59 lines
1.7 KiB
Diff
59 lines
1.7 KiB
Diff
From d324c6776b3a1d4ac22bced543f72dc5dd366927 Mon Sep 17 00:00:00 2001
|
|
From: Iker Pedrosa <ipedrosa@redhat.com>
|
|
Date: Thu, 6 Oct 2022 11:21:18 +0200
|
|
Subject: [PATCH] libmisc: minimum id check for system accounts
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
The minimum id allocation for system accounts shouldn't be 0 as this is
|
|
reserved for root.
|
|
|
|
Signed-off-by: Tomáš Mráz <tm@t8m.info>
|
|
Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
|
|
|
|
Conflict: NA
|
|
Reference: https://github.com/shadow-maint/shadow/commit/d324c6776b3a1d4ac22bced543f72dc5dd366927
|
|
|
|
---
|
|
libmisc/find_new_gid.c | 7 +++++++
|
|
libmisc/find_new_uid.c | 7 +++++++
|
|
2 files changed, 14 insertions(+)
|
|
|
|
diff --git a/libmisc/find_new_gid.c b/libmisc/find_new_gid.c
|
|
index 666b61078..65ab5d013 100644
|
|
--- a/libmisc/find_new_gid.c
|
|
+++ b/libmisc/find_new_gid.c
|
|
@@ -60,6 +60,13 @@ static int get_ranges (bool sys_group, gid_t *min_id, gid_t *max_id,
|
|
(unsigned long) *max_id);
|
|
return EINVAL;
|
|
}
|
|
+ /*
|
|
+ * Zero is reserved for root and the allocation algorithm does not
|
|
+ * work right with it.
|
|
+ */
|
|
+ if (*min_id == 0) {
|
|
+ *min_id = (gid_t) 1;
|
|
+ }
|
|
} else {
|
|
/* Non-system groups */
|
|
|
|
diff --git a/libmisc/find_new_uid.c b/libmisc/find_new_uid.c
|
|
index 322d15ab7..5f7e74b53 100644
|
|
--- a/libmisc/find_new_uid.c
|
|
+++ b/libmisc/find_new_uid.c
|
|
@@ -60,6 +60,13 @@ static int get_ranges (bool sys_user, uid_t *min_id, uid_t *max_id,
|
|
(unsigned long) *max_id);
|
|
return EINVAL;
|
|
}
|
|
+ /*
|
|
+ * Zero is reserved for root and the allocation algorithm does not
|
|
+ * work right with it.
|
|
+ */
|
|
+ if (*min_id == 0) {
|
|
+ *min_id = (uid_t) 1;
|
|
+ }
|
|
} else {
|
|
/* Non-system users */
|
|
|