On 4 October 2017 at 17:18, Ian Jackson <ian.jack...@eu.citrix.com> wrote:
> This allows the caller to specify a uid and gid to use, even if there
> is no corresponding password entry. This will be useful in certain
> Xen configurations.
>
> Signed-off-by: Ian Jackson <ian.jack...@eu.citrix.com>
> ---
> @@ -166,17 +187,19 @@ void os_parse_cmd_args(int index, const char *optarg)
>
> static void change_process_uid(void)
> {
> - if (user_pwd) {
> - if (setgid(user_pwd->pw_gid) < 0) {
> + if (user_pwd || user_uid != (uid_t)-1) {
> + if (setgid(user_pwd ? user_pwd->pw_gid : user_gid) < 0) {
> fprintf(stderr, "Failed to setgid(%d)\n", user_pwd->pw_gid);
If you're changing the gid we pass to setgid() I think you should
also change the value we tell the user we tried to use in the
error message, or it could be rather confusing.
> exit(1);
> }
> - if (initgroups(user_pwd->pw_name, user_pwd->pw_gid) < 0) {
> + if ((user_pwd
> + ? initgroups(user_pwd->pw_name, user_pwd->pw_gid)
> + : setgroups(1, &user_gid)) < 0) {
> fprintf(stderr, "Failed to initgroups(\"%s\", %d)\n",
> user_pwd->pw_name, user_pwd->pw_gid);
...and here we might claim we failed initgroups() when we actually
failed setgroups().
> exit(1);
> }
> - if (setuid(user_pwd->pw_uid) < 0) {
> + if (setuid(user_pwd ? user_pwd->pw_uid : user_gid) < 0) {
> fprintf(stderr, "Failed to setuid(%d)\n", user_pwd->pw_uid);
This error message should be updated too.
thanks
-- PMM
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
