-pam.c and down-root.c: 2009-12-10 23:50:03 +00:00
Makefile Reverted plugin directory location. 2005-10-16 12:24:10 +00:00
README Reverted plugin directory location. 2005-10-16 12:24:10 +00:00

README 

down-root -- an OpenVPN Plugin Module

SYNOPSIS

The down-root module allows an OpenVPN configuration to
call a down script with root privileges, even when privileges
have been dropped using --user/--group/--chroot.

This module uses a split privilege execution model which will
fork() before OpenVPN drops root privileges, at the point where
the --up script is usually called.  The module will then remain
in a wait state until it receives a message from OpenVPN via
pipe to execute the down script.  Thus, the down script will be
run in the same execution environment as the up script.

BUILD

Build this module with the "make" command.  The plugin
module will be named openvpn-down-root.so

USAGE

To use this module, add to your OpenVPN config file:

  plugin openvpn-down-root.so "command ..."

CAVEATS

This module will only work on *nix systems, not Windows.