首页 发现 帮助
登录
Kamailio
/
kamailio
镜像自地址 https://github.com/kamailio/kamailio.git
2
0
派生 0
文件 工单管理 0 Wiki
浏览代码

- when starting ser in suid mode (e..g -u user), set also the supplementary
groups of the respective user.
Patch from Marcus Better <[email protected]>.

Andrei Pelinescu-Onciul 17 年之前
父节点
e6d55cc09a
当前提交
d32f7ac428
共有 1 个文件被更改,包括 13 次插入0 次删除
分列视图 显示文件统计
  1. 13 0
      daemonize.c

+ 13 - 0
daemonize.c
查看文件 

@@ -57,6 +57,8 @@
 
 #include <sys/time.h>    
 #include <sys/resource.h> /* setrlimit */
 
 #include <unistd.h>
 
+#include <pwd.h>
 
+#include <grp.h>
 
 
 #ifdef HAVE_SCHED_SETSCHEDULER
 
 #include <sched.h>
 
@@ -223,6 +225,8 @@ error:
 
 
 int do_suid()
 
 {
 
+	struct passwd *pw;
 
+	
 	if (gid){
 
 		if(setgid(gid)<0){
 
 			LOG(L_CRIT, "cannot change gid to %d: %s\n", gid, strerror(errno));
 
@@ -231,6 +235,15 @@ int do_suid()
 
 	}
 
 	
 	if(uid){
 
+		if (!(pw = getpwuid(uid))){
 
+			LOG(L_CRIT, "user lookup failed: %s\n", strerror(errno));
 
+			goto error;
 
+		}
 
+		if(initgroups(pw->pw_name, pw->pw_gid)<0){
 
+			LOG(L_CRIT, "cannot set supplementary groups: %s\n", 
+							strerror(errno));
 
+			goto error;
 
+		}
 
 		if(setuid(uid)<0){
 
 			LOG(L_CRIT, "cannot change uid to %d: %s\n", uid, strerror(errno));
 
 			goto error;