[PATCH 15/19] id: disable supplementary groups handling for older uClibc versions

walter harms wharms at bfs.de
Tue Sep 25 15:52:17 UTC 2012 


Am 25.09.2012 14:06, schrieb Florian Fainelli:
> From: Nicolas Thill <nico at openwrt.org>
> 
> This patch disable supplementary groups handling in id with uClibc versions
> prior to v0.9.30, which are lacking the 'getgrouplist' function.
> 


It would be better to have a grouplist function
http://www.koders.com/c/fidDCC4A6314EBE0039D521932F93655B813DBC4105.aspx

next would be having an "empty" grouplistfunction

int getgrouplist(const char *user, gid_t group,
                        gid_t *groups, int *ngroups)
{
	groups=NULL;
	*ngroups=-1;
	return 0;
}

re,
 wh


> Signed-off-by: Nicolas Thill <nico at openwrt.org>
> ---
>  coreutils/id.c |   10 +++++++++-
>  1 file changed, 9 insertions(+), 1 deletion(-)
> 
> diff --git a/coreutils/id.c b/coreutils/id.c
> index 399d25e..51b160b 100644
> --- a/coreutils/id.c
> +++ b/coreutils/id.c
> @@ -63,10 +63,12 @@
>  
>  /* This is a NOEXEC applet. Be very careful! */
>  
> +#define HAVE_GETGROUPLIST 1
> +
>  #if !ENABLE_USE_BB_PWD_GRP
>  #if defined(__UCLIBC_MAJOR__) && (__UCLIBC_MAJOR__ == 0)
>  #if (__UCLIBC_MINOR__ < 9) || (__UCLIBC_MINOR__ == 9 &&  __UCLIBC_SUBLEVEL__ < 30)
> -#error "Sorry, you need at least uClibc version 0.9.30 for id applet to build"
> +#undef HAVE_GETGROUPLIST
>  #endif
>  #endif
>  #endif
> @@ -128,7 +130,11 @@ static int get_groups(const char *username, gid_t rgid, gid_t *groups, int *n)
>  		/* If the user is a member of more than
>  		 * *n groups, then -1 is returned. Otherwise >= 0.
>  		 * (and no defined way of detecting errors?!) */
> +#if HAVE_GETGROUPLIST
>  		m = getgrouplist(username, rgid, groups, n);
> +#else
> +		*n = -1;
> +#endif
>  		/* I guess *n < 0 might indicate error. Anyway,
>  		 * malloc'ing -1 bytes won't be good, so: */
>  		if (*n < 0)
> @@ -210,6 +216,7 @@ int id_main(int argc UNUSED_PARAM, char **argv)
>  			if (egid != rgid)
>  				status |= print_group(egid, " ");
>  		}
> +#if HAVE_GETGROUPLIST
>  		/* We are supplying largish buffer, trying
>  		 * to not run get_groups() twice. That might be slow
>  		 * ("user database in remote SQL server" case) */
> @@ -236,6 +243,7 @@ int id_main(int argc UNUSED_PARAM, char **argv)
>  		}
>  		if (ENABLE_FEATURE_CLEAN_UP)
>  			free(groups);
> +#endif
>  #if ENABLE_SELINUX
>  		if (is_selinux_enabled()) {
>  			if (getcon(&scontext) == 0)

More information about the busybox mailing list