:SETUID: ensure we chdir(2) before we setuid(2)

Signed-off-by: Sean Whitton <spwhitton@spwhitton.name> (cherry picked from commit ae2f8d30cbcd82126de7daeb4b94dd05d5b46f01)
author: Sean Whitton <spwhitton@spwhitton.name> 2021-07-23 08:43:06 -0700
committer: Sean Whitton <spwhitton@spwhitton.name> 2021-07-24 15:50:55 -0700
commit: 927cdd896fd1a4d64691d50a90cdd11ce7d675f9 (patch)
tree: c7bc3760d924825f531fc22c0ec0cff7c1cb59e0
parent: 7b0c6d72899a5946b1fbc4c495de4b1458e72779 (diff)
download: consfigurator-927cdd896fd1a4d64691d50a90cdd11ce7d675f9.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/src/connection/setuid.lisp b/src/connection/setuid.lisp
index 32cd74c..8b3353f 100644
--- a/src/connection/setuid.lisp
+++ b/src/connection/setuid.lisp
@@ -67,12 +67,12 @@
     (run-program (list "chown" "-R"
                        (format nil "~A:~A" uid gid)
                        (unix-namestring (slot-value connection 'datadir))))
+    (posix-login-environment
+     user (connection-connattr connection :remote-home))
     ;; We are privileged, so this sets the real, effective and saved IDs.
     (unless (zerop (setgid gid))
       (error "setgid(2) failed!"))
     (unless (zerop (initgroups user gid))
       (error "initgroups(3) failed!"))
     (unless (zerop (setuid uid))
-      (error "setuid(2) failed!"))
-    (posix-login-environment
-     user (connection-connattr connection :remote-home))))
+      (error "setuid(2) failed!"))))
author	Sean Whitton <spwhitton@spwhitton.name>	2021-07-23 08:43:06 -0700
committer	Sean Whitton <spwhitton@spwhitton.name>	2021-07-24 15:50:55 -0700
commit	927cdd896fd1a4d64691d50a90cdd11ce7d675f9 (patch)
tree	c7bc3760d924825f531fc22c0ec0cff7c1cb59e0
parent	7b0c6d72899a5946b1fbc4c495de4b1458e72779 (diff)
download	consfigurator-927cdd896fd1a4d64691d50a90cdd11ce7d675f9.tar.gz