File autofs-5.1.8-dont-use-initgroups-at-spawn.patch of Package autofs.34435
From 25213a749c727e0c309940da5bca35ab53083434 Mon Sep 17 00:00:00 2001
From: Ian Kent <raven@themaw.net>
Date: Thu, 28 Apr 2022 09:11:27 +0800
Subject: [PATCH] autofs-5.1.8 - dont use initgroups() at spawn
The initgroups(3) function isn't safe to use between fork() and
exec() in a threaded program.
Using it this way often leads to a hang for even moderate work
loads.
But the getgrouplist()/setgroups() combination can be used safely
in this case and this patch changes autofs to use these (the safety
of using of setgroups() is yet to to be documented).
A large portion of the work on this patch has been contributed
by Roberto Bergantinos <rbergant@redhat.com>.
Reported-by: Roberto Bergantinos <rbergant@redhat.com>
Fixes: 6343a3292020 ("autofs-5.1.3 - fix ordering of seteuid/setegid in do_spawn()")
Signed-off-by: Roberto Bergantinos <rbergant@redhat.com>
Signed-off-by: Ian Kent <raven@themaw.net>
---
daemon/spawn.c | 51 ++++++++++++++++++++++++++++++++++++++++++++++----
2 files changed, 48 insertions(+), 4 deletions(-)
diff --git a/daemon/spawn.c b/daemon/spawn.c
index 914e528..6f8856a 100644
--- a/daemon/spawn.c
+++ b/daemon/spawn.c
@@ -26,6 +26,7 @@
#include <sys/wait.h>
#include <sys/stat.h>
#include <sys/mount.h>
+#include <pwd.h>
#include "automount.h"
@@ -335,6 +336,10 @@ static int do_spawn(unsigned logopt, unsigned int wait,
struct thread_stdenv_vars *tsv;
pid_t euid = 0;
gid_t egid = 0;
+ gid_t *groups = NULL;
+ gid_t *saved_groups = NULL;
+ int ngroups = 0;
+ int nsaved_groups = 0;
if (open_pipe(pipefd))
return -1;
@@ -357,6 +362,31 @@ static int do_spawn(unsigned logopt, unsigned int wait,
egid = tsv->gid;
}
+
+ if (euid) {
+ struct passwd *pwd;
+
+ pwd = getpwuid(getuid());
+ if (!pwd)
+ fprintf(stderr,
+ "warning: getpwuid: can't get current username\n");
+ else {
+ /* get number of groups for current gid */
+ getgrouplist(pwd->pw_name, getgid(), NULL, &nsaved_groups);
+ saved_groups = malloc(nsaved_groups * sizeof(gid_t));
+
+ /* get current gid groups list */
+ getgrouplist(pwd->pw_name, getgid(), saved_groups, &nsaved_groups);
+ }
+
+ /* get number of groups of mount triggering process */
+ getgrouplist(tsv->user, egid, NULL, &ngroups);
+ groups = malloc(ngroups * sizeof(gid_t));
+
+ /* get groups list of mount triggering process */
+ getgrouplist(tsv->user, egid, groups, &ngroups);
+ }
+
f = fork();
if (f == 0) {
char **pargv = (char **) argv;
@@ -398,10 +428,13 @@ static int do_spawn(unsigned logopt, unsigned int wait,
* program group to trigger mount
*/
if (euid) {
- if (initgroups(tsv->user, egid) == -1)
- fprintf(stderr,
- "warning: initgroups: %s\n",
- strerror(errno));
+ if (groups) {
+ if (setgroups(ngroups, groups) == -1)
+ fprintf(stderr,
+ "warning: setgroups: %s\n",
+ strerror(errno));
+ free(groups);
+ }
if (setegid(egid) == -1)
fprintf(stderr,
"warning: setegid: %s\n",
@@ -436,6 +469,11 @@ static int do_spawn(unsigned logopt, unsigned int wait,
setegid(0);
if (pgrp >= 0)
setpgid(0, pgrp);
+ /* Reset groups for trigger of trailing mount */
+ if (euid && saved_groups) {
+ setgroups(nsaved_groups, saved_groups);
+ free(saved_groups);
+ }
/*
* The kernel leaves mount type autofs alone because
@@ -474,6 +512,11 @@ done:
sigaddset(&tmpsig, SIGCHLD);
pthread_sigmask(SIG_SETMASK, &tmpsig, NULL);
+ if (groups)
+ free(groups);
+ if (saved_groups)
+ free(saved_groups);
+
close(pipefd[1]);
if (f < 0) {
--
2.35.3