summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenys Vlasenko2011-09-15 18:27:05 +0200
committerDenys Vlasenko2011-09-15 18:27:05 +0200
commit585541e8e338a85b9f18cf5f6ed88758b29e61f2 (patch)
tree6d17c3f52ecc3b9e05430793a923edb9b2551683
parentdd1eb413f28a2a8b5768056e1967e87b2363dc32 (diff)
downloadbusybox-585541e8e338a85b9f18cf5f6ed88758b29e61f2.zip
busybox-585541e8e338a85b9f18cf5f6ed88758b29e61f2.tar.gz
start_stop_daemon: set complementary group ids too. Closes 3253
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-rw-r--r--debianutils/start_stop_daemon.c12
-rw-r--r--networking/inetd.c2
2 files changed, 11 insertions, 3 deletions
diff --git a/debianutils/start_stop_daemon.c b/debianutils/start_stop_daemon.c
index bc61959..02609c0 100644
--- a/debianutils/start_stop_daemon.c
+++ b/debianutils/start_stop_daemon.c
@@ -502,8 +502,16 @@ int start_stop_daemon_main(int argc UNUSED_PARAM, char **argv)
if (opt & OPT_c) {
struct bb_uidgid_t ugid = { -1, -1 };
parse_chown_usergroup_or_die(&ugid, chuid);
- if (ugid.gid != (gid_t) -1) xsetgid(ugid.gid);
- if (ugid.uid != (uid_t) -1) xsetuid(ugid.uid);
+ if (ugid.uid != (uid_t) -1) {
+ struct passwd *pw = xgetpwuid(ugid.uid);
+ if (ugid.gid != (gid_t) -1)
+ pw->pw_gid = ugid.gid;
+ /* initgroups, setgid, setuid: */
+ change_identity(pw);
+ } else if (ugid.gid != (gid_t) -1) {
+ xsetgid(ugid.gid);
+ setgroups(1, &ugid.gid);
+ }
}
#if ENABLE_FEATURE_START_STOP_DAEMON_FANCY
if (opt & OPT_NICELEVEL) {
diff --git a/networking/inetd.c b/networking/inetd.c
index fc6847b..26b6699 100644
--- a/networking/inetd.c
+++ b/networking/inetd.c
@@ -1414,7 +1414,7 @@ int inetd_main(int argc UNUSED_PARAM, char **argv)
bb_error_msg("non-root must run services as himself");
goto do_exit1;
}
- if (pwd->pw_uid) {
+ if (pwd->pw_uid != 0) {
if (sep->se_group)
pwd->pw_gid = grp->gr_gid;
/* initgroups, setgid, setuid: */