Skip to content

Commit

Permalink
Try seteuid in redirector again (#25816)
Browse files Browse the repository at this point in the history
  • Loading branch information
heronhaye authored Jul 26, 2023
1 parent c7de191 commit 4464bfb
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 6 deletions.
12 changes: 6 additions & 6 deletions go/kbfs/redirector/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -293,7 +293,7 @@ func unmount(currUID, mountAsUID uint64, dir string) {
if currUID != mountAsUID {
// Unmounting requires escalating the effective user to the
// mounting user. But we leave the real user ID the same.
err := syscall.Setreuid(int(currUID), int(mountAsUID))
err := syscall.Seteuid(int(mountAsUID))
if err != nil {
fmt.Fprintf(os.Stderr, "Can't setuid: %+v\n", err)
os.Exit(1)
Expand All @@ -307,7 +307,7 @@ func unmount(currUID, mountAsUID uint64, dir string) {

// Set it back.
if currUID != mountAsUID {
err := syscall.Setreuid(int(currUID), int(currUID))
err := syscall.Seteuid(int(currUID))
if err != nil {
fmt.Fprintf(os.Stderr, "Can't setuid: %+v\n", err)
os.Exit(1)
Expand Down Expand Up @@ -389,9 +389,9 @@ func main() {
// Escalate privileges of the effective user to the mounting
// user briefly, just for the `Mount` call. Keep the real
// user the same throughout.
err := syscall.Setreuid(int(currUID), int(mountAsUID))
err := syscall.Seteuid(int(mountAsUID))
if err != nil {
fmt.Fprintf(os.Stderr, "Can't setreuid: %+v\n", err)
fmt.Fprintf(os.Stderr, "Can't seteuid: %+v\n", err)
os.Exit(1)
}
}
Expand All @@ -404,9 +404,9 @@ func main() {

if currUser.Uid != u.Uid {
runtime.LockOSThread()
err := syscall.Setreuid(int(currUID), int(currUID))
err := syscall.Seteuid(int(currUID))
if err != nil {
fmt.Fprintf(os.Stderr, "Can't setreuid: %+v\n", err)
fmt.Fprintf(os.Stderr, "Can't seteuid: %+v\n", err)
os.Exit(1)
}
}
Expand Down
1 change: 1 addition & 0 deletions packaging/linux/build_binaries.sh
Original file line number Diff line number Diff line change
Expand Up @@ -141,6 +141,7 @@ build_one_architecture() {
yarn run package -- --platform linux --arch "$electron_arch" --appVersion "$version" --network-concurrency 8
rsync -a "desktop/release/linux-${electron_arch}/Keybase-linux-${electron_arch}/" \
"$layout_dir/opt/keybase"
chmod 755 "$layout_dir/opt/keybase"
chmod 4755 "$layout_dir/opt/keybase/chrome-sandbox"
)

Expand Down

0 comments on commit 4464bfb

Please sign in to comment.