Gitweb:
https://git.exim.org/exim.git/commitdiff/25ef0f44a4d150d8a3571906475ed3d567ee7f4a
Commit: 25ef0f44a4d150d8a3571906475ed3d567ee7f4a
Parent: 3eeff5f988769512ed30bcf13b08d59cc853a392
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Sun Dec 15 20:13:04 2019 +0000
Committer: Jeremy Harris <jgh146exb@???>
CommitDate: Sun Dec 15 20:13:04 2019 +0000
GNU/Hurd: handle platform-specific behaviour of setgroups()
---
src/OS/os.h-GNU | 4 ++++
src/src/exim.c | 10 +++++++---
2 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/src/OS/os.h-GNU b/src/OS/os.h-GNU
index 4499316..1de2e3e 100644
--- a/src/OS/os.h-GNU
+++ b/src/OS/os.h-GNU
@@ -20,4 +20,8 @@ typedef struct flock flock_t;
/* default is non-const */
#define ICONV_ARG2_TYPE const char **
+/* setgroups(0, NULL) succeeds, and drops the gid group
+as well as any supplementary groups*/
+#define OS_SETGROUPS_ZERO_DROPS_ALL
+
/* End */
diff --git a/src/src/exim.c b/src/src/exim.c
index 477b82a..f0feaf5 100644
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -3642,7 +3642,11 @@ since you have to be root to run it, even if throwing away groups. Not being
root here happens only in some unusual configurations. We just ignore the
error. */
-if (setgroups(0, NULL) != 0 && setgroups(1, group_list) != 0 && !unprivileged)
+if (
+#ifndef OS_SETGROUPS_ZERO_DROPS_ALL
+ setgroups(0, NULL) != 0 &&
+#endif
+ setgroups(1, group_list) != 0 && !unprivileged)
exim_fail("exim: setgroups() failed: %s\n", strerror(errno));
/* If the configuration file name has been altered by an argument on the
@@ -4289,8 +4293,8 @@ else
if (!(unprivileged || removed_privilege))
exim_fail("exim: changing group failed: %s\n", strerror(errno));
else
- DEBUG(D_any) debug_printf("changing group to %ld failed: %s\n",
- (long int)exim_gid, strerror(errno));
+ DEBUG(D_any) debug_printf("changing group to %ld failed: %d: %s\n",
+ (long int)exim_gid, errno, strerror(errno));
}
/* Handle a request to scan a file for malware */
