From: Jim Meyering Date: Wed, 27 May 2009 21:06:15 +0000 (+0200) Subject: chroot: don't set bogus user-ID or group-ID for --u=U: or --u=:G X-Git-Tag: v7.5~113 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2e62250e987dfb2e6253f512ef52707edc626719;p=thirdparty%2Fcoreutils.git chroot: don't set bogus user-ID or group-ID for --u=U: or --u=:G * src/chroot.c (main): Initialize both "uid" and "gid". To -1. This also allows one to set the user-ID or primary group-ID to 0, in case it's not that already. * tests/chroot/credentials: Test for the above. --- diff --git a/src/chroot.c b/src/chroot.c index dccddd7228..39b3acf03a 100644 --- a/src/chroot.c +++ b/src/chroot.c @@ -202,8 +202,8 @@ main (int argc, char **argv) if (userspec) { - uid_t uid; - gid_t gid; + uid_t uid = -1; + gid_t gid = -1; char *user; char *group; char const *err = parse_user_spec (userspec, &uid, &gid, &user, &group); @@ -223,13 +223,13 @@ main (int argc, char **argv) fail = true; } - if (gid && setgid (gid)) + if (gid != (gid_t) -1 && setgid (gid)) { error (0, errno, _("failed to set group-ID")); fail = true; } - if (uid && setuid (uid)) + if (uid != (uid_t) -1 && setuid (uid)) { error (0, errno, _("failed to set user-ID")); fail = true; diff --git a/tests/chroot/credentials b/tests/chroot/credentials index 23d66bd624..b76edea7db 100755 --- a/tests/chroot/credentials +++ b/tests/chroot/credentials @@ -40,4 +40,13 @@ test "$(chroot --userspec=$NON_ROOT_USERNAME:$NON_ROOT_GROUP / whoami)" != root test "$(chroot --userspec=$NON_ROOT_USERNAME:$NON_ROOT_GROUP --groups= / id -nG)"\ = $NON_ROOT_GROUP || fail=1 +# Verify that when specifying only the user name we get the current +# primary group ID. +test "$(chroot --userspec=$NON_ROOT_USERNAME / id -g)" = "$(id -g)" \ + || fail=1 + +# Verify that when specifying only a group we get the current user ID +test "$(chroot --userspec=:$NON_ROOT_GROUP / id -u)" = "$(id -u)" \ + || fail=1 + Exit $fail