diff options
| author | Jakub Hrozek <jakub.hrozek@gmail.com> | 2014-07-31 10:20:40 +0200 |
|---|---|---|
| committer | Michael Adam <obnox@samba.org> | 2014-07-31 18:49:48 +0200 |
| commit | 8c251d6390abf3b7de03d1323f8525ec1d2c2528 (patch) | |
| tree | 01f04b9f4e6ae698bf47bb2f9166ceca6df1a1cf /lib/uid_wrapper/uid_wrapper.c | |
| parent | de1f924f08b2da65871645041c06443d2b6e6a87 (diff) | |
| download | samba-8c251d6390abf3b7de03d1323f8525ec1d2c2528.tar.gz samba-8c251d6390abf3b7de03d1323f8525ec1d2c2528.tar.xz samba-8c251d6390abf3b7de03d1323f8525ec1d2c2528.zip | |
uwrap: Support dropping all supplemetary groups with setgroups()
Dropping all supplementary groups is a common practice when changing
UIDs. This patch adds support for dropping all supplementary groups when
setgroups is called with size=0.
Signed-off-by: Jakub Hrozek <jakub.hrozek@gmail.com>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Diffstat (limited to 'lib/uid_wrapper/uid_wrapper.c')
| -rw-r--r-- | lib/uid_wrapper/uid_wrapper.c | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/lib/uid_wrapper/uid_wrapper.c b/lib/uid_wrapper/uid_wrapper.c index f53aa47099..2181767246 100644 --- a/lib/uid_wrapper/uid_wrapper.c +++ b/lib/uid_wrapper/uid_wrapper.c @@ -956,7 +956,11 @@ static int uwrap_setgroups_thread(size_t size, const gid_t *list) pthread_mutex_lock(&uwrap_id_mutex); - if (size > 0) { + if (size == 0) { + free(id->groups); + id->groups = NULL; + id->ngroups = 0; + } else if (size > 0) { gid_t *tmp; tmp = realloc(id->groups, sizeof(gid_t) * size); @@ -984,7 +988,13 @@ static int uwrap_setgroups(size_t size, const gid_t *list) pthread_mutex_lock(&uwrap_id_mutex); - if (size > 0) { + if (size == 0) { + for (id = uwrap.ids; id; id = id->next) { + free(id->groups); + id->groups = NULL; + id->ngroups = 0; + } + } else if (size > 0) { for (id = uwrap.ids; id; id = id->next) { gid_t *tmp; |