From: Karel Zak <kzak@redhat.com>
Date: Thu, 11 Feb 2016 11:07:34 +0000 (+0100)
Subject: swapon: drop perms if setuid before call mkswap
X-Git-Tag: v2.28-rc1~120
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=eac478dcfd6ab8f3eb1ed1acbcb872573da02a0f;p=thirdparty%2Futil-linux.git

swapon: drop perms if setuid before call mkswap

Signed-off-by: Karel Zak <kzak@redhat.com>
---

diff --git a/sys-utils/swapon.c b/sys-utils/swapon.c
index 7d68c42d78..914e69ad4b 100644
--- a/sys-utils/swapon.c
+++ b/sys-utils/swapon.c
@@ -295,10 +295,6 @@ static int swap_reinitialize(struct swapon_ctl *ctl)
 	char const *cmd[7];
 	int idx=0;
 
-	if (geteuid() != getuid()) {
-		warnx(_("will not execute mkswap when swapon is setuid binary"));
-		return -1;
-	}
 	warnx(_("%s: reinitializing the swap."), ctl->device);
 
 	switch ((pid=fork())) {
@@ -307,6 +303,14 @@ static int swap_reinitialize(struct swapon_ctl *ctl)
 		return -1;
 
 	case 0:	/* child */
+		if (geteuid() != getuid()) {
+			/* in case someone uses swapon as setuid binary */
+			if (setgid(getgid()) < 0)
+				exit(EXIT_FAILURE);
+			if (setuid(getuid()) < 0)
+				exit(EXIT_FAILURE);
+		}
+
 		cmd[idx++] = "mkswap";
 		if (ctl->label) {
 			cmd[idx++] = "-L";