From 9f2414fcb6c59a39821682943dbf749cfaf05c3d Mon Sep 17 00:00:00 2001
From: Erich Eckner <git@eckner.net>
Date: Mon, 23 Sep 2019 09:29:40 +0200
Subject: sensor.c: run as "nobody", ommit debug output

---
 sensor.c | 57 ++++++++++++++++++++++++++++++++++++++++-----------------
 1 file changed, 40 insertions(+), 17 deletions(-)

diff --git a/sensor.c b/sensor.c
index f764817..0cddafc 100644
--- a/sensor.c
+++ b/sensor.c
@@ -14,6 +14,8 @@
 
 #include "wiringx.h"
 
+void drop_privileges();
+
 int main() {
 
 	if(wiringXSetup("raspberrypi3", NULL) == -1) {
@@ -26,7 +28,19 @@ int main() {
 	pinMode(9, PINMODE_INPUT);
 	pinMode(8, PINMODE_OUTPUT);
 
-	while(1) {
+	drop_privileges();
+
+	// start bit
+	digitalWrite(8, HIGH);
+	usleep(18000);
+	digitalWrite(8, LOW);
+	int bit = -3;
+	char data[5];
+	memset(&data[0], 0, 5);
+	while ((bit != 40) || ((data[0]+data[1]+data[2]+data[3]-data[4]) % 255 != 0)) {
+		sleep(2);
+		if (bit > -3)
+			fprintf(stderr, ".");
 		// start bit
 		digitalWrite(8, HIGH);
 		usleep(18000);
@@ -34,31 +48,40 @@ int main() {
 		long int cycles = 0;
 		int last_state = digitalRead(9);
 		// ignore 2 bits: reaction on command + "official" start bit
-		int bit = -2;
-		char data[5];
+		bit = -2;
 		memset(&data[0], 0, 5);
 		while (cycles < 100000) {
 			cycles++;
 			if (last_state == digitalRead(9))
 				continue;
 			if (last_state == 1) {
-				if (bit >= 0) {
-					if (cycles>400) {
-						printf("1");
-						data[bit / 8] |= 1 << 7 - (bit % 8);
-					} else
-						printf("0");
-					if ((bit+1) % 8 == 0)
-						printf(" ");
-				}
+				if ((bit >= 0) && (cycles>400))
+					data[bit / 8] |= 1 << 7 - (bit % 8);
 				bit++;
 			}
 			cycles = 0;
 			last_state = 1-last_state;
 		}
-		if ((bit == 40) && ((data[0]+data[1]+data[2]+data[3]-data[4]) % 255 == 0))
-			printf(" %f %f", data[0] + data[1]/256., data[2] + data[3]/256.);
-		printf("\n\n");
-		sleep(2);
 	}
-}
+	printf("RH: %f %%\nT: %f °C\n", data[0] + data[1]/256., data[2] + data[3]/256.);
+} // main
+
+//
+// Drop (root) privileges
+//
+void drop_privileges() {
+	/*  Drop superuser privileges in correct order */
+
+	int is_already_unprivileged = 0;
+
+	if (setgid(65534) == -1) { // nobody
+		perror("can't drop group privileges");
+		if (! (is_already_unprivileged = (errno == 1)))
+			exit(-1);
+	}
+	if (setuid(65534) == -1) { // nobody
+		perror("can't drop user privileges");
+		if (is_already_unprivileged != (errno == 1))
+		exit(-1);
+	}
+} // drop_privileges
-- 
cgit v1.2.3-54-g00ecf