Skip to content

Commit

Permalink
Drop sup groups BEFORE changing uid
Browse files Browse the repository at this point in the history 
@basepi, needs cherry-pick
  • Loading branch information
@thatch45 @basepi
thatch45 authored and basepi committed Oct 16, 2013
1 parent f06e04f commit 4c08bd5
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions salt/utils/verify.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -289,13 +289,13 @@ def check_user(user):
try:
pwuser = pwd.getpwnam(user)
try:
os.setgid(pwuser.pw_gid)
os.setuid(pwuser.pw_uid)
if hasattr(os, 'initgroups'):
os.initgroups(user, pwuser.pw_gid)
else:
os.setgroups([e.gr_gid for e in grp.getgrall()
if user in e.gr_mem] + [pwuser.gid])
os.setgid(pwuser.pw_gid)
os.setuid(pwuser.pw_uid)

except OSError:
msg = 'Salt configured to run as user "{0}" but unable to switch.'
Expand Down

0 comments on commit 4c08bd5

Please sign in to comment.