The branch main has been updated by olce:
URL:
https://cgit.FreeBSD.org/src/commit/?id=de4832289625f3c1cea4200d8eb7b4c753b90648
commit de4832289625f3c1cea4200d8eb7b4c753b90648
Author: Olivier Certner <o...@freebsd.org>
AuthorDate: 2025-08-29 17:01:27 +0000
Commit: Olivier Certner <o...@freebsd.org>
CommitDate: 2025-09-17 12:16:09 +0000
stress2: Fix removal of supplementary groups
To this end, call setgroups(0, NULL) instead of passing the effective
GID. This stance is fully compatible with older versions of FreeBSD.
Fixes: 9da2fe96ff2e ("kern: fix setgroups(2) and getgroups(2) to
match other platforms")
MFC after: 5 days
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D52290
---
tools/test/stress2/misc/fdatasync.sh | 2 +-
tools/test/stress2/misc/fdatasync2.sh | 2 +-
tools/test/stress2/misc/fifo2.sh | 2 +-
tools/test/stress2/misc/ftruncate.sh | 2 +-
tools/test/stress2/misc/ftruncate2.sh | 2 +-
tools/test/stress2/misc/kevent7.sh | 2 +-
tools/test/stress2/misc/killpg.sh | 2 +-
tools/test/stress2/misc/killpg2.sh | 2 +-
tools/test/stress2/misc/killpg3.sh | 2 +-
tools/test/stress2/misc/maxproc.sh | 2 +-
tools/test/stress2/misc/mlockall3.sh | 2 +-
tools/test/stress2/misc/mlockall7.sh | 2 +-
tools/test/stress2/misc/mountu.sh | 2 +-
tools/test/stress2/misc/msync.sh | 2 +-
tools/test/stress2/misc/pread.sh | 2 +-
tools/test/stress2/misc/sched.sh | 2 +-
tools/test/stress2/misc/sigreturn3.sh | 2 +-
tools/test/stress2/misc/sigreturn4.sh | 2 +-
tools/test/stress2/misc/syscall4.sh | 2 +-
tools/test/stress2/misc/tmpfs16.sh | 2 +-
20 files changed, 20 insertions(+), 20 deletions(-)
diff --git a/tools/test/stress2/misc/fdatasync.sh
b/tools/test/stress2/misc/fdatasync.sh
index f17e2826ad94..9abd31e5bd94 100755
--- a/tools/test/stress2/misc/fdatasync.sh
+++ b/tools/test/stress2/misc/fdatasync.sh
@@ -178,7 +178,7 @@ main(int argc, char **argv)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "failed to resolve nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/fdatasync2.sh
b/tools/test/stress2/misc/fdatasync2.sh
index 6011eba53698..42ade0cedbd3 100755
--- a/tools/test/stress2/misc/fdatasync2.sh
+++ b/tools/test/stress2/misc/fdatasync2.sh
@@ -177,7 +177,7 @@ main(int argc, char **argv)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "failed to resolve nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/fifo2.sh b/tools/test/stress2/misc/fifo2.sh
index 4a7b986931d9..e84506cbfb01 100755
--- a/tools/test/stress2/misc/fifo2.sh
+++ b/tools/test/stress2/misc/fifo2.sh
@@ -167,7 +167,7 @@ main(void)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "no such user: nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/ftruncate.sh
b/tools/test/stress2/misc/ftruncate.sh
index ddec85b6745a..f9aa1869756f 100755
--- a/tools/test/stress2/misc/ftruncate.sh
+++ b/tools/test/stress2/misc/ftruncate.sh
@@ -170,7 +170,7 @@ main(int argc, char **argv)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "failed to resolve nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/ftruncate2.sh
b/tools/test/stress2/misc/ftruncate2.sh
index 35db3a4c5f8d..94d9b6ca810f 100755
--- a/tools/test/stress2/misc/ftruncate2.sh
+++ b/tools/test/stress2/misc/ftruncate2.sh
@@ -185,7 +185,7 @@ main(int argc, char **argv)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "failed to resolve nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/kevent7.sh
b/tools/test/stress2/misc/kevent7.sh
index 8b58c35551f7..4c7718c6ae5f 100755
--- a/tools/test/stress2/misc/kevent7.sh
+++ b/tools/test/stress2/misc/kevent7.sh
@@ -236,7 +236,7 @@ main(void)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "no such user: nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/killpg.sh
b/tools/test/stress2/misc/killpg.sh
index c6af55a3d593..ea99f5e0d0fd 100755
--- a/tools/test/stress2/misc/killpg.sh
+++ b/tools/test/stress2/misc/killpg.sh
@@ -113,7 +113,7 @@ killer(void)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "no such user: nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/killpg2.sh
b/tools/test/stress2/misc/killpg2.sh
index 5e986f059637..cf186d686dfd 100755
--- a/tools/test/stress2/misc/killpg2.sh
+++ b/tools/test/stress2/misc/killpg2.sh
@@ -77,7 +77,7 @@ looper(void)
if ((pw = getpwnam("TUSER")) == NULL)
err(1, "no such user: TUSER");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"TUSER\"");
diff --git a/tools/test/stress2/misc/killpg3.sh
b/tools/test/stress2/misc/killpg3.sh
index 304b3e320f2f..4fcb4fa7a643 100755
--- a/tools/test/stress2/misc/killpg3.sh
+++ b/tools/test/stress2/misc/killpg3.sh
@@ -109,7 +109,7 @@ looper(void)
if ((pw = getpwnam("TUSER")) == NULL)
err(1, "no such user: TUSER");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"TUSER\"");
diff --git a/tools/test/stress2/misc/maxproc.sh
b/tools/test/stress2/misc/maxproc.sh
index 0574def8a605..3241e275375e 100755
--- a/tools/test/stress2/misc/maxproc.sh
+++ b/tools/test/stress2/misc/maxproc.sh
@@ -103,7 +103,7 @@ t1(int priv)
err(1, "no such user: nobody");
if (priv == 0) {
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/mlockall3.sh
b/tools/test/stress2/misc/mlockall3.sh
index 0ff1e24eaa7f..aa53e75166a5 100755
--- a/tools/test/stress2/misc/mlockall3.sh
+++ b/tools/test/stress2/misc/mlockall3.sh
@@ -130,7 +130,7 @@ main(void)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "no such user: nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/mlockall7.sh
b/tools/test/stress2/misc/mlockall7.sh
index 987e312f19e7..5a927043cb56 100755
--- a/tools/test/stress2/misc/mlockall7.sh
+++ b/tools/test/stress2/misc/mlockall7.sh
@@ -179,7 +179,7 @@ testing(unsigned long maxl)
maxlock = maxl;
if ((pw = getpwnam("nobody")) == NULL)
err(1, "failed to resolve nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/mountu.sh
b/tools/test/stress2/misc/mountu.sh
index abd3c744d160..95043e634ef1 100755
--- a/tools/test/stress2/misc/mountu.sh
+++ b/tools/test/stress2/misc/mountu.sh
@@ -241,7 +241,7 @@ main(int argc __unused, char **argv)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "no such user: nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/msync.sh b/tools/test/stress2/misc/msync.sh
index 326c7e723774..df05875afb45 100755
--- a/tools/test/stress2/misc/msync.sh
+++ b/tools/test/stress2/misc/msync.sh
@@ -166,7 +166,7 @@ main(void)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "no such user: nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/pread.sh b/tools/test/stress2/misc/pread.sh
index 24ee2efb696a..985d3f643df1 100755
--- a/tools/test/stress2/misc/pread.sh
+++ b/tools/test/stress2/misc/pread.sh
@@ -170,7 +170,7 @@ main(int argc __unused, char **argv)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "no such user: nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/sched.sh b/tools/test/stress2/misc/sched.sh
index 1a1db70eb38a..8b33d7b16094 100755
--- a/tools/test/stress2/misc/sched.sh
+++ b/tools/test/stress2/misc/sched.sh
@@ -107,7 +107,7 @@ work(void)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "no such user: nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/sigreturn3.sh
b/tools/test/stress2/misc/sigreturn3.sh
index a2d865b73847..6795c4fd0846 100755
--- a/tools/test/stress2/misc/sigreturn3.sh
+++ b/tools/test/stress2/misc/sigreturn3.sh
@@ -121,7 +121,7 @@ main(int argc, char **argv)
fprintf(stderr, "Running syscall4 as root for %s.\n",
argv[1]);
else {
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/sigreturn4.sh
b/tools/test/stress2/misc/sigreturn4.sh
index c77140de0518..90ee16777e03 100755
--- a/tools/test/stress2/misc/sigreturn4.sh
+++ b/tools/test/stress2/misc/sigreturn4.sh
@@ -147,7 +147,7 @@ main(int argc, char **argv)
fprintf(stderr, "Running sigreturn4 as root for %s.\n",
argv[1]);
else {
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/syscall4.sh
b/tools/test/stress2/misc/syscall4.sh
index 3937d45c0303..92150c782ac1 100755
--- a/tools/test/stress2/misc/syscall4.sh
+++ b/tools/test/stress2/misc/syscall4.sh
@@ -318,7 +318,7 @@ main(int argc, char **argv)
fprintf(stderr, "Running syscall4 as root for %s.\n",
argv[1]);
else {
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
diff --git a/tools/test/stress2/misc/tmpfs16.sh
b/tools/test/stress2/misc/tmpfs16.sh
index 8cc3c3596a4e..683817ce6497 100755
--- a/tools/test/stress2/misc/tmpfs16.sh
+++ b/tools/test/stress2/misc/tmpfs16.sh
@@ -181,7 +181,7 @@ main(int argc, char **argv)
if ((pw = getpwnam("nobody")) == NULL)
err(1, "failed to resolve nobody");
- if (setgroups(1, &pw->pw_gid) ||
+ if (setgroups(0, NULL) ||
setegid(pw->pw_gid) || setgid(pw->pw_gid) ||
seteuid(pw->pw_uid) || setuid(pw->pw_uid))
err(1, "Can't drop privileges to \"nobody\"");
