Merge pull request #322 from laijs/user

bergwolf · web-flow · commit 4a00f0fb814c · 2017-08-22T21:01:49.000+08:00
fix user related issue
diff --git a/src/exec.c b/src/exec.c
@@ -192,37 +192,25 @@ struct hyper_event_ops err_ops = {
 
 static int hyper_setup_exec_user(struct hyper_exec *exec)
 {
-	char *user = exec->user == NULL || strlen(exec->user) == 0 ? NULL : exec->user;
+	char *user = exec->user == NULL || strlen(exec->user) == 0 ? "0" : exec->user;
 	char *group = exec->group == NULL || strlen(exec->group) == 0 ? NULL : exec->group;
 
 	uid_t uid = 0;
 	gid_t gid = 0;
 	int ngroups = 0;
 	gid_t *reallocgroups, *groups = NULL;
 
-	// check the config
-	if (!user && !group && exec->nr_additional_groups == 0) {
-		return 0;
-	}
-
 	// get uid
-	if (user) {
-		fprintf(stdout, "try to find the user: %s\n", user);
-		struct passwd *pwd = hyper_getpwnam(user);
-		if (pwd == NULL) {
-			unsigned long id;
-			if (!hyper_name_to_id(user, &id)) {
-				perror("can't find the user");
-				return -1;
-			}
-			uid = id;
-			goto get_gid;
-		}
+	fprintf(stdout, "try to find the user(or uid): %s\n", user);
+	struct passwd *pwd = hyper_getpwnam(user);
+	if (pwd != NULL) {
 		uid = pwd->pw_uid;
 		gid = pwd->pw_gid;
+		fprintf(stdout, "found the user: %s, uid:%d, gid:%d\n", user, uid, gid);
 
 		// get groups of user
-		groups = malloc(sizeof(gid_t) * 10);
+		ngroups = 10;
+		groups = malloc(sizeof(gid_t) * ngroups);
 		if (groups == NULL) {
 			goto fail;
 		}
@@ -236,26 +224,20 @@ static int hyper_setup_exec_user(struct hyper_exec *exec)
 				goto fail;
 			}
 		}
+		fprintf(stdout, "get %d groups from /etc/group\n", ngroups);
 
 		// set user related envs. the container env config can overwrite it
 		setenv("USER", pwd->pw_name, 1);
 		setenv("HOME", pwd->pw_dir, 1);
 	} else {
-		ngroups = getgroups(0, NULL);
-		if (ngroups < 0) {
-			goto fail;
-		}
-		groups = malloc(sizeof(gid_t) * ngroups);
-		if (groups == NULL) {
-			goto fail;
-		}
-		ngroups = getgroups(ngroups, groups);
-		if (ngroups < 0) {
-			goto fail;
+		unsigned long id;
+		if (!hyper_name_to_id(user, &id)) {
+			perror("can't find the user");
+			return -1;
 		}
+		uid = id;
 	}
 
-get_gid:
 	// get gid
 	if (group) {
 		fprintf(stdout, "try to find the group: %s\n", group);
@@ -296,24 +278,30 @@ static int hyper_setup_exec_user(struct hyper_exec *exec)
 
 	// setup the owner of tty
 	if (exec->tty) {
+		gid_t tty_gid = gid;
 		char ptmx[512];
 		sprintf(ptmx, "/dev/pts/%d", exec->ptyno);
-		if (chown(ptmx, uid, gid) < 0) {
+
+		struct group *gr = hyper_getgrnam("tty");
+		if (gr != NULL) {
+			tty_gid = gr->gr_gid;
+		}
+		if (chown(ptmx, uid, tty_gid) < 0) {
 			perror("failed to change the owner for the slave pty file");
 			goto fail;
 		}
 	}
 
 	// apply
-	if (groups && setgroups(ngroups, groups) < 0) {
+	if (ngroups > 0 && setgroups(ngroups, groups) < 0) {
 		perror("setgroups() fails");
 		goto fail;
 	}
-	if (setgid(gid) < 0) {
+	if (gid > 0 && setgid(gid) < 0) {
 		perror("setgid() fails");
 		goto fail;
 	}
-	if (setuid(uid) < 0) {
+	if (uid > 0 && setuid(uid) < 0) {
 		perror("setuid() fails");
 		goto fail;
 	}
diff --git a/src/util.c b/src/util.c
@@ -209,15 +209,17 @@ int hyper_getgrouplist(const char *user, gid_t group, gid_t *groups, int *ngroup
 		int j;
 		for (j = 0; gr->gr_mem && gr->gr_mem[j]; j++) {
 			if (!strcmp(gr->gr_mem[j], user)) {
-				if (nr + 1 < *ngroups)
+				fprintf(stdout, "hyper_getgrouplist() found matched group for user %s, grname: %s, gid: %d\n", user, gr->gr_name, gr->gr_gid);
+				if (nr < *ngroups)
 					groups[nr] = gr->gr_gid;
 				nr++;
 			}
 		}
 	}
 	fclose(file);
 	if (nr == 0) {
-		if (nr + 1 < *ngroups)
+		fprintf(stdout, "hyper_getgrouplist() adds the default group to list, gid:%d\n", group);
+		if (nr < *ngroups)
 			groups[nr] = group;
 		nr++;
 	}

Original file line number	Diff line number	Diff line change
`@@ -209,15 +209,17 @@ int hyper_getgrouplist(const char user, gid_t group, gid_t groups, int *ngroup`
`209`	`209`	`int j;`
`210`	`210`	`for (j = 0; gr->gr_mem && gr->gr_mem[j]; j++) {`
`211`	`211`	`if (!strcmp(gr->gr_mem[j], user)) {`
`212`		`- if (nr + 1 < *ngroups)`
	`212`	`+ fprintf(stdout, "hyper_getgrouplist() found matched group for user %s, grname: %s, gid: %d\n", user, gr->gr_name, gr->gr_gid);`
	`213`	`+ if (nr < *ngroups)`
`213`	`214`	`groups[nr] = gr->gr_gid;`
`214`	`215`	`nr++;`
`215`	`216`	`}`
`216`	`217`	`}`
`217`	`218`	`}`
`218`	`219`	`fclose(file);`
`219`	`220`	`if (nr == 0) {`
`220`		`- if (nr + 1 < *ngroups)`
	`221`	`+ fprintf(stdout, "hyper_getgrouplist() adds the default group to list, gid:%d\n", group);`
	`222`	`+ if (nr < *ngroups)`
`221`	`223`	`groups[nr] = group;`
`222`	`224`	`nr++;`
`223`	`225`	`}`