From 3cac85a3f97d0a22270166f428209f873b58c319 Mon Sep 17 00:00:00 2001

From: Chris Leech <cleech@redhat.com>

Date: Tue, 11 Jun 2013 11:25:27 -0700

Subject: [PATCH] iscsid: fix order of setting uid/gid and drop supplementary

 groups

If using the user and group ID settings together the existing order of

calling setuid first will almost always cause the setgid call to fail,

assuming the new effective user id does not have the CAP_SETGID

capability.  The effective group ID needs to change first.

While we're at it, if iscsid is started as root it should drop any

inherited supplementary group permissions.

And if anyone is actually using this to try and isolate capabilities,

they probably care enough to want to known that it is failing.  Make

iscsid startup fail instead of just calling perror.

Signed-off-by: Chris Leech <cleech@redhat.com>

---

 usr/iscsid.c | 23 +++++++++++++++++++----

 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/usr/iscsid.c b/usr/iscsid.c

index b4bb65b..c0ea6fa 100644

--- a/usr/iscsid.c

+++ b/usr/iscsid.c

@@ -27,6 +27,7 @@

 #include <unistd.h>

 #include <string.h>

 #include <signal.h>

+#include <grp.h>

 #include <sys/mman.h>

 #include <sys/utsname.h>

 #include <sys/types.h>

@@ -477,11 +478,25 @@ int main(int argc, char *argv[])

 		}

 	}

-	if (uid && setuid(uid) < 0)

-		perror("setuid\n");

+	if (gid && setgid(gid) < 0) {

+		log_error("Unable to setgid to %d\n", gid);

+		log_close(log_pid);

+		exit(ISCSI_ERR);

+	}

-	if (gid && setgid(gid) < 0)

-		perror("setgid\n");

+	if ((geteuid() == 0) && (getgroups(0, NULL))) {

+		if (setgroups(0, NULL) != 0) {

+			log_error("Unable to drop supplementary group ids\n");

+			log_close(log_pid);

+			exit(ISCSI_ERR);

+		}

+	}

+

+	if (uid && setuid(uid) < 0) {

+		log_error("Unable to setuid to %d\n", uid);

+		log_close(log_pid);

+		exit(ISCSI_ERR);

+	}

 	memset(&daemon_config, 0, sizeof (daemon_config));

 	daemon_config.pid_file = pid_file;

-- 

1.8.1.4