More complete fix for LDR_PRELOAD on AIX. The addition of

set_perm(PERM_ROOT) before calling the nss open functions (needed
to avoid a GNU TLS bug) also broke LDR_PRELOAD.  Setting the effective
and then real uid to 0 for PERM_ROOT works around the issue.

diff --git a/plugins/sudoers/set_perms.c b/plugins/sudoers/set_perms.c
index 31e7f5f22275243185b9fa663d5d05c2035711ec..0cadc88f01245c5d2a0f735207c45526ab476d34 100644 (file)
--- a/plugins/sudoers/set_perms.c
+++ b/plugins/sudoers/set_perms.c
@@ -392,7 +392,7 @@ set_perms(int perm)
 
     case PERM_ROOT:
        /*
-        * setuid(0) may fail on some systems if the euid is not already 0.
+        * setreuid(0, 0) may fail on some systems if euid is not already 0.
         */
        if (ostate->euid != ROOT_UID) {
            if (setreuid(-1, ROOT_UID)) {
@@ -400,12 +400,12 @@ set_perms(int perm)
                goto bad;
            }
        }
-       if (setuid(ROOT_UID)) {
-           errstr = "setuid(ROOT_UID)";
+       state->euid = ROOT_UID;
+       if (setreuid(ID(ruid), -1)) {
+           errstr = "setreuid(ROOT_UID, -1)";
            goto bad;
        }
        state->ruid = ROOT_UID;
-       state->euid = ROOT_UID;
        state->rgid = -1;
        state->egid = -1;
        state->grlist = ostate->grlist;