« Previous | Next » 

Revision cc4662f9

IDcc4662f9642995c78bed587707eeb9ad8500035b

Added by Stefan Hajnoczi over 9 years ago

os-posix: set groups properly for -runas

Andrew Griffiths reports that -runas does not set supplementary group
IDs. This means that gid 0 (root) is not dropped when switching to an
unprivileged user.

Add an initgroups(3) call to use the -runas user's /etc/groups
membership to update the supplementary group IDs.

Signed-off-by: Stefan Hajnoczi <>
Acked-by: Chris Wright <>
Signed-off-by: Blue Swirl <>

Files

  • added
  • modified
  • copied
  • renamed
  • deleted

View differences