Only call setgroups as root

setgroups fails when already running as a user.
author: June McEnroe <june@causal.agency> 2020-08-16 22:20:14 -0400
committer: June McEnroe <june@causal.agency> 2020-08-16 22:20:14 -0400
commit: f9cfab1e0d1183eb5e948b6dabc6017b9e261704 (patch)
tree: fefa6f0f61959104ea47325ec2eede791d2c0cd8
parent: Don't set LOGNAME (diff)
download: catsit-f9cfab1e0d1183eb5e948b6dabc6017b9e261704.tar.gz
catsit-f9cfab1e0d1183eb5e948b6dabc6017b9e261704.zip
1 files changed, 4 insertions, 2 deletions
diff --git a/service.c b/service.c
index 3178f79..78890b8 100644
--- a/service.c
+++ b/service.c
@@ -187,8 +187,10 @@ void serviceStart(struct Service *service) {
 		error = setgid(serviceGID);
 		if (error) err(ExitNoExec, "setgid");
 
-		error = setgroups(1, &serviceGID);
-		if (error) err(ExitNoExec, "setgroups");
+		if (!getuid()) {
+			error = setgroups(1, &serviceGID);
+			if (error) err(ExitNoExec, "setgroups");
+		}
 
 		error = setuid(serviceUID);
 		if (error) err(ExitNoExec, "setuid");
author	June McEnroe <june@causal.agency>	2020-08-16 22:20:14 -0400
committer	June McEnroe <june@causal.agency>	2020-08-16 22:20:14 -0400
commit	f9cfab1e0d1183eb5e948b6dabc6017b9e261704 (patch)
tree	fefa6f0f61959104ea47325ec2eede791d2c0cd8
parent	Don't set LOGNAME (diff)
download	catsit-f9cfab1e0d1183eb5e948b6dabc6017b9e261704.tar.gz catsit-f9cfab1e0d1183eb5e948b6dabc6017b9e261704.zip