From 8e76363ccf2cdc05b691337d07291cd27107e468 Mon Sep 17 00:00:00 2001 From: Tsukasa Hiiragi Date: Tue, 8 Nov 2016 16:50:32 +0200 Subject: [PATCH] Fix chown on /var/lib/zerotier-one --- osdep/LinuxDropPrivileges.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/osdep/LinuxDropPrivileges.cpp b/osdep/LinuxDropPrivileges.cpp index dab85bd8f..e2688e65a 100644 --- a/osdep/LinuxDropPrivileges.cpp +++ b/osdep/LinuxDropPrivileges.cpp @@ -102,6 +102,8 @@ void dropPrivileges(std::string homeDir) { return; } + createOwnedHomedir(homeDir, targetUser); + if (prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_NET_RAW, 0, 0) < 0) { // Kernel has no support for ambient capabilities. notDropping(homeDir); @@ -113,8 +115,6 @@ void dropPrivileges(std::string homeDir) { return; } - createOwnedHomedir(homeDir, targetUser); - if (setCapabilities((1 << CAP_NET_ADMIN) | (1 << CAP_NET_RAW) | (1 << CAP_SETUID) | (1 << CAP_SETGID)) < 0) { fprintf(stderr, "ERROR: failed to set capabilities (not running as real root?)\n"); exit(1);