Fix: runas: supplementary groups are ignored on lttng save
authorFrancis Deslauriers <francis.deslauriers@efficios.com>
Fri, 23 Jul 2021 20:27:00 +0000 (16:27 -0400)
committerJérémie Galarneau <jeremie.galarneau@efficios.com>
Thu, 5 Aug 2021 23:53:38 +0000 (19:53 -0400)
commita62bbe8cacc7014175da33f64f917533fea7810d
tree433b75a5aef2b9ec7b70ef9a2b8a94bf6feb3bbc
parent1a9a1a1994ed855a7150137ca02d2a488c009c86
Fix: runas: supplementary groups are ignored on lttng save

Observed issue
==============

On `lttng save` the following is reported to the user:

 $ sudo -u my_user lttng save -o /tmp/my_dir my_session_name
 Error: Permission denied

Note that:
  * the running lttng-sessiond is root,
  * "my_user" is part of the tracing group,
  * "my_user" primary group is "my_user" and is part of group "my_dummy_group"
  * The "/tmp/my_dir" has the following permissions:

    drwxrwx--- 2 root my_dummy_group 4096 Jul 26 16:39 /tmp/my_dir/

Cause
=====

The supplementary groups are not initialized when the run-as process
demote itself to the user "my_user" to perform the recursive mkdir
required by the `lttng save` command.

From the point of the view the kernel, at the moment of performing the
mkdir call the permissions looks like this:

 euid: uid of "my_user"
 egid: primary gid of "my_user"
 supplementary group list: "root"

Note that the kernel does not treat the presence of the root group in
the supplementary group list in any special way. Since "root gid" !=
"my_dummy_group gid" the directory creation is refused.

Solution
========

Use initgroups(3) to initialize the supplementary group list.

Known drawbacks
=========

None.

Signed-off-by: Francis Deslauriers <francis.deslauriers@efficios.com>
Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Change-Id: I58656a3107e4f7b59a2391a4759988401cad7a2b
src/common/runas.c
This page took 0.02582 seconds and 4 git commands to generate.