diff options
| -rw-r--r-- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | Cargo.lock | 1 | ||||
| -rw-r--r-- | mullvad-daemon/Cargo.toml | 1 | ||||
| -rw-r--r-- | mullvad-daemon/src/main.rs | 18 |
4 files changed, 21 insertions, 0 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index c9f627d558..9aa5532dd1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -18,6 +18,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). - Add `--disable-rpc-auth` flag to daemon to make it accept unauthorized control. - Add colors to terminal output on macOS and Linux. - Add details to mullvad CLI interface error for when it doesn't trust the RPC file. +- Warn if daemon is running as a non-root user. ### Fixed - Fix a bug in account input field that advanced the cursor to the end regardless its prior diff --git a/Cargo.lock b/Cargo.lock index b3dd34d69e..95023a14de 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -673,6 +673,7 @@ dependencies = [ "jsonrpc-pubsub 7.1.1 (git+https://github.com/paritytech/jsonrpc?tag=v7.1.1)", "jsonrpc-ws-server 7.1.1 (git+https://github.com/paritytech/jsonrpc?tag=v7.1.1)", "lazy_static 1.0.0 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.2.35 (registry+https://github.com/rust-lang/crates.io-index)", "log 0.4.1 (registry+https://github.com/rust-lang/crates.io-index)", "mullvad-rpc 0.1.0", "mullvad-types 0.1.0", diff --git a/mullvad-daemon/Cargo.toml b/mullvad-daemon/Cargo.toml index 6bba73bbd3..d253d017bc 100644 --- a/mullvad-daemon/Cargo.toml +++ b/mullvad-daemon/Cargo.toml @@ -34,6 +34,7 @@ talpid-ipc = { path = "../talpid-ipc" } talpid-types = { path = "../talpid-types" } [target.'cfg(unix)'.dependencies] +libc = "0.2" simple-signal = "1.1" [target.'cfg(windows)'.dependencies] diff --git a/mullvad-daemon/src/main.rs b/mullvad-daemon/src/main.rs index d6cc7755fc..821206636d 100644 --- a/mullvad-daemon/src/main.rs +++ b/mullvad-daemon/src/main.rs @@ -14,6 +14,8 @@ extern crate clap; #[macro_use] extern crate error_chain; extern crate futures; +#[cfg(unix)] +extern crate libc; #[macro_use] extern crate log; @@ -766,6 +768,10 @@ fn run() -> Result<()> { .chain_err(|| "Unable to initialize logger")?; log_version(); + if !running_as_admin() { + warn!("Running daemon as a non-administrator user, clients might refuse to connect"); + } + let resource_dir = config.resource_dir.unwrap_or_else(|| get_resource_dir()); let daemon = Daemon::new(config.tunnel_log_file, resource_dir, config.require_auth) .chain_err(|| "Unable to initialize daemon")?; @@ -805,3 +811,15 @@ fn get_resource_dir() -> PathBuf { } } } + +#[cfg(unix)] +fn running_as_admin() -> bool { + let uid = unsafe { libc::getuid() }; + uid == 0 +} + +#[cfg(windows)] +fn running_as_admin() -> bool { + // TODO: Check if user is administrator correctly on Windows. + true +} |