Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 28 Jun 2020 00:55:18 +0000 (UTC)
From:      Rick Macklem <rmacklem@FreeBSD.org>
To:        src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-stable@freebsd.org, svn-src-stable-11@freebsd.org
Subject:   svn commit: r362712 - stable/11/usr.sbin/mountd
Message-ID:  <202006280055.05S0tIET065794@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: rmacklem
Date: Sun Jun 28 00:55:17 2020
New Revision: 362712
URL: https://svnweb.freebsd.org/changeset/base/362712

Log:
  MFC: r361780, r361956
  Fix mountd to handle getgrouplist() not returning groups[0] == groups[1].
  
  Prior to r174547, getgrouplist(3) always returned a groups list with
  element 0 and 1 set to the basegid argument, so long as ngroups was > 1.
  Post-r174547 this is not the case. r328304 disabled the deduplication that
  removed the duplicate, but the duplicate still does not occur unless the
  group for a user in the password database is also entered in the group
  database.
  This patch fixes mountd so that it handles the case where a user specified
  with the -maproot or -mapall exports option has a getgrouplist(3) groups
  list where groups[0] != groups[1].

Modified:
  stable/11/usr.sbin/mountd/mountd.c
Directory Properties:
  stable/11/   (props changed)

Modified: stable/11/usr.sbin/mountd/mountd.c
==============================================================================
--- stable/11/usr.sbin/mountd/mountd.c	Sun Jun 28 00:29:21 2020	(r362711)
+++ stable/11/usr.sbin/mountd/mountd.c	Sun Jun 28 00:55:17 2020	(r362712)
@@ -3437,10 +3437,18 @@ parsecred(char *namelist, struct xucred *cr)
 		/*
 		 * Compress out duplicate.
 		 */
-		cr->cr_ngroups = ngroups - 1;
 		cr->cr_groups[0] = groups[0];
-		for (cnt = 2; cnt < ngroups; cnt++)
-			cr->cr_groups[cnt - 1] = groups[cnt];
+		if (ngroups > 1 && groups[0] == groups[1]) {
+			cr->cr_ngroups = ngroups - 1;
+			for (cnt = 2; cnt < ngroups; cnt++)
+				cr->cr_groups[cnt - 1] = groups[cnt];
+		} else {
+			cr->cr_ngroups = ngroups;
+			if (cr->cr_ngroups > XU_NGROUPS)
+				cr->cr_ngroups = XU_NGROUPS;
+			for (cnt = 1; cnt < cr->cr_ngroups; cnt++)
+				cr->cr_groups[cnt] = groups[cnt];
+		}
 		return;
 	}
 	/*

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202006280055.05S0tIET065794>