[master] 9b42ca376 jail_solaris: Retire mgt_param.[gu]id usage
Dridi Boukelmoune
dridi.boukelmoune at gmail.com
Mon Jan 30 17:56:05 UTC 2023
commit 9b42ca376923b0cbf534c24f280bca477de27767
Author: Dridi Boukelmoune <dridi.boukelmoune at gmail.com>
Date: Mon Jan 30 18:36:25 2023 +0100
jail_solaris: Retire mgt_param.[gu]id usage
This fields were never set in the first place so they went away in #3888.
We don't have SunOS coverage on Github so I noticed it after the facts.
I did look at the Solaris jail but somehow missed that those fields were
used there as well. Chances are that the deleted statements never ran in
the first place, otherwise the assertions would have triggered.
If the solaris jail should set[gu]id(2) as part of its privileges drop,
it should probably grow new sub-options similar to the ones in the unix
jail.
Refs #3888
diff --git a/bin/varnishd/mgt/mgt_jail_solaris.c b/bin/varnishd/mgt/mgt_jail_solaris.c
index 516f12fc7..749306835 100644
--- a/bin/varnishd/mgt/mgt_jail_solaris.c
+++ b/bin/varnishd/mgt/mgt_jail_solaris.c
@@ -447,10 +447,6 @@ static void
vjs_setuid(void)
{
if (priv_ineffect(PRIV_PROC_SETID)) {
- if (getgid() != mgt_param.gid)
- XXXAZ(setgid(mgt_param.gid));
- if (getuid() != mgt_param.uid)
- XXXAZ(setuid(mgt_param.uid));
AZ(setppriv(PRIV_OFF, PRIV_EFFECTIVE, vjs_proc_setid));
AZ(setppriv(PRIV_OFF, PRIV_PERMITTED, vjs_proc_setid));
} else {
More information about the varnish-commit
mailing list