[sudo-workers] porting sudo to minix 3

Debjit Biswas debjitbis08 at gmail.com
Sun May 24 02:33:47 EDT 2009 

On Fri, May 22, 2009 at 4:09 PM, Todd C. Miller
<Todd.Miller at courtesan.com> wrote:
> In message <a55e33110905220213y30604973s8309a9e2e611870f at mail.gmail.com>
>        so spake Debjit Biswas (debjitbis08):
>
>> i've trying to port sudo-1.7.0 to MINIX 3. the problem is MINIX does
>> not implement supplementary groups.
>> Although i've been able to compile sudo successfully, running sudo
>> fails with the message
>>
>> internal error, tried to emalloc2(0)
>>
>> This is due to the fact that the getgroups function always returns 0.
>> Is there any way to detect this during configuration ?
>
> Sudo should probably just deal with getgroups returning 0.
> The following diff, relative to sudo 1.7.x should do the trick.
>
>  - todd
>
> Index: set_perms.c
> ===================================================================
> RCS file: /home/cvs/courtesan/sudo/set_perms.c,v
> retrieving revision 1.46
> diff -u -r1.46 set_perms.c
> --- set_perms.c 18 May 2009 10:33:33 -0000      1.46
> +++ set_perms.c 22 May 2009 10:37:00 -0000
> @@ -490,7 +490,9 @@
>  runas_setgroups()
>  {
>     static int ngroups = -1;
> +#ifdef HAVE_GETGROUPS
>     static GETGROUPS_T *groups;
> +#endif
>     struct passwd *pw;
>
>     if (def_preserve_groups)
> @@ -503,14 +505,16 @@
>        pw = runas_pw ? runas_pw : sudo_user.pw;
>        if (initgroups(pw->pw_name, pw->pw_gid) < 0)
>            log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector");
> -       if ((ngroups = getgroups(0, NULL)) < 0)
> -           log_error(USE_ERRNO|MSG_ONLY, "can't get runas ngroups");
> -       groups = emalloc2(ngroups, sizeof(GETGROUPS_T));
> -       if (getgroups(ngroups, groups) < 0)
> -           log_error(USE_ERRNO|MSG_ONLY, "can't get runas group vector");
> +#ifdef HAVE_GETGROUPS
> +       if ((ngroups = getgroups(0, NULL)) > 0) {
> +           groups = emalloc2(ngroups, sizeof(GETGROUPS_T));
> +           if (getgroups(ngroups, groups) < 0)
> +               log_error(USE_ERRNO|MSG_ONLY, "can't get runas group vector");
> +       }
>     } else {
>        if (setgroups(ngroups, groups) < 0)
>            log_error(USE_ERRNO|MSG_ONLY, "can't set runas group vector");
> +#endif /* HAVE_GETGROUPS */
>     }
>  }
>
>

Thanks for the tip, it worked perfectly.

To get sudo to compile though the header termios.h had to be added to lbuf.c.
Also, since minix does not define IFF_LOOPBACK anywhere had to compile with
--without-interfaces.

Well thanks again.

More information about the sudo-workers mailing list