Re: [exim] After upgrade to Exim 4.95 or 4.96: "setgroups: Invalid argument"

Thu, 22 Sep 2022 02:42:50 -0700 

On Wed, 21 Sep 2022, Lasse Törngren via Exim-users wrote:


Hello Martin,

I tried your patching of the code and I am getting this error:
The changed code in priv.c:

if (priv_euid == root_uid)
  {
  if (seteuid(priv_euid) != 0)
    log_write(0, LOG_PANIC_DIE, "seteuid(%d): %s", priv_euid, strerror(errno));
  if (setegid(priv_egid) != 0)
    log_write(0, LOG_PANIC_DIE, "setegid(%d): %s", priv_egid, strerror(errno)); 
  /*if (priv_ngroups > 0 && setgroups(priv_ngroups, priv_groups) != 0)*/
  if (priv_ngroups > 0 && setgroups(priv_ngroups, priv_groups) != 0
   

#ifndef OS_SETGROUPS_ZERO_DROPS_ALL
   && setgroups(0, NULL) != 0
#endif
   && setgroups(1, group_list) != 0)
 
    log_write(0, LOG_PANIC_DIE, "exim priv_restore setgroups: %s", 
strerror(errno));
  if (geteuid() != priv_euid)
    log_write(0, LOG_PANIC_DIE, "getdeuid() != %d", priv_euid);
  if (getegid() != priv_egid)
    log_write(0, LOG_PANIC_DIE, "getdegid() != %d", priv_egid);
  }

Error when compiling:

cc priv.c
priv.c:72:20: error: use of undeclared identifier 'group_list'; did you mean 
'lookup_list'?
  && setgroups(1, group_list) != 0)
                  ^~~~~~~~~~
                  lookup_list
./globals.h:713:22: note: 'lookup_list' declared here
extern lookup_info **lookup_list;      /* Array of pointers to available 
lookups */
                    ^
1 error generated.
make[1]: *** [priv.o] Error 1
make: *** [all] Error 2


I have attached a patch which I believe does what Martin suggested.
This puts the 3 lines of the #ifdef in the middle of the if condition
that calls setgroups.

Thanks for confirming that the error does happen in
the function priv_restore().

--
Andrew C. Aitchison                      Kendal, UK
                   and...@aitchison.me.uk
--- src/priv.c
+++ src/priv.c
@@ -63,7 +63,11 @@
     log_write(0, LOG_PANIC_DIE, "seteuid(%d): %s", priv_euid, strerror(errno));
   if (setegid(priv_egid) != 0)
     log_write(0, LOG_PANIC_DIE, "setegid(%d): %s", priv_egid, strerror(errno));
-  if (priv_ngroups > 0 && setgroups(priv_ngroups, priv_groups) != 0)
+  if (priv_ngroups > 0
+#ifndef OS_SETGROUPS_ZERO_DROPS_ALL
+      && setgroups(0, NULL) != 0
+#endif
+      && setgroups(priv_ngroups, priv_groups) != 0)
     log_write(0, LOG_PANIC_DIE, "setgroups: %s", strerror(errno));
 
   if (geteuid() != priv_euid)

-- 
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to