diff options
| author | Lennart Poettering <lennart@poettering.net> | 2015-05-20 14:41:39 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2015-05-20 14:41:39 +0200 |
| commit | b4da6d6bec4d303f90d957b2cf7d4eed678b1791 (patch) | |
| tree | 2393242479acf166119906995bf407a4b7a3e39a | |
| parent | 417a7fdc418ec76cc4c321c9a07ec15c72b3ac7d (diff) | |
util: introduce reset_uid_gid() for resetting all uids and gids to 0
| -rw-r--r-- | src/shared/util.c | 25 | ||||
| -rw-r--r-- | src/shared/util.h | 2 |
2 files changed, 17 insertions, 10 deletions
diff --git a/src/shared/util.c b/src/shared/util.c index c3b08bbc43..5f5cfcb011 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -4686,16 +4686,7 @@ int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int root_fd) { return -errno; } - if (setresgid(0, 0, 0) < 0) - return -errno; - - if (setgroups(0, NULL) < 0) - return -errno; - - if (setresuid(0, 0, 0) < 0) - return -errno; - - return 0; + return reset_uid_gid(); } int getpeercred(int fd, struct ucred *ucred) { @@ -6247,3 +6238,17 @@ int mount_move_root(const char *path) { return 0; } + +int reset_uid_gid(void) { + + if (setgroups(0, NULL) < 0) + return -errno; + + if (setresgid(0, 0, 0) < 0) + return -errno; + + if (setresuid(0, 0, 0) < 0) + return -errno; + + return 0; +} diff --git a/src/shared/util.h b/src/shared/util.h index f0382f0d68..24a2672846 100644 --- a/src/shared/util.h +++ b/src/shared/util.h @@ -908,3 +908,5 @@ char *shell_maybe_quote(const char *s); int parse_mode(const char *s, mode_t *ret); int mount_move_root(const char *path); + +int reset_uid_gid(void); |