[repos]
adrop /
bind sockets then drop privleges, passing the file descriptors to a command
git clone http://git/adrop
Makefile
main.c
readme.md 
# adrop

```
Usage: ./adrop {OPTIONS} [SOCKETS..] -- [COMMAND..]

  Bind sockets then drop privileges, passsing the file descriptors to COMMAND.

Quick examples:

  Bound ports with positional arguments:

sudo ./adrop -u www-daemon -g www --respawn 80 443 \
  -- node server.js --http-fd={} --https-fd={}

  Bound ports with named arguments:

sudo ./adrop -u email:email imap_plain=143 imap_ssl=993 smtp0=25 smtp1=587 smtp2=2525 \
  -- ./smtp --smtp-plain={smtp0},{smtp1},{smtp2} \
    --imap-plain={imap_plain} --imap-ssl={imap_ssl}

  Bound ipv4 and ipv6 ports with indexed arguments:

sudo ./adrop -u xyzw [::1]:700 127.0.0.1:701 \
  -- python main.py --ipv4_fd={0} --ipv6_fd={1}

OPTIONS are:

  -h --help

Print this message and exit.

  --version

Print the version number of this software and exit.

  -u USER, --user=USER

Call setuid() with USER as an id or name.

  -u USER:GROUP, --user=USER:GROUP

Call setuid() with USER and setgid() with GROUP, both as an id or name.

  -g GROUP --group=GROUP

Call setgid() with GROUP as an id or name.

  -r --respawn

When COMMAND terminates, run the COMMAND again.

  -q --quiet

Suppress output when a process exits in respawn mode.

  -d DELAY --delay=DELAY

Wait DELAY seconds between retries when --respawn is given. Default: 1.0

  -e KEY=VALUE --env KEY=VALUE

Set an environment variable KEY as VALUE when executing COMMAND.

  -E --preserve-env

Pass through all environment variables to COMMAND.
By default, no environment variables are passed through.

Each SOCKET is of the form:

  HOST:PORT   bind tcp port with explicit AF_INET or AF_INET6 address
  PORT        bind tcp port on 0.0.0.0
  HOST:uPORT  bind udp port with explicit AF_INET or AF_INET6 address
  uPORT       bind udp port on 0.0.0.0
  /PATH       AF_UNIX tcp socket with absolute path
  ./PATH      AF_UNIX tcp socket with relative path
  udp:/PATH   AF_UNIX udp socket with absolute path
  udp:./PATH  AF_UNIX udp socket with relative path

  Each SOCKET may be prepended by "KEY=" for a named "{KEY}" instead of
  a positional substitution in COMMAND.

  To provide multiple HOST addresses for the same PORT, provide HOST:PORT
  pairs multiple times with the same PORT, one for each HOST.

COMMAND is a program to execute with a list of arguments:

  COMMAND will be run via exec() to take over file descriptors after running
  setuid() and/or setgid() or via fork() if --respawn is used.

  The COMMAND string may contain the special string "{}" which will be
  replaced with the corresponding file descriptor for SOCKET in the order
  provided in the SOCKETS section, left to right.

  You can also use {N} to get at the Nth (starting from 0) file descriptor
  or {KEY} to get at a socket with a name given by KEY=.

```