![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8461fc5)
raw | patch | inline | side by side (parent: 8461fc5)
| author | Florian Forster <octo@huhu.verplant.org> | |
| Tue, 19 Feb 2008 12:55:32 +0000 (13:55 +0100) | ||
| committer | Florian Forster <octo@huhu.verplant.org> | |
| Tue, 19 Feb 2008 12:55:32 +0000 (13:55 +0100) |
Thanks to Peter Holik for suggesting this.
| configure.in | patch | blob | history | |
| src/exec.c | patch | blob | history |
diff --git a/configure.in b/configure.in
index 5555c8a0a966b70aa33586f0daf9f8b05bd7c87b..2379cbe79dbb31755647951f6718d53cab8b5f12 100644 (file)
--- a/configure.in
+++ b/configure.in
AC_FUNC_STRERROR_R
-AC_CHECK_FUNCS(getpwnam_r)
-AC_CHECK_FUNCS(getgrnam_r)
+AC_CHECK_FUNCS(getpwnam_r getgrnam_r setgroups regcomp regerror regexec regfree)
socket_needs_socket="no"
AC_CHECK_FUNCS(socket, [], AC_CHECK_LIB(socket, socket, [socket_needs_socket="yes"], AC_MSG_ERROR(cannot find socket)))
AC_CHECK_FUNCS(nanosleep, [], AC_CHECK_LIB(rt, nanosleep, [nanosleep_needs_rt="yes"], AC_MSG_ERROR(cannot find nanosleep)))
AM_CONDITIONAL(BUILD_WITH_LIBRT, test "x$nanosleep_needs_rt" = "xyes")
-AC_CHECK_FUNCS(regcomp regerror regexec regfree)
-
AC_CHECK_FUNCS(sysctlbyname, [have_sysctlbyname="yes"], [have_sysctlbyname="no"])
AC_CHECK_FUNCS(host_statistics, [have_host_statistics="yes"], [have_host_statistics="no"])
AC_CHECK_FUNCS(processor_info, [have_processor_info="yes"], [have_processor_info="no"])
diff --git a/src/exec.c b/src/exec.c
index fd20191a253f55417d302500d2d7fc3bfa89b35e..b8b538b8c765d1f09ea5312b39e384b11306c92b 100644 (file)
--- a/src/exec.c
+++ b/src/exec.c
}
} /* if (pl->group == NULL) */
+#if HAVE_SETGROUPS
+ if (getuid () == 0)
+ {
+ gid_t glist[2];
+ size_t glist_len;
+
+ glist[0] = gid;
+ glist_len = 1;
+
+ if (gid != egid)
+ {
+ glist[1] = egid;
+ glist_len = 2;
+ }
+
+ setgroups (glist_len, glist);
+ }
+#endif /* HAVE_SETGROUPS */
+
status = setgid (gid);
if (status != 0)
{