From: Juergen Perlinger <perlinger@ntp.org>
Date: Sun, 11 Nov 2018 11:03:14 +0000 (+0100)
Subject: [Bug 3549] Spurious initgroups() error message
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=14aceda93126b104bb062d99f6ed74a66f437be1;p=thirdparty%2Fntp.git

[Bug 3549] Spurious initgroups() error message

bk: 5be80c72etERR8v9S3109Xyd6jkUAQ
---

diff --git a/ChangeLog b/ChangeLog
index f381a093c..42bcd34d7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+---
+* [Bug 3549] Spurious initgroups() error message <perlinger@ntp.org>
+  - patch by Christous Zoulas
+
 ---
 (4.2.8p12) 2018/08/14 Released by Harlan Stenn <stenn@ntp.org>
 
diff --git a/ntpd/ntpd.c b/ntpd/ntpd.c
index b477a7180..070d7e9b5 100644
--- a/ntpd/ntpd.c
+++ b/ntpd/ntpd.c
@@ -688,24 +688,9 @@ getgroup:
 	return 1;
 }
 
-/*
- * Change (effective) user and group IDs, also initialize the supplementary group access list
- */
-int
-set_user_group_ids(
-	)
+static int
+set_group_ids(void)
 {
-	/* If the the user was already mapped, no need to map it again */
-	if ((NULL != user) && (0 == sw_uid)) {
-		if (0 == map_user())
-			exit (-1);
-	}
-	/* same applies for the group */
-	if ((NULL != group) && (0 == sw_gid)) {
-		if (0 == map_group())
-			exit (-1);
-	}
-
 	if (user && initgroups(user, sw_gid)) {
 		msyslog(LOG_ERR, "Cannot initgroups() to user `%s': %m", user);
 		return 0;
@@ -729,6 +714,12 @@ set_user_group_ids(
 			msyslog(LOG_ERR, "initgroups(<%s>, %d) filed: %m", pw->pw_name, pw->pw_gid);
 			return 0;
 		}
+	return 1;
+}
+
+static int
+set_user_ids(void)
+{
 	if (user && setuid(sw_uid)) {
 		msyslog(LOG_ERR, "Cannot setuid() to user `%s': %m", user);
 		return 0;
@@ -737,6 +728,31 @@ set_user_group_ids(
 		msyslog(LOG_ERR, "Cannot seteuid() to user `%s': %m", user);
 		return 0;
 	}
+	return 1;
+}
+
+/*
+ * Change (effective) user and group IDs, also initialize the supplementary group access list
+ */
+int set_user_group_ids(void);
+int
+set_user_group_ids(void)
+{
+	/* If the the user was already mapped, no need to map it again */
+	if ((NULL != user) && (0 == sw_uid)) {
+		if (0 == map_user())
+			exit (-1);
+	}
+	/* same applies for the group */
+	if ((NULL != group) && (0 == sw_gid)) {
+		if (0 == map_group())
+			exit (-1);
+	}
+
+	if (getegid() != sw_gid && 0 == set_group_ids())
+		return 0;
+	if (geteuid() != sw_uid && 0 == set_user_ids())
+		return 0;
 
 	return 1;
 }