[master] 02636039d heritage: Remove unset params::[gu]id fields
Dridi Boukelmoune
dridi.boukelmoune at gmail.com
Mon Jan 30 16:55:06 UTC 2023
commit 02636039d4da9fbbe25362a7a17a9375873d11f4
Author: Dridi Boukelmoune <dridi.boukelmoune at gmail.com>
Date: Tue Jan 24 11:32:09 2023 +0100
heritage: Remove unset params::[gu]id fields
They are shared with the cache process but are never used. Only the VCC
process uses them, but they are never set. This specific fchown(2) call
in the VCC process was probably a no-op in the first place: since the
fields are never set this is transferring ownership to root:root and if
that succeeded the process was already root in the first place. If it
failed, we never see the error message since we lacked root privileges.
Both the unix and solaris jails are designed to run VCC (and CC) with
limited privileges, and in the absence of a jail, the outcome should be
the same: VCC creates a file with credentials suitable for the next CC
invocation.
diff --git a/bin/varnishd/common/common_param.h b/bin/varnishd/common/common_param.h
index 4c64c4696..30e033b7c 100644
--- a/bin/varnishd/common/common_param.h
+++ b/bin/varnishd/common/common_param.h
@@ -140,9 +140,5 @@ struct params {
#undef ptyp_vsl_mask
#undef ptyp_vsl_reclen
- /* Unprivileged user / group */
- uid_t uid;
- gid_t gid;
-
struct vre_limits vre_limits;
};
diff --git a/bin/varnishd/mgt/mgt_vcc.c b/bin/varnishd/mgt/mgt_vcc.c
index 0fcef8a72..6561e7e77 100644
--- a/bin/varnishd/mgt/mgt_vcc.c
+++ b/bin/varnishd/mgt/mgt_vcc.c
@@ -259,10 +259,6 @@ mgt_vcc_touchfile(const char *fn, struct vsb *sb)
VSB_printf(sb, "Failed to create %s: %s", fn, VAS_errtxt(errno));
return (2);
}
- if (fchown(i, mgt_param.uid, mgt_param.gid) != 0)
- if (geteuid() == 0)
- VSB_printf(sb, "Failed to change owner on %s: %s\n",
- fn, VAS_errtxt(errno));
closefd(&i);
return (0);
}
More information about the varnish-commit
mailing list