Create empty PID file before dropping privileges.

This solves problem when PID file needs to be created in a directory
where only root can write, but the user can enter.

Change-Id: I357ece2d36574931850e366573b10dcd64c9482a

src/knot/main.c

@@ -246,12 +246,6 @@ int main(int argc, char **argv)
 	}
 	log_server_info("\n");
 
-	/* Alter privileges. */
-	log_update_privileges(conf()->uid, conf()->gid);
-	if (proc_update_privileges(conf()->uid, conf()->gid) != KNOT_EOK) {
-		return 1;
-	}
-
 	/* Create empty PID file. */
 	char* pidfile = pid_filename();
 	FILE *f = fopen(pidfile, "w");
@@ -263,6 +257,19 @@ int main(int argc, char **argv)
 	}
 	fclose(f);
 
+	/* Alter PID file privileges. */
+	if (chown(pidfile, conf()->uid, conf()->gid) < 0) {
+		log_server_warning("Cannot change PID file ownership\n");
+		free(pidfile);
+		return 1;
+	}
+
+	/* Alter privileges. */
+	log_update_privileges(conf()->uid, conf()->gid);
+	if (proc_update_privileges(conf()->uid, conf()->gid) != KNOT_EOK) {
+		return 1;
+	}
+
 	/* Load zones and add hook. */
 	zones_ns_conf_hook(conf(), server->nameserver);
 	conf_add_hook(conf(), CONF_ALL, zones_ns_conf_hook, server->nameserver);