[SCM] UID Wrapper Repository - branch master updated

Andreas Schneider asn at samba.org
Thu Jul 31 01:38:59 MDT 2014 

The branch, master has been updated
       via  05893df Bump version to 1.0.2.
       via  0b46313 uwrap: Support dropping all supplemetary groups with setgroups()
      from  6e1a69f doc: Add a manpage for uid_wrapper.

http://gitweb.samba.org/?p=uid_wrapper.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 05893dfad64dc5da232ec7ea505655de5b6841c3
Author: Andreas Schneider <asn at samba.org>
Date:   Wed Jul 30 14:48:04 2014 +0200

    Bump version to 1.0.2.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Michael Adam <obnox at samba.org>

commit 0b46313c34a9ecceee9eeb2cbae0abe01133c96b
Author: Jakub Hrozek <jakub.hrozek at gmail.com>
Date:   Tue Jul 29 19:20:07 2014 +0200

    uwrap: Support dropping all supplemetary groups with setgroups()
    
    Dropping all supplementary groups is a common practice when changing
    UIDs. This patch adds support for dropping all supplementary groups when
    setgroups is called with size=0.
    
    Signed-off-by: Jakub Hrozek <jakub.hrozek at gmail.com>
    Reviewed-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Michael Adam <obnox at samba.org>
    
    tests: Fix test for dopping supplementary groups.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>

-----------------------------------------------------------------------

Summary of changes:
 CMakeLists.txt    |    4 ++--
 ChangeLog         |    6 ++++++
 src/uid_wrapper.c |   14 ++++++++++++--
 tests/testsuite.c |   25 +++++++++++++++++++++++++
 4 files changed, 45 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/CMakeLists.txt b/CMakeLists.txt
index af76cb8..1d591fd 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -8,7 +8,7 @@ set(APPLICATION_NAME ${PROJECT_NAME})
 
 set(APPLICATION_VERSION_MAJOR "1")
 set(APPLICATION_VERSION_MINOR "0")
-set(APPLICATION_VERSION_PATCH "1")
+set(APPLICATION_VERSION_PATCH "2")
 
 set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINOR}.${APPLICATION_VERSION_PATCH}")
 
@@ -19,7 +19,7 @@ set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINO
 #     Increment AGE. Set REVISION to 0
 #   If the source code was changed, but there were no interface changes:
 #     Increment REVISION.
-set(LIBRARY_VERSION "0.0.1")
+set(LIBRARY_VERSION "0.0.2")
 set(LIBRARY_SOVERSION "0")
 
 # where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked
diff --git a/ChangeLog b/ChangeLog
index b15ee88..4fdb805 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,12 @@
 ChangeLog
 ==========
 
+version 1.0.2 (released 2014-07-31)
+  * Added better logging system.
+  * Added a mapnpage
+  * Added build and install instructions
+  * Fixed threading issue in the desctructor.
+
 version 1.0.1 (released 2014-02-04)
   * Added --libs to pkg-config.
   * Added socket_wrapper-config.cmake
diff --git a/src/uid_wrapper.c b/src/uid_wrapper.c
index f53aa47..2181767 100644
--- a/src/uid_wrapper.c
+++ b/src/uid_wrapper.c
@@ -956,7 +956,11 @@ static int uwrap_setgroups_thread(size_t size, const gid_t *list)
 
 	pthread_mutex_lock(&uwrap_id_mutex);
 
-	if (size > 0) {
+	if (size == 0) {
+		free(id->groups);
+		id->groups = NULL;
+		id->ngroups = 0;
+	} else if (size > 0) {
 		gid_t *tmp;
 
 		tmp = realloc(id->groups, sizeof(gid_t) * size);
@@ -984,7 +988,13 @@ static int uwrap_setgroups(size_t size, const gid_t *list)
 
 	pthread_mutex_lock(&uwrap_id_mutex);
 
-	if (size > 0) {
+	if (size == 0) {
+		for (id = uwrap.ids; id; id = id->next) {
+			free(id->groups);
+			id->groups = NULL;
+			id->ngroups = 0;
+		}
+	} else if (size > 0) {
 		for (id = uwrap.ids; id; id = id->next) {
 			gid_t *tmp;
 
diff --git a/tests/testsuite.c b/tests/testsuite.c
index beff0fe..828cb42 100644
--- a/tests/testsuite.c
+++ b/tests/testsuite.c
@@ -288,6 +288,17 @@ static void test_uwrap_setgroups(void **state)
 	assert_int_equal(rc, 5);
 
 	assert_memory_equal(glist, rlist, sizeof(glist));
+
+	/* Drop all supplementary groups. This is often done by daemons */
+	memset(rlist, 0, sizeof(rlist));
+
+	rc = setgroups(0, NULL);
+	assert_int_equal(rc, 0);
+
+	rc = getgroups(ARRAY_SIZE(rlist), rlist);
+	assert_int_equal(rc, 0);
+
+	assert_int_equal(rlist[0], 0);
 }
 
 #if defined(SYS_setgroups) || defined(SYS_setroups32)
@@ -310,6 +321,20 @@ static void test_uwrap_syscall_setgroups(void **state)
 	assert_int_equal(rc, 5);
 
 	assert_memory_equal(glist, rlist, sizeof(glist));
+
+	/* Drop all supplementary groups. This is often done by daemons */
+	memset(rlist, 0, sizeof(rlist));
+#ifdef SYS_setgroups
+	rc = syscall(SYS_setgroups, 0, NULL);
+#elif SYS_setgroups32
+	rc = syscall(SYS_setgroups32, 0, NULL);
+#endif
+	assert_int_equal(rc, 0);
+
+	rc = getgroups(ARRAY_SIZE(rlist), rlist);
+	assert_int_equal(rc, 0);
+
+	assert_int_equal(rlist[0], 0);
 }
 #endif
 


-- 
UID Wrapper Repository

More information about the samba-cvs mailing list