diff --git a/ChangeLog b/ChangeLog index 3481d81..04ec7ad 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,7 @@ 2009-02-27 Markus Gutschke + * Work-around for systems that don't define a "nogroup" group. + * Remove the dependency on fdopendir, which does not exist everywhere. diff --git a/config.h b/config.h index b919999..4b8d18f 100644 --- a/config.h +++ b/config.h @@ -95,7 +95,7 @@ #define STDC_HEADERS 1 /* Most recent revision number in the version control system */ -#define VCS_REVISION "71" +#define VCS_REVISION "72" /* Version number of package */ #define VERSION "2.4" diff --git a/shellinabox/privileges.c b/shellinabox/privileges.c index f018163..161a508 100644 --- a/shellinabox/privileges.c +++ b/shellinabox/privileges.c @@ -227,12 +227,30 @@ const char *getGroupName(gid_t gid) { gid_t getGroupId(const char *name) { struct group grbuf, *gr; char *buf; - int len = sysconf(_SC_GETGR_R_SIZE_MAX); - if (len <= 0) { - len = 4096; + int gr_len = sysconf(_SC_GETGR_R_SIZE_MAX); + if (gr_len <= 0) { + gr_len = 4096; } - check(buf = malloc(len)); - if (getgrnam_r(name, &grbuf, buf, len, &gr) || !gr) { + check(buf = malloc(gr_len)); + if (getgrnam_r(name, &grbuf, buf, gr_len, &gr) || !gr) { + // Maybe, this system does not have a "nogroup" group. Substitute the + // group of the "nobody" user. + if (!strcmp(name, "nogroup")) { + struct passwd pwbuf, *pw; + int pw_len = sysconf(_SC_GETPW_R_SIZE_MAX); + if (pw_len <= 0) { + pw_len = 4096; + } + if (pw_len > gr_len) { + check(buf = realloc(buf, pw_len)); + } + if (!getpwnam_r("nobody", &pwbuf, buf, pw_len, &pw) && pw) { + debug("Substituting \"nobody's\" primary group for \"nogroup\""); + gid_t gid = pw->pw_gid; + free(buf); + return gid; + } + } fatal("Cannot look up group \"%s\"", name); } gid_t gid = gr->gr_gid;