Minor improvements for the user_name option (#559)

* Fix missing pidfile when run with user_name opt.

* Make sure we are root when dropping privilege

This is required on macOS.

* Kill child process on exit. Fixes https://github.com/jedisct1/dnscrypt-proxy/issues/547

dnscrypt-proxy/main.go

@@ -98,8 +98,8 @@ func (app *App) Start(service service.Service) error {
 }
 
 func (app *App) AppMain(proxy *Proxy) {
-	proxy.StartProxy()
 	pidfile.Write()
+	proxy.StartProxy()
 	<-app.quit
 	dlog.Notice("Quit signal received...")
 	app.wg.Done()
@@ -110,6 +110,7 @@ func (app *App) Stop(service service.Service) error {
 	if pidFilePath := pidfile.GetPidfilePath(); len(pidFilePath) > 1 {
 		os.Remove(pidFilePath)
 	}
+	killChild()
 	dlog.Notice("Stopped.")
 	return nil
 }

dnscrypt-proxy/privilege_others.go

@@ -14,7 +14,16 @@ import (
 	"github.com/jedisct1/dlog"
 )
 
+var cmd *exec.Cmd
+
 func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {
+	currentUser, err := user.Current()
+	if err != nil {
+		dlog.Fatal(err)
+	}
+	if currentUser.Uid != "0" {
+		dlog.Fatal("I need root permissions. Try again with 'sudo'")
+	}
 	user, err := user.Lookup(userStr)
 	args := os.Args
 
@@ -45,7 +54,7 @@ func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {
 
 	dlog.Notice("Dropping privileges")
 	for {
-		cmd := exec.Command(path, args...)
+		cmd = exec.Command(path, args...)
 		cmd.Stdout = os.Stdout
 		cmd.Stderr = os.Stderr
 		cmd.ExtraFiles = fds
@@ -58,3 +67,11 @@ func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {
 	}
 	os.Exit(0)
 }
+
+func killChild() {
+	if cmd != nil {
+		if err := cmd.Process.Kill(); err != nil {
+			dlog.Fatal("Failed to kill child process.")
+		}
+	}
+}

dnscrypt-proxy/privilege_windows.go

@@ -3,3 +3,4 @@ package main
 import "os"
 
 func (proxy *Proxy) dropPrivilege(userStr string, fds []*os.File) {}
+func killChild() {}