On 10/04/2017 05:18 PM, Ian Jackson wrote:
This allows the caller to specify a uid and gid to use, even if there
is no corresponding password entry. This will be useful in certain
Xen configurations.
Signed-off-by: Ian Jackson <ian.jack...@eu.citrix.com>
snip
@@ -166,17 +187,19 @@ void os_parse_cmd_args(int index, const char *optarg)
static void change_process_uid(void)
{
- if (user_pwd) {
- if (setgid(user_pwd->pw_gid) < 0) {
+ if (user_pwd || user_uid != (uid_t)-1) {
+ if (setgid(user_pwd ? user_pwd->pw_gid : user_gid) < 0) {
fprintf(stderr, "Failed to setgid(%d)\n", user_pwd->pw_gid);
exit(1);
}
- if (initgroups(user_pwd->pw_name, user_pwd->pw_gid) < 0) {
+ if ((user_pwd
+ ? initgroups(user_pwd->pw_name, user_pwd->pw_gid)
+ : setgroups(1, &user_gid)) < 0) {
fprintf(stderr, "Failed to initgroups(\"%s\", %d)\n",
user_pwd->pw_name, user_pwd->pw_gid);
exit(1);
}
- if (setuid(user_pwd->pw_uid) < 0) {
+ if (setuid(user_pwd ? user_pwd->pw_uid : user_gid) < 0) {
fprintf(stderr, "Failed to setuid(%d)\n", user_pwd->pw_uid);
exit(1);
}
This last one should be user_uid, not user_gid.
--
Ross Lagerwall
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
