diff options
author | Djalal Harouni <tixxdz@opendz.org> | 2016-10-24 13:13:06 +0200 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2016-10-24 13:13:06 +0200 |
commit | 366ddd252ed25397ead209228b48c5eef93ced2e (patch) | |
tree | 26bfc5e02a5e776242011cf3bd14fa59bc56fe07 | |
parent | 60f17f75d10638975ee05bda11cb02ee8b5cbf10 (diff) |
core: do not assert when sysconf(_SC_NGROUPS_MAX) fails (#4466)
Remove the assert and check the return code of sysconf(_SC_NGROUPS_MAX).
_SC_NGROUPS_MAX maps to NGROUPS_MAX which is defined in <limits.h> to
65536 these days. The value is a sysctl read-only
/proc/sys/kernel/ngroups_max and the kernel assumes that it is always
positive otherwise things may break. Follow this and support only
positive values for all other case return either -errno or -EOPNOTSUPP.
Now if there are systems that want to re-write NGROUPS_MAX then they
should not pass SupplementaryGroups= in units even if it is empty, in
this case nothing fails and we just ignore supplementary groups. However
if SupplementaryGroups= is passed even if it is empty we have to assume
that there will be groups manipulation from our side or the kernel and
since the kernel always assumes that NGROUPS_MAX is positive, then
follow that and support only positive values.
-rw-r--r-- | src/core/execute.c | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/src/core/execute.c b/src/core/execute.c index a9b2b8f299..53356c3c06 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -789,6 +789,19 @@ static int get_fixed_supplementary_groups(const ExecContext *c, return 0; /* + * If SupplementaryGroups= was passed then NGROUPS_MAX has to + * be positive, otherwise fail. + */ + errno = 0; + ngroups_max = (int) sysconf(_SC_NGROUPS_MAX); + if (ngroups_max <= 0) { + if (errno > 0) + return -errno; + else + return -EOPNOTSUPP; /* For all other values */ + } + + /* * If user is given, then lookup GID and supplementary group list. * We avoid NSS lookups for gid=0. */ @@ -800,8 +813,6 @@ static int get_fixed_supplementary_groups(const ExecContext *c, keep_groups = true; } - assert_se((ngroups_max = (int) sysconf(_SC_NGROUPS_MAX)) > 0); - l_gids = new(gid_t, ngroups_max); if (!l_gids) return -ENOMEM; |