From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Tue, 29 Mar 2005 03:33:05 +0000 (+0000)
Subject: Move initgroups() for -U option into display_privs() so group matching
X-Git-Tag: SUDO_1_7_0~664
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9efe91fa1e1360b320c2c3b513c3313a91850318;p=sudo

Move initgroups() for -U option into display_privs() so group matching
in sudoers works correctly.
---

diff --git a/parse.c b/parse.c
index f10da56ef..d1ecf3b14 100644
--- a/parse.c
+++ b/parse.c
@@ -213,6 +213,19 @@ display_privs(pw)
     struct userspec *us;
     struct cmndtag tags;
 
+#if defined(HAVE_INITGROUPS) && defined(HAVE_GETGROUPS)
+    /* Set group vector so group matching works correctly. */
+    if (pw != sudo_user.pw) {
+       (void) initgroups(pw->pw_name, pw->pw_gid);
+       if ((user_ngroups = getgroups(0, NULL)) > 0) {
+	   user_groups = erealloc3(user_groups, user_ngroups, sizeof(gid_t));
+	   if (getgroups(user_ngroups, user_groups) < 0)
+	       log_error(USE_ERRNO|MSG_ONLY, "can't get group vector");
+       } else
+	   user_ngroups = 0;
+    }
+#endif
+
     display_defaults(pw);
 
     print_priv4("\n", "User ", pw->pw_name,
diff --git a/sudo.c b/sudo.c
index b4e9e1949..1216c1e24 100644
--- a/sudo.c
+++ b/sudo.c
@@ -872,10 +872,6 @@ parse_args(argc, argv)
 		    usage(1);
 		if ((list_pw = sudo_getpwnam(NewArgv[1])) == NULL)
 		    errorx(1, "unknown user %s", NewArgv[1]);
-#ifdef HAVE_INITGROUPS
-		/* Set group vector so group matching works correctly. */
-		(void) initgroups(list_pw->pw_name, list_pw->pw_gid);
-#endif
 		NewArgc--;
 		NewArgv++;
 		break;