shaba/systemd-stable
1
1
Fork 0
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-12 09:17:44 +03:00
Code

core: cleanup for enforce_groups() (#7064)

Browse Source 
SupplementaryGroups= is preprocessed in get_supplementary_groups().
So, it is not necessary to input ExecContext to enforce_groups().
This commit is contained in:
Yu Watanabe 2017-10-12 15:10:25 +09:00 committed by Zbigniew Jędrzejewski-Szmek
parent 35d379b2e8
commit 709dbeac14
1 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/core/execute.c
View File

@ -962,14 +962,11 @@ static int get_supplementary_groups(const ExecContext *c, const char *user,
return 0;
}
static int enforce_groups(const ExecContext *context, gid_t gid,
gid_t *supplementary_gids, int ngids) {
static int enforce_groups(gid_t gid, gid_t *supplementary_gids, int ngids) {
int r;
assert(context);
/* Handle SupplementaryGroups= even if it is empty */
if (!strv_isempty(context->supplementary_groups)) {
/* Handle SupplementaryGroups= if it is not empty */
if (ngids > 0) {
r = maybe_setgroups(ngids, supplementary_gids);
if (r < 0)
return r;
@ -3096,7 +3093,7 @@ static int exec_child(
/* Drop groups as early as possbile */
if (needs_setuid) {
r = enforce_groups(context, gid, supplementary_gids, ngids);
r = enforce_groups(gid, supplementary_gids, ngids);
if (r < 0) {
*exit_status = EXIT_GROUP;
return log_unit_error_errno(unit, r, "Changing group credentials failed: %m");