GNU bug report logs - #7320
'group' command gives wrong/extra group

Previous Next

Full log

Message #32 received at 7320 <at> debbugs.gnu.org (full text, mbox):

From: Jim Meyering <jim <at> meyering.net>
To: "Marc W. Mengel" <mengel <at> fnal.gov>
Cc: owen <at> illinois.edu, 7320 <at> debbugs.gnu.org
Subject: Re: bug#7320: id and groups may lie
Date: Fri, 27 Apr 2012 18:57:11 +0200

Jim Meyering wrote:

> Marc W. Mengel wrote:
>> The other test case is to make a copy of "id" and make it
>> setuid to some user (i.e. mysql) and run it; it will show
>> itself as having mysql's primary group, even though it doesn't.
>
> Oh!  Yes, that will work.  Thanks.
> With that, I'll add a test like this:
>
> New:
>     $ sudo src/setuidgid -g 3 root src/id -G
>     3
>
> Old:
>     $ sudo src/setuidgid -g 3 root id -G
>     3 0

Here's the new test that I'll merge into the actual fix:

From d11303c1e643d31aea70e15f79ecf8b55038446a Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering <at> redhat.com>
Date: Fri, 27 Apr 2012 18:44:08 +0200
Subject: [PATCH] tests: add a test for the just-fixed id/groups bug

* tests/misc/id-setgid: New file.
* tests/Makefile.am (TESTS): Add it.
---
 tests/Makefile.am    |    1 +
 tests/misc/id-setgid |   34 ++++++++++++++++++++++++++++++++++
 2 files changed, 35 insertions(+)
 create mode 100755 tests/misc/id-setgid

diff --git a/tests/Makefile.am b/tests/Makefile.am
index ce2366b..cd1fc5c 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -198,6 +198,7 @@ TESTS =						\
   misc/head-pos					\
   misc/id-context				\
   misc/id-groups				\
+  misc/id-setgid				\
   misc/md5sum					\
   misc/md5sum-bsd				\
   misc/md5sum-newline				\
diff --git a/tests/misc/id-setgid b/tests/misc/id-setgid
new file mode 100755
index 0000000..12fab38
--- /dev/null
+++ b/tests/misc/id-setgid
@@ -0,0 +1,34 @@
+#!/bin/sh
+# Verify that id -G prints the right group when run set-GID.
+
+# Copyright (C) 2012 Free Software Foundation, Inc.
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+. "${srcdir=.}/init.sh"; path_prepend_ ../src
+print_ver_ id
+require_root_
+
+g=$(id -u $NON_ROOT_USERNAME) || framework_failure_
+
+# Construct a different group number.
+gp1=$(expr $g + 1)
+
+echo $gp1 > exp || framework_failure_
+
+setuidgid -g $gp1 $NON_ROOT_USERNAME env PATH="$PATH" id -G > out || fail=1
+compare exp out || fail=1
+# With coreutils-8.16 and earlier, id -G would print both: $gp1 $g
+
+Exit $fail
--
1.7.10.365.g7cacb

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.