Skip to content

Commit

Permalink
Merge pull request gravitational#506 from gravitational/ev/groups
Browse files Browse the repository at this point in the history 
Ev/groups
  • Loading branch information
@klizhentas
klizhentas authored Aug 19, 2016
2 parents 2eead03 + 4cd9bbd commit 0c85a3d
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 2 deletions.
2 changes: 1 addition & 1 deletion build.assets/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ RUN (apt-get update && apt-get install -q -y \
apt-get -y autoclean; apt-get -y clean

# Install Golang:
RUN (mkdir -p /opt && cd /opt && curl https://storage.googleapis.com/golang/go1.6.1.linux-amd64.tar.gz | tar xz;\
RUN (mkdir -p /opt && cd /opt && curl https://storage.googleapis.com/golang/go1.7.linux-amd64.tar.gz | tar xz;\
mkdir -p /gopath/src/github.com/gravitational/teleport;\
chmod a+w /gopath;\
chmod a+w /var/lib)
Expand Down
24 changes: 23 additions & 1 deletion lib/srv/exec.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -138,6 +138,7 @@ func prepareCommand(ctx *ctx, cmd string) (*exec.Cmd, error) {
if err != nil {
return nil, trace.Wrap(err)
}

// get user's shell:
shell, err := utils.GetLoginShell(ctx.login)
if err != nil {
Expand Down Expand Up @@ -182,7 +183,28 @@ func prepareCommand(ctx *ctx, cmd string) (*exec.Cmd, error) {
return nil, trace.Wrap(err)
}
if me.Uid != osUser.Uid || me.Gid != osUser.Gid {
c.SysProcAttr.Credential = &syscall.Credential{Uid: uint32(uid), Gid: uint32(gid)}
userGroups, err := osUser.GroupIds()
if err != nil {
return nil, trace.Wrap(err)
}
groups := make([]uint32, 0)
for _, sgid := range userGroups {
igid, err := strconv.Atoi(sgid)
if err != nil {
log.Warnf("Cannot interpret user group: '%v'", sgid)
} else {
groups = append(groups, uint32(igid))
}
}
if len(groups) == 0 {
groups = append(groups, uint32(gid))
}
c.SysProcAttr.Credential = &syscall.Credential{
Uid: uint32(uid),
Gid: uint32(gid),
Groups: groups,
}
c.SysProcAttr.Setsid = true
}

// apply environment variables passed from the client
Expand Down

0 comments on commit 0c85a3d

Please sign in to comment.