Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 20 Sep 2025 15:14:20 -0400
From:      Michael Butler <imb@protected-networks.net>
To:        Olivier Certner <olce@freebsd.org>
Cc:        freebsd-current@freebsd.org
Subject:   Re: Possible incompatible change with initgroups(3)?
Message-ID:  <9117a675-eca2-4384-8e9b-55bed2f4b501@protected-networks.net>
In-Reply-To: <3124332.hHqAuc6tWs@ravel>
References:  <20250920.080248.183796883139076827.yasu@FreeBSD.org> <3124332.hHqAuc6tWs@ravel>
index | next in thread | previous in thread | raw e-mail 

On 9/20/25 04:54, Olivier Certner wrote:

  [ .. snip .. ]

> There is no sign of out-of-memory anywhere here.  It is true that this commit introduces a slight incompatibility, but we sometimes do that for bug fixes and in this case there should be only benefits (programs test for failure either with 'error != 0', which hasn't changed, or 'error == -1', which now will work correctly, preventing the program to continue without the expected credentials, or 'error < 0', same).
> 
> The culprit is without doubt https://cgit.freebsd.org/src/commit/?id=9dc1ac8691966480, whose purpose is precisely to restore initgroups(3) compatibility that was lost after getgroups(2)/setgroups(2) semantics change.
> 
> Why the symbol versioning mechanisms we are leveraging there don't work as intended isn't yet clear (to me at least), but this is clearly a bug as our intent is precisely that nobody has to recompile anything for things to continue working as before.  FYI, we are pursuing that in https://reviews.freebsd.org/D52641.

Another application affected by the initgroups behaviour tweak is 
net-mgmt/nrpe. It now refuses to start from an entry in rc.conf with the 
following log entries:

nrpe: Starting up daemon
nrpe: Warning: Possibly root user failed dropping privileges with 
initgroups()
nrpe: Error: NRPE daemon cannot be run as user/group root!

It will, however, run from inetd under the nagios user; thus avoiding 
the privilege change but incurring additional overhead of spawning a new 
process for each request.

In this case, recompilation or tweaks to versioning have no benefit,

	Michael
help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9117a675-eca2-4384-8e9b-55bed2f4b501>