walkero
/
nghttp2
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

Detect availability of initgroups

This commit is contained in:
Tatsuhiro Tsujikawa 2015-12-23 14:21:31 +09:00
parent 7c5ef0613d
commit 5de2c7a8c1
2 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
configure.ac
View File

@ -604,6 +604,7 @@ AC_CHECK_FUNCS([ \
dup2 \ dup2 \
getcwd \ getcwd \
getpwnam \ getpwnam \
initgroups \
localtime_r \ localtime_r \
memchr \ memchr \
memmove \ memmove \

2
src/shrpx_worker_process.cc
View File

@ -64,12 +64,14 @@ void drop_privileges(
#endif // HAVE_NEVERBLEED #endif // HAVE_NEVERBLEED
) { ) {
if (getuid() == 0 && get_config()->uid != 0) { if (getuid() == 0 && get_config()->uid != 0) {
#ifdef HAVE_INITGROUPS
if (initgroups(get_config()->user.get(), get_config()->gid) != 0) { if (initgroups(get_config()->user.get(), get_config()->gid) != 0) {
auto error = errno; auto error = errno;
LOG(FATAL) << "Could not change supplementary groups: " LOG(FATAL) << "Could not change supplementary groups: "
<< strerror(error); << strerror(error);
exit(EXIT_FAILURE); exit(EXIT_FAILURE);
} }
#endif // HAVE_INITGROUPS
if (setgid(get_config()->gid) != 0) { if (setgid(get_config()->gid) != 0) {
auto error = errno; auto error = errno;
LOG(FATAL) << "Could not change gid: " << strerror(error); LOG(FATAL) << "Could not change gid: " << strerror(error);