On 19/10/17 10:20, Jeff Mahoney wrote:
> I wondered that too but decided against it since it’s happening with root privs anyway.
Right, it's probably not a problem, lets go with it how it is and see.
Whether to continue if seteuid() fails is a good question.
The assumption is it always succeeds but I guess it might not.
It probably shouldn't continue because if automounts in a dependent path
can't be mounted (via the open()) then the requested mount can't work
properly.
>
> -Jeff
>
> --
> Jeff Mahoney
> (apologies for the top post -- from my mobile)
>
>> On Oct 18, 2017, at 10:07 PM, Ian Kent <raven@xxxxxxxxxx> wrote:
>>
>>> On 19/10/17 05:12, Jeff Mahoney wrote:
>>> In do_spawn, We call seteuid() prior to calling setegid() which means
>>> that, when we're using an unprivileged uid, we won't have permissions
>>> to set the effective group anymore.
>>>
>>> We also don't touch the group memberships so the permissions used to
>>> open the directory will will include all of root's supplementary groups
>>> and none of the user's.
>>>
>>> This patch reverses the ordering and uses initgroups() to reset the
>>> supplementary groups to the unprivileged user's groups.
>>>
>>> Signed-off-by: Jeff Mahoney <jeffm@xxxxxxxx>
>>> ---
>>> daemon/spawn.c | 15 +++++++++++++--
>>> 1 file changed, 13 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/daemon/spawn.c b/daemon/spawn.c
>>> index c640d97..62e9f02 100644
>>> --- a/daemon/spawn.c
>>> +++ b/daemon/spawn.c
>>> @@ -20,6 +20,7 @@
>>> #include <string.h>
>>> #include <sys/types.h>
>>> #include <dirent.h>
>>> +#include <grp.h>
>>> #include <time.h>
>>> #include <poll.h>
>>> #include <sys/wait.h>
>>> @@ -195,8 +196,18 @@ static int do_spawn(unsigned logopt, unsigned int wait,
>>> * program group to trigger mount
>>> */
>>> if (euid) {
>>> - seteuid(euid);
>>> - setegid(egid);
>>> + if (initgroups(tsv->user, egid) == -1)
>>
>> LOL, you spotted that one.
>>
>> I was wondering if the groups need to be restored after the open() ....
>> before the mount is executed.
>>
>>> + fprintf(stderr,
>>> + "warning: initgroups: %s\n",
>>> + strerror(errno));
>>> + if (setegid(egid) == -1)
>>> + fprintf(stderr,
>>> + "warning: setegid: %s\n",
>>> + strerror(errno));
>>> + if (seteuid(euid) == -1)
>>> + fprintf(stderr,
>>> + "warning: seteuid: %s\n",
>>> + strerror(errno));
>>> }
>>> setpgrp();
>>>
>>>
>>>
>>> --
>>> To unsubscribe from this list: send the line "unsubscribe autofs" in
>>>
>>
>>
>
> --
> To unsubscribe from this list: send the line "unsubscribe autofs" in
>
--
To unsubscribe from this list: send the line "unsubscribe autofs" in
