[OpenAFS-devel] interesting issue with setgroups wrapper...

Neulinger, Nathan nneul@umr.edu
Thu, 23 May 2002 10:30:01 -0500 

Not sure. Thing is - initgroups is purely a c-lib function, and it
doesn't have this behavior.

Reason I'm seeing this is that samba is periodically clearing out the
group list for it's security context stuff, resulting in users losing
access since the pag is thrown away.

-- Nathan

------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul@umr.edu
University of Missouri - Rolla         Phone: (573) 341-4841
Computing Services                       Fax: (573) 341-4216


> -----Original Message-----
> From: Derek Atkins [mailto:warlord@MIT.EDU]=20
> Sent: Thursday, May 23, 2002 10:24 AM
> To: Neulinger, Nathan
> Cc: openafs-bugs@openafs.org; openafs-devel@openafs.org
> Subject: Re: [OpenAFS-devel] interesting issue with setgroups=20
> wrapper...
>=20
>=20
> Does setgroups (0, x) wind up calling initgroups()?
>=20
> -derek
>=20
> "Neulinger, Nathan" <nneul@umr.edu> writes:
>=20
> > I'm not sure if this has always been this way, but it is=20
> definately an
> > issue with building latest samba...=20
> >=20
> > Test program:
> > #include <unistd.h>
> > #include <stdio.h>
> > #include <grp.h>
> >=20
> > int main(int argc, char *argv[])
> > {
> >         int x[5] =3D {0,0,0,0,0};
> >         system("id");
> >         setgroups(0, x);
> >         system("id");
> > }
> >=20
> > Test output:
> > uid=3D0(root) gid=3D0(root) groups=3D34479,41855,0(root),7567(dba)
> > uid=3D0(root) gid=3D0(root)
> >=20
> >=20
> > Basically, running a setgroups with an empty group list (or=20
> zero groups)
> > results in the pag going away. I can't think of any time=20
> you'd _REALLY_
> > want to throw away the pag.=20
> >=20
> > I'll work up a fix for this in the linux libafs, but would=20
> be interested
> > in hearing if anyone else has a differing oppinion on how it should
> > behave.
> >=20
> > -- Nathan
> >=20
> > ------------------------------------------------------------
> > Nathan Neulinger                       EMail:  nneul@umr.edu
> > University of Missouri - Rolla         Phone: (573) 341-4841
> > Computing Services                       Fax: (573) 341-4216
> > _______________________________________________
> > OpenAFS-devel mailing list
> > OpenAFS-devel@openafs.org
> > https://lists.openafs.org/mailman/listinfo/openafs-devel
>=20
> --=20
>        Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
>        Member, MIT Student Information Processing Board  (SIPB)
>        URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
>        warlord@MIT.EDU                        PGP key available
>=20