[src/trunk]: src/external/bsd/tcpdump/dist - the initgroups function needs to...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/external/bsd/tcpdump/dist - the initgroups function needs to...
From: christos <christos%NetBSD.org@localhost>
Date: Tue, 07 Apr 2020 00:27:36 +0000

details:   https://anonhg.NetBSD.org/src/rev/6b16f19def19
branches:  trunk
changeset: 785965:6b16f19def19
user:      christos <christos%NetBSD.org@localhost>
date:      Sun Apr 07 19:17:11 2013 +0000

description:
- the initgroups function needs to be able to do name to gid translations,
  so do it before the chroot, otherwise we lose /etc/nsswitch.conf and
  /etc/group
- run res_init() so that we prime and initialize the resolver before the
  chroot, since our chroot lacks /etc/{{nsswitch,resolve}.conf,hosts}
  this is not portable behavior, but it is a lot better than populating
  the chroot with crap.

diffstat:

 external/bsd/tcpdump/dist/tcpdump.c |  17 +++++++++++++----
 1 files changed, 13 insertions(+), 4 deletions(-)

diffs (49 lines):

diff -r e60a7e3053a3 -r 6b16f19def19 external/bsd/tcpdump/dist/tcpdump.c
--- a/external/bsd/tcpdump/dist/tcpdump.c       Sun Apr 07 19:14:03 2013 +0000
+++ b/external/bsd/tcpdump/dist/tcpdump.c       Sun Apr 07 19:17:11 2013 +0000
@@ -34,7 +34,7 @@
 static const char rcsid[] _U_ =
     "@(#) Header: /tcpdump/master/tcpdump/tcpdump.c,v 1.283 2008-09-25 21:45:50 guy Exp  (LBL)";
 #else
-__RCSID("$NetBSD: tcpdump.c,v 1.4 2013/04/06 19:33:09 christos Exp $");
+__RCSID("$NetBSD: tcpdump.c,v 1.5 2013/04/07 19:17:11 christos Exp $");
 #endif
 #endif
 
@@ -71,6 +71,7 @@
 #include <stdlib.h>
 #include <string.h>
 #include <limits.h>
+#include <resolv.h>
 #ifndef WIN32
 #include <sys/wait.h>
 #include <sys/resource.h>
@@ -533,17 +534,25 @@
        
        pw = getpwnam(username);
        if (pw) {
+               if (initgroups(pw->pw_name, pw->pw_gid) != 0) {
+                       fprintf(stderr, "tcpdump: Couldn't initgroups to "
+                           "'%.32s' gid=%lu: %s\n", pw->pw_name,
+                           (unsigned long)pw->pw_gid,
+                           pcap_strerror(errno));
+                       exit(1);
+               }
                if (chroot_dir) {
                        setprotoent(1);
+                       res_init();
                        if (chroot(chroot_dir) != 0 || chdir ("/") != 0) {
                                fprintf(stderr, "tcpdump: Couldn't chroot/chdir to '%.64s': %s\n",
                                    chroot_dir, pcap_strerror(errno));
                                exit(1);
                        }
                }
-               if (initgroups(pw->pw_name, pw->pw_gid) != 0 ||
-                   setgid(pw->pw_gid) != 0 || setuid(pw->pw_uid) != 0) {
-                       fprintf(stderr, "tcpdump: Couldn't change to '%.32s' uid=%lu gid=%lu: %s\n",
+               if (setgid(pw->pw_gid) != 0 || setuid(pw->pw_uid) != 0) {
+                       fprintf(stderr, "tcpdump: Couldn't change to "
+                           "'%.32s' uid=%lu gid=%lu: %s\n",
                            username, 
                            (unsigned long)pw->pw_uid,
                            (unsigned long)pw->pw_gid,

Prev by Date: [src/trunk]: src/sys/dev/scsipi Add detach support. From martin@.
Next by Date: [src/trunk]: src/lib/libc/net Remove trailing whitespace.
Previous by Thread: [src/trunk]: src/sys/dev/scsipi Add detach support. From martin@.
Next by Thread: [src/trunk]: src/lib/libc/net Remove trailing whitespace.
Indexes:

Home | Main Index | Thread Index | Old Index