diff options
author | Martin Pitt <martin.pitt@ubuntu.com> | 2016-11-03 20:50:01 +0200 |
---|---|---|
committer | Martin Pitt <martin.pitt@ubuntu.com> | 2016-11-03 20:50:01 +0200 |
commit | 8a584da2774aca0b14c8aacef574e93d943d470e (patch) | |
tree | 9ba19deb6acaab9794edb3d19b235375bfdb3e60 /src/basic/capability-util.c | |
parent | 5a920b42cee79747f6aa8e26abd6998401de0d61 (diff) | |
download | systemd-8a584da2774aca0b14c8aacef574e93d943d470e.tar.gz |
Imported Upstream version 232
Diffstat (limited to 'src/basic/capability-util.c')
-rw-r--r-- | src/basic/capability-util.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/basic/capability-util.c b/src/basic/capability-util.c index d4c5bd6937..c3de20a0e8 100644 --- a/src/basic/capability-util.c +++ b/src/basic/capability-util.c @@ -31,6 +31,7 @@ #include "log.h" #include "macro.h" #include "parse-util.h" +#include "user-util.h" #include "util.h" int have_effective_cap(int value) { @@ -295,8 +296,9 @@ int drop_privileges(uid_t uid, gid_t gid, uint64_t keep_capabilities) { if (setresgid(gid, gid, gid) < 0) return log_error_errno(errno, "Failed to change group ID: %m"); - if (setgroups(0, NULL) < 0) - return log_error_errno(errno, "Failed to drop auxiliary groups list: %m"); + r = maybe_setgroups(0, NULL); + if (r < 0) + return log_error_errno(r, "Failed to drop auxiliary groups list: %m"); /* Ensure we keep the permitted caps across the setresuid() */ if (prctl(PR_SET_KEEPCAPS, 1) < 0) |