1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
From: Timo Teräs <timo.teras@iki.fi>
Fix setre[gu]id handling for musl. The libc calls work per POSIX definition
and change the process values (including all threads). Remove the per-thread
hacks. This fixes a race condition that created thread calls first setreuid()
causing the setgroups() call in the main thread to fail with -EPERM.
diff -ru fprobe-ulog-1.1.orig/src/fprobe-ulog.c fprobe-ulog-1.1/src/fprobe-ulog.c
--- fprobe-ulog-1.1.orig/src/fprobe-ulog.c 2014-07-30 13:09:34.000000000 -0300
+++ fprobe-ulog-1.1/src/fprobe-ulog.c 2014-07-30 13:46:25.952717084 -0300
@@ -619,18 +619,6 @@
return p;
}
-void setuser() {
- /*
- Workaround for clone()-based threads
- Try to change EUID independently of main thread
- */
- if (pw) {
- setgroups(0, NULL);
- setregid(pw->pw_gid, pw->pw_gid);
- setreuid(pw->pw_uid, pw->pw_uid);
- }
-}
-
void *emit_thread()
{
struct Flow *flow;
@@ -642,8 +630,6 @@
p = (void *) &emit_packet + netflow->HeaderSize;
timeout.tv_nsec = 0;
- setuser();
-
for (;;) {
pthread_mutex_lock(&emit_mutex);
while (!flows_emit) {
@@ -730,8 +716,6 @@
char logbuf[256];
#endif
- setuser();
-
timeout.tv_nsec = 0;
pthread_mutex_lock(&unpending_mutex);
@@ -777,8 +761,6 @@
struct Time now;
struct timespec timeout;
- setuser();
-
timeout.tv_nsec = 0;
pthread_mutex_lock(&scan_mutex);
@@ -872,8 +854,6 @@
char logbuf[256];
#endif
- setuser();
-
while (!killed) {
len = ipulog_read(ulog_handle, cap_buf, CAPTURE_SIZE, 1);
if (len <= 0) {
|
