From fcfffb5cf14ddd2ff28873e2274bca226441b40b Mon Sep 17 00:00:00 2001 From: Alexey Tikhonov Date: Mon, 7 Aug 2023 18:51:54 +0200 Subject: [PATCH] UTILS: swap order of seteuid()/setegid() MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Otherwise it fails with: ``` 6906 16:40:32.455571 setresuid(-1, 996, -1) = 0 6906 16:40:32.455590 setresgid(-1, 993, -1) = -1 EPERM (Operation not permitted) ``` Reviewed-by: Alejandro López Reviewed-by: Iker Pedrosa Reference: https://github.com/SSSD/sssd/commit/fcfffb5cf14ddd2ff28873e2274bca226441b40b Conflict: NA --- src/util/usertools.c | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/src/util/usertools.c b/src/util/usertools.c index 40c141032..8084760a0 100644 --- a/src/util/usertools.c +++ b/src/util/usertools.c @@ -860,16 +860,17 @@ void sss_set_sssd_user_eid(void) if (geteuid() == 0) { sss_sssd_user_uid_and_gid(&uid, &gid); - if (seteuid(uid) != EOK) { - DEBUG(SSSDBG_MINOR_FAILURE, - "Failed to set euid to %"SPRIuid": %s\n", - uid, sss_strerror(errno)); - } + if (setegid(gid) != EOK) { - DEBUG(SSSDBG_MINOR_FAILURE, + DEBUG(SSSDBG_IMPORTANT_INFO, "Failed to set egid to %"SPRIgid": %s\n", gid, sss_strerror(errno)); } + if (seteuid(uid) != EOK) { + DEBUG(SSSDBG_IMPORTANT_INFO, + "Failed to set euid to %"SPRIuid": %s\n", + uid, sss_strerror(errno)); + } } } @@ -877,12 +878,12 @@ void sss_restore_sssd_user_eid(void) { if (getuid() == 0) { if (seteuid(getuid()) != EOK) { - DEBUG(SSSDBG_MINOR_FAILURE, + DEBUG(SSSDBG_IMPORTANT_INFO, "Failed to restore euid: %s\n", sss_strerror(errno)); } if (setegid(getgid()) != EOK) { - DEBUG(SSSDBG_MINOR_FAILURE, + DEBUG(SSSDBG_IMPORTANT_INFO, "Failed to restore egid: %s\n", sss_strerror(errno)); } -- 2.27.0