This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH v2] support_become_root: Don't fail when /proc/<pid/setgroups is missing

From: Andreas Schwab <schwab at linux-m68k dot org>
To: Christian Brauner <christian dot brauner at ubuntu dot com>
Cc: libc-alpha at sourceware dot org, fweimer at redhat dot com
Date: Sat, 18 Nov 2017 16:33:14 +0100
Subject: Re: [PATCH v2] support_become_root: Don't fail when /proc/<pid/setgroups is missing
Authentication-results: sourceware.org; auth=none
References: <20171118151311.20305-1-christian.brauner@ubuntu.com>

On Nov 18 2017, Christian Brauner <christian.brauner@ubuntu.com> wrote:

> @@ -50,11 +51,21 @@ setup_uid_gid_mapping (uid_t original_uid, gid_t original_gid)
>    xwrite (fd, buf, ret);
>    xclose (fd);
>  
> -  /* Disable setgroups before mapping groups, otherwise that would
> -     fail with EPERM.  */
> -  fd = xopen ("/proc/self/setgroups", O_WRONLY, 0);
> -  xwrite (fd, "deny\n", strlen ("deny\n"));
> -  xclose (fd);
> +  /* Linux 3.19 introduced the setgroups file.  We need write "deny" to this
> +   * file otherwise writing to gid_map will fail with EPERM.  */

Wrong comment style.

Andreas.

-- 
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."

References:
- [PATCH v2] support_become_root: Don't fail when /proc/<pid/setgroups is missing
  - From: Christian Brauner

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]