https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=288751
Bug ID: 288751
Summary: chroot -n fails with "setgroups: Operation not
permitted" when security.bsd.unprivileged_chroot=1
Product: Base System
Version: 15.0-CURRENT
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: bin
Assignee: [email protected]
Reporter: [email protected]
Recent changes to chroot have resulted in chroot -n <path> failing compared to
previous cases.
The resulting error is :
chroot: setgroups: Operation not permitted
This appears to be caused by gids being set to a minimum of 1 (previously 0) at
line 150 of usr.sbin/chroot/chroot.c which then results in setgroups being
called at line 178 when previously a null grouplist would have caused gids to
be zero.
A suggested fix would be to change line 178 from:
if (gids && setgroups(gids, gidlist) == -1)
to:
if (grouplist != NULL && setgroups(gids, gidlist) == -1)
since previously setgroups was only called if grouplist was set via the -G
command line argument. (This maintains the recent change to fill the first
entry of gidlist with the egid).
This change solved the issue for me.
--
You are receiving this mail because:
You are the assignee for the bug.
