From 7260d3c4eefd3e5122920be11083f3e06f705f9f Mon Sep 17 00:00:00 2001
From: Dylan Hicks <dylanh333@outlook.com>
Date: Sun, 10 Jun 2018 17:06:55 +0800
Subject: [PATCH] Made gitignore ignore temporary vim files; made init.js drop
 its privileges; improved description of package.json

---
 .gitignore                 | 4 ++++
 dylan-testing/core/init.js | 7 ++++++-
 dylan-testing/package.json | 2 +-
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/.gitignore b/.gitignore
index 4a4d573..959fcc6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -67,3 +67,7 @@ typings/
 
 # next.js build output
 .next
+
+# Ignore temporary backup files created by vim
+*~
+.swp
diff --git a/dylan-testing/core/init.js b/dylan-testing/core/init.js
index 5d8204a..314219a 100644
--- a/dylan-testing/core/init.js
+++ b/dylan-testing/core/init.js
@@ -90,9 +90,14 @@ module.exports = function main(){
         var spawnOpts = {
             stdio:"inherit", uid:config.serviceUid, gid:config.serviceGid
         };
-        cproc.spawn(nodejs, ["core/pam-service.js"], spawnOpts);
+        var rootSpawnOpts = {stdio:"inherit", gid:config.serviceGid};
+        cproc.spawn(nodejs, ["core/pam-service.js"], rootSpawnOpts);
         cproc.spawn(nodejs, ["core/proxy-service.js"], spawnOpts);
         cproc.spawn(nodejs, ["core/login-service.js"], spawnOpts);
+
+        // Drop privileges
+        process.setgid(config.serviceGid);
+        process.setuid(config.serviceUid);
     }
     catch(e){
         //console.error("Fatal Error: " + e.message);
diff --git a/dylan-testing/package.json b/dylan-testing/package.json
index 3c5ca47..94c7b19 100644
--- a/dylan-testing/package.json
+++ b/dylan-testing/package.json
@@ -1,7 +1,7 @@
 {
   "name": "ucc-portal",
   "version": "0.0.1",
-  "description": "An easy to use self-service portal for UCC members to configure their shell, mail forwarding address, and other things that would normally require knowledge of the Linux command line.",
+  "description": "An easy to use self-service portal for UCC members to check their dispense credit, configure mail forwarding address, and other things that would normally require knowledge of the Linux command line.",
   "main": "uccportal.js",
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1"
-- 
GitLab