[SCM] UID Wrapper Repository - branch master updated
Andreas Schneider
asn at samba.org
Thu Jul 31 01:38:59 MDT 2014
The branch, master has been updated
via 05893df Bump version to 1.0.2.
via 0b46313 uwrap: Support dropping all supplemetary groups with setgroups()
from 6e1a69f doc: Add a manpage for uid_wrapper.
http://gitweb.samba.org/?p=uid_wrapper.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 05893dfad64dc5da232ec7ea505655de5b6841c3
Author: Andreas Schneider <asn at samba.org>
Date: Wed Jul 30 14:48:04 2014 +0200
Bump version to 1.0.2.
Signed-off-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
commit 0b46313c34a9ecceee9eeb2cbae0abe01133c96b
Author: Jakub Hrozek <jakub.hrozek at gmail.com>
Date: Tue Jul 29 19:20:07 2014 +0200
uwrap: Support dropping all supplemetary groups with setgroups()
Dropping all supplementary groups is a common practice when changing
UIDs. This patch adds support for dropping all supplementary groups when
setgroups is called with size=0.
Signed-off-by: Jakub Hrozek <jakub.hrozek at gmail.com>
Reviewed-by: Andreas Schneider <asn at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
tests: Fix test for dopping supplementary groups.
Signed-off-by: Andreas Schneider <asn at samba.org>
-----------------------------------------------------------------------
Summary of changes:
CMakeLists.txt | 4 ++--
ChangeLog | 6 ++++++
src/uid_wrapper.c | 14 ++++++++++++--
tests/testsuite.c | 25 +++++++++++++++++++++++++
4 files changed, 45 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/CMakeLists.txt b/CMakeLists.txt
index af76cb8..1d591fd 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -8,7 +8,7 @@ set(APPLICATION_NAME ${PROJECT_NAME})
set(APPLICATION_VERSION_MAJOR "1")
set(APPLICATION_VERSION_MINOR "0")
-set(APPLICATION_VERSION_PATCH "1")
+set(APPLICATION_VERSION_PATCH "2")
set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINOR}.${APPLICATION_VERSION_PATCH}")
@@ -19,7 +19,7 @@ set(APPLICATION_VERSION "${APPLICATION_VERSION_MAJOR}.${APPLICATION_VERSION_MINO
# Increment AGE. Set REVISION to 0
# If the source code was changed, but there were no interface changes:
# Increment REVISION.
-set(LIBRARY_VERSION "0.0.1")
+set(LIBRARY_VERSION "0.0.2")
set(LIBRARY_SOVERSION "0")
# where to look first for cmake modules, before ${CMAKE_ROOT}/Modules/ is checked
diff --git a/ChangeLog b/ChangeLog
index b15ee88..4fdb805 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,12 @@
ChangeLog
==========
+version 1.0.2 (released 2014-07-31)
+ * Added better logging system.
+ * Added a mapnpage
+ * Added build and install instructions
+ * Fixed threading issue in the desctructor.
+
version 1.0.1 (released 2014-02-04)
* Added --libs to pkg-config.
* Added socket_wrapper-config.cmake
diff --git a/src/uid_wrapper.c b/src/uid_wrapper.c
index f53aa47..2181767 100644
--- a/src/uid_wrapper.c
+++ b/src/uid_wrapper.c
@@ -956,7 +956,11 @@ static int uwrap_setgroups_thread(size_t size, const gid_t *list)
pthread_mutex_lock(&uwrap_id_mutex);
- if (size > 0) {
+ if (size == 0) {
+ free(id->groups);
+ id->groups = NULL;
+ id->ngroups = 0;
+ } else if (size > 0) {
gid_t *tmp;
tmp = realloc(id->groups, sizeof(gid_t) * size);
@@ -984,7 +988,13 @@ static int uwrap_setgroups(size_t size, const gid_t *list)
pthread_mutex_lock(&uwrap_id_mutex);
- if (size > 0) {
+ if (size == 0) {
+ for (id = uwrap.ids; id; id = id->next) {
+ free(id->groups);
+ id->groups = NULL;
+ id->ngroups = 0;
+ }
+ } else if (size > 0) {
for (id = uwrap.ids; id; id = id->next) {
gid_t *tmp;
diff --git a/tests/testsuite.c b/tests/testsuite.c
index beff0fe..828cb42 100644
--- a/tests/testsuite.c
+++ b/tests/testsuite.c
@@ -288,6 +288,17 @@ static void test_uwrap_setgroups(void **state)
assert_int_equal(rc, 5);
assert_memory_equal(glist, rlist, sizeof(glist));
+
+ /* Drop all supplementary groups. This is often done by daemons */
+ memset(rlist, 0, sizeof(rlist));
+
+ rc = setgroups(0, NULL);
+ assert_int_equal(rc, 0);
+
+ rc = getgroups(ARRAY_SIZE(rlist), rlist);
+ assert_int_equal(rc, 0);
+
+ assert_int_equal(rlist[0], 0);
}
#if defined(SYS_setgroups) || defined(SYS_setroups32)
@@ -310,6 +321,20 @@ static void test_uwrap_syscall_setgroups(void **state)
assert_int_equal(rc, 5);
assert_memory_equal(glist, rlist, sizeof(glist));
+
+ /* Drop all supplementary groups. This is often done by daemons */
+ memset(rlist, 0, sizeof(rlist));
+#ifdef SYS_setgroups
+ rc = syscall(SYS_setgroups, 0, NULL);
+#elif SYS_setgroups32
+ rc = syscall(SYS_setgroups32, 0, NULL);
+#endif
+ assert_int_equal(rc, 0);
+
+ rc = getgroups(ARRAY_SIZE(rlist), rlist);
+ assert_int_equal(rc, 0);
+
+ assert_int_equal(rlist[0], 0);
}
#endif
--
UID Wrapper Repository
More information about the samba-cvs
mailing list