general/2468: initgroups()

18 Jun 1998 19:50:03 -0000 

>Number:         2468
>Category:       general
>Synopsis:       initgroups()
>Confidential:   no
>Severity:       critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Thu Jun 18 12:50:01 PDT 1998
>Last-Modified:
>Originator:     [EMAIL PROTECTED]
>Organization:
apache
>Release:        1.3.0
>Environment:
Digital UNIX v4.0, using cc.
uname -a: OSF1 sauron V4.0 878 alpha
>Description:
[Thu Jun 18 15:30:47 1998] [notice] Apache/1.3.0 (Unix) configured -- resuming 
normal operations
[Thu Jun 18 15:30:47 1998] [alert] (22)Invalid argument: initgroups: unable to 
set groups for User nobody and Group 200
[Thu Jun 18 15:30:47 1998] [alert] (22)Invalid argument: initgroups: unable to 
set groups for User nobody and Group 200
[Thu Jun 18 15:30:47 1998] [alert] (22)Invalid argument: initgroups: unable to 
set groups for User nobody and Group 200
[Thu Jun 18 15:30:47 1998] [alert] (22)Invalid argument: initgroups: unable to 
set groups for User nobody and Group 200
[Thu Jun 18 15:30:47 1998] [alert] (22)Invalid argument: initgroups: unable to 
set groups for User nobody and Group 200
[Thu Jun 18 15:30:48 1998] [alert] Child 15527 returned a Fatal error... 
Apache is exiting!



>How-To-Repeat:
Run httpd, under Digital UNIX.
>Fix:
It seems that the initgroups call in http_main.c is comparing the wrong return 
value under Digital UNIX.

>From the initgroups() man page:
RETURN VALUES

  Upon successful completion, the initgroups() function returns 0 (zero). If
  the initgroups() function fails, 1 is returned and errno is set to indicate
  the error.

>From the http_main.c source:
  if (initgroups(name, ap_group_id) == -1) {
            ap_log_error(APLOG_MARK, APLOG_ALERT, server_conf,
                        "initgroups: unable to set groups for User %s "
                        "and Group %u", name, (unsigned)ap_group_id);
            clean_child_exit(APEXIT_CHILDFATAL);
        }

For Digital UNIX, it should be == 1.

I applied this fix, and the server appears to work. Without this fix, the 
server would exit, with error, immediatly.
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <[EMAIL PROTECTED]> in the Cc line ]
[and leave the subject line UNCHANGED.  This is not done]
[automatically because of the potential for mail loops. ]

Reply via email to