From 3cac85a3f97d0a22270166f428209f873b58c319 Mon Sep 17 00:00:00 2001
From: Chris Leech <cleech@redhat.com>
Date: Tue, 11 Jun 2013 11:25:27 -0700
Subject: [PATCH] iscsid: fix order of setting uid/gid and drop supplementary
 groups

If using the user and group ID settings together the existing order of
calling setuid first will almost always cause the setgid call to fail,
assuming the new effective user id does not have the CAP_SETGID
capability.  The effective group ID needs to change first.

While we're at it, if iscsid is started as root it should drop any
inherited supplementary group permissions.

And if anyone is actually using this to try and isolate capabilities,
they probably care enough to want to known that it is failing.  Make
iscsid startup fail instead of just calling perror.

Signed-off-by: Chris Leech <cleech@redhat.com>
---
 usr/iscsid.c | 23 +++++++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/usr/iscsid.c b/usr/iscsid.c
index b4bb65b..c0ea6fa 100644
--- a/usr/iscsid.c
+++ b/usr/iscsid.c
@@ -27,6 +27,7 @@
 #include <unistd.h>
 #include <string.h>
 #include <signal.h>
+#include <grp.h>
 #include <sys/mman.h>
 #include <sys/utsname.h>
 #include <sys/types.h>
@@ -477,11 +478,25 @@ int main(int argc, char *argv[])
 		}
 	}
 
-	if (uid && setuid(uid) < 0)
-		perror("setuid\n");
+	if (gid && setgid(gid) < 0) {
+		log_error("Unable to setgid to %d\n", gid);
+		log_close(log_pid);
+		exit(ISCSI_ERR);
+	}
 
-	if (gid && setgid(gid) < 0)
-		perror("setgid\n");
+	if ((geteuid() == 0) && (getgroups(0, NULL))) {
+		if (setgroups(0, NULL) != 0) {
+			log_error("Unable to drop supplementary group ids\n");
+			log_close(log_pid);
+			exit(ISCSI_ERR);
+		}
+	}
+
+	if (uid && setuid(uid) < 0) {
+		log_error("Unable to setuid to %d\n", uid);
+		log_close(log_pid);
+		exit(ISCSI_ERR);
+	}
 
 	memset(&daemon_config, 0, sizeof (daemon_config));
 	daemon_config.pid_file = pid_file;
-- 
1.8.1.4