:SETUID: ensure we chdir(2) before we setuid(2)

Signed-off-by: Sean Whitton <spwhitton@spwhitton.name>
author: Sean Whitton <spwhitton@spwhitton.name> 2021-07-23 08:43:06 -0700
committer: Sean Whitton <spwhitton@spwhitton.name> 2021-07-24 12:09:25 -0700
commit: ae2f8d30cbcd82126de7daeb4b94dd05d5b46f01 (patch)
tree: 67db40c4539621c13dc87cab50dec25064b5d0f1 /src/connection
parent: 56dda681a644833f9b7de1775b7d193fd120bb8e (diff)
download: consfigurator-ae2f8d30cbcd82126de7daeb4b94dd05d5b46f01.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/src/connection/setuid.lisp b/src/connection/setuid.lisp
index 32cd74c..8b3353f 100644
--- a/src/connection/setuid.lisp
+++ b/src/connection/setuid.lisp
@@ -67,12 +67,12 @@
     (run-program (list "chown" "-R"
                        (format nil "~A:~A" uid gid)
                        (unix-namestring (slot-value connection 'datadir))))
+    (posix-login-environment
+     user (connection-connattr connection :remote-home))
     ;; We are privileged, so this sets the real, effective and saved IDs.
     (unless (zerop (setgid gid))
       (error "setgid(2) failed!"))
     (unless (zerop (initgroups user gid))
       (error "initgroups(3) failed!"))
     (unless (zerop (setuid uid))
-      (error "setuid(2) failed!"))
-    (posix-login-environment
-     user (connection-connattr connection :remote-home))))
+      (error "setuid(2) failed!"))))
author	Sean Whitton <spwhitton@spwhitton.name>	2021-07-23 08:43:06 -0700
committer	Sean Whitton <spwhitton@spwhitton.name>	2021-07-24 12:09:25 -0700
commit	ae2f8d30cbcd82126de7daeb4b94dd05d5b46f01 (patch)
tree	67db40c4539621c13dc87cab50dec25064b5d0f1 /src/connection
parent	56dda681a644833f9b7de1775b7d193fd120bb8e (diff)
download	consfigurator-ae2f8d30cbcd82126de7daeb4b94dd05d5b46f01.tar.gz