diff options
author | Tor Egge <Tor.Egge@oath.com> | 2018-03-12 11:29:46 +0000 |
---|---|---|
committer | Tor Egge <Tor.Egge@oath.com> | 2018-03-12 11:43:56 +0000 |
commit | 410933939a74e42874dd580bfe0051b3222185a5 (patch) | |
tree | fcc0b90f8766f6515f395234521e4ff6b269b10a /configd/src | |
parent | 3a8b891dcd7f394129a7a7ba700bf525126db44f (diff) |
Changes to allow unprivileged vespa.
Diffstat (limited to 'configd/src')
-rw-r--r-- | configd/src/apps/su/main.cpp | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/configd/src/apps/su/main.cpp b/configd/src/apps/su/main.cpp index ceecc71ae5a..abef5c69036 100644 --- a/configd/src/apps/su/main.cpp +++ b/configd/src/apps/su/main.cpp @@ -28,17 +28,20 @@ int main(int argc, char** argv) gid_t g = p->pw_gid; uid_t u = p->pw_uid; - if (setgid(g) != 0) { + gid_t oldg = getgid(); + uid_t oldu = getuid(); + + if (g != oldg && setgid(g) != 0) { perror("FATAL error: could not change group id"); exit(1); } size_t listsize = 1; gid_t grouplist[1] = { g }; - if (setgroups(listsize, grouplist) != 0) { + if ((g != oldg || u != oldu) && setgroups(listsize, grouplist) != 0) { perror("FATAL error: could not setgroups"); exit(1); } - if (setuid(u) != 0) { + if (u != oldu && setuid(u) != 0) { perror("FATAL error: could not change user id"); exit(1); } |