From 7c341aef347eb2a399a2717aa79ac6043f503430 Mon Sep 17 00:00:00 2001
From: Daniel Linjama <daniel@dev.linjama.com>
Date: Wed, 6 Apr 2022 21:02:40 +0300
Subject: vpn: Replace hardcoded paths with RUNSTATEDIR

Replace hardcoded /var/run paths with configurable RUNSTATEDIR
---
 vpn/plugins/vpnc.c | 2 +-
 vpn/vpn-util.c     | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/vpn/plugins/vpnc.c b/vpn/plugins/vpnc.c
index d11b9111..73012c5b 100644
--- a/vpn/plugins/vpnc.c
+++ b/vpn/plugins/vpnc.c
@@ -54,7 +54,7 @@
 #include "../vpn.h"
 
 #define ARRAY_SIZE(a) (sizeof(a)/sizeof(a[0]))
-#define PID_PATH_ROOT "/var/run/user"
+#define PID_PATH_ROOT RUNSTATEDIR "/user"
 
 enum {
 	OPT_STRING = 1,
diff --git a/vpn/vpn-util.c b/vpn/vpn-util.c
index 9ef14d38..bc3b01dd 100644
--- a/vpn/vpn-util.c
+++ b/vpn/vpn-util.c
@@ -102,8 +102,8 @@ struct group *vpn_util_get_group(const char *groupname)
  * running a VPN plugin as a different user and thus, user specific run dir is
  * allowed and limitation to access any other system dir is restricted.
  */
-static const char *allowed_prefixes[] = { "/var/run/connman-vpn/",
-					"/var/run/user/", "/tmp/", NULL };
+static const char *allowed_prefixes[] = { RUNSTATEDIR "/connman-vpn/",
+					RUNSTATEDIR "/user/", "/tmp/", NULL };
 
 static int is_path_allowed(const char *path)
 {
-- 
cgit v1.2.1