forked from pool/mcelog
c729908bac
- Includes following SLE 15 SP5 jira features: * jsc#PED-671 mcelog: Update to latest release * jsc#PED-686 [CPU Features] Update mcelog support for ADL-N * jsc#PED-638 [CPU Features] Update mcelog support for MTL-P - Update to version 189: - Had to adopt to latest CPU identification model mainline patch: b54ee05056a76e mcelog: Drop CASE_INTEL define and friends A add_new_amd_cpu_defines D add-defines.patch M Start-consolidating-AMD-specific-stuff.patch M add-f10h-support.patch M add-f11h-support.patch M add-f12h-support.patch M add-f14h-support.patch M add-f15h-support.patch M add-f16h-support.patch M email.patch M fix_setgroups_missing_call.patch OBS-URL: https://build.opensuse.org/request/show/1092613 OBS-URL: https://build.opensuse.org/package/show/Base:System/mcelog?expand=0&rev=104
32 lines
988 B
Diff
32 lines
988 B
Diff
---
|
|
mcelog.c | 9 +++++++++
|
|
1 file changed, 9 insertions(+)
|
|
|
|
Index: mcelog-189/mcelog.c
|
|
===================================================================
|
|
--- mcelog-189.orig/mcelog.c
|
|
+++ mcelog-189/mcelog.c
|
|
@@ -37,6 +37,7 @@
|
|
#include <assert.h>
|
|
#include <signal.h>
|
|
#include <pwd.h>
|
|
+#include <grp.h>
|
|
#include <sys/wait.h>
|
|
#include <fnmatch.h>
|
|
#include "mcelog.h"
|
|
@@ -1155,6 +1156,14 @@ static void general_setup(void)
|
|
|
|
static void drop_cred(void)
|
|
{
|
|
+ /* When dropping privileges from root, the `setgroups` call will
|
|
+ * remove any extraneous groups. If we don't call this, then
|
|
+ * even though our uid has dropped, we may still have groups
|
|
+ * that enable us to do super-user things. This will fail if we
|
|
+ * aren't root, so don't bother checking the return value, this
|
|
+ * is just done as an optimistic privilege dropping function.
|
|
+ */
|
|
+ setgroups(0, NULL);
|
|
if (runcred.uid != -1U && runcred.gid == -1U) {
|
|
struct passwd *pw = getpwuid(runcred.uid);
|
|
if (pw)
|