From: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
To: trinity@vger.kernel.org, Dave Jones <davej@redhat.com>
Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
Subject: [PATCH] uid: initialize nobody_uid/nobody/gid only if --dropprivs requested
Date: Tue, 1 Apr 2014 13:57:28 +0300 [thread overview]
Message-ID: <1396349848-11537-1-git-send-email-kirill.shutemov@linux.intel.com> (raw)
I don't have nobody user in my dummy rootfs for virtual machine and
trinity stops on getpwnam("nobody").
Let's request uid/gid for nobody only if --dropprivs requested.
Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com>
---
trinity.c | 4 ++--
uid.c | 3 +++
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/trinity.c b/trinity.c
index dd32418411be..4d8d200c7a89 100644
--- a/trinity.c
+++ b/trinity.c
@@ -66,8 +66,6 @@ int main(int argc, char* argv[])
initpid = getpid();
- init_uids();
-
page_size = getpagesize();
num_online_cpus = sysconf(_SC_NPROCESSORS_ONLN);
max_children = num_online_cpus; /* possibly overridden in params. */
@@ -80,6 +78,8 @@ int main(int argc, char* argv[])
create_shm_arrays();
+ init_uids();
+
if (logging == TRUE)
open_logfiles();
diff --git a/uid.c b/uid.c
index 6a7e65a6a722..fbcf4744cb15 100644
--- a/uid.c
+++ b/uid.c
@@ -55,6 +55,9 @@ void init_uids(void)
orig_uid = getuid();
orig_gid = getgid();
+ if (dropprivs == FALSE)
+ return;
+
passwd = getpwnam("nobody");
if (passwd == NULL) {
outputerr("Error getting nobody pwent (%s)\n", strerror(errno));
--
1.9.1
reply other threads:[~2014-04-01 10:57 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1396349848-11537-1-git-send-email-kirill.shutemov@linux.intel.com \
--to=kirill.shutemov@linux.intel.com \
--cc=davej@redhat.com \
--cc=trinity@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).