svn commit: r195859 - in stable/7: lib/libc lib/libc/gen lib/libc/rpc lib/libc/sys usr.bin/id usr.bin/newgrp usr.bin/quota usr.sbin/chown usr.sbin/chroot usr.sbin/jail usr.sbin/jexec usr.sbin/lpr u...

Brooks Davis brooks at FreeBSD.org
Fri Jul 24 21:42:12 UTC 2009


Author: brooks
Date: Fri Jul 24 21:42:10 2009
New Revision: 195859
URL: http://svn.freebsd.org/changeset/base/195859

Log:
  MFC r194494 to improve support for 7.x worlds on >=8.0 kernels:
  
  In preparation for raising NGROUPS and NGROUPS_MAX, change base
  system callers of getgroups(), getgrouplist(), and setgroups() to
  allocate buffers dynamically.  Specifically, allocate a buffer of size
  sysconf(_SC_NGROUPS_MAX)+1 (+2 in a few cases to allow for overflow).
  
  This (or similar gymnastics) is required for the code to actually follow
  the POSIX.1-2008 specification where {NGROUPS_MAX} may differ at runtime
  and where getgroups may return {NGROUPS_MAX}+1 results on systems like
  FreeBSD which include the primary group.
  
  In id(1), don't pointlessly add the primary group to the list of all
  groups, it is always the first result from getgroups().  In principle
  the old code was more portable, but this was only done in one of the two
  places where getgroups() was called to the overall effect was pointless.
  
  Document the actual POSIX requirements in the getgroups(2) and
  setgroups(2) manpages.  We do not yet support a dynamic NGROUPS, but we
  may in the future.

Modified:
  stable/7/lib/libc/   (props changed)
  stable/7/lib/libc/gen/initgroups.3
  stable/7/lib/libc/gen/initgroups.c
  stable/7/lib/libc/rpc/auth_unix.c
  stable/7/lib/libc/sys/getgroups.2
  stable/7/lib/libc/sys/setgroups.2
  stable/7/usr.bin/id/   (props changed)
  stable/7/usr.bin/id/id.c
  stable/7/usr.bin/newgrp/   (props changed)
  stable/7/usr.bin/newgrp/newgrp.c
  stable/7/usr.bin/quota/   (props changed)
  stable/7/usr.bin/quota/quota.c
  stable/7/usr.sbin/chown/   (props changed)
  stable/7/usr.sbin/chown/chown.c
  stable/7/usr.sbin/chroot/   (props changed)
  stable/7/usr.sbin/chroot/chroot.c
  stable/7/usr.sbin/jail/   (props changed)
  stable/7/usr.sbin/jail/jail.c
  stable/7/usr.sbin/jexec/   (props changed)
  stable/7/usr.sbin/jexec/jexec.c
  stable/7/usr.sbin/lpr/   (props changed)
  stable/7/usr.sbin/lpr/lpc/lpc.c

Modified: stable/7/lib/libc/gen/initgroups.3
==============================================================================
--- stable/7/lib/libc/gen/initgroups.3	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/lib/libc/gen/initgroups.3	Fri Jul 24 21:42:10 2009	(r195859)
@@ -65,6 +65,13 @@ function may fail and set
 .Va errno
 for any of the errors specified for the library function
 .Xr setgroups 2 .
+It may also return:
+.Bl -tag -width Er
+.It Bq Er ENOMEM
+The
+.Fn initgroups
+function was unable to allocate temporary storage.
+.El
 .Sh SEE ALSO
 .Xr setgroups 2 ,
 .Xr getgrouplist 3

Modified: stable/7/lib/libc/gen/initgroups.c
==============================================================================
--- stable/7/lib/libc/gen/initgroups.c	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/lib/libc/gen/initgroups.c	Fri Jul 24 21:42:10 2009	(r195859)
@@ -35,10 +35,12 @@ __FBSDID("$FreeBSD$");
 
 #include <sys/param.h>
 
-#include <stdio.h>
 #include "namespace.h"
 #include <err.h>
 #include "un-namespace.h"
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
 #include <unistd.h>
 
 int
@@ -46,14 +48,21 @@ initgroups(uname, agroup)
 	const char *uname;
 	gid_t agroup;
 {
-	int ngroups;
+	int ngroups, ret;
+	long ngroups_max;
+	gid_t *groups;
+
 	/*
-	 * Provide space for one group more than NGROUPS to allow
+	 * Provide space for one group more than possible to allow
 	 * setgroups to fail and set errno.
 	 */
-	gid_t groups[NGROUPS + 1];
+	ngroups_max = sysconf(_SC_NGROUPS_MAX) + 2;
+	if ((groups = malloc(sizeof(*groups) * ngroups_max)) == NULL)
+		return (ENOMEM);
 
-	ngroups = NGROUPS + 1;
+	ngroups = (int)ngroups_max;
 	getgrouplist(uname, agroup, groups, &ngroups);
-	return (setgroups(ngroups, groups));
+	ret = setgroups(ngroups, groups);
+	free(groups);
+	return (ret);
 }

Modified: stable/7/lib/libc/rpc/auth_unix.c
==============================================================================
--- stable/7/lib/libc/rpc/auth_unix.c	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/lib/libc/rpc/auth_unix.c	Fri Jul 24 21:42:10 2009	(r195859)
@@ -185,23 +185,29 @@ authunix_create(machname, uid, gid, len,
 AUTH *
 authunix_create_default()
 {
-	int len;
+	int ngids;
+	long ngids_max;
 	char machname[MAXHOSTNAMELEN + 1];
 	uid_t uid;
 	gid_t gid;
-	gid_t gids[NGROUPS_MAX];
+	gid_t *gids;
+
+	ngids_max = sysconf(_SC_NGROUPS_MAX) + 1;
+	gids = malloc(sizeof(gid_t) * ngids_max);
+	if (gids == NULL)
+		return (NULL);
 
 	if (gethostname(machname, sizeof machname) == -1)
 		abort();
 	machname[sizeof(machname) - 1] = 0;
 	uid = geteuid();
 	gid = getegid();
-	if ((len = getgroups(NGROUPS_MAX, gids)) < 0)
+	if ((ngids = getgroups(ngids_max, gids)) < 0)
 		abort();
-	if (len > NGRPS)
-		len = NGRPS;
+	if (ngids > NGRPS)
+		ngids = NGRPS;
 	/* XXX: interface problem; those should all have been unsigned */
-	return (authunix_create(machname, (int)uid, (int)gid, len,
+	return (authunix_create(machname, (int)uid, (int)gid, ngids,
 	    (int *)gids));
 }
 

Modified: stable/7/lib/libc/sys/getgroups.2
==============================================================================
--- stable/7/lib/libc/sys/getgroups.2	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/lib/libc/sys/getgroups.2	Fri Jul 24 21:42:10 2009	(r195859)
@@ -58,10 +58,7 @@ The
 system call
 returns the actual number of groups returned in
 .Fa gidset .
-No more than
-.Dv NGROUPS_MAX
-will ever
-be returned.
+At least one and as many as {NGROUPS_MAX}+1 values may be returned.
 If
 .Fa gidsetlen
 is zero,
@@ -92,6 +89,11 @@ an invalid address.
 .Sh SEE ALSO
 .Xr setgroups 2 ,
 .Xr initgroups 3
+.Sh STANDARDS
+The
+.Fn getgroups
+system call conforms to
+.St -p1003.1-2008 .
 .Sh HISTORY
 The
 .Fn getgroups

Modified: stable/7/lib/libc/sys/setgroups.2
==============================================================================
--- stable/7/lib/libc/sys/setgroups.2	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/lib/libc/sys/setgroups.2	Fri Jul 24 21:42:10 2009	(r195859)
@@ -53,9 +53,7 @@ The
 argument
 indicates the number of entries in the array and must be no
 more than
-.Dv NGROUPS ,
-as defined in
-.In sys/param.h .
+.Dv {NGROUPS_MAX}+1 .
 .Pp
 Only the super-user may set new groups.
 .Sh RETURN VALUES
@@ -71,7 +69,7 @@ The caller is not the super-user.
 The number specified in the
 .Fa ngroups
 argument is larger than the
-.Dv NGROUPS
+.Dv {NGROUPS_MAX}+1
 limit.
 .It Bq Er EFAULT
 The address specified for

Modified: stable/7/usr.bin/id/id.c
==============================================================================
--- stable/7/usr.bin/id/id.c	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/usr.bin/id/id.c	Fri Jul 24 21:42:10 2009	(r195859)
@@ -258,7 +258,8 @@ id_print(struct passwd *pw, int use_ggl,
 	gid_t gid, egid, lastgid;
 	uid_t uid, euid;
 	int cnt, ngroups;
-	gid_t groups[NGROUPS + 1];
+	long ngroups_max;
+	gid_t *groups;
 	const char *fmt;
 
 	if (pw != NULL) {
@@ -270,12 +271,16 @@ id_print(struct passwd *pw, int use_ggl,
 		gid = getgid();
 	}
 
+	ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1;
+	if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL)
+		err(1, "malloc");
+
 	if (use_ggl && pw != NULL) {
-		ngroups = NGROUPS + 1;
+		ngroups = ngroups_max;
 		getgrouplist(pw->pw_name, gid, groups, &ngroups);
 	}
 	else {
-		ngroups = getgroups(NGROUPS + 1, groups);
+		ngroups = getgroups(ngroups_max, groups);
 	}
 
 	if (pw != NULL)
@@ -306,6 +311,7 @@ id_print(struct passwd *pw, int use_ggl,
 		lastgid = gid;
 	}
 	printf("\n");
+	free(groups);
 }
 
 #ifdef USE_BSM_AUDIT
@@ -361,15 +367,19 @@ group(struct passwd *pw, int nflag)
 {
 	struct group *gr;
 	int cnt, id, lastid, ngroups;
-	gid_t groups[NGROUPS + 1];
+	long ngroups_max;
+	gid_t *groups;
 	const char *fmt;
 
+	ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1;
+	if ((groups = malloc(sizeof(gid_t) * (ngroups_max))) == NULL)
+		err(1, "malloc");
+
 	if (pw) {
-		ngroups = NGROUPS + 1;
+		ngroups = ngroups_max;
 		(void) getgrouplist(pw->pw_name, pw->pw_gid, groups, &ngroups);
 	} else {
-		groups[0] = getgid();
-		ngroups = getgroups(NGROUPS, groups + 1) + 1;
+		ngroups = getgroups(ngroups_max, groups);
 	}
 	fmt = nflag ? "%s" : "%u";
 	for (lastid = -1, cnt = 0; cnt < ngroups; ++cnt) {
@@ -389,6 +399,7 @@ group(struct passwd *pw, int nflag)
 		lastid = id;
 	}
 	(void)printf("\n");
+	free(groups);
 }
 
 void

Modified: stable/7/usr.bin/newgrp/newgrp.c
==============================================================================
--- stable/7/usr.bin/newgrp/newgrp.c	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/usr.bin/newgrp/newgrp.c	Fri Jul 24 21:42:10 2009	(r195859)
@@ -146,8 +146,8 @@ restoregrps(void)
 static void
 addgroup(const char *grpname)
 {
-	gid_t grps[NGROUPS_MAX];
-	long lgid;
+	gid_t *grps;
+	long lgid, ngrps_max;
 	int dbmember, i, ngrps;
 	gid_t egid;
 	struct group *grp;
@@ -185,7 +185,10 @@ addgroup(const char *grpname)
 		}
 	}
 
-	if ((ngrps = getgroups(NGROUPS_MAX, (gid_t *)grps)) < 0) {
+	ngrps_max = sysconf(_SC_NGROUPS_MAX) + 1;
+	if ((grps = malloc(sizeof(gid_t) * ngrps_max)) == NULL)
+		err(1, "malloc");
+	if ((ngrps = getgroups(ngrps_max, (gid_t *)grps)) < 0) {
 		warn("getgroups");
 		return;
 	}
@@ -217,7 +220,7 @@ addgroup(const char *grpname)
 
 	/* Add old effective gid to supp. list if it does not exist. */
 	if (egid != grp->gr_gid && !inarray(egid, grps, ngrps)) {
-		if (ngrps == NGROUPS_MAX)
+		if (ngrps == ngrps_max)
 			warnx("too many groups");
 		else {
 			grps[ngrps++] = egid;
@@ -231,6 +234,7 @@ addgroup(const char *grpname)
 		}
 	}
 
+	free(grps);
 }
 
 static int

Modified: stable/7/usr.bin/quota/quota.c
==============================================================================
--- stable/7/usr.bin/quota/quota.c	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/usr.bin/quota/quota.c	Fri Jul 24 21:42:10 2009	(r195859)
@@ -117,7 +117,8 @@ int
 main(int argc, char *argv[])
 {
 	int ngroups; 
-	gid_t mygid, gidset[NGROUPS];
+	long ngroups_max;
+	gid_t mygid, *gidset;
 	int i, ch, gflag = 0, uflag = 0, errflag = 0;
 
 	while ((ch = getopt(argc, argv, "f:ghlrquv")) != -1) {
@@ -159,13 +160,18 @@ main(int argc, char *argv[])
 			errflag += showuid(getuid());
 		if (gflag) {
 			mygid = getgid();
-			ngroups = getgroups(NGROUPS, gidset);
+			ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1;
+			if ((gidset = malloc(sizeof(gid_t) * ngroups_max))
+			    == NULL)
+				err(1, "malloc");
+			ngroups = getgroups(ngroups_max, gidset);
 			if (ngroups < 0)
 				err(1, "getgroups");
 			errflag += showgid(mygid);
 			for (i = 0; i < ngroups; i++)
 				if (gidset[i] != mygid)
 					errflag += showgid(gidset[i]);
+			free(gidset);
 		}
 		return(errflag);
 	}

Modified: stable/7/usr.sbin/chown/chown.c
==============================================================================
--- stable/7/usr.sbin/chown/chown.c	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/usr.sbin/chown/chown.c	Fri Jul 24 21:42:10 2009	(r195859)
@@ -269,7 +269,8 @@ chownerr(const char *file)
 {
 	static uid_t euid = -1;
 	static int ngroups = -1;
-	gid_t groups[NGROUPS_MAX];
+	static long ngroups_max;
+	gid_t *groups;
 
 	/* Check for chown without being root. */
 	if (errno != EPERM || (uid != (uid_t)-1 &&
@@ -281,7 +282,10 @@ chownerr(const char *file)
 	/* Check group membership; kernel just returns EPERM. */
 	if (gid != (gid_t)-1 && ngroups == -1 &&
 	    euid == (uid_t)-1 && (euid = geteuid()) != 0) {
-		ngroups = getgroups(NGROUPS_MAX, groups);
+		ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1;
+		if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL)
+			err(1, "malloc");
+		ngroups = getgroups(ngroups_max, groups);
 		while (--ngroups >= 0 && gid != groups[ngroups]);
 		if (ngroups < 0) {
 			warnx("you are not a member of group %s", gname);

Modified: stable/7/usr.sbin/chroot/chroot.c
==============================================================================
--- stable/7/usr.sbin/chroot/chroot.c	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/usr.sbin/chroot/chroot.c	Fri Jul 24 21:42:10 2009	(r195859)
@@ -69,9 +69,10 @@ main(argc, argv)
 	struct passwd	*pw;
 	char		*endp, *p;
 	const char	*shell;
-	gid_t		gid, gidlist[NGROUPS_MAX];
+	gid_t		gid, *gidlist;
 	uid_t		uid;
 	int		ch, gids;
+	long		ngroups_max;
 
 	gid = 0;
 	uid = 0;
@@ -117,8 +118,11 @@ main(argc, argv)
 		}
 	}
 
+	ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1;
+	if ((gidlist = malloc(sizeof(gid_t) * ngroups_max)) == NULL)
+		err(1, "malloc");
 	for (gids = 0;
-	    (p = strsep(&grouplist, ",")) != NULL && gids < NGROUPS_MAX; ) {
+	    (p = strsep(&grouplist, ",")) != NULL && gids < ngroups_max; ) {
 		if (*p == '\0')
 			continue;
 
@@ -135,7 +139,7 @@ main(argc, argv)
 		}
 		gids++;
 	}
-	if (p != NULL && gids == NGROUPS_MAX)
+	if (p != NULL && gids == ngroups_max)
 		errx(1, "too many supplementary groups provided");
 
 	if (user != NULL) {

Modified: stable/7/usr.sbin/jail/jail.c
==============================================================================
--- stable/7/usr.sbin/jail/jail.c	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/usr.sbin/jail/jail.c	Fri Jul 24 21:42:10 2009	(r195859)
@@ -68,7 +68,7 @@ STAILQ_HEAD(addr6head, addr6entry) addr6
 	lcap = login_getpwclass(pwd);					\
 	if (lcap == NULL)						\
 		err(1, "getpwclass: %s", username);			\
-	ngroups = NGROUPS;						\
+	ngroups = ngroups_max;						\
 	if (getgrouplist(username, pwd->pw_gid, groups, &ngroups) != 0)	\
 		err(1, "getgrouplist: %s", username);			\
 } while (0)
@@ -79,9 +79,10 @@ main(int argc, char **argv)
 	login_cap_t *lcap = NULL;
 	struct jail j;
 	struct passwd *pwd = NULL;
-	gid_t groups[NGROUPS];
+	gid_t *groups;
 	int ch, error, i, ngroups, securelevel;
 	int hflag, iflag, Jflag, lflag, uflag, Uflag;
+	long ngroups_max;
 	char path[PATH_MAX], *jailname, *ep, *username, *JidFile, *ip;
 	static char *cleanenv;
 	const char *shell, *p = NULL;
@@ -94,6 +95,10 @@ main(int argc, char **argv)
 	jailname = username = JidFile = cleanenv = NULL;
 	fp = NULL;
 
+	ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1;	
+	if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL)
+		err(1, "malloc");
+
 	while ((ch = getopt(argc, argv, "hiln:s:u:U:J:")) != -1) {
 		switch (ch) {
 		case 'h':

Modified: stable/7/usr.sbin/jexec/jexec.c
==============================================================================
--- stable/7/usr.sbin/jexec/jexec.c	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/usr.sbin/jexec/jexec.c	Fri Jul 24 21:42:10 2009	(r195859)
@@ -202,7 +202,7 @@ lookup_jail(int jid, char *jailname)
 	lcap = login_getpwclass(pwd);					\
 	if (lcap == NULL)						\
 		err(1, "getpwclass: %s", username);			\
-	ngroups = NGROUPS;						\
+	ngroups = ngroups_max;						\
 	if (getgrouplist(username, pwd->pw_gid, groups, &ngroups) != 0)	\
 		err(1, "getgrouplist: %s", username);			\
 } while (0)
@@ -213,14 +213,19 @@ main(int argc, char *argv[])
 	int jid;
 	login_cap_t *lcap = NULL;
 	struct passwd *pwd = NULL;
-	gid_t groups[NGROUPS];
+	gid_t *groups = NULL;
 	int ch, ngroups, uflag, Uflag;
+	long ngroups_max;
 	char *jailname, *username;
 
 	ch = uflag = Uflag = 0;
 	jailname = username = NULL;
 	jid = -1;
 
+	ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1;
+	if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL)
+		err(1, "malloc");
+
 	while ((ch = getopt(argc, argv, "i:n:u:U:")) != -1) {
 		switch (ch) {
 		case 'n':

Modified: stable/7/usr.sbin/lpr/lpc/lpc.c
==============================================================================
--- stable/7/usr.sbin/lpr/lpc/lpc.c	Fri Jul 24 21:38:51 2009	(r195858)
+++ stable/7/usr.sbin/lpr/lpc/lpc.c	Fri Jul 24 21:42:10 2009	(r195859)
@@ -356,7 +356,8 @@ ingroup(const char *grname)
 {
 	static struct group *gptr=NULL;
 	static int ngroups = 0;
-	static gid_t groups[NGROUPS];
+	static long ngroups_max;
+	static gid_t *groups;
 	register gid_t gid;
 	register int i;
 
@@ -365,7 +366,10 @@ ingroup(const char *grname)
 			warnx("warning: unknown group '%s'", grname);
 			return(0);
 		}
-		ngroups = getgroups(NGROUPS, groups);
+		ngroups_max = sysconf(_SC_NGROUPS_MAX);
+		if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL)
+			err(1, "malloc");
+		ngroups = getgroups(ngroups_max, groups);
 		if (ngroups < 0)
 			err(1, "getgroups");
 	}


More information about the svn-src-stable-7 mailing list