diff options
author | netblue30 <netblue30@protonmail.com> | 2022-04-25 15:44:23 -0400 |
---|---|---|
committer | netblue30 <netblue30@protonmail.com> | 2022-04-25 15:44:23 -0400 |
commit | afee8603f372f8c2831749ba21bf401d97dab8c9 (patch) | |
tree | 2da334ae6e898ac2669c80f586f6e0c48686501e /src | |
parent | merges, fix compile (diff) | |
parent | Merge pull request #5115 from m00nwtchr/patch-1 (diff) | |
download | firejail-afee8603f.tar.gz firejail-afee8603f.tar.zst firejail-afee8603f.zip |
Merge branch 'master' of ssh://github.com/netblue30/firejail
Diffstat (limited to 'src')
-rw-r--r-- | src/firejail/util.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/src/firejail/util.c b/src/firejail/util.c index 109105630..eb7f05624 100644 --- a/src/firejail/util.c +++ b/src/firejail/util.c | |||
@@ -173,13 +173,19 @@ static void clean_supplementary_groups(gid_t gid) { | |||
173 | assert(cfg.username); | 173 | assert(cfg.username); |
174 | gid_t groups[MAX_GROUPS]; | 174 | gid_t groups[MAX_GROUPS]; |
175 | int ngroups = MAX_GROUPS; | 175 | int ngroups = MAX_GROUPS; |
176 | |||
177 | if (arg_nogroups && check_can_drop_all_groups()) { | ||
178 | if (setgroups(0, NULL) < 0) | ||
179 | errExit("setgroups"); | ||
180 | if (arg_debug) | ||
181 | printf("No supplementary groups\n"); | ||
182 | return; | ||
183 | } | ||
184 | |||
176 | int rv = getgrouplist(cfg.username, gid, groups, &ngroups); | 185 | int rv = getgrouplist(cfg.username, gid, groups, &ngroups); |
177 | if (rv == -1) | 186 | if (rv == -1) |
178 | goto clean_all; | 187 | goto clean_all; |
179 | 188 | ||
180 | if (arg_nogroups && check_can_drop_all_groups()) | ||
181 | goto clean_all; | ||
182 | |||
183 | // clean supplementary group list | 189 | // clean supplementary group list |
184 | gid_t new_groups[MAX_GROUPS]; | 190 | gid_t new_groups[MAX_GROUPS]; |
185 | int new_ngroups = 0; | 191 | int new_ngroups = 0; |