diff options
author | Giuseppe Scrivano <gscrivan@redhat.com> | 2016-09-28 18:37:39 +0200 |
---|---|---|
committer | Sven Eden <yamakuzure@gmx.net> | 2017-07-05 08:50:54 +0200 |
commit | 26a2fa65615e047ee5f1ceb24e19aa3548e3a033 (patch) | |
tree | e1b1dce12ed1a204085db33b984ddfb9ad7d5145 /src/basic/capability-util.c | |
parent | a04fa92ef5cca95a60e4e9e09a31300257b90259 (diff) |
core: do not fail in a container if we can't use setgroups
It might be blocked through /proc/PID/setgroups
Diffstat (limited to 'src/basic/capability-util.c')
-rw-r--r-- | src/basic/capability-util.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/basic/capability-util.c b/src/basic/capability-util.c index a9c21fef2..383f1137e 100644 --- a/src/basic/capability-util.c +++ b/src/basic/capability-util.c @@ -298,7 +298,7 @@ int drop_privileges(uid_t uid, gid_t gid, uint64_t keep_capabilities) { if (setresgid(gid, gid, gid) < 0) return log_error_errno(errno, "Failed to change group ID: %m"); - if (setgroups(0, NULL) < 0) + if (maybe_setgroups(0, NULL) < 0) return log_error_errno(errno, "Failed to drop auxiliary groups list: %m"); /* Ensure we keep the permitted caps across the setresuid() */ |