swapon: drop perms if setuid before call mkswap

Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/sys-utils/swapon.c b/sys-utils/swapon.c
index 7d68c42d7892d02c1fbc5354006bf01f6376851c..914e69ad4b94418ffaa89c131c14f00ee169d697 100644 (file)
--- a/sys-utils/swapon.c
+++ b/sys-utils/swapon.c
@@ -295,10 +295,6 @@ static int swap_reinitialize(struct swapon_ctl *ctl)
        char const *cmd[7];
        int idx=0;
 
-       if (geteuid() != getuid()) {
-               warnx(_("will not execute mkswap when swapon is setuid binary"));
-               return -1;
-       }
        warnx(_("%s: reinitializing the swap."), ctl->device);
 
        switch ((pid=fork())) {
@@ -307,6 +303,14 @@ static int swap_reinitialize(struct swapon_ctl *ctl)
                return -1;
 
        case 0: /* child */
+               if (geteuid() != getuid()) {
+                       /* in case someone uses swapon as setuid binary */
+                       if (setgid(getgid()) < 0)
+                               exit(EXIT_FAILURE);
+                       if (setuid(getuid()) < 0)
+                               exit(EXIT_FAILURE);
+               }
+
                cmd[idx++] = "mkswap";
                if (ctl->label) {
                        cmd[idx++] = "-L";