Re: [libvirt PATCH 06/32] util: use getgrouplist() directly instead of mgetgroups

Monday, 27 January 2020

On Mon, Jan 27, 2020 at 04:42:41PM +0000, Daniel P. Berrangé wrote:
...
 On Mon, Jan 27, 2020 at 12:44:01PM +0100, Pavel Hrdina wrote:
 > On Thu, Jan 23, 2020 at 11:42:59AM +0000, Daniel P. Berrangé wrote:
 > > The mgetgroups function is a GNULIB custom wrapper around
 > > getgrouplist(). This implements a simplified version of
 > > that code directly.
 > > 
 > > Signed-off-by: Daniel P. Berrangé <berrange(a)redhat.com&gt;
 > > ---
 > >  src/internal.h     |  4 ++++
 > >  src/util/virutil.c | 34 ++++++++++++++++++++++++++++------
 > >  2 files changed, 32 insertions(+), 6 deletions(-)
 > > 
 > > diff --git a/src/util/virutil.c b/src/util/virutil.c
 > > index 87ca16c088..4bc0aef35f 100644
 > > --- a/src/util/virutil.c
 > > +++ b/src/util/virutil.c
 > > @@ -1000,11 +1004,27 @@ virGetGroupList(uid_t uid, gid_t gid, gid_t **list)
 > >      /* invalid users have no supplementary groups */
 > >      if (uid != (uid_t)-1 &&
 > >          virGetUserEnt(uid, &user, &primary, NULL, NULL, true) >= 0)
{
 > > -        if ((ret = mgetgroups(user, primary, list)) < 0) {
 > > -            virReportSystemError(errno,
 > > -                                 _("cannot get group list for
'%s'"), user);
 > > -            ret = -1;
 > > -            goto cleanup;
 > > +        int nallocgrps = 10;
 > > +        gid_t *grps = g_new(gid_t, nallocgrps);
 > 
 > This is never used anywhere except in the while loop.

 The loop relies on the "grps" pointer being persistent across
 loop iterations though. 
Sorry, probably bad wording.  I meant that we need to assign the "grps"
to *lists otherwise it's used only in the loop.

...

 > 
 > > +        while (1) {
 > > +            int nprevallocgrps = nallocgrps;
 > > +            int rv;
 > > +
 > > +            rv = getgrouplist(user, primary, grps, &nallocgrps);
 > > +
 > > +            /* Some systems (like Darwin) have a bug where they
 > > +               never increase max_n_groups.  */
 > > +            if (rv < 0 && nprevallocgrps == nallocgrps)
 > > +                nallocgrps *= 2;
 > > +
 > > +            /* either shrinks to actual size, or enlarges tonew size */
 > 
 > s/tonew/to new/
 > 
 > > +            grps = g_renew(gid_t, grps, nallocgrps);
 > > +
 > > +            if (rv >= 0) {
 > > +                ret = rv;
 > > +                break;
 > 
 > Based on the GNULIB implementation here we should set *list = grps.

 Yes.

 > 
 > With that fixed:
 > 
 > Reviewed-by: Pavel Hrdina <phrdina(a)redhat.com&gt;

 Regards,
 Daniel
 -- 
 |: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
 |: https://libvirt.org         -o-            https://fstop138.berrange.com :|
 |: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :| 

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [libvirt PATCH 06/32] util: use getgrouplist() directly instead of mgetgroups