From nobody Mon Jan 29 22:32:20 2024 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TP32X3bSBz57ZGc; Mon, 29 Jan 2024 22:32:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TP32X205Qz4gMn; Mon, 29 Jan 2024 22:32:20 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706567540; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Sb72/gkZq9SH2YOi9aFfqd98x0YnuHo14bvDLzETu4M=; b=g61Ac/NQ/T0xYVcupPg5ZTSuhX5PtZb/k0Pk8LWn/8HOjhZVFVgmF4UO94QVKFM9qxdScu m4E/VVaYyzFzsvIH1w7CyZLf2iIJg+stm7aT69BhDKkpZ97pyLVtqrkPu5wMrPkcLe4eJ2 qyvYsuOtpweP6C2OuQrpJAvxppTvm/0zDKuN6hQl0bokgGNfeN/mmU1tMVr3tsu/dHNuf7 7QE5MZqo+Dba9JRY1X9xNDCThoeHMZHh1KtowMtrx5ADJ8Z0johuP4BFo3kFhmHpkvfky4 gJZl8k3Lsuk/dtUtS73Eyg0HSGPsD8bgqPlkhQe2xuYFJKXEJTg33qHfxjFWvQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706567540; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Sb72/gkZq9SH2YOi9aFfqd98x0YnuHo14bvDLzETu4M=; b=TtueyiFPmUyR+HlmW/tUZ/bUbxBjoGlTVI0U/TiWsCl2UsbT2R3E5q4Te5CAKt4+j169EE XCeF/jkMKLcBZrHePYaeF6PJ3u8GZJQ+Gy7MhmxWUPQ1iz4OQXus6TGzGqqjZk5yI92JJq Rc4yhZYMjLSibatneuccgbgzS+LtXRUJ9fqs9Mfscp+saRALhf7EhGi352QfCJdurxq73A 8ZR1UTyySHswYjTV969sUHa1CwOpAGe0A2nfWGmUg0Im/CoN/0MStR7zjmsrTor8/dCp1I sIO4/FA05e5chH290IN+F0JfyvKcIKA6wSHFXNKOnqbEQY2oVqtkd2UTrZI6bA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1706567540; a=rsa-sha256; cv=none; b=p8IyynItfNVCb+2krKqJoZTui8Dp1RYUFZodf9fklcrYbsgU3SBUCedgWttooX8DcrwATp 4AYKlb23SXVB7KOa5D7ktDh6eL7q1jF1u2jzChYvaHj3jPv9hei6IaTExj9VrRsHbnVbGc noOrhBupKl7wH8XA/YFR4pCXCYN/kGPr6NJhHfjgkFxHyWcZgFiz4DRA4FKCH6wAl7nHY4 hsD1oV5N6awQZx6N1h9Ixyx0PJ5Zio2JEe1+uxwS8ILDzDEmcLcs5XcRQMbFSsbJcQcPtY R+KXAu9bY2U3EVYp28zcN1p/vDf3/0O4aifIHC2TOyplO6XwICBhOvllePgpAA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4TP32X15xBz18TG; Mon, 29 Jan 2024 22:32:20 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.17.1/8.17.1) with ESMTP id 40TMWKHY013873; Mon, 29 Jan 2024 22:32:20 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.17.1/8.17.1/Submit) id 40TMWKFD013870; Mon, 29 Jan 2024 22:32:20 GMT (envelope-from git) Date: Mon, 29 Jan 2024 22:32:20 GMT Message-Id: <202401292232.40TMWKFD013870@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Olivier Certner Subject: git: f2a0277d3e51 - main - setusercontext(): Set priority from '~/.login_conf' as well List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: olce X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: f2a0277d3e51a6a839151eef17f466d0db2b7300 Auto-Submitted: auto-generated The branch main has been updated by olce: URL: https://cgit.FreeBSD.org/src/commit/?id=f2a0277d3e51a6a839151eef17f466d0db2b7300 commit f2a0277d3e51a6a839151eef17f466d0db2b7300 Author: Olivier Certner AuthorDate: 2023-05-30 15:14:50 +0000 Commit: Olivier Certner CommitDate: 2024-01-29 21:58:09 +0000 setusercontext(): Set priority from '~/.login_conf' as well Setting the process priority is done only when the current process' effective UID corresponds to that for which context is to be set. Consequently, setting priority is done with appropriate credentials and will fail if the target user tries to raise it unduly via his '~/.login_conf'. PR: 271751 Reviewed by: kib, Andrew Gierth Approved by: emaste (mentor) MFC after: 3 days Relnotes: yes Sponsored by: Kumacom SAS Differential Revision: https://reviews.freebsd.org/D40352 --- lib/libutil/login_class.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/libutil/login_class.c b/lib/libutil/login_class.c index 314ab0999320..5ae0fbfb80b8 100644 --- a/lib/libutil/login_class.c +++ b/lib/libutil/login_class.c @@ -621,6 +621,8 @@ setusercontext(login_cap_t *lc, const struct passwd *pwd, uid_t uid, unsigned in */ if (geteuid() == uid && (lc = login_getuserclass(pwd)) != NULL) { setlogincontext(lc, pwd, flags); + if (flags & LOGIN_SETPRIORITY) + setclasspriority(lc, pwd); login_close(lc); }