From owner-freebsd-current Mon Nov 19 8:29:21 2001 Delivered-To: freebsd-current@freebsd.org Received: from mail.nsu.ru (b.ns.ssc.nsu.ru [193.124.215.221]) by hub.freebsd.org (Postfix) with ESMTP id 1F67437B41B; Mon, 19 Nov 2001 08:29:07 -0800 (PST) Received: from iclub.nsu.ru ([193.124.222.66] ident=root) by mail.nsu.ru with esmtp (Exim 3.20 #1) id 165rHz-00072p-00; Mon, 19 Nov 2001 22:28:55 +0600 Received: (from fjoe@localhost) by iclub.nsu.ru (8.11.6/8.11.6) id fAJGSts38573; Mon, 19 Nov 2001 22:28:55 +0600 (NS) (envelope-from fjoe) Date: Mon, 19 Nov 2001 22:28:55 +0600 From: Max Khon To: Ruslan Ermilov Cc: Terry Lambert , current@FreeBSD.ORG, tobez@FreeBSD.ORG Subject: Re: misc/15421 (was: Re: initgroups) Message-ID: <20011119222854.B38492@iclub.nsu.ru> References: <20011114021956.B10325@iclub.nsu.ru> <3BF19EA9.3FC5F040@mindspring.com> <20011119181949.R32927@sunbay.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20011119181949.R32927@sunbay.com>; from ru@FreeBSD.ORG on Mon, Nov 19, 2001 at 06:19:50PM +0200 Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG hi, there! On Mon, Nov 19, 2001 at 06:19:50PM +0200, Ruslan Ermilov wrote: > > Can setgroups return a positive number? If so, you've just changed > > the semantics of the funtion; before, it used to return 0 on 0 or a > > positive number. > > > No. setgroups() is a syscall, and as such returns either 0 or -1. > > > Also, is removing the _warn() really the only thing you want to > > accomplish? It should probably be seperate. > > > I have intended to commit the below patch for almost a year now, > just haven't had enough time to actually fo it. NetBSD runs with > this fix since 1999. > > Index: initgroups.c > =================================================================== > RCS file: /home/ncvs/src/lib/libc/gen/initgroups.c,v > retrieving revision 1.4 > diff -u -p -r1.4 initgroups.c > --- initgroups.c 2001/08/29 13:52:26 1.4 > +++ initgroups.c 2001/11/19 16:16:11 > @@ -56,12 +56,6 @@ initgroups(uname, agroup) > int groups[NGROUPS], ngroups; > > ngroups = NGROUPS; > - if (getgrouplist(uname, agroup, groups, &ngroups) < 0) > - warnx("%s is in too many groups, using first %d", > - uname, ngroups); > - if (setgroups(ngroups, groups) < 0) { > - _warn("setgroups"); > - return (-1); > - } > - return (0); > + getgrouplist(uname, agroup, groups, &ngroups); > + return (setgroups(ngroups, groups); > } > Index: initgroups.3 > =================================================================== > RCS file: /home/ncvs/src/lib/libc/gen/initgroups.3,v > retrieving revision 1.10 > diff -u -p -r1.10 initgroups.3 > --- initgroups.3 2001/10/01 16:08:51 1.10 > +++ initgroups.3 2001/11/19 16:16:11 > @@ -61,10 +61,14 @@ is automatically included in the groups > Typically this value is given as > the group number from the password file. > .Sh RETURN VALUES > +.Rv -std initgroups > +.Sh ERRORS > The > .Fn initgroups > -function > -returns \-1 if it was not invoked by the super-user. > +function may fail and set > +.Va errno > +for any of the errors specified for the library function > +.Xr setgroups 2 . > .Sh SEE ALSO > .Xr setgroups 2 , > .Xr getgrouplist 3 ok I asked tobez (he is an originator and he took responsibility on this PR) and he said that src/ must be audited also -- he said that some initgroups() callers do not print error message because initgroups() did this previously. I'll try to do this before this weekend and I will post combined patch to audit@ /fjoe To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message