setpriv: allow to use group name for --groups

Addresses: https://github.com/karelzak/util-linux/issues/325
Signed-off-by: Karel Zak <kzak@redhat.com>

diff --git a/sys-utils/setpriv.1 b/sys-utils/setpriv.1
index 1c2423c65ba44fe45f00afd655df324e115f935b..9b7f43bc8f578134e7c7cc13c9d2584abceac1c5 100644 (file)
--- a/sys-utils/setpriv.1
+++ b/sys-utils/setpriv.1
@@ -36,7 +36,7 @@ Dump current privilege state.  Can be specified more than once to show extra,
 mostly useless, information.  Incompatible with all other options.
 .TP
 .B \-\-groups \fIgroup\fR...
-Set supplementary groups.  The argument is a comma-separated list.
+Set supplementary groups.  The argument is a comma-separated list of GIDs or names.
 .TP
 .BR \-\-inh\-caps " (" + | \- ) \fIcap "...  or  " \-\-ambient-caps " (" + | \- ) \fIcap "...  or  " \-\-bounding\-set " (" + | \- ) \fIcap ...
 Set the inheritable capabilities, ambient capabilities or the capability bounding set.  See

diff --git a/sys-utils/setpriv.c b/sys-utils/setpriv.c
index 0d3a3b3c9a08645addbde19b743c9fdf3cfb8687..d93341b395f31029334ebf2bb5a5a93c777f08df 100644 (file)
--- a/sys-utils/setpriv.c
+++ b/sys-utils/setpriv.c
@@ -56,6 +56,8 @@
 
 #define SETPRIV_EXIT_PRIVERR 127       /* how we exit when we fail to set privs */
 
+static gid_t get_group(const char *s, const char *err);
+
 enum cap_type {
        CAP_TYPE_EFFECTIVE   = CAPNG_EFFECTIVE,
        CAP_TYPE_PERMITTED   = CAPNG_PERMITTED,
@@ -136,7 +138,7 @@ static void __attribute__((__noreturn__)) usage(void)
        fputs(_(" --clear-groups              clear supplementary groups\n"), out);
        fputs(_(" --keep-groups               keep supplementary groups\n"), out);
        fputs(_(" --init-groups               initialize supplementary groups\n"), out);
-       fputs(_(" --groups <group,...>        set supplementary groups\n"), out);
+       fputs(_(" --groups <group,...>        set supplementary groups by UID or name\n"), out);
        fputs(_(" --securebits <bits>         set securebits\n"), out);
        fputs(_(" --pdeathsig keep|clear|<signame>\n"
                "                             set or clear parent death signal\n"), out);
@@ -456,8 +458,7 @@ static void parse_groups(struct privctx *opts, const char *str)
 
        opts->groups = xcalloc(opts->num_groups, sizeof(gid_t));
        while ((c = strsep(&groups, ",")))
-               opts->groups[i++] = (gid_t) strtol_or_err(c,
-                                                 _("Invalid supplementary group id"));
+               opts->groups[i++] = get_group(c, _("Invalid supplementary group id"));
 
        free(groups);
 }