virSetUIDGID: Don't leak supplementary groups

The LXC driver uses virSetUIDGID() to become UID/GID 0. It passes an empty groups list to virSetUIDGID() to get rid of all supplementary groups from the host side. But virSetUIDGID() calls setgroups() only if the supplied list is larger than 0. This leads to a container root with unrelated supplementary groups. In most cases this issue is unoticed as libvirtd runs as UID/GID 0 without any supplementary groups. Signed-off-by: N Richard Weinberger <richard@nod.at> Signed-off-by: N Daniel P. Berrange <berrange@redhat.com>

virSetUIDGID: Don't leak supplementary groups
The LXC driver uses virSetUIDGID() to become UID/GID 0. It passes an empty groups list to virSetUIDGID() to get rid of all supplementary groups from the host side. But virSetUIDGID() calls setgroups() only if the supplied list is larger than 0. This leads to a container root with unrelated supplementary groups. In most cases this issue is unoticed as libvirtd runs as UID/GID 0 without any supplementary groups. Signed-off-by: N Richard Weinberger <richard@nod.at> Signed-off-by: N Daniel P. Berrange <berrange@redhat.com>
867f34a6 · Richard Weinberger · Daniel P. Berrange · 370707a7 · 867f34a6
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

src/util/virutil.c src/util/virutil.c +1 -1

未找到文件。
--- a/src/util/virutil.c
+++ b/src/util/virutil.c
@@ -1103,7 +1103,7 @@ virSetUIDGID(uid_t uid, gid_t gid, gid_t *groups ATTRIBUTE_UNUSED,
    }

 # if HAVE_SETGROUPS
-    if (ngroups && setgroups(ngroups, groups) < 0) {
+    if (gid != (gid_t)-1 && setgroups(ngroups, groups) < 0) {
        virReportSystemError(errno, "%s",
                             _("cannot set supplemental groups"));
        return -1;