rpm/mcelog
SHA256
1
0
Fork 0
forked from pool/mcelog
Code Pull Requests Activity
4cf9a5710e
mcelog/fix_setgroups_missing_call.patch
Thomas Renninger 69342a5d53 Accepting request 974669 from home:kodymo 
- Update to version 181:
  * mcelog: Add support for Raptorlake
- Adopt patches to latest git version
M    Start-consolidating-AMD-specific-stuff.patch
M    add-f10h-support.patch
M    add-f11h-support.patch
M    add-f12h-support.patch
M    add-f14h-support.patch
M    add-f15h-support.patch
M    add-f16h-support.patch
M    email.patch
M    fix_setgroups_missing_call.patch
M    mcelog_invert_prefill_db_warning.patch
- Use Python3 shebang instead of python
A    python3_shebang
- Use Github URL

- Update to version 180:
  * Fix warnings in sysfs.c
  * mcelog: Change "DDR4" string to "DDR" for i10nm platforms
  * Fix logrotate syntax
  * remove outdated mcelog.conf.5 manual file
  * add furture print function for Python2
  * fix python errors in genconfig.py
  * fix the buf not freed in read_field
  * mcelog: Print warning for locked down kernel
  * mcelog: Handle sysfs files without length
  * Fix make test fail

OBS-URL: https://build.opensuse.org/request/show/974669
OBS-URL: https://build.opensuse.org/package/show/Base:System/mcelog?expand=0&rev=99
2022-05-03 14:52:12 +00:00

32 lines
988 B
Diff
Raw Blame History

---
mcelog.c | 9 +++++++++
1 file changed, 9 insertions(+)
Index: mcelog-181/mcelog.c
===================================================================
--- mcelog-181.orig/mcelog.c
+++ mcelog-181/mcelog.c
@@ -37,6 +37,7 @@
#include <assert.h>
#include <signal.h>
#include <pwd.h>
+#include <grp.h>
#include <sys/wait.h>
#include <fnmatch.h>
#include "mcelog.h"
@@ -1286,6 +1287,14 @@ static void general_setup(void)
static void drop_cred(void)
{
+ /* When dropping privileges from root, the `setgroups` call will
+ * remove any extraneous groups. If we don't call this, then
+ * even though our uid has dropped, we may still have groups
+ * that enable us to do super-user things. This will fail if we
+ * aren't root, so don't bother checking the return value, this
+ * is just done as an optimistic privilege dropping function.
+ */
+ setgroups(0, NULL);
if (runcred.uid != -1U && runcred.gid == -1U) {
struct passwd *pw = getpwuid(runcred.uid);
if (pw)
View Git Blame Copy Permalink