diff options
| author | Pádraig Brady <P@draigBrady.com> | 2014-05-16 09:50:24 +0100 |
|---|---|---|
| committer | Pádraig Brady <P@draigBrady.com> | 2014-05-21 11:18:26 +0100 |
| commit | ce0c08b52d893f6cad7ae9b7b59968406c85eeb9 (patch) | |
| tree | 379c01901adbe45d9cf5fbbb11887c357ad5abec /doc | |
| parent | 99960eeab9bf7fb479ab9f5342fc12a1fae629e6 (diff) | |
| download | coreutils-ce0c08b52d893f6cad7ae9b7b59968406c85eeb9.tar.xz | |
chroot: with --userspec clear root's supplemental groups
It's dangerous and confusing to leave root's supplemental
groups in place when specifying other users with --userspec.
In the edge case that that is desired one can explicitly
specify --groups.
Also we implicitly set the system defined supplemental groups
for a user. The existing mechanism where supplemental groups
needed to be explicitly specified is confusing and not general
when the lookup needs to be done within the chroot.
Also we extend the --groups syntax slightly to allow clearing
the set of supplementary groups using --groups=''.
* src/chroot.c (setgroups): On systems without supplemental groups,
clearing then is a noop and so should return success.
(main): Lookup the primary GID with getpwuid() when just a numeric
uid is specified, and also infer the USERNAME from this call,
needed when we're later looking up the supplemental groups for a user.
Support clearing supplemental groups, either implicitly for
unknown users, or explicitly when --groups='' is specified.
* tests/misc/chroot-credentials.sh: Various new test cases
* doc/coreutils.texi (chroot invocation): Adjust for the new behavior.
* NEWS: Mention the change in behavior.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/coreutils.texi | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/doc/coreutils.texi b/doc/coreutils.texi index 789cd68e5..592f4a647 100644 --- a/doc/coreutils.texi +++ b/doc/coreutils.texi @@ -16112,12 +16112,17 @@ By default, @var{command} is run with the same credentials as the invoking process. Use this option to run it as a different @var{user} and/or with a different primary @var{group}. +If a @var{user} is specified then the supplementary groups +are set according to the system defined list for that user, +unless overridden with the @option{--groups} option. @item --groups=@var{groups} @opindex --groups -Use this option to specify the supplementary @var{groups} to be +Use this option to override the supplementary @var{groups} to be used by the new process. The items in the list (names or numeric IDs) must be separated by commas. +Use @samp{--groups=''} to disable the supplementary group look-up +implicit in the @option{--userspec} option. @end table |