summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDjalal Harouni <tixxdz@opendz.org>2016-10-24 13:13:06 +0200
committerLennart Poettering <lennart@poettering.net>2016-10-24 13:13:06 +0200
commit366ddd252ed25397ead209228b48c5eef93ced2e (patch)
tree26bfc5e02a5e776242011cf3bd14fa59bc56fe07
parent60f17f75d10638975ee05bda11cb02ee8b5cbf10 (diff)
core: do not assert when sysconf(_SC_NGROUPS_MAX) fails (#4466)
Remove the assert and check the return code of sysconf(_SC_NGROUPS_MAX). _SC_NGROUPS_MAX maps to NGROUPS_MAX which is defined in <limits.h> to 65536 these days. The value is a sysctl read-only /proc/sys/kernel/ngroups_max and the kernel assumes that it is always positive otherwise things may break. Follow this and support only positive values for all other case return either -errno or -EOPNOTSUPP. Now if there are systems that want to re-write NGROUPS_MAX then they should not pass SupplementaryGroups= in units even if it is empty, in this case nothing fails and we just ignore supplementary groups. However if SupplementaryGroups= is passed even if it is empty we have to assume that there will be groups manipulation from our side or the kernel and since the kernel always assumes that NGROUPS_MAX is positive, then follow that and support only positive values.
-rw-r--r--src/core/execute.c15
1 files changed, 13 insertions, 2 deletions
diff --git a/src/core/execute.c b/src/core/execute.c
index a9b2b8f299..53356c3c06 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -789,6 +789,19 @@ static int get_fixed_supplementary_groups(const ExecContext *c,
return 0;
/*
+ * If SupplementaryGroups= was passed then NGROUPS_MAX has to
+ * be positive, otherwise fail.
+ */
+ errno = 0;
+ ngroups_max = (int) sysconf(_SC_NGROUPS_MAX);
+ if (ngroups_max <= 0) {
+ if (errno > 0)
+ return -errno;
+ else
+ return -EOPNOTSUPP; /* For all other values */
+ }
+
+ /*
* If user is given, then lookup GID and supplementary group list.
* We avoid NSS lookups for gid=0.
*/
@@ -800,8 +813,6 @@ static int get_fixed_supplementary_groups(const ExecContext *c,
keep_groups = true;
}
- assert_se((ngroups_max = (int) sysconf(_SC_NGROUPS_MAX)) > 0);
-
l_gids = new(gid_t, ngroups_max);
if (!l_gids)
return -ENOMEM;