This patch adds a call to initgroups() to also set the supplementary groups of
the ser user. I want to apply this for Debian, where we want to have rtpproxy
running setuid/setgid to rtpproxy, and add ser to the "rtpproxy" group so it
can access the rtpproxy control socket.
--- a/daemonize.c
+++ b/daemonize.c
@@ -55,6 +55,8 @@
#include <sys/time.h>
#include <sys/resource.h> /* setrlimit */
#include <unistd.h>
+#include <pwd.h>
+#include <grp.h>
#include "daemonize.h"
#include "globals.h"
@@ -219,6 +221,16 @@ int do_suid()
}
if(uid){
+ struct passwd *pw;
+
+ if (!(pw = getpwuid(uid))){
+ LOG(L_CRIT, "user lookup failed: %s\n",
strerror(errno));
+ goto error;
+ }
+ if(initgroups(user, pw->pw_gid)<0){
+ LOG(L_CRIT, "cannot set supplementary groups: %s\n",
strerror(errno));
+ goto error;
+ }
if(setuid(uid)<0){
LOG(L_CRIT, "cannot change uid to %d: %s\n", uid,
strerror(errno));
goto error;
_______________________________________________
Serdev mailing list
[email protected]
http://lists.iptel.org/mailman/listinfo/serdev
