NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

util: use getgrouplist() directly instead of mgetgroups

Browse Source 
The mgetgroups function is a GNULIB custom wrapper around
getgrouplist(). This implements a simplified version of
that code directly.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrangé 2020-01-17 12:33:37 +00:00
parent f80c009cb3
commit 540cf03926
2 changed files with 33 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/internal.h
View File

@ -155,6 +155,10 @@
_Pragma ("GCC diagnostic push") \ _Pragma ("GCC diagnostic push") \
_Pragma ("GCC diagnostic ignored \"-Wdeprecated-declarations\"") _Pragma ("GCC diagnostic ignored \"-Wdeprecated-declarations\"")
#define VIR_WARNINGS_NO_POINTER_SIGN \
_Pragma ("GCC diagnostic push") \
_Pragma ("GCC diagnostic ignored \"-Wpointer-sign\"")
#if HAVE_SUGGEST_ATTRIBUTE_FORMAT #if HAVE_SUGGEST_ATTRIBUTE_FORMAT
# define VIR_WARNINGS_NO_PRINTF \ # define VIR_WARNINGS_NO_PRINTF \
_Pragma ("GCC diagnostic push") \ _Pragma ("GCC diagnostic push") \

35
src/util/virutil.c
View File

@ -66,7 +66,6 @@
# include <sys/un.h> # include <sys/un.h>
#endif #endif
#include "mgetgroups.h"
#include "virerror.h" #include "virerror.h"
#include "virlog.h" #include "virlog.h"
#include "virbuffer.h" #include "virbuffer.h"
@ -980,6 +979,11 @@ virDoesGroupExist(const char *name)
} }
/* Work around an incompatibility of OS X 10.11: getgrouplist
accepts int *, not gid_t *, and int and gid_t differ in sign. */
VIR_WARNINGS_NO_POINTER_SIGN
/* Compute the list of primary and supplementary groups associated /* Compute the list of primary and supplementary groups associated
* with @uid, and including @gid in the list (unless it is -1), * with @uid, and including @gid in the list (unless it is -1),
* storing a malloc'd result into @list. If uid is -1 or doesn't exist in the * storing a malloc'd result into @list. If uid is -1 or doesn't exist in the
@ -1000,11 +1004,28 @@ virGetGroupList(uid_t uid, gid_t gid, gid_t **list)
/* invalid users have no supplementary groups */ /* invalid users have no supplementary groups */
if (uid != (uid_t)-1 && if (uid != (uid_t)-1 &&
virGetUserEnt(uid, &user, &primary, NULL, NULL, true) >= 0) { virGetUserEnt(uid, &user, &primary, NULL, NULL, true) >= 0) {
if ((ret = mgetgroups(user, primary, list)) < 0) { int nallocgrps = 10;
virReportSystemError(errno, gid_t *grps = g_new(gid_t, nallocgrps);
_("cannot get group list for '%s'"), user);
ret = -1; while (1) {
goto cleanup; int nprevallocgrps = nallocgrps;
int rv;
rv = getgrouplist(user, primary, grps, &nallocgrps);
/* Some systems (like Darwin) have a bug where they
never increase max_n_groups. */
if (rv < 0 && nprevallocgrps == nallocgrps)
nallocgrps *= 2;
/* either shrinks to actual size, or enlarges to new size */
grps = g_renew(gid_t, grps, nallocgrps);
if (rv >= 0) {
ret = rv;
*list = grps;
break;
}
} }
} }
@ -1029,6 +1050,8 @@ virGetGroupList(uid_t uid, gid_t gid, gid_t **list)
return ret; return ret;
} }
VIR_WARNINGS_RESET
/* Set the real and effective uid and gid to the given values, as well /* Set the real and effective uid and gid to the given values, as well
* as all the supplementary groups, so that the process has all the * as all the supplementary groups, so that the process has all the