+ /* TODO: If we're not root, but the configuration requests
+ * that we change to some uid other than the current one, then
+ * log a warning. */
+
+ /* TODO: Perhaps take a list of gids, and make them into the
+ * supplementary groups. */
+
+ if (use_chroot || (module_dirlen = strlen(lp_path(i))) == 1) {
+ module_dirlen = 0;
+ set_filter_dir("/", 1);
+ } else
+ set_filter_dir(lp_path(i), module_dirlen);
+
+ p = lp_filter(i);
+ parse_rule(&server_filter_list, p, MATCHFLG_WORD_SPLIT,
+ XFLG_ANCHORED2ABS);
+
+ p = lp_include_from(i);
+ parse_filter_file(&server_filter_list, p, MATCHFLG_INCLUDE,
+ XFLG_ANCHORED2ABS | XFLG_OLD_PREFIXES | XFLG_FATAL_ERRORS);
+
+ p = lp_include(i);
+ parse_rule(&server_filter_list, p,
+ MATCHFLG_INCLUDE | MATCHFLG_WORD_SPLIT,
+ XFLG_ANCHORED2ABS | XFLG_OLD_PREFIXES);
+
+ p = lp_exclude_from(i);
+ parse_filter_file(&server_filter_list, p, 0,
+ XFLG_ANCHORED2ABS | XFLG_OLD_PREFIXES | XFLG_FATAL_ERRORS);
+
+ p = lp_exclude(i);
+ parse_rule(&server_filter_list, p, MATCHFLG_WORD_SPLIT,
+ XFLG_ANCHORED2ABS | XFLG_OLD_PREFIXES);
+
+ log_init();
+
+ if (use_chroot) {
+ /*
+ * XXX: The 'use chroot' flag is a fairly reliable
+ * source of confusion, because it fails under two
+ * important circumstances: running as non-root,
+ * running on Win32 (or possibly others). On the
+ * other hand, if you are running as root, then it
+ * might be better to always use chroot.
+ *
+ * So, perhaps if we can't chroot we should just issue
+ * a warning, unless a "require chroot" flag is set,
+ * in which case we fail.
+ */
+ if (chroot(lp_path(i))) {
+ rsyserr(FLOG, errno, "chroot %s failed",
+ safe_fname(lp_path(i)));
+ io_printf(f_out, "@ERROR: chroot failed\n");
+ return -1;
+ }
+
+ if (!push_dir("/")) {
+ rsyserr(FLOG, errno, "chdir %s failed\n",
+ safe_fname(lp_path(i)));
+ io_printf(f_out, "@ERROR: chdir failed\n");
+ return -1;
+ }
+
+ } else {
+ if (!push_dir(lp_path(i))) {
+ rsyserr(FLOG, errno, "chdir %s failed\n",
+ safe_fname(lp_path(i)));
+ io_printf(f_out, "@ERROR: chdir failed\n");
+ return -1;
+ }
+ sanitize_paths = 1;