+/**
+ * Redirect stdin, stdout and stderr to apropriate file handles.
+ */
+static void
+Setup_FDStreams( void )
+{
+ int fd;
+
+ /* Test if we can open /dev/null for reading and writing. If not
+ * we are most probably chrooted already and the server has been
+ * restarted. So we simply don't try to redirect stdXXX ... */
+ fd = open( "/dev/null", O_RDWR );
+ if ( fd < 0 ) {
+ Log(LOG_WARNING, "Could not open /dev/null: %s", strerror(errno));
+ return;
+ }
+
+ fflush(stdout);
+ fflush(stderr);
+
+ /* Create new stdin(0), stdout(1) and stderr(2) descriptors */
+ dup2( fd, 0 ); dup2( fd, 1 ); dup2( fd, 2 );
+
+ /* Close newly opened file descriptor if not stdin/out/err */
+ if( fd > 2 ) close( fd );
+} /* Setup_FDStreams */
+
+
+static bool
+NGIRCd_getNobodyID(uid_t *uid, gid_t *gid )
+{
+ struct passwd *pwd;
+
+#ifdef __CYGWIN__
+ /* Cygwin kludge.
+ * It can return EINVAL instead of EPERM
+ * so, if we are already unprivileged,
+ * use id of current user.
+ */
+ if (geteuid() && getuid()) {
+ *uid = getuid();
+ *gid = getgid();
+ return true;
+ }
+#endif
+
+ pwd = getpwnam("nobody");
+ if (!pwd) return false;
+
+ if ( !pwd->pw_uid || !pwd->pw_gid)
+ return false;
+
+ *uid = pwd->pw_uid;
+ *gid = pwd->pw_gid;
+ endpwent();
+
+ return true;
+}
+
+
+static bool
+NGIRCd_Init( bool NGIRCd_NoDaemon )
+{
+ static bool initialized;
+ bool chrooted = false;
+ struct passwd *pwd;
+ struct group *grp;
+ int real_errno;
+ pid_t pid;
+
+ if (initialized)
+ return true;
+
+ if (!ConnSSL_InitLibrary())
+ Log(LOG_WARNING, "Warning: Error during SSL initialization, continuing");
+
+ if( Conf_Chroot[0] ) {
+ if( chdir( Conf_Chroot ) != 0 ) {
+ Log( LOG_ERR, "Can't chdir() in ChrootDir (%s): %s", Conf_Chroot, strerror( errno ));
+ return false;
+ }
+
+ if( chroot( Conf_Chroot ) != 0 ) {
+ if (errno != EPERM) {
+ Log( LOG_ERR, "Can't change root directory to \"%s\": %s",
+ Conf_Chroot, strerror( errno ));
+
+ return false;
+ }
+ } else {
+ chrooted = true;
+ Log( LOG_INFO, "Changed root and working directory to \"%s\".", Conf_Chroot );
+ }
+ }
+
+ if (Conf_UID == 0) {
+ Log(LOG_INFO, "ServerUID must not be 0, using \"nobody\" instead.", Conf_UID);
+
+ if (! NGIRCd_getNobodyID(&Conf_UID, &Conf_GID)) {
+ Log(LOG_WARNING, "Could not get user/group ID of user \"nobody\": %s",
+ errno ? strerror(errno) : "not found" );
+ return false;
+ }
+ }
+
+ if (getgid() != Conf_GID) {
+ /* Change group ID */
+ if (setgid(Conf_GID) != 0) {
+ real_errno = errno;
+ Log( LOG_ERR, "Can't change group ID to %u: %s", Conf_GID, strerror( errno ));
+ if (real_errno != EPERM)
+ return false;
+ }
+ }
+
+ if (getuid() != Conf_UID) {
+ /* Change user ID */
+ if (setuid(Conf_UID) != 0) {
+ real_errno = errno;
+ Log(LOG_ERR, "Can't change user ID to %u: %s", Conf_UID, strerror(errno));
+ if (real_errno != EPERM)
+ return false;
+ }
+ }
+
+ initialized = true;
+
+ /* Normally a child process is forked which isn't any longer
+ * connected to ther controlling terminal. Use "--nodaemon"
+ * to disable this "daemon mode" (useful for debugging). */
+ if ( ! NGIRCd_NoDaemon ) {
+ pid = fork( );
+ if( pid > 0 ) {
+ /* "Old" process: exit. */
+ exit( 0 );
+ }
+ if( pid < 0 ) {
+ /* Error!? */
+ fprintf( stderr, "%s: Can't fork: %s!\nFatal error, exiting now ...\n",
+ PACKAGE_NAME, strerror( errno ));
+ exit( 1 );
+ }
+
+ /* New child process */
+#ifndef NeXT
+ (void)setsid( );
+#else
+ setpgrp(0, getpid());
+#endif
+ chdir( "/" );
+
+ /* Detach stdin, stdout and stderr */
+ Setup_FDStreams( );
+ }
+ pid = getpid();
+
+ Pidfile_Create( pid );
+
+ /* Check UID/GID we are running as, can be different from values
+ * configured (e. g. if we were already started with a UID>0. */
+ Conf_UID = getuid();
+ Conf_GID = getgid();
+
+ pwd = getpwuid( Conf_UID );
+ grp = getgrgid( Conf_GID );
+
+ Log( LOG_INFO, "Running as user %s(%ld), group %s(%ld), with PID %ld.",
+ pwd ? pwd->pw_name : "unknown", Conf_UID,
+ grp ? grp->gr_name : "unknown", Conf_GID, pid);
+
+ if ( chrooted ) {
+ Log( LOG_INFO, "Running chrooted, chrootdir \"%s\".", Conf_Chroot );
+ return true;
+ } else {
+ Log( LOG_INFO, "Not running chrooted." );
+ }
+
+ /* Change working directory to home directory of the user
+ * we are running as (only when running in daemon mode and not in chroot) */
+
+ if ( pwd ) {
+ if (!NGIRCd_NoDaemon ) {
+ if( chdir( pwd->pw_dir ) == 0 )
+ Log( LOG_DEBUG, "Changed working directory to \"%s\" ...", pwd->pw_dir );
+ else
+ Log( LOG_INFO, "Notice: Can't change working directory to \"%s\": %s",
+ pwd->pw_dir, strerror( errno ));
+ }
+ } else {
+ Log( LOG_ERR, "Can't get user informaton for UID %d!?", Conf_UID );
+ }
+
+return true;
+}
+