core: do not fail in a container if we can't use setgroups

It might be blocked through /proc/PID/setgroups
author: Giuseppe Scrivano <gscrivan@redhat.com> 2016-09-28 18:37:39 +0200
committer: Sven Eden <yamakuzure@gmx.net> 2017-07-05 08:50:54 +0200
commit: 26a2fa65615e047ee5f1ceb24e19aa3548e3a033 (patch)
tree: e1b1dce12ed1a204085db33b984ddfb9ad7d5145 /src/basic/capability-util.c
parent: a04fa92ef5cca95a60e4e9e09a31300257b90259 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/src/basic/capability-util.c b/src/basic/capability-util.c
index a9c21fef2..383f1137e 100644
--- a/src/basic/capability-util.c
+++ b/src/basic/capability-util.c
@@ -298,7 +298,7 @@ int drop_privileges(uid_t uid, gid_t gid, uint64_t keep_capabilities) {
         if (setresgid(gid, gid, gid) < 0)
                 return log_error_errno(errno, "Failed to change group ID: %m");
 
-        if (setgroups(0, NULL) < 0)
+        if (maybe_setgroups(0, NULL) < 0)
                 return log_error_errno(errno, "Failed to drop auxiliary groups list: %m");
 
         /* Ensure we keep the permitted caps across the setresuid() */
author	Giuseppe Scrivano <gscrivan@redhat.com>	2016-09-28 18:37:39 +0200
committer	Sven Eden <yamakuzure@gmx.net>	2017-07-05 08:50:54 +0200
commit	26a2fa65615e047ee5f1ceb24e19aa3548e3a033 (patch)
tree	e1b1dce12ed1a204085db33b984ddfb9ad7d5145 /src/basic/capability-util.c
parent	a04fa92ef5cca95a60e4e9e09a31300257b90259 (diff)