diff options
| author | Petr Stodůlka <pstodulk@redhat.com> | 2014-06-25 18:26:23 +0100 |
|---|---|---|
| committer | Pádraig Brady <P@draigBrady.com> | 2014-06-26 12:07:10 +0100 |
| commit | 408461c0e7e5ddc6bfd0fddb2c79d35a02238ee0 (patch) | |
| tree | 217c189cbf8ef3bc5b0279e78a7e2cdfed4c3afe | |
| parent | d71c12f1e4e165c7da59989b49ded2805b7977cc (diff) | |
| download | coreutils-408461c0e7e5ddc6bfd0fddb2c79d35a02238ee0.tar.xz | |
id: output the effective group for the process
* src/id.c (print_full_info): When no user is specified,
output the effective group for the _process_, rather than
the default group from the system database, which may be different.
* tests/id/setgid.sh: Add a case for `id` as well as `id -G`.
* NEWS: Mention the bug fix.
Fixes http://bugs.gnu.org/7320
Reported at http://bugzilla.redhat.com/1016163
| -rw-r--r-- | NEWS | 6 | ||||
| -rw-r--r-- | src/id.c | 19 | ||||
| -rwxr-xr-x | tests/id/setgid.sh | 16 |
3 files changed, 27 insertions, 14 deletions
@@ -67,6 +67,12 @@ GNU coreutils NEWS -*- outline -*- now copies all input to stdout. Previously nothing was output in this case. [bug introduced with the --lines=-N feature in coreutils-5.0.1] + id, when invoked with no user name argument, now prints the correct group ID. + Previously, in the default output format, it would print the default group ID + in the password database, which may be neither real nor effective. For e.g., + when run set-GID, or when the database changes outside the current session. + [bug introduced in coreutils-8.1] + ln -sf now replaces symbolic links whose targets can't exist. Previously it would display an error, requiring --no-dereference to avoid the issue. [bug introduced in coreutils-5.3.0] @@ -399,19 +399,20 @@ print_full_info (const char *username) gid_t *groups; int i; - int n_groups = xgetgroups (username, (pwd ? pwd->pw_gid : -1), - &groups); + gid_t primary_group; + if (username) + primary_group = pwd ? pwd->pw_gid : -1; + else + primary_group = egid; + + int n_groups = xgetgroups (username, primary_group, &groups); if (n_groups < 0) { if (username) - { - error (0, errno, _("failed to get groups for user %s"), - quote (username)); - } + error (0, errno, _("failed to get groups for user %s"), + quote (username)); else - { - error (0, errno, _("failed to get groups for the current process")); - } + error (0, errno, _("failed to get groups for the current process")); ok = false; return; } diff --git a/tests/id/setgid.sh b/tests/id/setgid.sh index aa43ea37f..0664c47a2 100755 --- a/tests/id/setgid.sh +++ b/tests/id/setgid.sh @@ -1,5 +1,5 @@ #!/bin/sh -# Verify that id -G prints the right group when run set-GID. +# Verify that id [-G] prints the right group when run set-GID. # Copyright (C) 2012-2014 Free Software Foundation, Inc. @@ -20,16 +20,22 @@ print_ver_ id require_root_ -g=$(id -u $NON_ROOT_USERNAME) || framework_failure_ +u=$(id -u $NON_ROOT_USERNAME) || framework_failure_ +g=$u # Construct a different group number. gp1=$(expr $g + 1) echo $gp1 > exp || framework_failure_ -chroot --user=$NON_ROOT_USERNAME:$gp1 --groups='' / env PATH="$PATH" \ - id -G > out || fail=1 -compare exp out || fail=1 # With coreutils-8.16 and earlier, id -G would print both: $gp1 $g +chroot --user=+$u:+$gp1 --groups='' / env PATH="$PATH" \ + id -G > out || fail=1 +compare exp out || { cat out; fail=1; } + +# With coreutils-8.22 and earlier, id would erroneously print groups=$g +chroot --user=+$u:+$gp1 --groups='' / env PATH="$PATH" \ + id > out || fail=1 +grep -F "groups=$gp1" out || { cat out; fail=1; } Exit $fail |