util: introduce reset_uid_gid() for resetting all uids and gids to 0

diff --git a/src/shared/util.c b/src/shared/util.c
index c3b08bbc431851cef47ea31a84d9c65be52b6bbb..5f5cfcb011bbfe03402bb03f64e94c7d9b91eba8 100644 (file)
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -4686,16 +4686,7 @@ int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int root_fd) {
                         return -errno;
         }
 
-        if (setresgid(0, 0, 0) < 0)
-                return -errno;
-
-        if (setgroups(0, NULL) < 0)
-                return -errno;
-
-        if (setresuid(0, 0, 0) < 0)
-                return -errno;
-
-        return 0;
+        return reset_uid_gid();
 }
 
 int getpeercred(int fd, struct ucred *ucred) {
@@ -6247,3 +6238,17 @@ int mount_move_root(const char *path) {
 
         return 0;
 }
+
+int reset_uid_gid(void) {
+
+        if (setgroups(0, NULL) < 0)
+                return -errno;
+
+        if (setresgid(0, 0, 0) < 0)
+                return -errno;
+
+        if (setresuid(0, 0, 0) < 0)
+                return -errno;
+
+        return 0;
+}

diff --git a/src/shared/util.h b/src/shared/util.h
index f0382f0d68a6dd3d48e011d0dc993554df9c7239..24a26728465cde170954e13596e9e16e521410e1 100644 (file)
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -908,3 +908,5 @@ char *shell_maybe_quote(const char *s);
 int parse_mode(const char *s, mode_t *ret);
 
 int mount_move_root(const char *path);
+
+int reset_uid_gid(void);