Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP2:GA
autofs.34435
autofs-5.1.8-dont-use-initgroups-at-spawn.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File autofs-5.1.8-dont-use-initgroups-at-spawn.patch of Package autofs.34435
From 25213a749c727e0c309940da5bca35ab53083434 Mon Sep 17 00:00:00 2001 From: Ian Kent <raven@themaw.net> Date: Thu, 28 Apr 2022 09:11:27 +0800 Subject: [PATCH] autofs-5.1.8 - dont use initgroups() at spawn The initgroups(3) function isn't safe to use between fork() and exec() in a threaded program. Using it this way often leads to a hang for even moderate work loads. But the getgrouplist()/setgroups() combination can be used safely in this case and this patch changes autofs to use these (the safety of using of setgroups() is yet to to be documented). A large portion of the work on this patch has been contributed by Roberto Bergantinos <rbergant@redhat.com>. Reported-by: Roberto Bergantinos <rbergant@redhat.com> Fixes: 6343a3292020 ("autofs-5.1.3 - fix ordering of seteuid/setegid in do_spawn()") Signed-off-by: Roberto Bergantinos <rbergant@redhat.com> Signed-off-by: Ian Kent <raven@themaw.net> --- daemon/spawn.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 48 insertions(+), 4 deletions(-) diff --git a/daemon/spawn.c b/daemon/spawn.c index 914e528..6f8856a 100644 --- a/daemon/spawn.c +++ b/daemon/spawn.c @@ -26,6 +26,7 @@ #include <sys/wait.h> #include <sys/stat.h> #include <sys/mount.h> +#include <pwd.h> #include "automount.h" @@ -335,6 +336,10 @@ static int do_spawn(unsigned logopt, unsigned int wait, struct thread_stdenv_vars *tsv; pid_t euid = 0; gid_t egid = 0; + gid_t *groups = NULL; + gid_t *saved_groups = NULL; + int ngroups = 0; + int nsaved_groups = 0; if (open_pipe(pipefd)) return -1; @@ -357,6 +362,31 @@ static int do_spawn(unsigned logopt, unsigned int wait, egid = tsv->gid; } + + if (euid) { + struct passwd *pwd; + + pwd = getpwuid(getuid()); + if (!pwd) + fprintf(stderr, + "warning: getpwuid: can't get current username\n"); + else { + /* get number of groups for current gid */ + getgrouplist(pwd->pw_name, getgid(), NULL, &nsaved_groups); + saved_groups = malloc(nsaved_groups * sizeof(gid_t)); + + /* get current gid groups list */ + getgrouplist(pwd->pw_name, getgid(), saved_groups, &nsaved_groups); + } + + /* get number of groups of mount triggering process */ + getgrouplist(tsv->user, egid, NULL, &ngroups); + groups = malloc(ngroups * sizeof(gid_t)); + + /* get groups list of mount triggering process */ + getgrouplist(tsv->user, egid, groups, &ngroups); + } + f = fork(); if (f == 0) { char **pargv = (char **) argv; @@ -398,10 +428,13 @@ static int do_spawn(unsigned logopt, unsigned int wait, * program group to trigger mount */ if (euid) { - if (initgroups(tsv->user, egid) == -1) - fprintf(stderr, - "warning: initgroups: %s\n", - strerror(errno)); + if (groups) { + if (setgroups(ngroups, groups) == -1) + fprintf(stderr, + "warning: setgroups: %s\n", + strerror(errno)); + free(groups); + } if (setegid(egid) == -1) fprintf(stderr, "warning: setegid: %s\n", @@ -436,6 +469,11 @@ static int do_spawn(unsigned logopt, unsigned int wait, setegid(0); if (pgrp >= 0) setpgid(0, pgrp); + /* Reset groups for trigger of trailing mount */ + if (euid && saved_groups) { + setgroups(nsaved_groups, saved_groups); + free(saved_groups); + } /* * The kernel leaves mount type autofs alone because @@ -474,6 +512,11 @@ done: sigaddset(&tmpsig, SIGCHLD); pthread_sigmask(SIG_SETMASK, &tmpsig, NULL); + if (groups) + free(groups); + if (saved_groups) + free(saved_groups); + close(pipefd[1]); if (f < 0) { -- 2.35.3
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor