search

DNSCrypt / dnscrypt-proxy

dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.
https://dnscrypt.info
ISC License
11.45k stars 1.01k forks source link

Missing privilege drop in 2.0.17 under OpenWrt / MIPS #607

Closed sz4bi closed 6 years ago

sz4bi commented 6 years ago

After updating from 2.0.16 to 2.0.17, dnscrypt-proxy is not starting on OpenWRT / MIPS (TPLink WDR3600) platform until I comment out the "user_name" option in the configuration file:

daemon.alert dnscrypt-proxy[32619]: user: Current not implemented on linux/mips

jedisct1 commented 6 years ago

Apparently, on Linux, the HOME and USER environment variables need to be set in order for this to work.

I don't know why :)

jedisct1 commented 6 years ago

e4a1245 should fix it.

sz4bi commented 6 years ago

Thanks for the quick fix! Now starting with user_name 'nobody' enabled, but after that just crashing

Mon Oct  8 20:24:25 2018 daemon.notice dnscrypt-proxy[23802]: Source [public-resolvers.md] loaded
Mon Oct  8 20:24:25 2018 daemon.notice dnscrypt-proxy[23802]: dnscrypt-proxy 2.0.17
Mon Oct  8 20:24:31 2018 daemon.notice dnscrypt-proxy[23815]: Source [public-resolvers.md] loaded
Mon Oct  8 20:24:32 2018 daemon.notice dnscrypt-proxy[23815]: dnscrypt-proxy 2.0.17
Mon Oct  8 20:24:38 2018 daemon.notice dnscrypt-proxy[23822]: Source [public-resolvers.md] loaded
Mon Oct  8 20:24:38 2018 daemon.notice dnscrypt-proxy[23822]: dnscrypt-proxy 2.0.17
Mon Oct  8 20:24:45 2018 daemon.notice dnscrypt-proxy[23828]: Source [public-resolvers.md] loaded
Mon Oct  8 20:24:45 2018 daemon.notice dnscrypt-proxy[23828]: dnscrypt-proxy 2.0.17
Mon Oct  8 20:24:51 2018 daemon.notice dnscrypt-proxy[23836]: Source [public-resolvers.md] loaded
Mon Oct  8 20:24:51 2018 daemon.notice dnscrypt-proxy[23836]: dnscrypt-proxy 2.0.17
Mon Oct  8 20:24:59 2018 daemon.notice dnscrypt-proxy[23845]: Source [public-resolvers.md] loaded
Mon Oct  8 20:24:59 2018 daemon.notice dnscrypt-proxy[23845]: dnscrypt-proxy 2.0.17
Mon Oct  8 20:24:59 2018 daemon.info procd: Instance dnscrypt-proxy2::instance1 s in a crash loop 6 crashes, 2 seconds since last crash

Btw I used the GOMIPS=softfloat env. var for compilation, because without it I got Illegal instruction error at runtime.

jedisct1 commented 6 years ago

Does it work if you don't change anything, only remove user_name?

sz4bi commented 6 years ago

yes, it's working if I comment out user_name, using it this way since compilation