commit 11c49dc: [Fix] Set rspamd user to initialise supplementary groups on reload

[Vsevolod Stakhov]

Author: Vsevolod Stakhov
Date: 2019-02-20 13:14:30 +0000
URL: https://github.com/rspamd/rspamd/commit/11c49dc9ac730bdaa2f6b26ff877b9ba87f38572

[Fix] Set rspamd user to initialise supplementary groups on reload
Issue: #2693
Closes: #2693

---
 src/libserver/worker_util.c | 6 ++++--
 src/rspamd.c                | 4 ++++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/libserver/worker_util.c b/src/libserver/worker_util.c
index e10e25bc0..a52dd3ccb 100644
--- a/src/libserver/worker_util.c
+++ b/src/libserver/worker_util.c
@@ -513,12 +513,14 @@ rspamd_worker_drop_priv (struct rspamd_main *rspamd_main)
 					strerror (errno));
 			exit (-errno);
 		}
+
 		if (rspamd_main->cfg->rspamd_user &&
-				initgroups (rspamd_main->cfg->rspamd_user, rspamd_main->workers_gid) ==
-						-1) {
+				initgroups (rspamd_main->cfg->rspamd_user,
+						rspamd_main->workers_gid) == -1) {
 			msg_err_main ("initgroups failed (%s), aborting", strerror (errno));
 			exit (-errno);
 		}
+
 		if (setuid (rspamd_main->workers_uid) == -1) {
 			msg_err_main ("cannot setuid to %d (%s), aborting",
 					(gint) rspamd_main->workers_uid,
diff --git a/src/rspamd.c b/src/rspamd.c
index 88b44d773..85191e949 100644
--- a/src/rspamd.c
+++ b/src/rspamd.c
@@ -178,6 +178,7 @@ read_cmd_line (gint *argc, gchar ***argv, struct rspamd_config *cfg)
 	else {
 		cfg->cfg_name = cfg_names[0];
 	}
+
 	for (i = 1; i < cfg_num; i++) {
 		r = fork ();
 		if (r == 0) {
@@ -313,6 +314,9 @@ reread_config (struct rspamd_main *rspamd_main)
 		REF_RELEASE (old_cfg);
 		msg_info_main ("config has been reread successfully");
 		rspamd_map_preload (rspamd_main->cfg);
+
+		rspamd_main->cfg->rspamd_user = rspamd_user;
+		rspamd_main->cfg->rspamd_group = rspamd_group;
 	}
 }