From: Michael Tokarev <mjt@tls.msk.ru>
Date: Fri, 5 Jun 2009 09:33:58 +0000 (+0400)
Subject: try outgoing connections before chroot/drop_privs
X-Git-Tag: release-1.0.10~54
X-Git-Url: https://git.librecmc.org/?p=oweals%2Ftinc.git;a=commitdiff_plain;h=591c38eb38dbf0851bdebdd50b08d1bcbf6d7b0f;hp=a42a8dde45fe95aa3fd3f7f15a74c5166efe3633

try outgoing connections before chroot/drop_privs

When chrooted, we either need to force-initialize resolver
and/or nsswitch somehow (no clean way) or resolve all the
names we want before entering chroot jail.  The latter
looks cleaner, easier and it is actually safe because
we still don't talk with the remote nodes there, only
initiating outgoing connections.
---

diff --git a/src/tincd.c b/src/tincd.c
index d359425..bec16cd 100644
--- a/src/tincd.c
+++ b/src/tincd.c
@@ -589,7 +589,11 @@ int main2(int argc, char **argv)
 	if(!setup_network())
 		goto end;
 
-        /* Change process priority */
+	/* Initiate all outgoing connections. */
+
+	try_outgoing_connections();
+
+	/* Change process priority */
 
         char *priority = 0;
 
@@ -610,10 +614,6 @@ int main2(int argc, char **argv)
 	if (!drop_privs())
 		goto end;
 
-	/* Initiate all outgoing connections. */
-
-	try_outgoing_connections();
-
 	/* Start main loop. It only exits when tinc is killed. */
 
 	status = main_loop();