From 4367080952472a39e33bf1aab075a71b95fa412b Mon Sep 17 00:00:00 2001
From: Daniel Mack <daniel@zonque.org>
Date: Fri, 9 Jan 2015 20:09:40 +0100
Subject: [PATCH] test: set /proc/$pid/setgroups to 'deny' before writing to
 .../gid_map

Since Linux 3.19-rc1, it is necessary to disable setgroups permissions
before writing to gid_map. Silently ignore if 'setgroups' can't be
opened or written to.

Signed-off-by: Daniel Mack <daniel@zonque.org>
---
 test/kdbus-util.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/test/kdbus-util.c b/test/kdbus-util.c
index 07ef85d..a7ab8c1 100644
--- a/test/kdbus-util.c
+++ b/test/kdbus-util.c
@@ -1523,7 +1523,7 @@ int userns_map_uid_gid(pid_t pid,
 		       const char *map_uid,
 		       const char *map_gid)
 {
-	int ret;
+	int fd, ret;
 	char file_id[128] = {'\0'};
 
 	snprintf(file_id, sizeof(file_id), "/proc/%ld/uid_map",
@@ -1533,6 +1533,15 @@ int userns_map_uid_gid(pid_t pid,
 	if (ret < 0)
 		return ret;
 
+	snprintf(file_id, sizeof(file_id), "/proc/%ld/setgroups",
+		 (long) pid);
+
+	fd = open(file_id, O_WRONLY);
+	if (fd >= 0) {
+		write(fd, "deny\n", 5);
+		close(fd);
+	}
+
 	snprintf(file_id, sizeof(file_id), "/proc/%ld/gid_map",
 		 (long) pid);
 
-- 
2.34.1