daemon: no initgroups() when already running as the configured user

We can assume that initgroups() would be a no-op in that case, however initgroups() is not allowed for unprivileged users anyway.
2013-12-29 13:58:39 +01:00 · 2013-12-29 13:58:39 +01:00 · e30b356eb0
parent 09a0803116
commit e30b356eb0
2 changed files with 7 additions and 1 deletions
--- a/2
+++ b/2
@ -1,4 +1,6 @@
 ver 0.18.7 (not yet released)
+* daemon: don't initialize supplementary groups when already running
+  as the configured user

 ver 0.18.6 (2013/12/24)
 * input
--- a/src/Daemon.cxx
+++ b/src/Daemon.cxx
@ -116,7 +116,11 @@ daemonize_set_user(void)
 	/* init supplementary groups
 	 * (must be done before we change our uid)
 	 */
-	if (!had_group && initgroups(user_name, user_gid) == -1) {
+	if (!had_group &&
+	    /* no need to set the new user's supplementary groups if
+	       we are already this user */
+	    user_uid != getuid() &&
+	    initgroups(user_name, user_gid) == -1) {
 		FormatFatalSystemError("Failed to set supplementary groups "
 				       "of user \"%s\"",
 				       user_name);