1 files changed, 75 insertions, 0 deletions

diff --git a/puppet-0.25.1-0001-Initialize-supplementary-groups-ported-patch-from-0..patch b/puppet-0.25.1-0001-Initialize-supplementary-groups-ported-patch-from-0..patch
new file mode 100644
index 0000000..3cc8c09
--- /dev/null
+++ b/puppet-0.25.1-0001-Initialize-supplementary-groups-ported-patch-from-0..patch
@@ -0,0 +1,75 @@
+From 50952a627a9c96a147c7bcac91f6e2380e483310 Mon Sep 17 00:00:00 2001
+From: Jeroen van Meeuwen (Fedora Unity) <kanarip@fedoraunity.org>
+Date: Wed, 25 Nov 2009 13:38:52 +0100
+Subject: [PATCH] Initialize supplementary groups (ported patch from 0.24.8 originally from Till Maas)
+
+---
+ lib/puppet/util.rb             |    5 +++--
+ lib/puppet/util/suidmanager.rb |   12 +++++++++++-
+ 2 files changed, 14 insertions(+), 3 deletions(-)
+
+diff --git a/lib/puppet/util.rb b/lib/puppet/util.rb
+index 6f83c7a..8e2e8a3 100644
+--- a/lib/puppet/util.rb
++++ b/lib/puppet/util.rb
+@@ -55,10 +55,11 @@ module Util
+             end
+             unless Puppet::Util::SUIDManager.uid == user
+                 begin
++                    Puppet::Util::SUIDManager.initgroups(user)
+                     Puppet::Util::SUIDManager.uid = user
+                     Puppet::Util::SUIDManager.euid = user
+-                rescue
+-                    $stderr.puts "could not change to user %s" % user
++                rescue => detail
++                    $stderr.puts "could not change to user %s: %s" % [user, detail]
+                     exit(74)
+                 end
+             end
+diff --git a/lib/puppet/util/suidmanager.rb b/lib/puppet/util/suidmanager.rb
+index c5df0d1..7896945 100644
+--- a/lib/puppet/util/suidmanager.rb
++++ b/lib/puppet/util/suidmanager.rb
+@@ -7,7 +7,7 @@ module Puppet::Util::SUIDManager
+     extend Forwardable
+ 
+     to_delegate_to_process = [ :euid=, :euid, :egid=, :egid,
+-                               :uid=, :uid, :gid=, :gid ]
++                               :uid=, :uid, :gid=, :gid, :groups=, :groups ]
+ 
+     to_delegate_to_process.each do |method|
+         def_delegator Process, method
+@@ -26,13 +26,16 @@ module Puppet::Util::SUIDManager
+         # We set both because some programs like to drop privs, i.e. bash.
+         old_uid, old_gid = self.uid, self.gid
+         old_euid, old_egid = self.euid, self.egid
++        old_groups = self.groups
+         begin
+             self.egid = convert_xid :gid, new_gid if new_gid
++            self.initgroups(convert_xid(:uid, new_uid)) if new_uid
+             self.euid = convert_xid :uid, new_uid if new_uid
+ 
+             yield
+         ensure
+             self.euid, self.egid = old_euid, old_egid
++            self.groups = old_groups
+         end
+     end
+     module_function :asuser
+@@ -49,6 +52,13 @@ module Puppet::Util::SUIDManager
+     end
+     module_function :convert_xid
+ 
++    # Initialize supplementary groups
++    def initgroups(user)
++        require 'etc'
++        Process.initgroups(Etc.getpwuid(user).name, Process.gid)
++    end
++    module_function :initgroups
++
+ 
+     def run_and_capture(command, new_uid=nil, new_gid=nil)
+         output = Puppet::Util.execute(command, :failonfail => false, :uid => new_uid, :gid => new_gid)
+-- 
+1.6.5.2
+