diff options
author | netblue30 <netblue30@protonmail.com> | 2022-04-25 15:35:40 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-04-25 15:35:40 -0400 |
commit | f35ac464dbb3bcbe7df5f6513bdf723b3f034274 (patch) | |
tree | f58c1f3ea0e6b9aeea7cf8e1bc7f049afa9462f9 /src | |
parent | Merge branch 'master' of ssh://github.com/netblue30/firejail (diff) | |
parent | Stop warning on safe supplementary group clean (diff) | |
download | firejail-f35ac464dbb3bcbe7df5f6513bdf723b3f034274.tar.gz firejail-f35ac464dbb3bcbe7df5f6513bdf723b3f034274.tar.zst firejail-f35ac464dbb3bcbe7df5f6513bdf723b3f034274.zip |
Merge pull request #5114 from kmk3/stop-warn-group-clean
Stop warning on safe supplementary group clean
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/util.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c index 109105630..eb7f05624 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -173,13 +173,19 @@ static void clean_supplementary_groups(gid_t gid) { | |||
173 | assert(cfg.username); | 173 | assert(cfg.username); |
174 | gid_t groups[MAX_GROUPS]; | 174 | gid_t groups[MAX_GROUPS]; |
175 | int ngroups = MAX_GROUPS; | 175 | int ngroups = MAX_GROUPS; |
176 | |||
177 | if (arg_nogroups && check_can_drop_all_groups()) { | ||
178 | if (setgroups(0, NULL) < 0) | ||
179 | errExit("setgroups"); | ||
180 | if (arg_debug) | ||
181 | printf("No supplementary groups\n"); | ||
182 | return; | ||
183 | } | ||
184 | |||
176 | int rv = getgrouplist(cfg.username, gid, groups, &ngroups); | 185 | int rv = getgrouplist(cfg.username, gid, groups, &ngroups); |
177 | if (rv == -1) | 186 | if (rv == -1) |
178 | goto clean_all; | 187 | goto clean_all; |
179 | 188 | ||
180 | if (arg_nogroups && check_can_drop_all_groups()) | ||
181 | goto clean_all; | ||
182 | |||
183 | // clean supplementary group list | 189 | // clean supplementary group list |
184 | gid_t new_groups[MAX_GROUPS]; | 190 | gid_t new_groups[MAX_GROUPS]; |
185 | int new_ngroups = 0; | 191 | int new_ngroups = 0; |