Skip to content

N
nghttp2
Commit 5de2c7a8 authored by Tatsuhiro Tsujikawa's avatar Tatsuhiro Tsujikawa
Browse files
Options

Detect availability of initgroups

parent 7c5ef061
Hide whitespace changes
Inline Side-by-side
Showing with 3 additions and 0 deletions
configure.ac
View file @ 5de2c7a8
...@@ -604,6 +604,7 @@ AC_CHECK_FUNCS([ \ ...@@ -604,6 +604,7 @@ AC_CHECK_FUNCS([ \
dup2 \ dup2 \
getcwd \ getcwd \
getpwnam \ getpwnam \
initgroups \
localtime_r \ localtime_r \
memchr \ memchr \
memmove \ memmove \
......
src/shrpx_worker_process.cc
View file @ 5de2c7a8
...@@ -64,12 +64,14 @@ void drop_privileges( ...@@ -64,12 +64,14 @@ void drop_privileges(
#endif // HAVE_NEVERBLEED #endif // HAVE_NEVERBLEED
) { ) {
if (getuid() == 0 && get_config()->uid != 0) { if (getuid() == 0 && get_config()->uid != 0) {
#ifdef HAVE_INITGROUPS
if (initgroups(get_config()->user.get(), get_config()->gid) != 0) { if (initgroups(get_config()->user.get(), get_config()->gid) != 0) {
auto error = errno; auto error = errno;
LOG(FATAL) << "Could not change supplementary groups: " LOG(FATAL) << "Could not change supplementary groups: "
<< strerror(error); << strerror(error);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
#endif // HAVE_INITGROUPS
if (setgid(get_config()->gid) != 0) { if (setgid(get_config()->gid) != 0) {
auto error = errno; auto error = errno;
LOG(FATAL) << "Could not change gid: " << strerror(error); LOG(FATAL) << "Could not change gid: " << strerror(error);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment