Handle getgroups() returning 0. Also add missing check for HAVE_GETGROUPS.

author Todd C. Miller <Todd.Miller@courtesan.com>

Fri, 22 May 2009 10:37:29 +0000 (10:37 +0000)

committer Todd C. Miller <Todd.Miller@courtesan.com>

Fri, 22 May 2009 10:37:29 +0000 (10:37 +0000)
author Todd C. Miller <Todd.Miller@courtesan.com>
Fri, 22 May 2009 10:37:29 +0000 (10:37 +0000)
committer Todd C. Miller <Todd.Miller@courtesan.com>
Fri, 22 May 2009 10:37:29 +0000 (10:37 +0000)
diff --git a/set_perms.c b/set_perms.c

index 686eeb1717a9828c9ef1ea3090d644ef2fd3c1c1..6ffebcf4ccfe7bcff41dcd0b86179b892cad6fc1 100644 (file)
--- a/set_perms.c
+++ b/set_perms.c
@@ -490,7 +490,9 @@ static void
  runas_setgroups()
  {
      static int ngroups = -1;
+#ifdef HAVE_GETGROUPS
      static GETGROUPS_T *groups;
+#endif
      struct passwd *pw;
  
      if (def_preserve_groups)
@@ -503,14 +505,16 @@ runas_setgroups()
         pw = runas_pw ? runas_pw : sudo_user.pw;
         if (initgroups(pw->pw_name, pw->pw_gid) < 0)
             log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector");
-       if ((ngroups = getgroups(0, NULL)) < 0)
-           log_error(USE_ERRNO|MSG_ONLY, "can't get runas ngroups");
-       groups = emalloc2(ngroups, sizeof(GETGROUPS_T));
-       if (getgroups(ngroups, groups) < 0)
-           log_error(USE_ERRNO|MSG_ONLY, "can't get runas group vector");
+#ifdef HAVE_GETGROUPS
+       if ((ngroups = getgroups(0, NULL)) > 0) {
+           groups = emalloc2(ngroups, sizeof(GETGROUPS_T));
+           if (getgroups(ngroups, groups) < 0)
+               log_error(USE_ERRNO|MSG_ONLY, "can't get runas group vector");
+       }
      } else {
         if (setgroups(ngroups, groups) < 0)
             log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector");
+#endif /* HAVE_GETGROUPS */
      }
  }
author	Todd C. Miller <Todd.Miller@courtesan.com>
	Fri, 22 May 2009 10:37:29 +0000 (10:37 +0000)
committer	Todd C. Miller <Todd.Miller@courtesan.com>
	Fri, 22 May 2009 10:37:29 +0000 (10:37 +0000)