diff options
| author | Arne H Juul <arnej27959@users.noreply.github.com> | 2021-08-31 08:21:50 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-08-31 08:21:50 +0200 |
| commit | d14d32e58b3d4e1ec5e98c85d65282ba62d622f9 (patch) | |
| tree | 47563c0636085665e16a7f957b48717195ed7026 | |
| parent | 243e03113abd14ef2b6fcab0c05ae1397b59d743 (diff) | |
| parent | 62bcc067edffe1a6e711b496cfb8d0000d67ce01 (diff) | |
Merge pull request #18880 from vespa-engine/arnej/also-set-supplementary-groups
use getgrouplist and also change supplementary groups
| -rw-r--r-- | configd/src/apps/su/main.cpp | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/configd/src/apps/su/main.cpp b/configd/src/apps/su/main.cpp index 095bbdb6844..f61faf01fee 100644 --- a/configd/src/apps/su/main.cpp +++ b/configd/src/apps/su/main.cpp @@ -28,6 +28,23 @@ int main(int argc, char** argv) gid_t g = p->pw_gid; uid_t u = p->pw_uid; + gid_t grouplist[256]; + int group_arr_sz = 256; +#ifdef __APPLE__ + int mac_gid = g; + int mac_groups[256]; + int ggl = getgrouplist(username, mac_gid, mac_groups, &group_arr_sz); + if (ggl < 0) { + group_arr_sz = 0; + } else { + for (int i = 0; i < group_arr_sz; ++i) { + grouplist[i] = (gid_t) mac_groups[i]; + } + } +#else + int ggl = getgrouplist(username, g, grouplist, &group_arr_sz); +#endif + gid_t oldg = getgid(); uid_t oldu = getuid(); @@ -36,7 +53,11 @@ int main(int argc, char** argv) return 1; } size_t listsize = 1; - gid_t grouplist[1] = { g }; + if (ggl >= 0 && group_arr_sz > 0) { + listsize = group_arr_sz; + } else { + grouplist[0] = g; + } if ((g != oldg || u != oldu) && setgroups(listsize, grouplist) != 0) { perror("FATAL error: could not setgroups"); return 1; |