fixup read_subuid_subgid

- use $REAL_USER_ID from English instead of $<
 - use getgrgid $REAL_GROUP_ID to get the group name instead of assuming
   the group name to be equal to the user name
 - also check whether /etc/subgid exists and is readable
This commit is contained in:
Johannes Schauer Marin Rodrigues 2021-08-19 12:59:11 +02:00
parent 15029c1c3b
commit 60dba1c19e
Signed by untrusted user: josch
GPG key ID: F2CBA5C78FBD83E1

View file

@ -325,7 +325,7 @@ sub test_unshare_userns {
}
sub read_subuid_subgid() {
my $username = getpwuid $<;
my $username = getpwuid $REAL_USER_ID;
my ($subid, $num_subid, $fh, $n);
my @result = ();
@ -364,29 +364,40 @@ sub read_subuid_subgid() {
return;
}
my $groupname = getgrgid $REAL_GROUP_ID;
if (!-e "/etc/subgid") {
warning "/etc/subgid doesn't exist";
return;
}
if (!-r "/etc/subgid") {
warning "/etc/subgid is not readable";
return;
}
open $fh, "<", "/etc/subgid"
or error "cannot open /etc/subgid for reading: $!";
while (my $line = <$fh>) {
($n, $subid, $num_subid) = split(/:/, $line, 3);
last if ($n eq $username);
last if ($n eq $groupname);
}
close $fh;
if (!length $subid) {
warning "/etc/subgid is empty";
return;
}
if ($n ne $username) {
warning "no entry in /etc/subgid for $username";
if ($n ne $groupname) {
warning "no entry in /etc/subgid for $groupname";
return;
}
push @result, ["g", 0, $subid, $num_subid];
if (scalar(@result) < 2) {
warning "/etc/subgid does not contain an entry for $username";
warning "/etc/subgid does not contain an entry for $groupname";
return;
}
if (scalar(@result) > 2) {
warning "/etc/subgid contains multiple entries for $username";
warning "/etc/subgid contains multiple entries for $groupname";
return;
}