From 9dd0fba02f033951c58cfee7de19d9db48325655 Mon Sep 17 00:00:00 2001 From: Gunnar Beutner Date: Mon, 9 Feb 2015 14:58:20 +0100 Subject: [PATCH] Improve error message for setgroups/initgroups/setuid fixes #8294 --- icinga-app/icinga.cpp | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/icinga-app/icinga.cpp b/icinga-app/icinga.cpp index 85346a825..f6797b0ae 100644 --- a/icinga-app/icinga.cpp +++ b/icinga-app/icinga.cpp @@ -362,6 +362,7 @@ int Main(void) } } else if (command && command->GetImpersonationLevel() == ImpersonateIcinga) { String group = Application::GetRunAsGroup(); + String user = Application::GetRunAsUser(); errno = 0; struct group *gr = getgrnam(group.CStr()); @@ -382,6 +383,8 @@ int Main(void) if (!vm.count("reload-internal") && setgroups(0, NULL) < 0) { Log(LogCritical, "cli") << "setgroups() failed with error code " << errno << ", \"" << Utility::FormatErrorNumber(errno) << "\""; + Log(LogCritical, "cli") + << "Please re-run this command as a privileged user or using the \"" << user << "\" account."; return EXIT_FAILURE; } @@ -392,8 +395,6 @@ int Main(void) } } - String user = Application::GetRunAsUser(); - errno = 0; struct passwd *pw = getpwnam(user.CStr()); @@ -414,12 +415,16 @@ int Main(void) if (!vm.count("reload-internal") && initgroups(user.CStr(), pw->pw_gid) < 0) { Log(LogCritical, "cli") << "initgroups() failed with error code " << errno << ", \"" << Utility::FormatErrorNumber(errno) << "\""; + Log(LogCritical, "cli") + << "Please re-run this command as a privileged user or using the \"" << user << "\" account."; return EXIT_FAILURE; } if (setuid(pw->pw_uid) < 0) { Log(LogCritical, "cli") << "setuid() failed with error code " << errno << ", \"" << Utility::FormatErrorNumber(errno) << "\""; + Log(LogCritical, "cli") + << "Please re-run this command as a privileged user or using the \"" << user << "\" account."; return EXIT_FAILURE; } } -- 2.40.0