os-posix: set groups properly for -runas

Andrew Griffiths reports that -runas does not set supplementary group IDs. This means that gid 0 (root) is not dropped when switching to an unprivileged user. Add an initgroups(3) call to use the -runas user's /etc/groups membership to update the supplementary group IDs. Signed-off-by: N Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Acked-by: N Chris Wright <chrisw@sous-sol.org> Signed-off-by: N Blue Swirl <blauwirbel@gmail.com>

os-posix: set groups properly for -runas
Andrew Griffiths reports that -runas does not set supplementary group IDs. This means that gid 0 (root) is not dropped when switching to an unprivileged user. Add an initgroups(3) call to use the -runas user's /etc/groups membership to update the supplementary group IDs. Signed-off-by: N Stefan Hajnoczi <stefanha@linux.vnet.ibm.com> Acked-by: N Chris Wright <chrisw@sous-sol.org> Signed-off-by: N Blue Swirl <blauwirbel@gmail.com>
cc4662f9 · Stefan Hajnoczi · Blue Swirl · 429bef69 · cc4662f9
隐藏空白更改
内联并排

Showing with 6 addition and 0 deletion

os-posix.c os-posix.c +6 -0

未找到文件。
--- a/os-posix.c
+++ b/os-posix.c
@@ -31,6 +31,7 @@
 /*needed for MAP_POPULATE before including qemu-options.h */
 #include <sys/mman.h>
 #include <pwd.h>
+#include <grp.h>
 #include <libgen.h>

 /* Needed early for CONFIG_BSD etc. */
@@ -199,6 +200,11 @@ static void change_process_uid(void)
            fprintf(stderr, "Failed to setgid(%d)\n", user_pwd->pw_gid);
            exit(1);
        }
+        if (initgroups(user_pwd->pw_name, user_pwd->pw_gid) < 0) {
+            fprintf(stderr, "Failed to initgroups(\"%s\", %d)\n",
+                    user_pwd->pw_name, user_pwd->pw_gid);
+            exit(1);
+        }
        if (setuid(user_pwd->pw_uid) < 0) {
            fprintf(stderr, "Failed to setuid(%d)\n", user_pwd->pw_uid);
            exit(1);