From 1401f9c0fa87b073ec5b92a99e806c4fd4d71416 Mon Sep 17 00:00:00 2001
From: zhong_ning <zhong_ning@hoperun.com>
Date: Tue, 10 Aug 2021 22:40:20 +0800
Subject: [PATCH] modify init setgid

Signed-off-by: zhong_ning <zhong_ning@hoperun.com>
---
 services/src/init_service.c | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/services/src/init_service.c b/services/src/init_service.c
index e3c4732a..020b5dac 100644
--- a/services/src/init_service.c
+++ b/services/src/init_service.c
@@ -77,13 +77,13 @@ static int SetAllAmbientCapability()
 
 static int SetPerms(const Service *service)
 {
-    if (KeepCapability() != 0) {
-        return SERVICE_FAILURE;
-    }
-
-    if (setgroups(service->servPerm.gIDCnt, service->servPerm.gIDArray) != 0) {
-        INIT_LOGE("SetPerms, setgroups failed. errno = %d, gIDCnt=%d", errno, service->servPerm.gIDCnt);
-        return SERVICE_FAILURE;
+    INIT_CHECK_RETURN_VALUE(KeepCapability() == 0, SERVICE_FAILURE);
+    if (service->servPerm.gIDCnt == 1) {
+        INIT_ERROR_CHECK(setgid(service->servPerm.gIDArray[0]) == 0, return SERVICE_FAILURE,
+            "SetPerms, setgid for %s failed. %d", service->name, errno);
+    } else if (service->servPerm.gIDCnt > 1){
+        INIT_ERROR_CHECK(setgroups(service->servPerm.gIDCnt, service->servPerm.gIDArray) == 0, return SERVICE_FAILURE,
+            "SetPerms, setgroups failed. errno = %d, gIDCnt=%d", errno, service->servPerm.gIDCnt);
     }
 
     if (service->servPerm.uID != 0) {
-- 
GitLab