int lxc_switch_uid_gid(uid_t uid, gid_t gid)
{
- if (setgid(gid) < 0) {
- SYSERROR("Failed to switch to gid %d.", gid);
- return -errno;
+ int ret = 0;
+
+ if (gid != LXC_INVALID_GID) {
+ ret = setgid(gid);
+ if (ret < 0) {
+ SYSERROR("Failed to switch to gid %d", gid);
+ return -1;
+ }
+ NOTICE("Switched to gid %d", gid);
}
- NOTICE("Switched to gid %d.", gid);
- if (setuid(uid) < 0) {
- SYSERROR("Failed to switch to uid %d.", uid);
- return -errno;
+ if (uid != LXC_INVALID_UID) {
+ ret = setuid(uid);
+ if (ret < 0) {
+ SYSERROR("Failed to switch to uid %d", uid);
+ return -1;
+ }
+ NOTICE("Switched to uid %d", uid);
}
- NOTICE("Switched to uid %d.", uid);
- return 0;
+ return ret;
}
/* Simple covenience function which enables uniform logging. */
/* Check whether a signal is blocked by a process. */
extern bool task_blocks_signal(pid_t pid, int signal);
-/* Switch to a new uid and gid. */
+/* Switch to a new uid and gid.
+ * If LXC_INVALID_{G,U}ID is passed then the set{g,u}id() will not be called.
+ */
extern int lxc_switch_uid_gid(uid_t uid, gid_t gid);
extern int lxc_setgroups(int size, gid_t list[]);
projects / thirdparty / lxc.git / commitdiff
