277832baf3
(by trenn@suse.de) - Update to version 1.60 (fate#326221): * Turn back rb_color field into unsigned long * trigger: add a sync argument for waiting trigger child process exit * page: trigger: add pre/post sync trigger when doing soft memory offline * fixed build errors for some lose code when merging code * transfer the page address to pre/post-sync-trigger scripts * mcelog: Fix "--ascii" parsing to cope with change in kernel output since v4.10 * Remove now unused local variable * Add scripts file to do MCA error code validation for a selected CPU model * Add license file * mcelog: Improve decoding for APEI reported errors OBS-URL: https://build.opensuse.org/request/show/637679 OBS-URL: https://build.opensuse.org/package/show/Base:System/mcelog?expand=0&rev=71
28 lines
998 B
Diff
28 lines
998 B
Diff
Index: mcelog-1.60/mcelog.c
|
|
===================================================================
|
|
--- mcelog-1.60.orig/mcelog.c 2018-09-24 15:15:35.668459814 +0200
|
|
+++ mcelog-1.60/mcelog.c 2018-09-24 15:15:41.648815524 +0200
|
|
@@ -37,6 +37,7 @@
|
|
#include <assert.h>
|
|
#include <signal.h>
|
|
#include <pwd.h>
|
|
+#include <grp.h>
|
|
#include <sys/wait.h>
|
|
#include <fnmatch.h>
|
|
#include "mcelog.h"
|
|
@@ -1247,6 +1248,14 @@ static void general_setup(void)
|
|
|
|
static void drop_cred(void)
|
|
{
|
|
+ /* When dropping privileges from root, the `setgroups` call will
|
|
+ * remove any extraneous groups. If we don't call this, then
|
|
+ * even though our uid has dropped, we may still have groups
|
|
+ * that enable us to do super-user things. This will fail if we
|
|
+ * aren't root, so don't bother checking the return value, this
|
|
+ * is just done as an optimistic privilege dropping function.
|
|
+ */
|
|
+ setgroups(0, NULL);
|
|
if (runcred.uid != -1U && runcred.gid == -1U) {
|
|
struct passwd *pw = getpwuid(runcred.uid);
|
|
if (pw)
|